Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/00TH0loEaVQhi08kDlrPJB6z6MA.roa
File: 00TH0loEaVQhi08kDlrPJB6z6MA.roa (raw, json)
Hash identifier: ZImjBf1s8uvfBMobxqwjkZLB0kPE+/RdYcP+T7bS71M=
Subject key identifier: D3:44:C7:D2:5A:04:69:54:21:8B:4F:24:0E:5A:CF:24:1E:B3:E8:C0
Certificate issuer: /CN=0d87142bdc2b3f0d0848a0d800b6930b1abb34bc
Certificate serial: 0483D1C3
Authority key identifier: 0D:87:14:2B:DC:2B:3F:0D:08:48:A0:D8:00:B6:93:0B:1A:BB:34:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DYcUK9wrPw0ISKDYALaTCxq7NLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/00TH0loEaVQhi08kDlrPJB6z6MA.roa
Signing time: Sat 01 Jan 2022 12:06:35 +0000
ROA not before: Sat 01 Jan 2022 12:06:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24685
IP address blocks: 80.92.224.0/24 maxlen: 32
80.92.226.0/24 maxlen: 32
212.110.152.0/23 maxlen: 32
80.92.231.0/24 maxlen: 32
80.92.233.0/24 maxlen: 32
80.92.234.0/24 maxlen: 32
82.117.229.0/24 maxlen: 32
193.111.48.0/23 maxlen: 32
92.60.179.0/24 maxlen: 32
92.60.178.0/23 maxlen: 32
92.60.178.0/24 maxlen: 32
82.117.244.0/24 maxlen: 32
185.38.208.0/24 maxlen: 32
185.38.209.0/24 maxlen: 32
185.39.196.0/24 maxlen: 32
128.0.172.0/24 maxlen: 32
193.111.0.0/24 maxlen: 32
85.90.211.0/24 maxlen: 32
31.172.136.0/23 maxlen: 32
31.172.140.0/23 maxlen: 32
85.90.223.0/24 maxlen: 32
2a01:6b0:7::/48 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75747779 (0x483d1c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d87142bdc2b3f0d0848a0d800b6930b1abb34bc
Validity
Not Before: Jan 1 12:06:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d344c7d25a046954218b4f240e5acf241eb3e8c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:45:9b:d4:70:9e:4f:ca:a1:5b:52:52:75:13:
ba:d7:de:ef:fc:d5:e5:c6:70:f5:da:1d:fd:06:c1:
5d:74:81:06:75:75:48:bd:8d:50:89:e2:18:06:fb:
a5:57:fc:a0:d4:99:a3:3e:4e:fe:e9:9e:da:fa:34:
a0:be:8b:c8:be:83:e5:b0:8e:81:7c:16:62:c0:33:
df:c2:1c:42:9d:66:41:fe:d0:6a:03:6c:a6:5f:38:
b2:5f:e0:18:7a:25:30:fe:59:31:70:2b:73:8a:74:
aa:7d:5a:9f:60:b2:9c:1b:0f:7c:70:cc:83:11:42:
23:dc:18:f2:82:c8:d2:3d:1d:68:0b:b7:23:57:d1:
9f:f4:2c:50:fa:22:db:3a:42:7e:85:6d:a1:e2:11:
9f:a0:d9:bc:00:83:39:20:ff:2a:c5:f2:af:ac:72:
46:54:d5:33:36:30:a1:19:a3:46:19:86:9f:f8:d9:
bf:8f:95:eb:40:8e:00:fa:fa:54:74:6a:b9:50:be:
96:df:c1:57:47:39:07:c7:f6:67:22:46:0c:e0:e5:
71:e4:01:85:d9:37:ea:62:f7:95:21:21:bc:16:fd:
35:e3:54:51:7b:8c:60:d0:cb:ac:37:9c:57:df:19:
3a:d1:f2:a4:c0:6e:53:8a:11:ff:86:95:14:cc:a7:
2d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:44:C7:D2:5A:04:69:54:21:8B:4F:24:0E:5A:CF:24:1E:B3:E8:C0
X509v3 Authority Key Identifier:
keyid:0D:87:14:2B:DC:2B:3F:0D:08:48:A0:D8:00:B6:93:0B:1A:BB:34:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DYcUK9wrPw0ISKDYALaTCxq7NLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/00TH0loEaVQhi08kDlrPJB6z6MA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/DYcUK9wrPw0ISKDYALaTCxq7NLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.136.0/23
31.172.140.0/23
80.92.224.0/24
80.92.226.0/24
80.92.231.0/24
80.92.233.0-80.92.234.255
82.117.229.0/24
82.117.244.0/24
85.90.211.0/24
85.90.223.0/24
92.60.178.0/23
128.0.172.0/24
185.38.208.0/23
185.39.196.0/24
193.111.0.0/24
193.111.48.0/23
212.110.152.0/23
IPv6:
2a01:6b0:7::/48
Signature Algorithm: sha256WithRSAEncryption
cc:60:48:e5:1d:eb:b3:5b:bc:de:a1:38:68:79:1e:5f:f5:e0:
72:a7:1f:fc:2c:e3:2b:42:6c:16:59:d0:36:84:6a:65:43:5f:
13:57:c7:6d:f6:42:58:1e:ca:54:b1:cb:a5:20:d1:10:31:50:
4b:80:5f:d3:11:1f:38:09:2f:d6:ed:f8:e5:25:8f:a9:1b:65:
dd:b0:ab:73:08:71:21:1e:1f:63:8c:0f:62:d8:fd:31:07:87:
39:d6:a0:99:14:65:bd:d4:73:56:c6:1b:3c:49:48:a2:c6:c4:
fb:12:77:3a:31:8a:a7:fa:ad:3f:97:a9:cc:d6:c0:db:f9:11:
bf:aa:ee:4d:2c:0a:5a:e1:f9:e2:09:b6:f8:4b:24:e9:e0:9e:
d8:e5:15:c0:ce:bd:c0:81:e5:d6:34:4c:86:93:db:39:6d:47:
91:d9:9c:7c:b3:4b:54:16:2e:08:15:3e:fc:0f:40:b1:32:56:
42:94:12:6f:1f:74:cc:90:30:0a:01:29:1a:09:c4:dd:a7:01:
21:a3:62:04:13:75:df:ee:d7:8a:26:e8:61:3f:50:69:ba:a3:
8e:82:19:7c:19:02:46:e9:0b:40:e0:41:db:47:8d:cf:24:98:
46:85:bc:e5:b5:fd:54:d5:24:c1:c8:01:d0:31:dc:b8:a2:0e:
e4:00:d6:24
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgIEBIPRwzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZDg3MTQyYmRjMmIzZjBkMDg0OGEwZDgwMGI2OTMwYjFhYmIzNGJjMB4XDTIyMDEw
MTEyMDYzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDM0NGM3ZDI1YTA0
Njk1NDIxOGI0ZjI0MGU1YWNmMjQxZWIzZThjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJdFm9Rwnk/KoVtSUnUTutfe7/zV5cZw9dod/QbBXXSBBnV1
SL2NUIniGAb7pVf8oNSZoz5O/ume2vo0oL6LyL6D5bCOgXwWYsAz38IcQp1mQf7Q
agNspl84sl/gGHolMP5ZMXArc4p0qn1an2CynBsPfHDMgxFCI9wY8oLI0j0daAu3
I1fRn/QsUPoi2zpCfoVtoeIRn6DZvACDOSD/KsXyr6xyRlTVMzYwoRmjRhmGn/jZ
v4+V60COAPr6VHRquVC+lt/BV0c5B8f2ZyJGDODlceQBhdk36mL3lSEhvBb9NeNU
UXuMYNDLrDecV98ZOtHypMBuU4oR/4aVFMynLW8CAwEAAaOCAoUwggKBMB0GA1Ud
DgQWBBTTRMfSWgRpVCGLTyQOWs8kHrPowDAfBgNVHSMEGDAWgBQNhxQr3Cs/DQhI
oNgAtpMLGrs0vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RZY1VLOXdyUHcwSVNLRFlBTGFUQ3hxN05Mdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODgvOGY4Y2MwLWY2OTMtNDIxYy1iYzU0LWEzMTcwOGQ0MDM5MS8x
LzAwVEgwbG9FYVZRaGkwOGtEbHJQSkI2ejZNQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgv
OGY4Y2MwLWY2OTMtNDIxYy1iYzU0LWEzMTcwOGQ0MDM5MS8xL0RZY1VLOXdyUHcw
SVNLRFlBTGFUQ3hxN05Mdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
mgYIKwYBBQUHAQcBAf8EgYowgYcwdAQCAAEwbgMEAR+siAMEAR+sjAMEAFBc4AME
AFBc4gMEAFBc5zAMAwQAUFzpAwQAUFzqAwQAUnXlAwQAUnX0AwQAVVrTAwQAVVrf
AwQBXDyyAwQAgACsAwQBuSbQAwQAuSfEAwQAwW8AAwQBwW8wAwQB1G6YMA8EAgAC
MAkDBwAqAQawAAcwDQYJKoZIhvcNAQELBQADggEBAMxgSOUd67NbvN6hOGh5Hl/1
4HKnH/ws4ytCbBZZ0DaEamVDXxNXx232QlgeylSxy6Ug0RAxUEuAX9MRHzgJL9bt
+OUlj6kbZd2wq3MIcSEeH2OMD2LY/TEHhznWoJkUZb3Uc1bGGzxJSKLGxPsSdzox
iqf6rT+XqczWwNv5Eb+q7k0sClrh+eIJtvhLJOngntjlFcDOvcCB5dY0TIaT2zlt
R5HZnHyzS1QWLggVPvwPQLEyVkKUEm8fdMyQMAoBKRoJxN2nASGjYgQTdd/u14om
6GE/UGm6o46CGXwZAkbpC0DgQdtHjc8kmEaFvOW1/VTVJMHIAdAx3LiiDuQA1iQ=
-----END CERTIFICATE-----
Generated at Wed Apr 30 05:48:06 2025 by rpki-client