Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/Z9B6nwtbgPvpOLv3zptmHNlEtjI.roa
File: Z9B6nwtbgPvpOLv3zptmHNlEtjI.roa (raw, json)
Hash identifier: tmL7wz/vJo8q7DzwbiRY4t0SFizeLod2QM3zAVaTirg=
Subject key identifier: 67:D0:7A:9F:0B:5B:80:FB:E9:38:BB:F7:CE:9B:66:1C:D9:44:B6:32
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 0195DC59A0FC2F1F0E18CF914CE88E725D48
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/Z9B6nwtbgPvpOLv3zptmHNlEtjI.roa
Signing time: Fri 28 Mar 2025 10:43:36 +0000
ROA not before: Fri 28 Mar 2025 10:43:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44477
IP address blocks: 94.131.2.0/24 maxlen: 24
94.131.2.0/32 maxlen: 32
94.131.3.0/24 maxlen: 24
94.131.3.0/32 maxlen: 32
94.131.96.0/24 maxlen: 24
94.131.97.0/24 maxlen: 24
94.131.98.0/24 maxlen: 24
94.131.99.0/24 maxlen: 24
94.131.99.0/32 maxlen: 32
94.131.100.0/24 maxlen: 24
94.131.101.0/24 maxlen: 24
94.131.102.0/24 maxlen: 24
94.131.103.0/24 maxlen: 24
94.131.104.0/24 maxlen: 24
94.131.105.0/24 maxlen: 24
94.131.106.0/24 maxlen: 24
94.131.107.0/24 maxlen: 24
94.131.108.0/24 maxlen: 24
94.131.109.0/24 maxlen: 24
94.131.110.0/24 maxlen: 24
94.131.111.0/24 maxlen: 24
95.164.0.0/22 maxlen: 24
95.164.4.0/22 maxlen: 24
95.164.8.0/22 maxlen: 24
95.164.16.0/22 maxlen: 24
95.164.19.0/32 maxlen: 32
95.164.21.0/24 maxlen: 24
95.164.22.0/24 maxlen: 24
95.164.23.0/24 maxlen: 24
95.164.32.0/21 maxlen: 24
95.164.44.0/22 maxlen: 24
95.164.51.0/24 maxlen: 24
95.164.60.0/22 maxlen: 24
95.164.68.0/24 maxlen: 24
95.164.69.0/24 maxlen: 24
95.164.84.0/22 maxlen: 24
95.164.88.0/24 maxlen: 24
95.164.89.0/24 maxlen: 24
95.164.112.0/21 maxlen: 24
95.164.114.0/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:dc:59:a0:fc:2f:1f:0e:18:cf:91:4c:e8:8e:72:5d:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Mar 28 10:43:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67d07a9f0b5b80fbe938bbf7ce9b661cd944b632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e3:04:b4:61:00:18:07:09:59:21:a6:00:e7:
1d:34:ef:13:84:d5:d3:14:fb:85:ad:59:e6:8c:b5:
e6:29:ab:f5:cd:81:be:68:45:46:26:26:97:40:69:
36:d2:03:41:8e:bd:39:2b:9a:7a:75:04:ea:b6:7d:
75:93:29:73:0f:6c:9d:d7:48:75:bb:69:8d:0b:ed:
a4:20:03:75:36:ba:8f:a7:fb:91:cd:27:97:b1:db:
f3:47:3c:2a:22:87:8c:b8:57:2a:83:22:fe:0c:e8:
c4:5a:e9:bb:60:8b:66:57:d9:b4:77:4b:64:8a:e7:
b3:5d:55:4e:85:57:90:b0:ea:95:8d:87:58:b9:78:
6c:c6:4a:64:7d:fe:b1:a7:61:63:06:a2:fd:69:78:
ec:b5:e1:26:9d:b1:f5:e7:31:5a:7c:ff:f9:84:a2:
f3:fb:c4:d1:f1:1b:e7:f7:fd:c6:17:4b:09:49:17:
0b:2a:54:24:99:73:36:92:a9:df:ed:a4:d6:1e:bd:
e7:e8:a5:22:89:9b:07:f0:27:35:45:db:36:5c:30:
77:3a:dd:5e:97:fe:eb:71:dd:db:c4:39:02:4d:03:
c1:d5:de:33:87:c4:7a:10:91:0e:1f:6f:66:54:54:
69:85:37:a5:81:63:13:24:55:ed:fb:d5:c3:50:b0:
ad:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:D0:7A:9F:0B:5B:80:FB:E9:38:BB:F7:CE:9B:66:1C:D9:44:B6:32
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/Z9B6nwtbgPvpOLv3zptmHNlEtjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.2.0/23
94.131.96.0/20
95.164.0.0-95.164.11.255
95.164.16.0/22
95.164.21.0-95.164.23.255
95.164.32.0/21
95.164.44.0/22
95.164.51.0/24
95.164.60.0/22
95.164.68.0/23
95.164.84.0-95.164.89.255
95.164.112.0/21
Signature Algorithm: sha256WithRSAEncryption
1e:e7:7f:6b:e4:8c:a7:1a:be:7b:fe:24:3c:2e:bf:d7:b0:d5:
3e:02:ad:6c:e3:4f:90:59:7d:68:b9:87:51:52:1f:f4:03:4c:
a1:3d:dd:b5:f3:41:44:37:1e:4f:f0:d4:9b:fa:ce:5f:ca:94:
1d:25:8b:b6:bb:00:b0:4d:1d:c2:f1:2d:7c:1e:4d:f8:1c:ff:
1d:f4:79:46:52:7a:db:55:d9:50:bd:60:c8:09:91:f7:ac:2b:
9a:48:b1:bf:b5:11:78:39:77:c2:3f:2d:16:d5:3b:8a:e9:fd:
46:3f:69:bd:1b:4d:5c:e3:29:2e:25:48:ee:ef:03:4d:ae:da:
c3:4d:8f:88:f1:ce:b1:fb:7a:9d:6e:39:44:c3:55:0e:45:8c:
6a:59:be:73:a4:ae:2a:79:97:e3:06:5d:0d:6d:52:07:4f:1c:
17:ca:5f:ed:f8:7e:05:93:e0:c8:d0:61:5a:ec:b4:bd:a2:99:
af:dc:d1:8d:69:21:37:91:02:11:db:6d:ac:38:04:3a:22:18:
fa:84:39:85:89:a4:0e:13:f3:22:cd:ec:ad:d0:70:0f:14:dd:
e2:75:5f:39:cf:eb:eb:3c:33:4b:e4:3e:e5:3d:1e:fb:6f:15:
3c:4c:2e:89:65:28:62:f4:60:29:78:87:8c:13:c9:d3:ea:20:
72:ff:e0:d0
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAZXcWaD8Lx8OGM+RTOiOcl1IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjUwMzI4MTA0MzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2QwN2E5ZjBiNWI4MGZiZTkzOGJiZjdjZTliNjYxY2Q5NDRiNjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+MEtGEAGAcJWSGmAOcdNO8ThNXT
FPuFrVnmjLXmKav1zYG+aEVGJiaXQGk20gNBjr05K5p6dQTqtn11kylzD2yd10h1
u2mNC+2kIAN1NrqPp/uRzSeXsdvzRzwqIoeMuFcqgyL+DOjEWum7YItmV9m0d0tk
iuezXVVOhVeQsOqVjYdYuXhsxkpkff6xp2FjBqL9aXjsteEmnbH15zFafP/5hKLz
+8TR8Rvn9/3GF0sJSRcLKlQkmXM2kqnf7aTWHr3n6KUiiZsH8Cc1Rds2XDB3Ot1e
l/7rcd3bxDkCTQPB1d4zh8R6EJEOH29mVFRphTelgWMTJFXt+9XDULCtMQIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFGfQep8LW4D76Ti7986bZhzZRLYyMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvWjlCNm53dGJnUHZwT0x2M3pwdG1ITmxFdGpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBlBAIAATBfAwQBXoMCAwQE
XoNgMAsDAwJfpAMEAl+kCAMEAl+kEDAMAwQAX6QVAwQDX6QQAwQDX6QgAwQCX6Qs
AwQAX6QzAwQCX6Q8AwQBX6REMAwDBAJfpFQDBAFfpFgDBANfpHAwDQYJKoZIhvcN
AQELBQADggEBAB7nf2vkjKcavnv+JDwuv9ew1T4CrWzjT5BZfWi5h1FSH/QDTKE9
3bXzQUQ3Hk/w1Jv6zl/KlB0li7a7ALBNHcLxLXweTfgc/x30eUZSettV2VC9YMgJ
kfesK5pIsb+1EXg5d8I/LRbVO4rp/UY/ab0bTVzjKS4lSO7vA02u2sNNj4jxzrH7
ep1uOUTDVQ5FjGpZvnOkrip5l+MGXQ1tUgdPHBfKX+34fgWT4MjQYVrstL2ima/c
0Y1pITeRAhHbbaw4BDoiGPqEOYWJpA4T8yLN7K3QcA8U3eJ1XznP6+s8M0vkPuU9
HvtvFTxMLollKGL0YCl4h4wTydPqIHL/4NA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:20:16 2025 by rpki-client