Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/LjXb5DeGXrW45KWFow7RRZOx-bY.roa
File: LjXb5DeGXrW45KWFow7RRZOx-bY.roa (raw, json)
Hash identifier: KvE0uMbCrq5K455o26uW7iATbRyzO5SYwCSffzOiq6A=
Subject key identifier: 2E:35:DB:E4:37:86:5E:B5:B8:E4:A5:85:A3:0E:D1:45:93:B1:F9:B6
Certificate issuer: /CN=1c7b06bf41300dc4d30f3d0e180c9b95d2bcddff
Certificate serial: 018CC4933D0A3B5C40FBCB72BE3FFA0CCEA8
Authority key identifier: 1C:7B:06:BF:41:30:0D:C4:D3:0F:3D:0E:18:0C:9B:95:D2:BC:DD:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/LjXb5DeGXrW45KWFow7RRZOx-bY.roa
Signing time: Mon 01 Jan 2024 10:30:32 +0000
ROA not before: Mon 01 Jan 2024 10:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9119
IP address blocks: 85.208.172.0/24 maxlen: 24
185.175.0.0/22 maxlen: 22
80.65.174.0/24 maxlen: 24
80.65.173.0/24 maxlen: 24
80.65.175.0/24 maxlen: 24
213.253.120.0/22 maxlen: 22
213.253.124.0/22 maxlen: 22
91.132.74.0/23 maxlen: 23
2.58.48.0/22 maxlen: 22
80.65.166.0/24 maxlen: 24
80.65.165.0/24 maxlen: 24
80.65.160.0/24 maxlen: 24
80.65.160.0/20 maxlen: 20
80.65.164.0/24 maxlen: 24
80.65.163.0/24 maxlen: 24
80.65.162.0/24 maxlen: 24
80.65.161.0/24 maxlen: 24
80.65.172.0/24 maxlen: 24
80.65.167.0/24 maxlen: 24
80.65.171.0/24 maxlen: 24
80.65.170.0/24 maxlen: 24
80.65.169.0/24 maxlen: 24
80.65.168.0/24 maxlen: 24
147.78.219.0/24 maxlen: 24
147.78.218.0/24 maxlen: 24
147.78.216.0/24 maxlen: 24
147.78.216.0/22 maxlen: 22
213.253.96.0/20 maxlen: 20
213.253.96.0/21 maxlen: 21
217.199.132.0/24 maxlen: 24
217.199.131.0/24 maxlen: 24
213.253.104.0/22 maxlen: 22
217.199.130.0/24 maxlen: 24
217.199.129.0/24 maxlen: 24
217.199.128.0/20 maxlen: 24
217.199.128.0/24 maxlen: 24
217.199.133.0/24 maxlen: 24
217.199.139.0/24 maxlen: 24
213.253.112.0/22 maxlen: 22
217.199.138.0/24 maxlen: 24
213.253.111.0/24 maxlen: 24
217.199.134.0/24 maxlen: 24
217.199.137.0/24 maxlen: 24
217.199.136.0/24 maxlen: 24
213.253.110.0/24 maxlen: 24
213.253.108.0/22 maxlen: 22
217.199.135.0/24 maxlen: 24
213.253.108.0/24 maxlen: 24
213.253.109.0/24 maxlen: 24
217.199.140.0/24 maxlen: 24
213.253.116.0/22 maxlen: 22
217.199.143.0/24 maxlen: 24
217.199.142.0/24 maxlen: 24
217.199.141.0/24 maxlen: 24
213.253.64.0/19 maxlen: 19
45.15.44.0/22 maxlen: 22
212.103.128.0/19 maxlen: 19
84.41.122.0/23 maxlen: 23
84.41.120.0/23 maxlen: 23
84.41.124.0/22 maxlen: 22
84.41.96.0/21 maxlen: 21
84.41.104.0/22 maxlen: 22
84.41.108.0/23 maxlen: 23
84.41.112.0/23 maxlen: 23
84.41.111.0/24 maxlen: 24
84.41.110.0/24 maxlen: 24
84.41.115.0/24 maxlen: 24
84.41.114.0/24 maxlen: 24
84.41.116.0/22 maxlen: 22
46.163.48.0/21 maxlen: 21
46.163.58.0/24 maxlen: 24
46.163.58.0/23 maxlen: 23
46.163.56.0/23 maxlen: 23
46.163.56.0/24 maxlen: 24
46.163.59.0/24 maxlen: 24
46.163.60.0/22 maxlen: 22
45.156.140.0/23 maxlen: 23
45.156.140.0/24 maxlen: 24
45.8.0.0/22 maxlen: 22
46.163.0.0/19 maxlen: 19
46.163.32.0/20 maxlen: 20
212.13.224.0/19 maxlen: 19
84.41.32.0/19 maxlen: 19
84.41.64.0/19 maxlen: 19
84.41.0.0/18 maxlen: 18
84.41.0.0/19 maxlen: 19
84.41.0.0/21 maxlen: 21
185.54.131.0/24 maxlen: 24
185.54.130.0/24 maxlen: 24
185.54.128.0/24 maxlen: 24
185.54.128.0/23 maxlen: 23
2a0b:c300::/29 maxlen: 29
2a02:805::/33 maxlen: 33
2a0b:c306::/32 maxlen: 32
2a02:801::/33 maxlen: 33
2a02:801::/32 maxlen: 32
2a02:800::/32 maxlen: 32
2a0f:2180::/29 maxlen: 29
2a0e:2e00::/29 maxlen: 29
2a0e:1e80::/29 maxlen: 29
2a09:e140::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:3d:0a:3b:5c:40:fb:cb:72:be:3f:fa:0c:ce:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7b06bf41300dc4d30f3d0e180c9b95d2bcddff
Validity
Not Before: Jan 1 10:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e35dbe437865eb5b8e4a585a30ed14593b1f9b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:37:39:2c:ac:12:cc:29:08:e5:f8:b2:f7:e9:
6a:29:18:00:38:cb:61:c5:a8:da:2f:fd:70:34:49:
0f:e0:ad:61:a5:c5:3b:4c:4a:c5:8d:77:70:20:f4:
08:d1:30:8a:67:24:a5:37:97:51:37:e3:de:2b:78:
60:8f:12:4d:59:d7:81:d5:42:94:d3:2d:11:03:f4:
81:03:e9:5f:c2:83:c5:c0:f7:92:17:ef:c5:14:4d:
16:35:19:c1:7c:12:62:94:e9:94:10:41:0b:21:bb:
78:d8:e6:9d:ee:d6:18:18:d5:ad:10:d8:74:ff:9f:
98:74:7d:a2:c4:17:89:53:e0:9a:c4:a0:66:44:5d:
8d:fb:1f:9a:39:e1:d3:43:03:97:66:ca:07:44:71:
86:f8:8a:2d:97:6b:7f:22:76:2c:37:f8:32:e0:c0:
96:67:65:82:27:7c:dc:0f:8d:45:7f:58:fb:e9:b1:
62:ba:b4:f1:d8:7c:8e:5f:58:d9:9c:f6:e8:0f:5c:
c7:fe:a5:8a:9b:4f:3f:ba:a0:73:5d:71:03:58:7f:
5a:e6:31:f5:eb:e0:b2:ee:51:04:92:ae:b2:df:05:
0e:59:3f:4d:16:30:f4:46:e7:9f:a6:43:58:67:0c:
e4:f1:aa:99:c2:12:59:13:0f:72:9e:d8:83:39:ba:
93:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:35:DB:E4:37:86:5E:B5:B8:E4:A5:85:A3:0E:D1:45:93:B1:F9:B6
X509v3 Authority Key Identifier:
keyid:1C:7B:06:BF:41:30:0D:C4:D3:0F:3D:0E:18:0C:9B:95:D2:BC:DD:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/LjXb5DeGXrW45KWFow7RRZOx-bY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/HHsGv0EwDcTTDz0OGAybldK83f8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.48.0/22
45.8.0.0/22
45.15.44.0/22
45.156.140.0/23
46.163.0.0/18
80.65.160.0/20
84.41.0.0/17
85.208.172.0/24
91.132.74.0/23
147.78.216.0/22
185.54.128.0/22
185.175.0.0/22
212.13.224.0/19
212.103.128.0/19
213.253.64.0/18
217.199.128.0/20
IPv6:
2a02:800::/31
2a02:805::/33
2a09:e140::/29
2a0b:c300::/29
2a0e:1e80::/29
2a0e:2e00::/29
2a0f:2180::/29
Signature Algorithm: sha256WithRSAEncryption
13:f5:7a:10:f6:fc:b4:01:93:bd:c1:33:21:37:62:a1:b8:5a:
13:b2:42:24:ef:42:68:a1:ab:b8:0b:68:4c:11:f5:39:0e:4f:
85:b0:99:c7:c7:cd:d8:5c:a3:a4:2a:79:83:ba:ae:87:35:6c:
dd:0a:9e:d1:86:b8:7f:71:fd:fe:1a:e0:86:c7:5b:7f:a7:f1:
46:b5:98:5e:e9:3f:4f:c5:c7:8b:5f:05:a3:7d:cf:d3:8a:2f:
59:72:6a:cb:a4:d7:33:23:ae:f4:5a:4f:59:3c:ec:d9:46:03:
65:fe:41:c6:ab:d7:5e:55:95:32:3f:31:c6:f7:8c:98:33:de:
3c:7f:59:76:ab:a3:52:26:de:bd:c6:3b:b7:fa:0e:ea:24:34:
da:34:6f:14:8a:8a:0d:68:20:cf:ee:ef:b9:a5:50:f1:7f:ad:
ec:31:07:bb:b3:28:88:62:d3:6d:c2:9f:51:cc:5b:51:87:b5:
51:e2:85:ef:dc:1c:84:0a:b6:b2:6f:64:4f:cb:7b:c6:ca:a6:
b6:90:ac:28:7d:4b:4f:89:ae:a2:a1:c9:a3:47:61:34:4d:58:
56:60:8c:f9:f6:dc:a2:16:ff:d8:d0:c0:db:5e:d4:da:7e:2e:
17:44:e5:15:20:86:3d:d6:c9:93:38:be:6e:9f:6e:15:1a:e8:
96:f3:a3:0b
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzEkz0KO1xA+8tyvj/6DM6oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2IwNmJmNDEzMDBkYzRkMzBmM2QwZTE4MGM5Yjk1ZDJi
Y2RkZmYwHhcNMjQwMTAxMTAzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTM1ZGJlNDM3ODY1ZWI1YjhlNGE1ODVhMzBlZDE0NTkzYjFmOWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTc5LKwSzCkI5fiy9+lqKRgAOMth
xajaL/1wNEkP4K1hpcU7TErFjXdwIPQI0TCKZySlN5dRN+PeK3hgjxJNWdeB1UKU
0y0RA/SBA+lfwoPFwPeSF+/FFE0WNRnBfBJilOmUEEELIbt42Oad7tYYGNWtENh0
/5+YdH2ixBeJU+CaxKBmRF2N+x+aOeHTQwOXZsoHRHGG+Iotl2t/InYsN/gy4MCW
Z2WCJ3zcD41Ff1j76bFiurTx2HyOX1jZnPboD1zH/qWKm08/uqBzXXEDWH9a5jH1
6+Cy7lEEkq6y3wUOWT9NFjD0RuefpkNYZwzk8aqZwhJZEw9yntiDObqTzQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFC412+Q3hl61uOSlhaMO0UWTsfm2MB8GA1UdIwQY
MBaAFBx7Br9BMA3E0w89DhgMm5XSvN3/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhzR3YwRXdEY1RURHowT0dBeWJsZEs4M2Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83MDJiMjgtZTE1OC00MGMwLTgzMzAt
MjRmZGRjNmQxNDdiLzEvTGpYYjVEZUdYclc0NUtXRm93N1JSWk94LWJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83MDJiMjgtZTE1OC00MGMwLTgzMzAtMjRmZGRjNmQxNDdi
LzEvSEhzR3YwRXdEY1RURHowT0dBeWJsZEs4M2Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojBmBAIAATBgAwQCAjow
AwQCLQgAAwQCLQ8sAwQBLZyMAwQGLqMAAwQEUEGgAwQHVCkAAwQAVdCsAwQBW4RK
AwQCk07YAwQCuTaAAwQCua8AAwQF1A3gAwQF1GeAAwQG1f1AAwQE2ceAMDgEAgAC
MDIDBQEqAggAAwYHKgIIBQADBQMqCeFAAwUDKgvDAAMFAyoOHoADBQMqDi4AAwUD
Kg8hgDANBgkqhkiG9w0BAQsFAAOCAQEAE/V6EPb8tAGTvcEzITdiobhaE7JCJO9C
aKGruAtoTBH1OQ5PhbCZx8fN2FyjpCp5g7quhzVs3Qqe0Ya4f3H9/hrghsdbf6fx
RrWYXuk/T8XHi18Fo33P04ovWXJqy6TXMyOu9FpPWTzs2UYDZf5BxqvXXlWVMj8x
xveMmDPePH9ZdqujUibevcY7t/oO6iQ02jRvFIqKDWggz+7vuaVQ8X+t7DEHu7Mo
iGLTbcKfUcxbUYe1UeKF79wchAq2sm9kT8t7xsqmtpCsKH1LT4muoqHJo0dhNE1Y
VmCM+fbcohb/2NDA217U2n4uF0TlFSCGPdbJkzi+bp9uFRrolvOjCw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:46:26 2025 by rpki-client