Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/n5d1Kpwlofe6bgZW2fKPstkSsqI.roa
File: n5d1Kpwlofe6bgZW2fKPstkSsqI.roa (raw, json)
Hash identifier: KjS9fXWO6iwty0DJcTPVMLarEM4S37TPhydTXoSoraM=
Subject key identifier: 9F:97:75:2A:9C:25:A1:F7:BA:6E:06:56:D9:F2:8F:B2:D9:12:B2:A2
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 0193B60D9240BB67D1538435449AC56CE1FC
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/n5d1Kpwlofe6bgZW2fKPstkSsqI.roa
Signing time: Wed 11 Dec 2024 14:09:22 +0000
ROA not before: Wed 11 Dec 2024 14:09:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6762
IP address blocks: 2.16.19.0/24 maxlen: 24
2.16.70.0/23 maxlen: 23
2.16.146.0/23 maxlen: 23
2.16.220.0/22 maxlen: 22
2.18.0.0/22 maxlen: 22
2.18.31.0/24 maxlen: 24
2.19.16.0/20 maxlen: 20
2.20.4.0/22 maxlen: 22
2.20.47.0/24 maxlen: 24
2.20.109.0/24 maxlen: 24
2.20.252.0/24 maxlen: 24
2.21.2.0/24 maxlen: 24
2.21.14.0/24 maxlen: 24
2.21.100.0/22 maxlen: 22
2.22.216.0/22 maxlen: 22
2.22.234.0/24 maxlen: 24
88.221.28.0/22 maxlen: 22
88.221.100.0/22 maxlen: 22
92.122.68.0/22 maxlen: 22
92.122.225.0/24 maxlen: 24
92.122.248.0/22 maxlen: 22
92.123.48.0/24 maxlen: 24
92.123.106.0/24 maxlen: 24
92.123.208.0/22 maxlen: 22
95.100.136.0/22 maxlen: 22
95.101.35.0/24 maxlen: 24
95.101.68.0/22 maxlen: 22
95.101.114.0/24 maxlen: 24
95.101.156.0/22 maxlen: 22
2a02:26f0:b00::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b6:0d:92:40:bb:67:d1:53:84:35:44:9a:c5:6c:e1:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Dec 11 14:09:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f97752a9c25a1f7ba6e0656d9f28fb2d912b2a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:88:c1:db:a3:0e:d2:73:00:f6:72:9b:20:e9:
89:9f:69:13:83:10:5a:5a:6f:9d:12:13:d4:4b:79:
a5:63:3a:36:a8:46:bb:e9:21:c7:9c:0a:52:5b:df:
26:4a:19:9d:ae:6c:89:b2:c6:e2:47:f5:b3:7f:02:
4b:36:97:5c:b4:22:9b:d4:b7:7c:d8:7e:00:57:32:
c7:86:32:b6:a2:62:e6:7c:6d:70:90:2a:7f:76:c1:
95:62:74:61:ef:0f:cd:1b:be:94:cc:61:7f:9a:a7:
52:09:6c:82:21:91:0c:b7:16:d1:f7:f7:4d:80:36:
6e:bb:de:3f:e7:5a:5f:52:35:b5:ea:d9:69:2b:6c:
c7:e6:d9:df:cf:41:a7:d0:6c:68:b1:d0:73:2c:b3:
8d:61:74:ca:ca:4e:4e:d4:7e:32:cb:cd:81:1e:e1:
59:8c:f1:ec:cc:55:87:a5:38:4e:f1:33:0c:5a:26:
99:d9:d1:9d:ea:9a:71:1e:94:b5:9d:dc:2b:79:e9:
2a:aa:1c:dd:80:ea:c2:7c:d3:ee:37:a1:93:d6:66:
ad:44:9c:ca:99:c5:bc:7a:ee:e5:50:5b:f9:56:5d:
02:16:6c:b0:e5:6c:f7:bc:32:2c:ee:62:78:bb:76:
a9:f4:24:93:cb:6b:f0:48:b2:ca:2e:fa:e2:0b:2e:
b5:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:97:75:2A:9C:25:A1:F7:BA:6E:06:56:D9:F2:8F:B2:D9:12:B2:A2
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/n5d1Kpwlofe6bgZW2fKPstkSsqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.16.19.0/24
2.16.70.0/23
2.16.146.0/23
2.16.220.0/22
2.18.0.0/22
2.18.31.0/24
2.19.16.0/20
2.20.4.0/22
2.20.47.0/24
2.20.109.0/24
2.20.252.0/24
2.21.2.0/24
2.21.14.0/24
2.21.100.0/22
2.22.216.0/22
2.22.234.0/24
88.221.28.0/22
88.221.100.0/22
92.122.68.0/22
92.122.225.0/24
92.122.248.0/22
92.123.48.0/24
92.123.106.0/24
92.123.208.0/22
95.100.136.0/22
95.101.35.0/24
95.101.68.0/22
95.101.114.0/24
95.101.156.0/22
IPv6:
2a02:26f0:b00::/48
Signature Algorithm: sha256WithRSAEncryption
83:64:b3:23:53:87:5a:bf:58:e4:7f:f2:dc:0c:ed:d7:1c:77:
36:de:a7:e4:3a:bd:0f:e2:51:69:eb:01:72:a8:b5:8d:26:ca:
b6:91:c6:c7:62:95:0e:21:fa:5c:e4:19:ba:39:aa:75:be:d6:
83:5a:15:60:12:98:dc:82:37:b4:17:f6:a5:d9:2a:f1:60:5e:
ad:2e:97:fd:19:4a:20:2e:37:6f:fb:59:df:ce:aa:1e:aa:c9:
b6:2c:1a:7f:9f:a9:4d:01:98:13:56:82:f1:f8:89:46:29:83:
e9:c0:cb:0e:5a:44:82:71:46:fe:85:a0:aa:ca:ea:ca:28:1c:
1a:8b:a9:01:d1:63:3a:40:43:b4:36:71:a8:30:a0:db:a0:97:
f9:a6:7f:44:4f:e8:1d:81:b7:57:53:e7:e4:5e:e8:a7:f8:23:
9a:e7:87:2b:0e:57:a4:37:63:f4:88:a8:f7:42:a2:ad:cb:b4:
57:0f:8e:50:d5:2c:95:8f:c7:50:13:26:15:7f:ab:69:fc:34:
10:52:2e:2f:5d:96:30:89:f8:43:30:32:04:c6:86:78:16:6b:
69:8c:86:2a:b9:1a:d1:25:9b:a3:05:4e:2c:de:b8:09:33:a0:
2a:03:9d:90:5c:ce:7d:b1:d9:af:58:90:97:c5:63:99:80:19:
9c:3e:0e:84
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgISAZO2DZJAu2fRU4Q1RJrFbOH8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQxMjExMTQwOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Zjk3NzUyYTljMjVhMWY3YmE2ZTA2NTZkOWYyOGZiMmQ5MTJiMmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYjB26MO0nMA9nKbIOmJn2kTgxBa
Wm+dEhPUS3mlYzo2qEa76SHHnApSW98mShmdrmyJssbiR/WzfwJLNpdctCKb1Ld8
2H4AVzLHhjK2omLmfG1wkCp/dsGVYnRh7w/NG76UzGF/mqdSCWyCIZEMtxbR9/dN
gDZuu94/51pfUjW16tlpK2zH5tnfz0Gn0GxosdBzLLONYXTKyk5O1H4yy82BHuFZ
jPHszFWHpThO8TMMWiaZ2dGd6ppxHpS1ndwreekqqhzdgOrCfNPuN6GT1matRJzK
mcW8eu7lUFv5Vl0CFmyw5Wz3vDIs7mJ4u3ap9CSTy2vwSLLKLvriCy61YQIDAQAB
o4ICxzCCAsMwHQYDVR0OBBYEFJ+XdSqcJaH3um4GVtnyj7LZErKiMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvbjVkMUtwd2xvZmU2YmdaVzJmS1BzdGtTc3FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHcBggrBgEFBQcBBwEB/wSBzDCByTCBtQQCAAEwga4DBAAC
EBMDBAECEEYDBAECEJIDBAICENwDBAICEgADBAACEh8DBAQCExADBAICFAQDBAAC
FC8DBAACFG0DBAACFPwDBAACFQIDBAACFQ4DBAICFWQDBAICFtgDBAACFuoDBAJY
3RwDBAJY3WQDBAJcekQDBABceuEDBAJcevgDBABcezADBABce2oDBAJce9ADBAJf
ZIgDBABfZSMDBAJfZUQDBABfZXIDBAJfZZwwDwQCAAIwCQMHACoCJvALADANBgkq
hkiG9w0BAQsFAAOCAQEAg2SzI1OHWr9Y5H/y3Azt1xx3Nt6n5Dq9D+JRaesBcqi1
jSbKtpHGx2KVDiH6XOQZujmqdb7Wg1oVYBKY3II3tBf2pdkq8WBerS6X/RlKIC43
b/tZ386qHqrJtiwaf5+pTQGYE1aC8fiJRimD6cDLDlpEgnFG/oWgqsrqyigcGoup
AdFjOkBDtDZxqDCg26CX+aZ/RE/oHYG3V1Pn5F7op/gjmueHKw5XpDdj9Iio90Ki
rcu0Vw+OUNUslY/HUBMmFX+rafw0EFIuL12WMIn4QzAyBMaGeBZraYyGKrka0SWb
owVOLN64CTOgKgOdkFzOfbHZr1iQl8VjmYAZnD4OhA==
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:15:10 2025 by rpki-client