Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/__B-Q_mIg_I2Q0ChTaQYRL_HOus.roa
File: __B-Q_mIg_I2Q0ChTaQYRL_HOus.roa (raw, json)
Hash identifier: uovfALvxi0ApcZ/CW4Xf+ebeIDEuJnz/Ee0WpIXTHbM=
Subject key identifier: FF:F0:7E:43:F9:88:83:F2:36:43:40:A1:4D:A4:18:44:BF:C7:3A:EB
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0195B917A8938C3FB6C0801A9D4BEFA26166
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/__B-Q_mIg_I2Q0ChTaQYRL_HOus.roa
Signing time: Fri 21 Mar 2025 14:24:50 +0000
ROA not before: Fri 21 Mar 2025 14:24:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26383
IP address blocks: 62.76.234.0/24 maxlen: 24
62.76.239.0/24 maxlen: 24
192.124.176.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.124.22.0/24 maxlen: 24
193.124.41.0/24 maxlen: 24
193.124.46.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.39.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.58.68.0/24 maxlen: 24
194.87.10.0/24 maxlen: 24
194.87.17.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.23.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
194.87.39.0/24 maxlen: 24
194.87.47.0/24 maxlen: 24
194.87.58.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.105.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
194.87.128.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
194.87.227.0/24 maxlen: 24
194.87.230.0/24 maxlen: 24
194.87.240.0/24 maxlen: 24
194.87.245.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.67.0/24 maxlen: 24
195.133.83.0/24 maxlen: 24
195.133.92.0/24 maxlen: 24
212.192.221.0/24 maxlen: 24
212.192.223.0/24 maxlen: 24
212.193.1.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
212.193.6.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b9:17:a8:93:8c:3f:b6:c0:80:1a:9d:4b:ef:a2:61:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 21 14:24:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fff07e43f98883f2364340a14da41844bfc73aeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:83:e2:f5:f9:ad:50:d3:fe:b6:f1:ee:26:1b:
29:4f:42:9d:c3:19:d3:d3:ce:2d:fc:55:82:dd:43:
ae:6a:24:a7:e0:66:e8:10:30:b8:bd:6d:12:b0:16:
9d:b5:fb:e4:5d:43:b7:ad:56:a0:23:17:5f:19:83:
6d:8e:19:1d:d0:bd:e5:5b:8a:58:7f:0e:0d:70:bf:
79:cc:46:8f:90:ad:6e:40:94:47:ec:79:59:99:73:
d0:54:5e:b3:25:07:cc:ee:d1:00:26:ea:4c:4a:68:
59:0d:f7:60:67:7e:be:e5:3f:e8:4a:90:85:ac:4c:
31:90:65:36:42:f9:2d:fe:6c:e2:6e:14:8c:55:57:
f6:a6:52:be:8b:bc:da:01:82:b4:4b:14:f9:9b:c4:
77:23:52:11:07:cc:8c:9e:d7:4a:04:de:31:a4:c2:
6d:d7:0b:7c:94:b8:34:fc:ff:d6:67:89:79:99:49:
6c:c7:75:ca:a7:d6:7c:f8:0d:c5:df:d2:eb:e3:86:
66:ca:9c:69:a6:fb:0c:39:0d:6d:a9:b6:fe:4e:92:
47:21:fc:38:79:dd:e6:94:00:10:8d:e2:bb:bf:68:
a4:c1:d7:84:ff:c6:49:ff:b2:5b:07:ec:8d:1c:4b:
88:b2:3c:98:38:da:2d:fb:19:31:84:9d:e4:cd:04:
97:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:F0:7E:43:F9:88:83:F2:36:43:40:A1:4D:A4:18:44:BF:C7:3A:EB
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/__B-Q_mIg_I2Q0ChTaQYRL_HOus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.234.0/24
62.76.239.0/24
192.124.176.0/24
192.124.209.0/24
193.124.22.0/24
193.124.41.0/24
193.124.46.0/24
194.58.38.0-194.58.40.255
194.58.59.0/24
194.58.66.0/24
194.58.68.0/24
194.87.10.0/24
194.87.17.0-194.87.18.255
194.87.23.0/24
194.87.30.0/24
194.87.39.0/24
194.87.47.0/24
194.87.58.0/24
194.87.73.0/24
194.87.82.0/24
194.87.105.0/24
194.87.108.0/24
194.87.123.0/24
194.87.128.0/24
194.87.178.0/24
194.87.198.0/24
194.87.227.0/24
194.87.230.0/24
194.87.240.0/24
194.87.245.0/24
195.133.55.0/24
195.133.67.0/24
195.133.83.0/24
195.133.92.0/24
212.192.221.0/24
212.192.223.0/24
212.193.1.0-212.193.2.255
212.193.6.0/24
Signature Algorithm: sha256WithRSAEncryption
92:ad:71:c5:fc:81:bf:de:f6:59:dd:86:97:44:3b:09:3c:93:
66:49:2f:1b:a9:25:17:84:8f:c3:b8:21:ce:fd:7e:81:77:93:
61:fe:bb:ba:31:6b:71:7c:50:cb:76:b1:0e:5c:a2:ba:4c:29:
2d:cd:75:1c:1b:50:c2:6a:8b:60:5e:1a:aa:b4:77:6c:39:d2:
17:a4:06:2a:f9:19:44:8a:0f:8d:74:1c:d0:9f:57:0f:dd:7d:
65:11:47:80:cc:4f:5a:21:7c:20:be:d5:45:6e:1e:6b:41:5f:
68:1f:00:cf:ca:4d:0a:29:03:2d:b7:d3:f7:c3:ef:72:0e:6e:
39:89:0a:93:f0:c1:64:31:5f:d6:84:25:5c:ab:c4:4b:9d:dc:
52:fc:11:e5:c3:8a:e0:9c:07:db:95:07:6f:85:ab:65:a7:e5:
2c:d6:7d:aa:47:fe:77:18:70:f8:13:d1:5d:11:98:5c:95:1b:
98:4f:a6:f2:07:9e:3b:24:cc:71:7a:61:9e:48:5f:6c:45:ed:
7e:bc:81:6c:8c:6d:b3:2e:67:79:71:7b:2d:d0:cf:ea:df:8d:
5d:a5:e5:cd:aa:75:1e:1e:48:5c:db:68:15:4f:5f:94:b0:13:
87:71:a6:df:54:00:65:ff:82:59:95:49:58:df:af:80:54:d0:
83:5e:c8:2d
-----BEGIN CERTIFICATE-----
MIIF/DCCBOSgAwIBAgISAZW5F6iTjD+2wIAanUvvomFmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMzIxMTQyNDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmYwN2U0M2Y5ODg4M2YyMzY0MzQwYTE0ZGE0MTg0NGJmYzczYWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIPi9fmtUNP+tvHuJhspT0KdwxnT
084t/FWC3UOuaiSn4GboEDC4vW0SsBadtfvkXUO3rVagIxdfGYNtjhkd0L3lW4pY
fw4NcL95zEaPkK1uQJRH7HlZmXPQVF6zJQfM7tEAJupMSmhZDfdgZ36+5T/oSpCF
rEwxkGU2Qvkt/mzibhSMVVf2plK+i7zaAYK0SxT5m8R3I1IRB8yMntdKBN4xpMJt
1wt8lLg0/P/WZ4l5mUlsx3XKp9Z8+A3F39Lr44ZmypxppvsMOQ1tqbb+TpJHIfw4
ed3mlAAQjeK7v2ikwdeE/8ZJ/7JbB+yNHEuIsjyYONot+xkxhJ3kzQSXYwIDAQAB
o4IDCDCCAwQwHQYDVR0OBBYEFP/wfkP5iIPyNkNAoU2kGES/xzrrMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvX19CLVFfbUlnX0kyUTBDaFRhUVlSTF9IT3VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHAYIKwYBBQUHAQcBAf8EggELMIIBBzCCAQMEAgABMIH8
AwQAPkzqAwQAPkzvAwQAwHywAwQAwHzRAwQAwXwWAwQAwXwpAwQAwXwuMAwDBAHC
OiYDBADCOigDBADCOjsDBADCOkIDBADCOkQDBADCVwowDAMEAMJXEQMEAMJXEgME
AMJXFwMEAMJXHgMEAMJXJwMEAMJXLwMEAMJXOgMEAMJXSQMEAMJXUgMEAMJXaQME
AMJXbAMEAMJXewMEAMJXgAMEAMJXsgMEAMJXxgMEAMJX4wMEAMJX5gMEAMJX8AME
AMJX9QMEAMOFNwMEAMOFQwMEAMOFUwMEAMOFXAMEANTA3QMEANTA3zAMAwQA1MEB
AwQA1MECAwQA1MEGMA0GCSqGSIb3DQEBCwUAA4IBAQCSrXHF/IG/3vZZ3YaXRDsJ
PJNmSS8bqSUXhI/DuCHO/X6Bd5Nh/ru6MWtxfFDLdrEOXKK6TCktzXUcG1DCaotg
XhqqtHdsOdIXpAYq+RlEig+NdBzQn1cP3X1lEUeAzE9aIXwgvtVFbh5rQV9oHwDP
yk0KKQMtt9P3w+9yDm45iQqT8MFkMV/WhCVcq8RLndxS/BHlw4rgnAfblQdvhatl
p+Us1n2qR/53GHD4E9FdEZhclRuYT6byB547JMxxemGeSF9sRe1+vIFsjG2zLmd5
cXst0M/q341dpeXNqnUeHkhc22gVT1+UsBOHcabfVABl/4JZlUlY36+AVNCDXsgt
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:51:16 2025 by rpki-client