Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1b1df-750a-4732-b783-e8619aa75680/1/PuHdQeDappRzDRm2Yyr-4eDAbVk.roa
File: PuHdQeDappRzDRm2Yyr-4eDAbVk.roa (raw, json)
Hash identifier: KGFP0rzHxbDYdX45bSQF+vCgYcGUoxOEmhLFhQ5K8ZI=
Subject key identifier: 3E:E1:DD:41:E0:DA:A6:94:73:0D:19:B6:63:2A:FE:E1:E0:C0:6D:59
Certificate issuer: /CN=0ff8f94454f6ca6a7d70be455b2d6405f98fbcce
Certificate serial: 0194258F229FA44C669E34C03BC3E6752D36
Authority key identifier: 0F:F8:F9:44:54:F6:CA:6A:7D:70:BE:45:5B:2D:64:05:F9:8F:BC:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_j5RFT2ymp9cL5FWy1kBfmPvM4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1b1df-750a-4732-b783-e8619aa75680/1/PuHdQeDappRzDRm2Yyr-4eDAbVk.roa
Signing time: Thu 02 Jan 2025 05:48:44 +0000
ROA not before: Thu 02 Jan 2025 05:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42807
IP address blocks: 5.253.140.0/22 maxlen: 22
31.207.80.0/24 maxlen: 24
31.207.81.0/24 maxlen: 24
31.207.82.0/24 maxlen: 24
31.207.83.0/24 maxlen: 24
31.207.84.0/24 maxlen: 24
31.207.85.0/24 maxlen: 24
31.207.86.0/24 maxlen: 24
31.207.87.0/24 maxlen: 24
37.230.104.0/21 maxlen: 21
37.230.106.0/23 maxlen: 23
37.230.110.0/23 maxlen: 23
88.218.128.0/24 maxlen: 24
88.218.129.0/24 maxlen: 24
88.218.130.0/24 maxlen: 24
88.218.131.0/24 maxlen: 24
92.119.76.0/22 maxlen: 22
94.199.200.0/22 maxlen: 22
94.199.200.0/23 maxlen: 23
94.199.204.0/24 maxlen: 24
94.199.205.0/24 maxlen: 24
94.199.206.0/24 maxlen: 24
94.199.207.0/24 maxlen: 24
109.232.216.0/21 maxlen: 21
109.232.216.0/23 maxlen: 23
109.232.218.0/24 maxlen: 24
109.232.219.0/24 maxlen: 24
109.232.221.0/24 maxlen: 24
109.232.222.0/24 maxlen: 24
109.232.223.0/24 maxlen: 24
141.98.204.0/22 maxlen: 22
152.89.36.0/22 maxlen: 22
171.22.184.0/22 maxlen: 22
178.157.8.0/21 maxlen: 21
185.15.40.0/22 maxlen: 22
185.99.196.0/22 maxlen: 22
213.159.0.0/21 maxlen: 21
213.159.28.0/22 maxlen: 22
213.159.31.0/24 maxlen: 24
2a03:adc0::/48 maxlen: 48
2a03:adc0:1::/48 maxlen: 48
2a03:adc0:2::/48 maxlen: 48
2a03:adc1::/32 maxlen: 32
2a03:adc2::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:22:9f:a4:4c:66:9e:34:c0:3b:c3:e6:75:2d:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff8f94454f6ca6a7d70be455b2d6405f98fbcce
Validity
Not Before: Jan 2 05:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ee1dd41e0daa694730d19b6632afee1e0c06d59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:d1:32:fd:45:22:29:65:70:b3:b1:63:9c:33:
78:f5:36:de:62:a6:9b:e0:83:dc:13:e1:b3:17:6b:
7f:90:51:6c:ed:b4:e9:39:66:40:8d:f0:39:30:bb:
57:55:ff:ab:9d:84:04:4d:72:db:fe:3d:f1:37:f6:
22:40:5d:05:e0:dd:b0:fa:1d:a8:d9:bd:cd:cc:ee:
c1:51:42:22:9e:e5:7e:e0:cf:2e:d5:e9:ec:24:0b:
6d:96:1e:bd:f8:c4:12:d6:e2:e3:18:52:7f:ec:2c:
a6:92:fa:c8:42:a4:db:bd:01:97:f1:d3:9e:3a:03:
ee:8d:89:1e:1d:56:34:5a:34:3b:3e:2a:47:5a:b6:
e3:86:f2:52:a7:56:b2:75:14:95:11:ff:9a:40:fb:
b3:32:22:d7:fc:67:21:d2:e3:22:ac:6b:5a:42:4b:
f2:5f:e2:71:a5:b7:cc:c5:8e:1f:3f:5f:cd:5e:67:
17:30:80:ca:77:6d:96:ba:1a:88:53:a1:21:ad:75:
97:fc:e9:93:e6:d6:e2:72:5b:5b:ce:15:cb:2e:fe:
85:24:38:ee:94:c1:8c:a3:09:90:a9:93:84:22:20:
66:2f:14:2d:21:e7:e4:a7:89:cf:5d:2c:9e:56:1c:
f3:a3:d5:85:38:a0:f1:0e:5c:45:e1:70:0f:78:f1:
2e:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:E1:DD:41:E0:DA:A6:94:73:0D:19:B6:63:2A:FE:E1:E0:C0:6D:59
X509v3 Authority Key Identifier:
keyid:0F:F8:F9:44:54:F6:CA:6A:7D:70:BE:45:5B:2D:64:05:F9:8F:BC:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_j5RFT2ymp9cL5FWy1kBfmPvM4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1b1df-750a-4732-b783-e8619aa75680/1/PuHdQeDappRzDRm2Yyr-4eDAbVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1b1df-750a-4732-b783-e8619aa75680/1/D_j5RFT2ymp9cL5FWy1kBfmPvM4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.140.0/22
31.207.80.0/21
37.230.104.0/21
88.218.128.0/22
92.119.76.0/22
94.199.200.0/21
109.232.216.0/21
141.98.204.0/22
152.89.36.0/22
171.22.184.0/22
178.157.8.0/21
185.15.40.0/22
185.99.196.0/22
213.159.0.0/21
213.159.28.0/22
IPv6:
2a03:adc0::-2a03:adc0:2:ffff:ffff:ffff:ffff:ffff
2a03:adc1::-2a03:adc2:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
50:14:7a:2b:ea:6b:3d:f2:35:07:99:8c:ce:42:71:81:39:86:
5c:3f:02:ca:30:0b:4f:5b:2c:df:83:8f:69:15:d2:39:9a:25:
13:f1:32:ed:13:b6:c7:cb:86:aa:47:ec:4a:59:b9:04:fc:52:
a4:87:f2:a9:8b:18:c9:5d:f9:31:81:44:c4:de:d7:41:b4:b7:
60:05:c6:40:fb:ae:64:49:91:f6:a3:ed:06:49:dc:58:fa:4c:
58:76:e3:02:dc:57:ae:d0:df:58:17:41:d9:a3:c8:97:b9:6e:
23:ec:75:9d:1a:9f:76:cc:e9:a3:c4:4d:ae:59:d0:4d:b9:53:
95:18:27:5a:57:0b:2e:97:c0:19:88:16:30:ac:ec:fc:bd:30:
5a:40:ca:87:06:00:db:93:d1:5e:ec:ce:94:cf:21:79:c5:33:
08:ac:9c:4e:85:22:54:83:85:a8:85:1a:01:ba:9f:12:2c:ea:
47:e7:60:e1:ae:c6:91:a6:c1:79:d8:cd:fd:a5:49:2f:ac:7e:
f0:ba:83:9d:35:45:30:cf:44:ac:eb:be:4a:1f:d8:d3:f8:86:
bc:f0:79:ff:47:5a:87:37:0a:c1:97:2c:89:fd:40:6c:8f:d5:
fc:f0:fd:fa:67:8c:e9:be:3e:25:ba:de:02:85:9c:09:b3:66:
7e:4d:30:ed
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAZQljyKfpExmnjTAO8PmdS02MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjhmOTQ0NTRmNmNhNmE3ZDcwYmU0NTViMmQ2NDA1Zjk4
ZmJjY2UwHhcNMjUwMTAyMDU0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWUxZGQ0MWUwZGFhNjk0NzMwZDE5YjY2MzJhZmVlMWUwYzA2ZDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9NEy/UUiKWVws7FjnDN49TbeYqab
4IPcE+GzF2t/kFFs7bTpOWZAjfA5MLtXVf+rnYQETXLb/j3xN/YiQF0F4N2w+h2o
2b3NzO7BUUIinuV+4M8u1ensJAttlh69+MQS1uLjGFJ/7CymkvrIQqTbvQGX8dOe
OgPujYkeHVY0WjQ7PipHWrbjhvJSp1aydRSVEf+aQPuzMiLX/Gch0uMirGtaQkvy
X+JxpbfMxY4fP1/NXmcXMIDKd22WuhqIU6EhrXWX/OmT5tbicltbzhXLLv6FJDju
lMGMowmQqZOEIiBmLxQtIefkp4nPXSyeVhzzo9WFOKDxDlxF4XAPePEu5QIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFD7h3UHg2qaUcw0ZtmMq/uHgwG1ZMB8GA1UdIwQY
MBaAFA/4+URU9spqfXC+RVstZAX5j7zOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9qNVJGVDJ5bXA5Y0w1Rld5MWtCZm1Qdk00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMWIxZGYtNzUwYS00NzMyLWI3ODMt
ZTg2MTlhYTc1NjgwLzEvUHVIZFFlRGFwcFJ6RFJtMll5ci00ZURBYlZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMWIxZGYtNzUwYS00NzMyLWI3ODMtZTg2MTlhYTc1Njgw
LzEvRF9qNVJGVDJ5bXA5Y0w1Rld5MWtCZm1Qdk00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDBgBAIAATBaAwQCBf2M
AwQDH89QAwQDJeZoAwQCWNqAAwQCXHdMAwQDXsfIAwQDbejYAwQCjWLMAwQCmFkk
AwQCqxa4AwQDsp0IAwQCuQ8oAwQCuWPEAwQD1Z8AAwQC1Z8cMCgEAgACMCIwEAMF
BioDrcADBwAqA63AAAIwDgMFACoDrcEDBQAqA63CMA0GCSqGSIb3DQEBCwUAA4IB
AQBQFHor6ms98jUHmYzOQnGBOYZcPwLKMAtPWyzfg49pFdI5miUT8TLtE7bHy4aq
R+xKWbkE/FKkh/KpixjJXfkxgUTE3tdBtLdgBcZA+65kSZH2o+0GSdxY+kxYduMC
3Feu0N9YF0HZo8iXuW4j7HWdGp92zOmjxE2uWdBNuVOVGCdaVwsul8AZiBYwrOz8
vTBaQMqHBgDbk9Fe7M6UzyF5xTMIrJxOhSJUg4WohRoBup8SLOpH52DhrsaRpsF5
2M39pUkvrH7wuoOdNUUwz0Ss675KH9jT+Ia88Hn/R1qHNwrBlyyJ/UBsj9X88P36
Z4zpvj4lut4ChZwJs2Z+TTDt
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:22:21 2025 by rpki-client