Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1b1df-750a-4732-b783-e8619aa75680/1/pJw__iKN_k5oBf-PvMiboQyJeKM.roa
File: pJw__iKN_k5oBf-PvMiboQyJeKM.roa (raw, json)
Hash identifier: lET9ki0zYHpj5nWzjOBKqbmEN80EempbxogNsB0T6eQ=
Subject key identifier: A4:9C:3F:FE:22:8D:FE:4E:68:05:FF:8F:BC:C8:9B:A1:0C:89:78:A3
Certificate issuer: /CN=0ff8f94454f6ca6a7d70be455b2d6405f98fbcce
Certificate serial: 0184AE767E76F76A35DFA4E527ADC372B662
Authority key identifier: 0F:F8:F9:44:54:F6:CA:6A:7D:70:BE:45:5B:2D:64:05:F9:8F:BC:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_j5RFT2ymp9cL5FWy1kBfmPvM4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1b1df-750a-4732-b783-e8619aa75680/1/pJw__iKN_k5oBf-PvMiboQyJeKM.roa
Signing time: Fri 25 Nov 2022 11:05:11 +0000
ROA not before: Fri 25 Nov 2022 11:05:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42807
IP address blocks: 94.199.200.0/23 maxlen: 23
94.199.200.0/22 maxlen: 22
94.199.205.0/24 maxlen: 24
94.199.204.0/24 maxlen: 24
94.199.206.0/24 maxlen: 24
94.199.207.0/24 maxlen: 24
141.98.204.0/22 maxlen: 22
88.218.129.0/24 maxlen: 24
88.218.128.0/24 maxlen: 24
5.253.140.0/22 maxlen: 22
152.89.36.0/22 maxlen: 22
37.230.104.0/21 maxlen: 21
37.230.106.0/23 maxlen: 23
37.230.110.0/23 maxlen: 23
92.119.76.0/22 maxlen: 22
178.157.8.0/21 maxlen: 21
185.99.196.0/22 maxlen: 22
185.15.40.0/22 maxlen: 22
31.207.84.0/24 maxlen: 24
31.207.83.0/24 maxlen: 24
31.207.85.0/24 maxlen: 24
31.207.80.0/24 maxlen: 24
31.207.82.0/24 maxlen: 24
31.207.81.0/24 maxlen: 24
31.207.87.0/24 maxlen: 24
31.207.86.0/24 maxlen: 24
213.159.0.0/21 maxlen: 21
213.159.28.0/22 maxlen: 22
213.159.31.0/24 maxlen: 24
171.22.184.0/22 maxlen: 22
109.232.216.0/21 maxlen: 21
109.232.216.0/23 maxlen: 23
109.232.219.0/24 maxlen: 24
109.232.218.0/24 maxlen: 24
109.232.222.0/24 maxlen: 24
109.232.221.0/24 maxlen: 24
109.232.223.0/24 maxlen: 24
2a03:adc0:1::/48 maxlen: 48
2a03:adc1::/32 maxlen: 32
2a03:adc0:2::/48 maxlen: 48
2a03:adc0::/48 maxlen: 48
2a03:adc2::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ae:76:7e:76:f7:6a:35:df:a4:e5:27:ad:c3:72:b6:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff8f94454f6ca6a7d70be455b2d6405f98fbcce
Validity
Not Before: Nov 25 11:05:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a49c3ffe228dfe4e6805ff8fbcc89ba10c8978a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f6:82:55:ed:ee:cf:6b:54:62:57:01:21:fb:
b8:64:ce:5a:ea:55:f7:e4:ed:43:34:d5:ec:36:3f:
08:26:f7:82:97:af:9b:6a:99:8e:24:29:d3:b2:85:
d9:54:1f:d8:37:91:d7:aa:ff:c3:57:70:bb:60:b6:
50:1d:34:af:98:71:a1:cf:96:9d:96:fa:d7:7c:98:
26:81:82:94:02:2d:d7:8c:90:29:54:9e:42:19:e5:
0a:29:a4:14:b6:e4:4f:3c:46:dd:64:77:5c:4c:30:
17:3f:66:b8:a4:7a:6c:29:41:c9:c2:53:86:52:49:
fe:59:7d:95:0c:5c:9b:32:35:01:d9:34:79:12:70:
b0:4a:f5:dd:6b:53:2b:71:0b:62:43:a7:14:2c:d4:
21:5d:73:db:16:fb:35:75:f6:d6:e2:4c:00:30:ae:
06:ff:6a:fa:a7:d8:8f:01:f0:59:09:74:38:4b:c8:
7c:46:3e:c3:4e:67:64:5a:4d:e3:bd:f5:20:58:ad:
e9:50:8d:2a:93:34:91:a1:0c:5e:1b:ac:05:cb:82:
81:a8:b4:7d:1c:2b:cd:ca:97:cd:84:da:6a:4a:45:
fd:df:cd:97:92:b0:c1:db:ce:91:39:4b:4e:6e:33:
72:66:19:b0:b5:23:30:c4:2f:95:0f:db:9e:d7:d9:
40:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:9C:3F:FE:22:8D:FE:4E:68:05:FF:8F:BC:C8:9B:A1:0C:89:78:A3
X509v3 Authority Key Identifier:
keyid:0F:F8:F9:44:54:F6:CA:6A:7D:70:BE:45:5B:2D:64:05:F9:8F:BC:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_j5RFT2ymp9cL5FWy1kBfmPvM4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1b1df-750a-4732-b783-e8619aa75680/1/pJw__iKN_k5oBf-PvMiboQyJeKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1b1df-750a-4732-b783-e8619aa75680/1/D_j5RFT2ymp9cL5FWy1kBfmPvM4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.140.0/22
31.207.80.0/21
37.230.104.0/21
88.218.128.0/23
92.119.76.0/22
94.199.200.0/21
109.232.216.0/21
141.98.204.0/22
152.89.36.0/22
171.22.184.0/22
178.157.8.0/21
185.15.40.0/22
185.99.196.0/22
213.159.0.0/21
213.159.28.0/22
IPv6:
2a03:adc0::-2a03:adc0:2:ffff:ffff:ffff:ffff:ffff
2a03:adc1::-2a03:adc2:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6d:0b:ac:23:4d:cd:b6:b8:ee:6c:00:ab:42:0d:e2:ad:96:19:
05:03:1a:e2:47:db:69:77:fb:33:98:0a:1b:32:9b:7b:6f:6b:
0f:f6:9e:3b:65:8e:fd:d5:04:28:65:00:b6:18:fa:ff:e7:bb:
3b:65:be:43:a3:ed:0a:6d:00:6f:5b:67:fc:98:a9:a8:3c:c0:
d7:cc:45:30:b0:b1:fd:a2:63:b6:3f:d5:da:af:b8:95:1c:53:
78:aa:70:7a:ca:b2:67:43:9f:a3:70:87:49:f7:94:c3:f8:7a:
e2:ae:9f:c2:71:42:94:33:85:f4:98:05:06:0c:be:d5:ca:0a:
c4:ca:e4:24:3c:9e:ad:4e:69:69:0b:42:68:70:13:13:61:4b:
8e:fc:c0:49:88:ca:54:71:9d:d5:69:36:fc:62:fe:4e:7d:1d:
42:14:ad:e6:17:b3:b7:f6:ef:cd:b7:4a:fe:07:9e:57:36:79:
c1:8d:39:bd:46:ea:87:0f:eb:c3:1e:04:92:7d:dc:2c:0d:7b:
61:43:15:61:82:9d:23:29:3f:98:91:34:b8:17:9a:d1:d7:c5:
97:65:5a:9b:f5:a3:e4:66:bd:f4:f4:14:69:a3:6b:a9:8d:16:
f2:48:06:e0:32:90:be:5e:23:be:c0:0d:48:64:c0:89:9b:4f:
a3:e2:fb:8f
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYSudn5292o136TlJ63DcrZiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjhmOTQ0NTRmNmNhNmE3ZDcwYmU0NTViMmQ2NDA1Zjk4
ZmJjY2UwHhcNMjIxMTI1MTEwNTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDljM2ZmZTIyOGRmZTRlNjgwNWZmOGZiY2M4OWJhMTBjODk3OGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvaCVe3uz2tUYlcBIfu4ZM5a6lX3
5O1DNNXsNj8IJveCl6+bapmOJCnTsoXZVB/YN5HXqv/DV3C7YLZQHTSvmHGhz5ad
lvrXfJgmgYKUAi3XjJApVJ5CGeUKKaQUtuRPPEbdZHdcTDAXP2a4pHpsKUHJwlOG
Ukn+WX2VDFybMjUB2TR5EnCwSvXda1MrcQtiQ6cULNQhXXPbFvs1dfbW4kwAMK4G
/2r6p9iPAfBZCXQ4S8h8Rj7DTmdkWk3jvfUgWK3pUI0qkzSRoQxeG6wFy4KBqLR9
HCvNypfNhNpqSkX9382XkrDB286ROUtObjNyZhmwtSMwxC+VD9ue19lAfQIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFKScP/4ijf5OaAX/j7zIm6EMiXijMB8GA1UdIwQY
MBaAFA/4+URU9spqfXC+RVstZAX5j7zOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9qNVJGVDJ5bXA5Y0w1Rld5MWtCZm1Qdk00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMWIxZGYtNzUwYS00NzMyLWI3ODMt
ZTg2MTlhYTc1NjgwLzEvcEp3X19pS05fazVvQmYtUHZNaWJvUXlKZUtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMWIxZGYtNzUwYS00NzMyLWI3ODMtZTg2MTlhYTc1Njgw
LzEvRF9qNVJGVDJ5bXA5Y0w1Rld5MWtCZm1Qdk00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDBgBAIAATBaAwQCBf2M
AwQDH89QAwQDJeZoAwQBWNqAAwQCXHdMAwQDXsfIAwQDbejYAwQCjWLMAwQCmFkk
AwQCqxa4AwQDsp0IAwQCuQ8oAwQCuWPEAwQD1Z8AAwQC1Z8cMCgEAgACMCIwEAMF
BioDrcADBwAqA63AAAIwDgMFACoDrcEDBQAqA63CMA0GCSqGSIb3DQEBCwUAA4IB
AQBtC6wjTc22uO5sAKtCDeKtlhkFAxriR9tpd/szmAobMpt7b2sP9p47ZY791QQo
ZQC2GPr/57s7Zb5Do+0KbQBvW2f8mKmoPMDXzEUwsLH9omO2P9Xar7iVHFN4qnB6
yrJnQ5+jcIdJ95TD+Hrirp/CcUKUM4X0mAUGDL7VygrEyuQkPJ6tTmlpC0JocBMT
YUuO/MBJiMpUcZ3VaTb8Yv5OfR1CFK3mF7O39u/Nt0r+B55XNnnBjTm9RuqHD+vD
HgSSfdwsDXthQxVhgp0jKT+YkTS4F5rR18WXZVqb9aPkZr309BRpo2upjRbySAbg
MpC+XiO+wA1IZMCJm0+j4vuP
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:16:53 2025 by rpki-client