Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/7lhL-CjhVfYGUdKFoWx8XYf7ZHA.roa
File: 7lhL-CjhVfYGUdKFoWx8XYf7ZHA.roa (raw, json)
Hash identifier: nh5pX/PNQkcUEZRaY/5xbQr4BLmvHwm2NJlQBQhR+gA=
Subject key identifier: EE:58:4B:F8:28:E1:55:F6:06:51:D2:85:A1:6C:7C:5D:87:FB:64:70
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 019425FCAF7F0314B8ED711F7E2356E9A5D0
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/7lhL-CjhVfYGUdKFoWx8XYf7ZHA.roa
Signing time: Thu 02 Jan 2025 07:48:24 +0000
ROA not before: Thu 02 Jan 2025 07:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57367
IP address blocks: 31.186.80.0/21 maxlen: 21
77.79.227.0/24 maxlen: 24
77.79.248.0/24 maxlen: 24
77.79.250.0/24 maxlen: 24
85.194.240.0/22 maxlen: 22
85.194.242.0/24 maxlen: 24
85.194.244.0/22 maxlen: 22
85.194.246.0/24 maxlen: 24
85.194.247.0/24 maxlen: 24
85.232.241.0/24 maxlen: 24
91.185.184.0/24 maxlen: 24
91.185.185.0/24 maxlen: 24
91.185.186.0/24 maxlen: 24
91.185.187.0/24 maxlen: 24
91.185.188.0/24 maxlen: 24
91.185.189.0/24 maxlen: 24
91.185.190.0/24 maxlen: 24
91.185.191.0/24 maxlen: 24
128.204.216.0/24 maxlen: 24
128.204.217.0/24 maxlen: 24
128.204.218.0/24 maxlen: 24
128.204.219.0/24 maxlen: 24
128.204.220.0/22 maxlen: 22
128.204.220.0/24 maxlen: 24
128.204.221.0/24 maxlen: 24
128.204.222.0/24 maxlen: 24
128.204.223.0/24 maxlen: 24
185.36.168.0/22 maxlen: 22
195.167.156.0/24 maxlen: 24
195.167.157.0/24 maxlen: 24
195.167.159.0/24 maxlen: 24
206.252.232.0/24 maxlen: 24
206.252.251.0/24 maxlen: 24
212.91.26.0/24 maxlen: 24
212.91.27.0/24 maxlen: 24
213.189.52.0/24 maxlen: 24
213.189.53.0/24 maxlen: 24
213.189.54.0/24 maxlen: 24
213.189.55.0/24 maxlen: 24
213.189.56.0/24 maxlen: 24
213.189.58.0/24 maxlen: 24
2001:1a68:19::/48 maxlen: 48
2001:1a68:1a::/48 maxlen: 48
2001:1a68:ec00::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:af:7f:03:14:b8:ed:71:1f:7e:23:56:e9:a5:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Jan 2 07:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee584bf828e155f60651d285a16c7c5d87fb6470
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:76:b4:a5:f8:9d:08:52:77:dc:c8:d3:3c:38:
6a:f1:90:0c:08:5b:84:18:38:bb:4e:40:45:99:ee:
bd:04:c3:02:64:e6:1e:ab:83:47:03:a1:03:ce:70:
68:bd:6e:fd:66:d7:89:08:5f:55:0f:27:c3:36:1c:
ca:cd:96:11:2b:90:0e:d8:1a:24:9b:7b:18:17:0e:
c8:a2:ab:43:5e:9b:33:78:f6:50:cb:2e:bc:72:56:
8b:99:15:f9:58:39:8a:94:06:d9:5e:78:66:15:c4:
e8:7d:d5:57:19:14:35:11:28:78:7e:1c:ec:64:f8:
aa:03:e0:c5:27:8c:f0:1b:21:94:9e:cf:c2:a5:d6:
61:02:88:5d:21:40:11:d2:55:30:73:ee:dd:d3:f1:
77:b1:b2:3b:79:0a:19:1b:4c:fe:6d:b2:13:0e:cb:
52:38:e8:ea:48:b9:14:62:6c:a3:42:e3:82:af:a1:
bc:4f:9f:ec:ff:e9:54:98:fa:81:66:81:cf:cb:b5:
33:5e:ba:5c:39:e3:c9:c3:57:e2:6f:69:02:e5:de:
07:96:74:cf:08:26:cc:ff:eb:c7:65:62:6d:09:a4:
96:a0:75:fa:cc:5b:a8:f2:df:1b:1a:a8:e7:35:fd:
b8:8e:36:03:64:27:39:a8:00:d3:c0:54:67:37:c6:
46:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:58:4B:F8:28:E1:55:F6:06:51:D2:85:A1:6C:7C:5D:87:FB:64:70
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/7lhL-CjhVfYGUdKFoWx8XYf7ZHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.80.0/21
77.79.227.0/24
77.79.248.0/24
77.79.250.0/24
85.194.240.0/21
85.232.241.0/24
91.185.184.0/21
128.204.216.0/21
185.36.168.0/22
195.167.156.0/23
195.167.159.0/24
206.252.232.0/24
206.252.251.0/24
212.91.26.0/23
213.189.52.0-213.189.56.255
213.189.58.0/24
IPv6:
2001:1a68:19::-2001:1a68:1a:ffff:ffff:ffff:ffff:ffff
2001:1a68:ec00::/40
Signature Algorithm: sha256WithRSAEncryption
8c:09:f7:0f:0a:4d:bf:82:aa:2c:30:f3:ca:20:92:0b:37:24:
0f:c5:52:4a:26:35:56:3b:b0:bc:25:78:f2:1a:12:b2:20:75:
e3:d5:11:7e:85:1f:55:99:52:f2:58:69:5f:2e:05:ea:47:5d:
4b:ec:73:59:0b:03:4d:b9:da:67:0c:b0:70:4b:6b:6b:1a:bc:
5d:cb:3f:ee:a9:c6:5d:1f:1b:b4:b4:1e:3a:22:e3:69:d0:e5:
f0:12:72:6c:b8:1f:32:2e:3c:c6:db:f1:78:36:4e:4f:5a:2a:
37:9f:3e:5f:f6:81:06:eb:25:45:4b:44:e4:e8:6b:73:5b:c4:
e0:9d:65:e0:dd:6d:45:9d:aa:00:f7:44:1f:05:d7:43:c4:73:
de:18:37:c4:0b:8a:58:dd:6c:00:57:92:55:e8:dc:92:6c:50:
e1:01:80:3b:41:b4:a5:44:51:71:62:1e:80:07:13:32:94:09:
e7:22:2d:32:77:f1:95:00:4c:56:ba:cd:d7:63:f6:88:ce:82:
af:ad:6e:78:63:d1:32:cd:69:5d:3b:6e:3e:45:f0:9c:eb:19:
32:fe:e7:e9:56:6f:4e:ae:f9:d6:78:a0:b8:ce:66:46:67:e6:
43:41:be:9e:3f:86:71:ed:e4:0d:54:b8:d3:13:cc:5a:05:fc:
d0:6a:7e:c9
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZQl/K9/AxS47XEffiNW6aXQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzUxMGZjOWI4NjVkOTZlM2FmYzdjNTYwNTZlZmFkOWEz
MzBjNWIwHhcNMjUwMTAyMDc0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTU4NGJmODI4ZTE1NWY2MDY1MWQyODVhMTZjN2M1ZDg3ZmI2NDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHa0pfidCFJ33MjTPDhq8ZAMCFuE
GDi7TkBFme69BMMCZOYeq4NHA6EDznBovW79ZteJCF9VDyfDNhzKzZYRK5AO2Bok
m3sYFw7IoqtDXpszePZQyy68claLmRX5WDmKlAbZXnhmFcTofdVXGRQ1ESh4fhzs
ZPiqA+DFJ4zwGyGUns/CpdZhAohdIUAR0lUwc+7d0/F3sbI7eQoZG0z+bbITDstS
OOjqSLkUYmyjQuOCr6G8T5/s/+lUmPqBZoHPy7UzXrpcOePJw1fib2kC5d4HlnTP
CCbM/+vHZWJtCaSWoHX6zFuo8t8bGqjnNf24jjYDZCc5qADTwFRnN8ZGdQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFO5YS/go4VX2BlHShaFsfF2H+2RwMB8GA1UdIwQY
MBaAFGjFEPybhl2W46/HxWBW762aMwxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEt
NWQ2NjVlOTk4ZjZhLzEvN2xoTC1DamhWZllHVWRLRm9XeDhYWWY3WkhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEtNWQ2NjVlOTk4ZjZh
LzEvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDBuBAIAATBoAwQDH7pQ
AwQATU/jAwQATU/4AwQATU/6AwQDVcLwAwQAVejxAwQDW7m4AwQDgMzYAwQCuSSo
AwQBw6ecAwQAw6efAwQAzvzoAwQAzvz7AwQB1FsaMAwDBALVvTQDBADVvTgDBADV
vTowIgQCAAIwHDASAwcAIAEaaAAZAwcAIAEaaAAaAwYAIAEaaOwwDQYJKoZIhvcN
AQELBQADggEBAIwJ9w8KTb+Cqiww88ogkgs3JA/FUkomNVY7sLwlePIaErIgdePV
EX6FH1WZUvJYaV8uBepHXUvsc1kLA0252mcMsHBLa2savF3LP+6pxl0fG7S0Hjoi
42nQ5fAScmy4HzIuPMbb8Xg2Tk9aKjefPl/2gQbrJUVLROToa3NbxOCdZeDdbUWd
qgD3RB8F10PEc94YN8QLiljdbABXklXo3JJsUOEBgDtBtKVEUXFiHoAHEzKUCeci
LTJ38ZUATFa6zddj9ojOgq+tbnhj0TLNaV07bj5F8JzrGTL+5+lWb06u+dZ4oLjO
ZkZn5kNBvp4/hnHt5A1UuNMTzFoF/NBqfsk=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:40:04 2025 by rpki-client