Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/miGTaFk5Cl8OYVzdHPitg-4uIW0.roa
File: miGTaFk5Cl8OYVzdHPitg-4uIW0.roa (raw, json)
Hash identifier: AGqT78lBpkV9yA91ZQMLyqGPYCLhxFGELYf24q65eEw=
Subject key identifier: 9A:21:93:68:59:39:0A:5F:0E:61:5C:DD:1C:F8:AD:83:EE:2E:21:6D
Certificate issuer: /CN=9d23f4cb4bab5c10801a770658df891cfb8c68c6
Certificate serial: 01954E0EECC0D8FEE46CB6447C6AD81715A6
Authority key identifier: 9D:23:F4:CB:4B:AB:5C:10:80:1A:77:06:58:DF:89:1C:FB:8C:68:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSP0y0urXBCAGncGWN-JHPuMaMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/miGTaFk5Cl8OYVzdHPitg-4uIW0.roa
Signing time: Fri 28 Feb 2025 19:35:55 +0000
ROA not before: Fri 28 Feb 2025 19:35:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 37.72.168.0/21 maxlen: 32
37.72.170.0/23 maxlen: 23
37.72.170.0/24 maxlen: 24
37.72.171.0/24 maxlen: 24
37.72.172.0/23 maxlen: 23
37.72.174.0/23 maxlen: 23
45.158.36.0/23 maxlen: 32
45.158.38.0/24 maxlen: 24
45.158.39.0/24 maxlen: 24
46.21.144.0/20 maxlen: 32
46.21.144.0/24 maxlen: 24
46.21.145.0/24 maxlen: 24
46.21.146.0/24 maxlen: 24
46.21.147.0/24 maxlen: 24
46.21.148.0/24 maxlen: 24
46.21.150.0/24 maxlen: 24
46.21.151.0/24 maxlen: 24
46.21.152.0/24 maxlen: 24
46.21.153.0/24 maxlen: 24
46.21.156.0/24 maxlen: 24
46.21.157.0/24 maxlen: 24
46.21.158.0/23 maxlen: 23
89.233.104.0/21 maxlen: 24
89.233.104.0/24 maxlen: 24
89.233.105.0/24 maxlen: 24
89.233.106.0/24 maxlen: 24
89.233.107.0/24 maxlen: 24
94.100.16.0/20 maxlen: 32
94.100.16.0/24 maxlen: 24
94.100.17.0/24 maxlen: 24
94.100.18.0/24 maxlen: 24
94.100.19.0/24 maxlen: 24
94.100.20.0/24 maxlen: 24
94.100.21.0/24 maxlen: 24
94.100.22.0/24 maxlen: 24
94.100.23.0/24 maxlen: 24
94.100.24.0/24 maxlen: 24
94.100.25.0/24 maxlen: 24
94.100.26.0/24 maxlen: 24
94.100.27.0/24 maxlen: 24
94.100.28.0/24 maxlen: 24
94.100.29.0/24 maxlen: 24
94.100.30.0/24 maxlen: 24
94.100.31.0/24 maxlen: 24
149.255.32.0/21 maxlen: 32
149.255.35.0/24 maxlen: 24
149.255.36.0/24 maxlen: 32
149.255.37.0/24 maxlen: 24
149.255.38.0/24 maxlen: 24
149.255.39.0/24 maxlen: 24
178.236.176.0/21 maxlen: 24
178.236.181.0/24 maxlen: 24
178.236.182.0/24 maxlen: 24
178.236.185.0/24 maxlen: 24
178.236.186.0/24 maxlen: 24
178.236.187.0/24 maxlen: 24
194.126.172.0/22 maxlen: 24
194.126.172.0/24 maxlen: 24
194.126.173.0/24 maxlen: 24
194.126.175.0/24 maxlen: 24
195.242.152.0/23 maxlen: 24
195.242.153.0/24 maxlen: 24
217.79.240.0/20 maxlen: 24
217.79.240.0/24 maxlen: 24
217.79.242.0/23 maxlen: 24
2a02:748::/32 maxlen: 48
2a02:748::/35 maxlen: 35
2a02:748:6000::/48 maxlen: 48
2a02:748:c000::/35 maxlen: 35
2a02:748:e000::/35 maxlen: 35
2a02:748:f000::/36 maxlen: 36
2a0f:5180::/29 maxlen: 48
2a0f:5180::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4e:0e:ec:c0:d8:fe:e4:6c:b6:44:7c:6a:d8:17:15:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d23f4cb4bab5c10801a770658df891cfb8c68c6
Validity
Not Before: Feb 28 19:35:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a21936859390a5f0e615cdd1cf8ad83ee2e216d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:9d:d4:f4:04:20:fc:0e:6e:80:ae:85:5f:b6:
4c:f7:a6:29:93:86:32:45:46:aa:c0:04:10:d2:2d:
91:e5:67:6d:53:5f:aa:4d:f0:64:83:0a:c9:1b:31:
82:e3:5a:aa:6e:ba:1c:3c:c7:2e:12:b8:66:e6:ee:
8f:6a:ff:d6:dc:e4:e2:a7:76:a3:23:3c:25:fb:ab:
88:da:d3:54:3b:77:9f:b2:a3:95:60:8c:f0:64:c7:
9f:e9:39:7f:d4:76:a1:92:f4:ae:60:8e:20:cc:6a:
26:df:d2:93:8c:90:fe:25:7d:90:d1:cb:86:19:8b:
28:c5:53:23:25:c6:99:74:66:79:b5:34:0e:16:45:
30:fb:64:35:30:da:2a:ed:69:f7:aa:07:77:df:72:
91:9a:a5:e0:9b:c7:a9:91:71:b4:9a:fa:f8:d2:25:
2b:d9:87:5b:14:d1:bc:83:94:32:e0:f3:20:43:0b:
e4:a9:76:15:8d:38:80:8b:29:04:d9:c8:33:b2:d5:
27:81:a5:bc:4b:47:b5:4e:07:63:f2:6f:8d:d8:93:
1b:cd:68:d4:6a:5c:de:a5:80:fe:57:6f:25:2b:dc:
fa:e1:3a:58:26:28:19:2e:5a:20:e9:2b:13:89:23:
8f:a3:e8:e4:0c:ef:e3:bc:14:32:48:11:87:9b:ae:
7c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:21:93:68:59:39:0A:5F:0E:61:5C:DD:1C:F8:AD:83:EE:2E:21:6D
X509v3 Authority Key Identifier:
keyid:9D:23:F4:CB:4B:AB:5C:10:80:1A:77:06:58:DF:89:1C:FB:8C:68:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSP0y0urXBCAGncGWN-JHPuMaMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/miGTaFk5Cl8OYVzdHPitg-4uIW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/nSP0y0urXBCAGncGWN-JHPuMaMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.168.0/21
45.158.36.0/22
46.21.144.0/20
89.233.104.0/21
94.100.16.0/20
149.255.32.0/21
178.236.176.0/21
178.236.185.0-178.236.187.255
194.126.172.0/22
195.242.152.0/23
217.79.240.0/20
IPv6:
2a02:748::/32
2a0f:5180::/29
Signature Algorithm: sha256WithRSAEncryption
d6:8b:33:47:26:db:8e:7d:dd:5c:cc:75:93:46:3c:7a:a2:3c:
8f:3a:72:e6:86:fb:3a:a7:4d:31:71:c8:11:b3:be:c7:8d:3e:
c8:97:a2:db:74:f3:26:65:df:3a:35:2f:44:80:39:c2:06:cc:
18:58:ac:b4:4a:e2:80:f8:71:f5:44:99:42:53:e2:e7:7e:80:
a9:29:fd:f0:5e:d7:2c:31:17:57:0f:09:13:af:e2:36:c8:cc:
0c:a5:57:f6:5f:a0:a0:70:b0:8d:86:46:fa:b4:3c:fa:05:13:
8e:4c:a8:37:04:55:b0:ef:cb:41:5e:3d:d5:4b:3b:de:76:d7:
79:ff:fc:13:40:f8:4e:5d:40:16:6f:f8:9c:1a:f8:10:26:e0:
d2:6b:b9:5c:7c:db:1e:7b:85:84:c0:a4:6c:73:39:f6:9d:46:
50:51:4c:9b:4d:55:1d:0c:01:92:29:4c:64:9b:05:1e:a3:a3:
ee:a1:a0:ec:4c:1e:49:bf:29:80:17:9a:da:5c:b5:e4:a5:ae:
dd:2d:fe:fa:b0:6a:46:90:41:0a:5a:37:b9:ee:f6:4d:b1:e7:
bb:cb:1f:82:e0:20:11:2c:ca:c6:31:dc:9a:6a:e3:72:79:e9:
39:e4:2e:3a:80:f8:c9:8f:b1:21:29:c0:c8:33:41:88:0f:30:
d2:19:ce:89
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZVODuzA2P7kbLZEfGrYFxWmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjNmNGNiNGJhYjVjMTA4MDFhNzcwNjU4ZGY4OTFjZmI4
YzY4YzYwHhcNMjUwMjI4MTkzNTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTIxOTM2ODU5MzkwYTVmMGU2MTVjZGQxY2Y4YWQ4M2VlMmUyMTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7J3U9AQg/A5ugK6FX7ZM96Ypk4Yy
RUaqwAQQ0i2R5WdtU1+qTfBkgwrJGzGC41qqbrocPMcuErhm5u6Pav/W3OTip3aj
Izwl+6uI2tNUO3efsqOVYIzwZMef6Tl/1HahkvSuYI4gzGom39KTjJD+JX2Q0cuG
GYsoxVMjJcaZdGZ5tTQOFkUw+2Q1MNoq7Wn3qgd333KRmqXgm8epkXG0mvr40iUr
2YdbFNG8g5Qy4PMgQwvkqXYVjTiAiykE2cgzstUngaW8S0e1Tgdj8m+N2JMbzWjU
alzepYD+V28lK9z64TpYJigZLlog6SsTiSOPo+jkDO/jvBQySBGHm658xwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFJohk2hZOQpfDmFc3Rz4rYPuLiFtMB8GA1UdIwQY
MBaAFJ0j9MtLq1wQgBp3BljfiRz7jGjGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNQMHkwdXJYQkNBR25jR1dOLUpIUHVNYU1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZWNhNGQtM2EyZS00YTg0LWE3ODkt
MDE1NzdhOTI3ZmE5LzEvbWlHVGFGazVDbDhPWVZ6ZEhQaXRnLTR1SVcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZWNhNGQtM2EyZS00YTg0LWE3ODktMDE1NzdhOTI3ZmE5
LzEvblNQMHkwdXJYQkNBR25jR1dOLUpIUHVNYU1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBQBAIAATBKAwQDJUioAwQC
LZ4kAwQELhWQAwQDWeloAwQEXmQQAwQDlf8gAwQDsuywMAwDBACy7LkDBAKy7LgD
BALCfqwDBAHD8pgDBATZT/AwFAQCAAIwDgMFACoCB0gDBQMqD1GAMA0GCSqGSIb3
DQEBCwUAA4IBAQDWizNHJtuOfd1czHWTRjx6ojyPOnLmhvs6p00xccgRs77HjT7I
l6LbdPMmZd86NS9EgDnCBswYWKy0SuKA+HH1RJlCU+LnfoCpKf3wXtcsMRdXDwkT
r+I2yMwMpVf2X6CgcLCNhkb6tDz6BROOTKg3BFWw78tBXj3VSzvedtd5//wTQPhO
XUAWb/icGvgQJuDSa7lcfNsee4WEwKRsczn2nUZQUUybTVUdDAGSKUxkmwUeo6Pu
oaDsTB5JvymAF5raXLXkpa7dLf76sGpGkEEKWje57vZNsee7yx+C4CARLMrGMdya
auNyeek55C46gPjJj7EhKcDIM0GIDzDSGc6J
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:23:24 2025 by rpki-client