Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/CcbL2suikwKGAhya-UWTND6NZ-8.roa
File: CcbL2suikwKGAhya-UWTND6NZ-8.roa (raw, json)
Hash identifier: oOLlZv9fktDSkNEJWYkIbxLGMe1qA0jO7UZ2EmxdF3k=
Subject key identifier: 09:C6:CB:DA:CB:A2:93:02:86:02:1C:9A:F9:45:93:34:3E:8D:67:EF
Certificate issuer: /CN=ba0d738dd28ff2549456ce66e744898372fc503d
Certificate serial: 01942067E3DB4298169857694AC4B0C26A4A
Authority key identifier: BA:0D:73:8D:D2:8F:F2:54:94:56:CE:66:E7:44:89:83:72:FC:50:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ug1zjdKP8lSUVs5m50SJg3L8UD0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/CcbL2suikwKGAhya-UWTND6NZ-8.roa
Signing time: Wed 01 Jan 2025 05:47:46 +0000
ROA not before: Wed 01 Jan 2025 05:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31229
IP address blocks: 5.149.160.0/21 maxlen: 21
5.149.165.0/24 maxlen: 24
46.245.192.0/22 maxlen: 22
46.245.192.0/24 maxlen: 24
46.245.193.0/24 maxlen: 24
46.245.194.0/24 maxlen: 24
46.245.195.0/24 maxlen: 24
46.245.196.0/22 maxlen: 22
91.102.112.0/21 maxlen: 21
92.43.112.0/21 maxlen: 21
109.205.48.0/21 maxlen: 21
109.205.55.0/24 maxlen: 24
178.216.200.0/21 maxlen: 21
185.23.20.0/22 maxlen: 22
185.23.20.0/24 maxlen: 24
185.23.21.0/24 maxlen: 24
185.23.22.0/24 maxlen: 24
185.23.23.0/24 maxlen: 24
185.49.148.0/23 maxlen: 23
185.49.150.0/23 maxlen: 23
193.29.205.0/24 maxlen: 24
193.187.64.0/24 maxlen: 24
193.187.66.0/23 maxlen: 23
193.187.68.0/23 maxlen: 23
193.187.70.0/24 maxlen: 24
193.187.71.0/24 maxlen: 24
194.50.186.0/24 maxlen: 24
2001:67c:6c8::/48 maxlen: 48
2a02:950::/32 maxlen: 32
2a02:951::/32 maxlen: 32
2a02:952::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:e3:db:42:98:16:98:57:69:4a:c4:b0:c2:6a:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba0d738dd28ff2549456ce66e744898372fc503d
Validity
Not Before: Jan 1 05:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=09c6cbdacba2930286021c9af94593343e8d67ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:3b:8f:d6:b7:b0:79:9f:75:ff:68:0a:43:ac:
f0:5e:69:c1:09:87:62:a2:52:0c:9b:c8:bc:05:7a:
4f:9a:b8:c3:5b:64:2b:3a:20:0f:c4:16:eb:47:81:
e0:eb:0a:01:05:29:f5:bd:82:e8:8f:86:ec:33:57:
ba:b8:5e:04:36:ac:3b:05:8d:8e:cd:c4:41:86:48:
15:2e:37:1b:88:25:8d:fc:46:67:1f:f7:8b:0f:10:
dc:21:76:e3:7e:83:69:d3:e8:86:b5:b3:f7:5c:9d:
57:7a:80:8f:49:96:c7:12:a8:80:9f:b8:29:e1:b4:
86:be:a5:26:68:23:bf:75:7b:87:ec:0c:c0:eb:d5:
fb:0e:62:a2:1a:d3:80:bf:06:bd:44:b9:29:72:a1:
2a:bc:46:df:19:26:64:81:d0:44:b0:2d:fa:f4:fd:
43:4d:75:9a:1c:8f:e0:23:27:8d:39:45:ff:07:49:
cc:57:26:1c:62:d6:60:6d:3e:84:b0:36:f8:70:ed:
15:47:d8:f9:26:de:5d:1e:f8:39:d4:3d:21:55:c4:
06:a6:fb:cc:9b:f0:2a:1d:43:76:0c:3b:bc:94:86:
eb:18:24:7d:b8:47:99:e1:10:5c:6d:66:0e:a7:bc:
9f:45:53:a0:0e:c3:72:4d:02:f1:fb:38:cb:e0:bb:
17:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:C6:CB:DA:CB:A2:93:02:86:02:1C:9A:F9:45:93:34:3E:8D:67:EF
X509v3 Authority Key Identifier:
keyid:BA:0D:73:8D:D2:8F:F2:54:94:56:CE:66:E7:44:89:83:72:FC:50:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ug1zjdKP8lSUVs5m50SJg3L8UD0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/CcbL2suikwKGAhya-UWTND6NZ-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/ug1zjdKP8lSUVs5m50SJg3L8UD0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.160.0/21
46.245.192.0/21
91.102.112.0/21
92.43.112.0/21
109.205.48.0/21
178.216.200.0/21
185.23.20.0/22
185.49.148.0/22
193.29.205.0/24
193.187.64.0/24
193.187.66.0-193.187.71.255
194.50.186.0/24
IPv6:
2001:67c:6c8::/48
2a02:950::-2a02:952:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b5:38:15:95:f9:99:6e:a1:fe:ea:5f:0a:2e:47:13:16:0b:25:
7a:3e:45:51:95:80:eb:ab:8a:64:09:37:ef:d1:ea:0c:b7:0d:
d5:70:08:2b:18:ee:12:e8:15:58:3e:9e:bd:28:21:1c:c0:0f:
b8:ed:1e:c1:f3:32:0a:81:28:2d:16:7c:16:e9:8e:e3:4d:15:
f6:57:30:df:bf:84:04:1c:ce:0a:82:47:c1:ec:9d:ce:5c:44:
21:ec:b8:a9:1f:8f:18:27:fa:4c:72:bb:2b:7a:8d:85:25:46:
28:f0:e4:b8:bf:52:c1:63:e4:9f:19:8c:08:4c:a1:58:e4:95:
d7:9a:7b:4b:f4:d6:dc:17:ce:4d:0e:79:41:2a:c1:c8:f9:bb:
ec:b0:8b:11:8b:3b:10:84:da:ea:3f:d2:8c:fb:aa:76:01:83:
e7:16:9f:1e:26:e2:dc:52:3e:7a:a8:a9:8d:17:68:8d:2c:77:
02:1c:61:e3:f5:a9:61:9d:4d:ae:fe:bb:e0:4a:33:eb:6c:ed:
2d:e7:3f:7b:52:c0:99:5e:b6:7b:10:24:d2:1a:cd:d7:a9:c0:
79:a3:51:d0:d8:49:5b:37:81:9d:e9:12:fa:fe:35:b8:a1:c9:
c5:40:40:c0:30:5c:2d:6c:01:13:3b:0f:4e:46:32:bb:05:f6:
07:f1:67:10
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAZQgZ+PbQpgWmFdpSsSwwmpKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMGQ3MzhkZDI4ZmYyNTQ5NDU2Y2U2NmU3NDQ4OTgzNzJm
YzUwM2QwHhcNMjUwMTAxMDU0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWM2Y2JkYWNiYTI5MzAyODYwMjFjOWFmOTQ1OTMzNDNlOGQ2N2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjuP1reweZ91/2gKQ6zwXmnBCYdi
olIMm8i8BXpPmrjDW2QrOiAPxBbrR4Hg6woBBSn1vYLoj4bsM1e6uF4ENqw7BY2O
zcRBhkgVLjcbiCWN/EZnH/eLDxDcIXbjfoNp0+iGtbP3XJ1XeoCPSZbHEqiAn7gp
4bSGvqUmaCO/dXuH7AzA69X7DmKiGtOAvwa9RLkpcqEqvEbfGSZkgdBEsC369P1D
TXWaHI/gIyeNOUX/B0nMVyYcYtZgbT6EsDb4cO0VR9j5Jt5dHvg51D0hVcQGpvvM
m/AqHUN2DDu8lIbrGCR9uEeZ4RBcbWYOp7yfRVOgDsNyTQLx+zjL4LsXAQIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFAnGy9rLopMChgIcmvlFkzQ+jWfvMB8GA1UdIwQY
MBaAFLoNc43Sj/JUlFbOZudEiYNy/FA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWcxempkS1A4bFNVVnM1bTUwU0pnM0w4VUQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8xY2Q3NmMtMDIwMS00NzAzLThlZDYt
YmViNmRhMDM3NTVlLzEvQ2NiTDJzdWlrd0tHQWh5YS1VV1RORDZOWi04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8xY2Q3NmMtMDIwMS00NzAzLThlZDYtYmViNmRhMDM3NTVl
LzEvdWcxempkS1A4bFNVVnM1bTUwU0pnM0w4VUQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwVgQCAAEwUAMEAwWVoAME
Ay71wAMEA1tmcAMEA1wrcAMEA23NMAMEA7LYyAMEArkXFAMEArkxlAMEAMEdzQME
AMG7QDAMAwQBwbtCAwQDwbtAAwQAwjK6MB8EAgACMBkDBwAgAQZ8BsgwDgMFBCoC
CVADBQAqAglSMA0GCSqGSIb3DQEBCwUAA4IBAQC1OBWV+Zluof7qXwouRxMWCyV6
PkVRlYDrq4pkCTfv0eoMtw3VcAgrGO4S6BVYPp69KCEcwA+47R7B8zIKgSgtFnwW
6Y7jTRX2VzDfv4QEHM4KgkfB7J3OXEQh7LipH48YJ/pMcrsreo2FJUYo8OS4v1LB
Y+SfGYwITKFY5JXXmntL9NbcF85NDnlBKsHI+bvssIsRizsQhNrqP9KM+6p2AYPn
Fp8eJuLcUj56qKmNF2iNLHcCHGHj9alhnU2u/rvgSjPrbO0t5z97UsCZXrZ7ECTS
Gs3XqcB5o1HQ2ElbN4Gd6RL6/jW4ocnFQEDAMFwtbAETOw9ORjK7BfYH8WcQ
-----END CERTIFICATE-----
Generated at Wed Apr 9 21:51:15 2025 by rpki-client