Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/1-JmLWWIGdrN1I5-1sjk0cG3JL2g.roa
File: 1-JmLWWIGdrN1I5-1sjk0cG3JL2g.roa (raw, json)
Hash identifier: ceM//ypbNsBV62vWYsJXs9CjZLAti8Nf0IgtH1rZd44=
Subject key identifier: F8:99:8B:59:62:06:76:B3:75:23:9F:B5:B2:39:34:70:6D:C9:2F:68
Certificate issuer: /CN=002647c801fb58fcfaac135bb48f5e61fea7e566
Certificate serial: 0195C6DB844A69F9C24C949AF651ADAD9790
Authority key identifier: 00:26:47:C8:01:FB:58:FC:FA:AC:13:5B:B4:8F:5E:61:FE:A7:E5:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ACZHyAH7WPz6rBNbtI9eYf6n5WY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/1-JmLWWIGdrN1I5-1sjk0cG3JL2g.roa
Signing time: Mon 24 Mar 2025 06:33:49 +0000
ROA not before: Mon 24 Mar 2025 06:33:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30962
IP address blocks: 62.108.32.0/20 maxlen: 20
62.108.48.0/20 maxlen: 20
84.19.0.0/19 maxlen: 19
89.107.64.0/21 maxlen: 21
91.190.144.0/21 maxlen: 21
93.190.88.0/21 maxlen: 21
93.190.94.0/24 maxlen: 24
93.190.95.0/24 maxlen: 24
185.147.216.0/22 maxlen: 22
194.113.216.0/23 maxlen: 23
195.62.20.0/23 maxlen: 23
195.191.114.0/23 maxlen: 23
195.225.240.0/22 maxlen: 22
2a00:f70::/32 maxlen: 32
2a03:f200::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c6:db:84:4a:69:f9:c2:4c:94:9a:f6:51:ad:ad:97:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=002647c801fb58fcfaac135bb48f5e61fea7e566
Validity
Not Before: Mar 24 06:33:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f8998b59620676b375239fb5b23934706dc92f68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:8c:46:37:c9:33:0a:11:17:98:97:d0:a4:90:
28:45:95:6f:c9:a4:02:a3:47:0a:44:c0:10:23:64:
9a:7c:42:7b:06:e4:2e:38:6a:bd:f0:b5:2d:5c:57:
0c:bc:6e:66:83:b4:31:36:02:b5:77:3f:98:8c:73:
31:94:c4:0c:25:d5:43:22:e2:be:e7:18:e8:63:90:
a1:63:7d:80:a3:da:7a:80:6f:eb:e7:6a:c4:3b:e8:
46:c3:12:1b:f6:f3:52:f9:4e:af:b2:07:20:3d:f7:
d3:86:3c:e4:eb:aa:be:be:52:0b:54:61:cc:66:aa:
6f:de:72:6a:04:10:55:7e:70:53:d0:0b:f8:55:07:
2f:02:3e:ed:d7:48:a6:85:a2:af:a3:da:29:4e:6b:
c8:df:ba:1f:dc:55:f0:3b:30:29:85:fc:d1:5c:4e:
86:7c:3e:91:94:30:7d:ac:a3:25:56:ed:6c:ec:fd:
4d:d1:82:1d:7e:4d:c6:e3:78:eb:d9:41:43:4a:43:
80:95:1d:f6:d3:49:d5:36:16:7e:1b:13:a1:d6:27:
78:8d:01:a6:05:a7:0d:45:28:d4:c4:ae:70:fe:e3:
cd:de:51:dd:65:e6:1c:61:ea:58:91:26:a9:55:27:
8c:ba:78:95:a9:b1:79:8c:1d:f2:e9:d8:c2:c7:a8:
e5:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:99:8B:59:62:06:76:B3:75:23:9F:B5:B2:39:34:70:6D:C9:2F:68
X509v3 Authority Key Identifier:
keyid:00:26:47:C8:01:FB:58:FC:FA:AC:13:5B:B4:8F:5E:61:FE:A7:E5:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ACZHyAH7WPz6rBNbtI9eYf6n5WY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/1-JmLWWIGdrN1I5-1sjk0cG3JL2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/ACZHyAH7WPz6rBNbtI9eYf6n5WY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.108.32.0/19
84.19.0.0/19
89.107.64.0/21
91.190.144.0/21
93.190.88.0/21
185.147.216.0/22
194.113.216.0/23
195.62.20.0/23
195.191.114.0/23
195.225.240.0/22
IPv6:
2a00:f70::/32
2a03:f200::/32
Signature Algorithm: sha256WithRSAEncryption
56:2b:e0:ce:7e:f7:db:a9:0a:ba:02:d4:05:e6:d8:53:cc:69:
37:9f:1a:d1:c7:98:9f:b6:d3:3a:c2:7b:a3:1b:05:56:7d:fe:
45:a4:22:b3:13:6d:1b:9c:32:c1:07:26:b7:70:69:7b:e9:3b:
b0:38:66:9d:a0:5a:15:2a:0f:c3:a9:e8:b2:4d:a9:d6:51:bd:
e6:ff:5e:9d:41:c4:13:38:c8:94:f0:a1:1c:10:5b:f7:2f:02:
1c:64:ea:09:64:e1:de:88:14:3d:df:0f:d8:b6:73:30:63:bd:
7a:24:16:69:07:ca:cc:d6:c6:5c:d8:f0:9b:48:95:c1:3d:6e:
4a:dd:c6:fc:a3:9a:61:e1:4d:7f:2a:75:c0:b6:60:ee:18:b2:
04:01:79:e6:f3:8b:d7:aa:b2:24:67:61:f1:ab:77:68:76:df:
10:56:12:85:e6:d0:d5:d6:ac:ad:05:04:41:65:23:fd:8a:88:
4f:15:14:07:dd:53:ad:67:b5:77:44:ed:e6:02:69:d4:7d:b0:
54:25:96:73:0e:48:9d:62:be:50:fb:f7:b8:2b:d4:56:aa:d7:
21:f9:42:df:eb:a2:b7:ab:f7:11:d2:af:7a:fb:93:7f:f8:df:
c9:71:59:e3:a5:85:71:32:0f:aa:f8:e2:a6:c4:57:d0:05:b9:
5e:b6:07:71
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZXG24RKafnCTJSa9lGtrZeQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMjY0N2M4MDFmYjU4ZmNmYWFjMTM1YmI0OGY1ZTYxZmVh
N2U1NjYwHhcNMjUwMzI0MDYzMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODk5OGI1OTYyMDY3NmIzNzUyMzlmYjViMjM5MzQ3MDZkYzkyZjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIxGN8kzChEXmJfQpJAoRZVvyaQC
o0cKRMAQI2SafEJ7BuQuOGq98LUtXFcMvG5mg7QxNgK1dz+YjHMxlMQMJdVDIuK+
5xjoY5ChY32Ao9p6gG/r52rEO+hGwxIb9vNS+U6vsgcgPffThjzk66q+vlILVGHM
Zqpv3nJqBBBVfnBT0Av4VQcvAj7t10imhaKvo9opTmvI37of3FXwOzAphfzRXE6G
fD6RlDB9rKMlVu1s7P1N0YIdfk3G43jr2UFDSkOAlR3200nVNhZ+GxOh1id4jQGm
BacNRSjUxK5w/uPN3lHdZeYcYepYkSapVSeMuniVqbF5jB3y6djCx6jlAwIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFPiZi1liBnazdSOftbI5NHBtyS9oMB8GA1UdIwQY
MBaAFAAmR8gB+1j8+qwTW7SPXmH+p+VmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUNaSHlBSDdXUHo2ckJOYnRJOWVZZjZuNVdZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jZmMwNmYtODJiZS00OWZiLWJjODIt
OTRlZmJmNWNlY2Q0LzEvMS1KbUxXV0lHZHJOMUk1LTFzamswY0czSkwyZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjQvY2ZjMDZmLTgyYmUtNDlmYi1iYzgyLTk0ZWZiZjVjZWNk
NC8xL0FDWkh5QUg3V1B6NnJCTmJ0STllWWY2bjVXWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBrBggrBgEFBQcBBwEB/wRcMFowQgQCAAEwPAMEBT5sIAME
BVQTAAMEA1lrQAMEA1u+kAMEA12+WAMEArmT2AMEAcJx2AMEAcM+FAMEAcO/cgME
AsPh8DAUBAIAAjAOAwUAKgAPcAMFACoD8gAwDQYJKoZIhvcNAQELBQADggEBAFYr
4M5+99upCroC1AXm2FPMaTefGtHHmJ+20zrCe6MbBVZ9/kWkIrMTbRucMsEHJrdw
aXvpO7A4Zp2gWhUqD8Op6LJNqdZRveb/Xp1BxBM4yJTwoRwQW/cvAhxk6glk4d6I
FD3fD9i2czBjvXokFmkHyszWxlzY8JtIlcE9bkrdxvyjmmHhTX8qdcC2YO4YsgQB
eebzi9eqsiRnYfGrd2h23xBWEoXm0NXWrK0FBEFlI/2KiE8VFAfdU61ntXdE7eYC
adR9sFQllnMOSJ1ivlD797gr1Faq1yH5Qt/rorer9xHSr3r7k3/438lxWeOlhXEy
D6r44qbEV9AFuV62B3E=
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:09 2025 by rpki-client