Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/empt_DtsxXPAB8Pr68RMQjz57Hk.roa
File: empt_DtsxXPAB8Pr68RMQjz57Hk.roa (raw, json)
Hash identifier: NP64KpVgnNbjP2xtIMghVQIieRDbN+Hw1J+jKW8Qdjw=
Subject key identifier: 7A:6A:6D:FC:3B:6C:C5:73:C0:07:C3:EB:EB:C4:4C:42:3C:F9:EC:79
Certificate issuer: /CN=63444210ea08ac529878d51917e3b30054d620d1
Certificate serial: 019425FDC677C766F0341EB6DF127F853364
Authority key identifier: 63:44:42:10:EA:08:AC:52:98:78:D5:19:17:E3:B3:00:54:D6:20:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y0RCEOoIrFKYeNUZF-OzAFTWINE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/empt_DtsxXPAB8Pr68RMQjz57Hk.roa
Signing time: Thu 02 Jan 2025 07:49:35 +0000
ROA not before: Thu 02 Jan 2025 07:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30722
IP address blocks: 2.32.0.0/16 maxlen: 20
2.33.0.0/17 maxlen: 17
2.33.128.0/17 maxlen: 17
2.33.176.0/20 maxlen: 20
2.34.0.0/15 maxlen: 20
2.36.0.0/14 maxlen: 18
2.40.0.0/16 maxlen: 20
2.41.0.0/16 maxlen: 16
2.42.0.0/16 maxlen: 20
2.43.0.0/16 maxlen: 16
2.44.0.0/16 maxlen: 19
2.45.0.0/16 maxlen: 20
2.46.0.0/15 maxlen: 20
5.88.0.0/13 maxlen: 20
31.26.0.0/16 maxlen: 16
31.27.0.0/18 maxlen: 18
31.27.96.0/20 maxlen: 20
31.27.128.0/17 maxlen: 19
31.27.192.0/19 maxlen: 19
31.27.224.0/19 maxlen: 19
31.156.0.0/14 maxlen: 19
37.116.0.0/16 maxlen: 19
37.117.0.0/16 maxlen: 19
37.118.0.0/16 maxlen: 16
37.119.0.0/17 maxlen: 19
37.119.128.0/17 maxlen: 20
37.159.0.0/17 maxlen: 17
37.159.128.0/17 maxlen: 20
37.176.0.0/13 maxlen: 20
83.224.64.0/20 maxlen: 20
83.224.80.0/24 maxlen: 24
83.224.81.0/24 maxlen: 24
83.224.86.0/23 maxlen: 23
83.224.128.0/17 maxlen: 17
83.225.0.0/16 maxlen: 16
91.80.0.0/19 maxlen: 19
91.80.32.0/21 maxlen: 21
91.80.46.0/24 maxlen: 24
91.80.48.0/20 maxlen: 24
91.80.64.0/18 maxlen: 18
91.80.128.0/17 maxlen: 17
91.81.0.0/17 maxlen: 19
91.81.128.0/17 maxlen: 24
93.64.0.0/16 maxlen: 18
93.65.0.0/16 maxlen: 18
93.66.0.0/15 maxlen: 17
93.68.0.0/16 maxlen: 16
93.69.0.0/16 maxlen: 16
93.70.0.0/16 maxlen: 18
93.71.0.0/16 maxlen: 18
93.144.0.0/16 maxlen: 20
93.145.0.0/16 maxlen: 20
93.146.0.0/16 maxlen: 20
93.147.0.0/16 maxlen: 20
93.148.0.0/16 maxlen: 20
93.149.0.0/16 maxlen: 20
93.150.0.0/16 maxlen: 20
93.151.128.0/17 maxlen: 20
109.112.0.0/15 maxlen: 15
109.114.0.0/15 maxlen: 19
109.115.96.0/19 maxlen: 19
109.115.192.0/19 maxlen: 19
109.115.224.0/19 maxlen: 19
109.116.0.0/15 maxlen: 20
109.118.0.0/16 maxlen: 16
109.119.0.0/16 maxlen: 16
130.0.128.0/18 maxlen: 21
130.25.0.0/16 maxlen: 18
176.242.0.0/15 maxlen: 15
176.244.0.0/14 maxlen: 14
188.152.0.0/17 maxlen: 20
188.152.128.0/17 maxlen: 20
188.153.0.0/16 maxlen: 20
188.216.0.0/15 maxlen: 17
188.218.0.0/15 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:c6:77:c7:66:f0:34:1e:b6:df:12:7f:85:33:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63444210ea08ac529878d51917e3b30054d620d1
Validity
Not Before: Jan 2 07:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a6a6dfc3b6cc573c007c3ebebc44c423cf9ec79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:58:0a:d5:4b:d1:b3:45:af:2e:66:ea:01:ae:
ab:71:d4:be:93:f1:f8:2d:23:a7:8d:74:20:f2:6b:
f9:14:b9:64:91:52:47:9b:3e:97:02:91:06:4e:1b:
d7:a9:8e:08:ad:c1:d1:78:cd:a9:76:b0:e9:39:85:
7b:d0:83:91:f7:c2:1c:6f:11:ac:21:3c:ce:67:e7:
d0:af:72:77:c6:b2:43:62:0d:6e:0a:ae:42:17:0d:
01:e3:07:06:a1:e3:fd:2f:3d:e5:40:32:09:62:7a:
17:15:48:02:85:59:4c:37:ab:0d:d2:d5:f3:31:3d:
2e:66:25:29:f1:36:4b:e6:f2:89:2e:ff:b3:2c:51:
1b:10:b5:ea:39:74:2b:b7:3c:ef:10:c4:c1:01:1c:
19:30:ac:87:a3:0f:d9:40:f7:c6:a3:78:2b:a0:1e:
eb:82:b0:45:bc:77:7f:71:1b:81:2e:ac:e8:6f:87:
09:47:ec:29:65:9b:0e:6e:43:34:64:65:44:9a:d5:
94:7f:a7:e9:4e:f7:b6:0e:e4:88:45:77:60:a3:a7:
4a:7e:20:e8:fe:44:48:49:b1:ef:54:44:ef:e1:90:
2d:ce:29:cc:73:3d:0f:71:01:f2:67:61:03:1d:a5:
4f:94:8f:06:a5:6f:0e:a8:2c:b5:88:bc:cb:af:ef:
2b:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:6A:6D:FC:3B:6C:C5:73:C0:07:C3:EB:EB:C4:4C:42:3C:F9:EC:79
X509v3 Authority Key Identifier:
keyid:63:44:42:10:EA:08:AC:52:98:78:D5:19:17:E3:B3:00:54:D6:20:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y0RCEOoIrFKYeNUZF-OzAFTWINE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/empt_DtsxXPAB8Pr68RMQjz57Hk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/Y0RCEOoIrFKYeNUZF-OzAFTWINE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.32.0.0/12
5.88.0.0/13
31.26.0.0-31.27.63.255
31.27.96.0/20
31.27.128.0/17
31.156.0.0/14
37.116.0.0/14
37.159.0.0/16
37.176.0.0/13
83.224.64.0-83.224.81.255
83.224.86.0/23
83.224.128.0-83.225.255.255
91.80.0.0-91.80.39.255
91.80.46.0/24
91.80.48.0-91.81.255.255
93.64.0.0/13
93.144.0.0-93.150.255.255
93.151.128.0/17
109.112.0.0/13
130.0.128.0/18
130.25.0.0/16
176.242.0.0-176.247.255.255
188.152.0.0/15
188.216.0.0/14
Signature Algorithm: sha256WithRSAEncryption
9e:7d:64:86:87:27:e9:24:6a:c0:c0:15:fa:d9:9b:7e:7f:f6:
66:fb:c3:49:5a:7b:dd:ed:1b:7a:ab:32:f8:ef:fd:d6:93:84:
aa:a5:ef:a1:ff:bc:0f:ca:68:ba:19:2b:7b:25:d1:be:95:95:
42:23:e7:22:99:5c:7c:6b:dd:08:60:63:91:c2:80:38:95:d5:
31:4f:14:53:6c:08:9e:b6:0f:73:93:5d:54:cb:d2:ce:e5:15:
56:3e:9f:c4:fb:8c:01:6a:63:5a:91:c6:b4:e8:aa:59:be:05:
ba:b1:ae:57:c3:2f:40:68:85:51:37:e3:cb:89:81:09:10:53:
32:61:4b:e1:0e:7a:fe:47:f0:ee:df:9f:6b:b7:ae:6c:5e:b0:
c1:54:d6:bd:0a:cd:fe:e7:16:d6:41:fc:6d:c8:9e:1e:63:da:
06:77:dd:57:ad:01:77:35:1c:37:70:c7:f0:e2:a1:be:5e:de:
6e:98:08:78:e4:26:c4:58:4c:1d:46:47:47:e5:1f:f7:fb:5f:
70:8e:4a:f5:32:d5:b1:02:89:00:95:21:da:8b:b3:56:7f:0b:
f9:9b:59:13:48:67:86:e1:c3:0f:79:9c:b7:2c:c2:53:bd:94:
34:e2:46:2d:5e:1c:45:45:1f:5a:b0:0a:d9:64:4c:e7:17:96:
25:57:e3:0f
-----BEGIN CERTIFICATE-----
MIIFsTCCBJmgAwIBAgISAZQl/cZ3x2bwNB623xJ/hTNkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNDQ0MjEwZWEwOGFjNTI5ODc4ZDUxOTE3ZTNiMzAwNTRk
NjIwZDEwHhcNMjUwMTAyMDc0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTZhNmRmYzNiNmNjNTczYzAwN2MzZWJlYmM0NGM0MjNjZjllYzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1gK1UvRs0WvLmbqAa6rcdS+k/H4
LSOnjXQg8mv5FLlkkVJHmz6XApEGThvXqY4IrcHReM2pdrDpOYV70IOR98IcbxGs
ITzOZ+fQr3J3xrJDYg1uCq5CFw0B4wcGoeP9Lz3lQDIJYnoXFUgChVlMN6sN0tXz
MT0uZiUp8TZL5vKJLv+zLFEbELXqOXQrtzzvEMTBARwZMKyHow/ZQPfGo3groB7r
grBFvHd/cRuBLqzob4cJR+wpZZsObkM0ZGVEmtWUf6fpTve2DuSIRXdgo6dKfiDo
/kRISbHvVETv4ZAtzinMcz0PcQHyZ2EDHaVPlI8GpW8OqCy1iLzLr+8rRwIDAQAB
o4ICvTCCArkwHQYDVR0OBBYEFHpqbfw7bMVzwAfD6+vETEI8+ex5MB8GA1UdIwQY
MBaAFGNEQhDqCKxSmHjVGRfjswBU1iDRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTBSQ0VPb0lyRktZZU5VWkYtT3pBRlRXSU5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lZGVhNmUtNjZjYy00ZmIxLWE0NTQt
ZmU4MzdmOThlMDI2LzEvZW1wdF9EdHN4WFBBQjhQcjY4Uk1Rano1N0hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lZGVhNmUtNjZjYy00ZmIxLWE0NTQtZmU4MzdmOThlMDI2
LzEvWTBSQ0VPb0lyRktZZU5VWkYtT3pBRlRXSU5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHSBggrBgEFBQcBBwEB/wSBwjCBvzCBvAQCAAEwgbUDAwQC
IAMDAwVYMAsDAwEfGgMEBh8bAAMEBB8bYAMEBx8bgAMDAh+cAwMCJXQDAwAlnwMD
AyWwMAwDBAZT4EADBAFT4FADBAFT4FYwCwMEB1PggAMDAVPgMAsDAwRbUAMEA1tQ
IAMEAFtQLjALAwQEW1AwAwMBW1ADAwNdQDAKAwMEXZADAwBdlgMEB12XgAMDA21w
AwQGggCAAwMAghkwCgMDAbDyAwMDsPADAwG8mAMDArzYMA0GCSqGSIb3DQEBCwUA
A4IBAQCefWSGhyfpJGrAwBX62Zt+f/Zm+8NJWnvd7Rt6qzL47/3Wk4Sqpe+h/7wP
ymi6GSt7JdG+lZVCI+cimVx8a90IYGORwoA4ldUxTxRTbAietg9zk11Uy9LO5RVW
Pp/E+4wBamNakca06KpZvgW6sa5Xwy9AaIVRN+PLiYEJEFMyYUvhDnr+R/Du359r
t65sXrDBVNa9Cs3+5xbWQfxtyJ4eY9oGd91XrQF3NRw3cMfw4qG+Xt5umAh45CbE
WEwdRkdH5R/3+19wjkr1MtWxAokAlSHai7NWfwv5m1kTSGeG4cMPeZy3LMJTvZQ0
4kYtXhxFRR9asArZZEznF5YlV+MP
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:27:10 2025 by rpki-client