Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/opscKiT1ixo3MuIGTHjQHvLdy6E.roa
File: opscKiT1ixo3MuIGTHjQHvLdy6E.roa (raw, json)
Hash identifier: +bIJlRx+J9OhQQl1KlNtT8eASOmpQHQZcL8uAiepdPU=
Subject key identifier: A2:9B:1C:2A:24:F5:8B:1A:37:32:E2:06:4C:78:D0:1E:F2:DD:CB:A1
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0194405AC9A44DA54CAC8500190C4DB0CACD
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/opscKiT1ixo3MuIGTHjQHvLdy6E.roa
Signing time: Tue 07 Jan 2025 10:41:19 +0000
ROA not before: Tue 07 Jan 2025 10:41:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 5.182.28.0/22 maxlen: 22
45.67.117.0/24 maxlen: 24
45.150.168.0/22 maxlen: 22
45.151.196.0/22 maxlen: 22
89.40.161.0/24 maxlen: 24
91.239.59.0/24 maxlen: 24
91.242.70.0/24 maxlen: 24
91.242.71.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.73.0/24 maxlen: 24
91.242.75.0/24 maxlen: 24
91.242.105.0/24 maxlen: 24
91.242.123.0/24 maxlen: 24
91.242.124.0/24 maxlen: 24
91.242.126.0/24 maxlen: 24
91.242.127.0/24 maxlen: 24
185.40.105.0/24 maxlen: 24
185.180.145.0/24 maxlen: 24
193.31.104.0/22 maxlen: 22
194.50.200.0/24 maxlen: 24
194.50.201.0/24 maxlen: 24
194.180.238.0/24 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/22 maxlen: 24
195.138.104.0/24 maxlen: 24
195.138.107.0/24 maxlen: 24
195.138.109.0/24 maxlen: 24
195.138.110.0/24 maxlen: 24
195.138.111.0/24 maxlen: 24
195.138.113.0/24 maxlen: 24
195.138.114.0/24 maxlen: 24
195.138.115.0/24 maxlen: 24
195.138.116.0/24 maxlen: 24
195.138.118.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
195.138.124.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:40:5a:c9:a4:4d:a5:4c:ac:85:00:19:0c:4d:b0:ca:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 7 10:41:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a29b1c2a24f58b1a3732e2064c78d01ef2ddcba1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ec:0d:fd:e6:20:dc:d6:e8:d5:61:ec:12:3c:
e2:1a:8d:db:c7:bb:31:d0:b0:09:c0:68:e2:99:13:
0b:27:f6:e2:ed:f1:b0:27:b4:d6:dd:26:dc:85:7e:
fb:5a:cb:54:10:e8:a8:0e:ef:1a:26:20:fe:c4:48:
90:29:dc:ea:16:a0:3d:1c:89:db:bf:00:96:da:29:
77:d4:2f:6b:59:f9:e3:df:94:9b:b8:fa:6c:b8:69:
e4:e7:e6:ed:61:6a:26:22:37:17:18:84:f6:b4:75:
82:d1:dc:59:72:13:3d:7e:de:14:fb:b4:1a:7d:76:
0b:b4:d7:3b:93:c7:fa:76:7a:21:43:ea:99:3c:0e:
66:84:d3:b3:aa:f9:62:21:ef:9e:77:24:61:2c:d2:
a4:b6:17:f5:fe:3d:0e:bf:cd:13:31:34:57:8a:62:
48:7e:fb:4c:5e:28:a3:e4:f3:fa:ad:64:a4:9d:a3:
46:0e:c7:6a:93:7c:0f:d3:05:f6:d8:63:1d:15:ec:
44:cf:3a:d6:5b:de:88:f3:e2:4d:19:da:09:02:77:
3b:1a:28:8c:33:94:ec:44:0c:3e:be:d7:97:a5:60:
8d:a1:09:26:24:ce:de:92:8e:39:08:a8:33:ba:9c:
2b:ce:ec:a8:72:a9:89:19:89:b7:3f:92:4c:e2:ae:
1d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:9B:1C:2A:24:F5:8B:1A:37:32:E2:06:4C:78:D0:1E:F2:DD:CB:A1
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/opscKiT1ixo3MuIGTHjQHvLdy6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.28.0/22
45.67.117.0/24
45.150.168.0/22
45.151.196.0/22
89.40.161.0/24
91.239.59.0/24
91.242.70.0-91.242.73.255
91.242.75.0/24
91.242.105.0/24
91.242.123.0-91.242.124.255
91.242.126.0/23
185.40.105.0/24
185.180.145.0/24
193.31.104.0/22
194.50.200.0/23
194.180.238.0/24
195.138.103.0-195.138.107.255
195.138.109.0-195.138.111.255
195.138.113.0-195.138.116.255
195.138.118.0/24
195.138.120.0/24
195.138.124.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:e4:aa:4f:1e:cf:af:7b:f5:8f:91:89:3e:a5:52:73:32:ac:
52:2d:4d:f4:ea:64:ad:0f:cb:57:13:42:1e:2b:4d:1c:fb:b7:
f0:1a:59:aa:d1:0d:bc:e0:ab:42:43:ce:14:ba:dc:ca:4f:f2:
55:7d:c4:ed:9d:37:81:bd:76:e6:3b:21:13:e0:a1:4d:6d:a8:
c7:07:4a:cf:6c:ed:65:97:d7:91:5b:c1:57:21:b4:3e:ba:71:
4b:5e:a9:1f:e4:a7:c7:34:ea:91:be:e9:82:6e:30:7e:4a:ed:
69:04:83:46:f4:33:8e:4d:df:80:8f:5b:28:32:0d:0f:99:74:
aa:f2:f9:4d:e3:c5:6d:ac:12:79:8d:7d:30:da:97:ec:fd:05:
ca:99:2f:03:20:2d:0e:c4:fa:65:6b:c1:87:a7:eb:c9:31:b1:
22:6f:13:db:22:d7:c8:26:ae:5d:1c:52:d0:e3:81:0a:37:1b:
dc:1e:2e:25:1b:36:c7:a9:8e:5b:87:81:dc:2d:30:42:48:2d:
d1:34:bb:7c:1b:c2:df:a4:78:84:64:25:8d:1d:ec:b3:d5:b8:
af:93:9d:fb:75:a3:21:71:02:7b:b5:86:36:98:36:ae:1e:62:
c7:a5:08:86:63:a5:f4:73:b3:13:6a:2d:bb:d5:80:f9:63:38:
9e:84:09:c4
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAZRAWsmkTaVMrIUAGQxNsMrNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjUwMTA3MTA0MTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjliMWMyYTI0ZjU4YjFhMzczMmUyMDY0Yzc4ZDAxZWYyZGRjYmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquwN/eYg3Nbo1WHsEjziGo3bx7sx
0LAJwGjimRMLJ/bi7fGwJ7TW3SbchX77WstUEOioDu8aJiD+xEiQKdzqFqA9HInb
vwCW2il31C9rWfnj35SbuPpsuGnk5+btYWomIjcXGIT2tHWC0dxZchM9ft4U+7Qa
fXYLtNc7k8f6dnohQ+qZPA5mhNOzqvliIe+edyRhLNKkthf1/j0Ov80TMTRXimJI
fvtMXiij5PP6rWSknaNGDsdqk3wP0wX22GMdFexEzzrWW96I8+JNGdoJAnc7GiiM
M5TsRAw+vteXpWCNoQkmJM7eko45CKgzupwrzuyocqmJGYm3P5JM4q4dIQIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFKKbHCok9YsaNzLiBkx40B7y3cuhMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvb3BzY0tpVDFpeG8zTXVJR1RIalFIdkxkeTZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBswQCAAEwgawDBAIF
thwDBAAtQ3UDBAItlqgDBAItl8QDBABZKKEDBABb7zswDAMEAVvyRgMEAVvySAME
AFvySwMEAFvyaTAMAwQAW/J7AwQAW/J8AwQBW/J+AwQAuShpAwQAubSRAwQCwR9o
AwQBwjLIAwQAwrTuMAwDBADDimcDBALDimgwDAMEAMOKbQMEBMOKYDAMAwQAw4px
AwQAw4p0AwQAw4p2AwQAw4p4AwQCw4p8MA0GCSqGSIb3DQEBCwUAA4IBAQCt5KpP
Hs+ve/WPkYk+pVJzMqxSLU306mStD8tXE0IeK00c+7fwGlmq0Q284KtCQ84UutzK
T/JVfcTtnTeBvXbmOyET4KFNbajHB0rPbO1ll9eRW8FXIbQ+unFLXqkf5KfHNOqR
vumCbjB+Su1pBING9DOOTd+Aj1soMg0PmXSq8vlN48VtrBJ5jX0w2pfs/QXKmS8D
IC0OxPpla8GHp+vJMbEibxPbItfIJq5dHFLQ44EKNxvcHi4lGzbHqY5bh4HcLTBC
SC3RNLt8G8LfpHiEZCWNHeyz1bivk537daMhcQJ7tYY2mDauHmLHpQiGY6X0c7MT
ai271YD5YziehAnE
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:48:32 2025 by rpki-client