Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/9w7HxGZfZRVLKx1aInzaGqvu3XE.roa
File: 9w7HxGZfZRVLKx1aInzaGqvu3XE.roa (raw, json)
Hash identifier: xB0shV21V9Mb8UIOMIdaJKxGacUFINOuo0dCZG9gNQk=
Subject key identifier: F7:0E:C7:C4:66:5F:65:15:4B:2B:1D:5A:22:7C:DA:1A:AB:EE:DD:71
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 01937017D5C099C5F89676537A5898DD8C88
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/9w7HxGZfZRVLKx1aInzaGqvu3XE.roa
Signing time: Thu 28 Nov 2024 00:07:10 +0000
ROA not before: Thu 28 Nov 2024 00:07:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8772
IP address blocks: 62.205.128.0/19 maxlen: 20
62.205.132.0/24 maxlen: 24
62.205.134.0/24 maxlen: 24
62.205.144.0/20 maxlen: 20
62.205.152.0/24 maxlen: 24
62.205.159.0/24 maxlen: 24
94.131.0.0/23 maxlen: 23
94.131.0.0/24 maxlen: 24
94.131.4.0/24 maxlen: 24
94.131.6.0/24 maxlen: 24
94.131.7.0/24 maxlen: 24
94.131.124.0/24 maxlen: 24
94.131.127.0/24 maxlen: 24
95.164.12.0/23 maxlen: 23
95.164.15.0/24 maxlen: 24
95.164.20.0/24 maxlen: 24
95.164.40.0/22 maxlen: 22
95.164.49.0/24 maxlen: 24
95.164.50.0/24 maxlen: 24
95.164.52.0/22 maxlen: 22
95.164.56.0/22 maxlen: 22
95.164.72.0/22 maxlen: 22
95.164.76.0/24 maxlen: 24
95.164.80.0/22 maxlen: 22
95.164.120.0/24 maxlen: 24
95.164.121.0/24 maxlen: 24
95.164.122.0/24 maxlen: 24
95.164.123.0/24 maxlen: 24
95.164.160.0/22 maxlen: 24
95.164.164.0/22 maxlen: 24
95.164.170.0/23 maxlen: 23
95.164.172.0/22 maxlen: 22
95.164.248.0/23 maxlen: 23
95.164.251.0/24 maxlen: 24
195.214.212.0/22 maxlen: 22
2a01:d0::/32 maxlen: 32
2a01:d0:4::/48 maxlen: 48
2a01:d0:a::/48 maxlen: 48
2a01:d0:28::/48 maxlen: 48
2a01:d0:3b::/48 maxlen: 48
2a01:d0:43::/48 maxlen: 48
2a01:d0:105::/48 maxlen: 48
2a01:d0:303::/48 maxlen: 48
2a01:d0:305::/48 maxlen: 48
2a01:d0:308::/48 maxlen: 48
2a01:d0:317::/48 maxlen: 48
2a01:d0:31d::/48 maxlen: 48
2a01:d0:333::/48 maxlen: 48
2a01:d0:962::/48 maxlen: 48
2a01:d0:1657::/48 maxlen: 48
2a01:d0:7fff::/48 maxlen: 48
2a01:d0:8000::/33 maxlen: 33
2a01:d0:ffff::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:70:17:d5:c0:99:c5:f8:96:76:53:7a:58:98:dd:8c:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Nov 28 00:07:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f70ec7c4665f65154b2b1d5a227cda1aabeedd71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:96:32:1c:b3:70:0a:28:a4:97:d8:0e:36:54:
b1:d4:5e:ea:fc:38:10:d5:c8:06:b5:e4:83:0d:6b:
05:df:c0:5d:fd:93:b2:7f:b5:81:0a:cf:b0:5c:57:
cf:25:3c:94:18:f4:62:a1:18:1a:ef:0a:7c:31:8b:
dc:48:49:0f:24:25:93:58:e4:94:e3:4f:3d:0b:a5:
63:38:2a:68:a7:40:6d:88:54:d7:b8:21:61:4f:ac:
6c:48:3a:08:c6:91:43:c9:d4:6d:47:07:72:5c:b9:
7d:d3:6f:cf:89:f9:16:3d:9d:7f:89:bb:cf:7a:9e:
e3:0e:89:4b:a7:a2:48:51:d3:3c:e5:be:c5:fe:ba:
a5:e1:33:4e:11:9f:a3:28:f3:4d:20:09:b1:06:1c:
9f:4c:76:77:83:3a:e2:1f:49:5d:be:7d:d7:ad:71:
aa:e3:17:05:81:65:aa:a1:73:30:50:cf:c9:fe:d5:
2a:a7:bf:9a:ed:43:be:eb:05:21:bd:dd:84:28:b0:
a2:ea:be:0e:b8:88:f7:21:58:9c:c3:17:94:0d:46:
77:3f:3d:26:89:9d:06:65:04:ce:0b:ab:62:46:fa:
5d:e2:66:85:1a:80:f9:46:eb:40:2c:4f:00:96:b9:
5d:92:05:aa:f1:96:0f:58:21:93:d7:78:9b:9f:75:
a3:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:0E:C7:C4:66:5F:65:15:4B:2B:1D:5A:22:7C:DA:1A:AB:EE:DD:71
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/9w7HxGZfZRVLKx1aInzaGqvu3XE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.205.128.0/19
94.131.0.0/23
94.131.4.0/24
94.131.6.0/23
94.131.124.0/24
94.131.127.0/24
95.164.12.0/23
95.164.15.0/24
95.164.20.0/24
95.164.40.0/22
95.164.49.0-95.164.50.255
95.164.52.0-95.164.59.255
95.164.72.0-95.164.76.255
95.164.80.0/22
95.164.120.0/22
95.164.160.0/21
95.164.170.0-95.164.175.255
95.164.248.0/23
95.164.251.0/24
195.214.212.0/22
IPv6:
2a01:d0::/32
Signature Algorithm: sha256WithRSAEncryption
07:ad:19:e2:d3:44:d7:4f:65:01:c0:6a:82:cb:73:4f:dd:61:
1f:b7:65:7e:ba:c1:a1:81:88:aa:a8:de:9b:59:7b:b6:7d:2f:
f4:ef:05:96:51:b2:1d:f7:9a:48:e4:7c:ae:ff:bf:73:74:3b:
ad:77:05:c5:24:fa:28:16:a4:3c:87:7d:23:72:42:6f:d2:f7:
74:a4:32:c4:b0:0d:81:51:34:1e:97:8b:01:0f:35:a4:6f:f5:
10:49:0d:cd:c2:c0:11:de:1b:0e:ce:4b:91:6c:85:e3:87:85:
d0:1a:92:88:32:21:75:f3:ec:52:a6:f4:44:8d:b0:95:96:24:
f7:f6:34:97:72:19:25:f3:47:7a:25:39:7c:e5:2f:20:43:59:
9f:9e:17:48:7e:a3:e7:7f:c8:51:39:43:8b:bf:97:90:09:bc:
1f:b6:97:5a:ff:b8:dc:e9:4e:64:80:c4:99:fd:a4:53:e9:7b:
ee:f6:63:4e:7e:32:8a:0e:b1:31:83:fb:9e:d3:4e:23:4a:1a:
41:3a:e1:f7:fe:4f:f8:13:6f:29:e6:14:33:87:ec:fe:8e:9a:
34:bd:57:ee:0d:3c:f4:3d:50:07:13:44:bc:f6:5a:b6:68:22:
c7:7f:ee:0f:00:f8:2e:05:2c:a6:4e:85:95:26:fa:d0:e9:31:
99:1f:e0:14
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZNwF9XAmcX4lnZTeliY3YyIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQxMTI4MDAwNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzBlYzdjNDY2NWY2NTE1NGIyYjFkNWEyMjdjZGExYWFiZWVkZDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5YyHLNwCiikl9gONlSx1F7q/DgQ
1cgGteSDDWsF38Bd/ZOyf7WBCs+wXFfPJTyUGPRioRga7wp8MYvcSEkPJCWTWOSU
4089C6VjOCpop0BtiFTXuCFhT6xsSDoIxpFDydRtRwdyXLl902/PifkWPZ1/ibvP
ep7jDolLp6JIUdM85b7F/rql4TNOEZ+jKPNNIAmxBhyfTHZ3gzriH0ldvn3XrXGq
4xcFgWWqoXMwUM/J/tUqp7+a7UO+6wUhvd2EKLCi6r4OuIj3IVicwxeUDUZ3Pz0m
iZ0GZQTOC6tiRvpd4maFGoD5RutALE8AlrldkgWq8ZYPWCGT13ibn3WjvQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFPcOx8RmX2UVSysdWiJ82hqr7t1xMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvOXc3SHhHWmZaUlZMS3gxYUluemFHcXZ1M1hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTCBnwQCAAEwgZgDBAU+
zYADBAFegwADBABegwQDBAFegwYDBABeg3wDBABeg38DBAFfpAwDBABfpA8DBABf
pBQDBAJfpCgwDAMEAF+kMQMEAF+kMjAMAwQCX6Q0AwQCX6Q4MAwDBANfpEgDBABf
pEwDBAJfpFADBAJfpHgDBANfpKAwDAMEAV+kqgMEBF+koAMEAV+k+AMEAF+k+wME
AsPW1DANBAIAAjAHAwUAKgEA0DANBgkqhkiG9w0BAQsFAAOCAQEAB60Z4tNE109l
AcBqgstzT91hH7dlfrrBoYGIqqjem1l7tn0v9O8FllGyHfeaSOR8rv+/c3Q7rXcF
xST6KBakPId9I3JCb9L3dKQyxLANgVE0HpeLAQ81pG/1EEkNzcLAEd4bDs5LkWyF
44eF0BqSiDIhdfPsUqb0RI2wlZYk9/Y0l3IZJfNHeiU5fOUvIENZn54XSH6j53/I
UTlDi7+XkAm8H7aXWv+43OlOZIDEmf2kU+l77vZjTn4yig6xMYP7ntNOI0oaQTrh
9/5P+BNvKeYUM4fs/o6aNL1X7g089D1QBxNEvPZatmgix3/uDwD4LgUspk6FlSb6
0OkxmR/gFA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:24:28 2025 by rpki-client