Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/mfWFdMqwsC7wco8ngDzgqXWhWOU.roa
File: mfWFdMqwsC7wco8ngDzgqXWhWOU.roa (raw, json)
Hash identifier: ENymxhb6k/+mZye1LkhQad1EO2NCS76Z+kJRVSHDwhU=
Subject key identifier: 99:F5:85:74:CA:B0:B0:2E:F0:72:8F:27:80:3C:E0:A9:75:A1:58:E5
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 0193701C024CF77E253CE9094AEEE40A2391
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/mfWFdMqwsC7wco8ngDzgqXWhWOU.roa
Signing time: Thu 28 Nov 2024 00:11:43 +0000
ROA not before: Thu 28 Nov 2024 00:11:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200736
IP address blocks: 94.131.32.0/20 maxlen: 24
94.131.128.0/19 maxlen: 24
94.131.130.0/24 maxlen: 24
94.131.131.0/24 maxlen: 24
94.131.132.0/24 maxlen: 24
94.131.133.0/24 maxlen: 24
94.131.134.0/24 maxlen: 24
94.131.135.0/24 maxlen: 24
94.131.136.0/24 maxlen: 24
94.131.137.0/24 maxlen: 24
94.131.138.0/24 maxlen: 24
94.131.139.0/24 maxlen: 24
94.131.140.0/24 maxlen: 24
94.131.141.0/24 maxlen: 24
94.131.142.0/24 maxlen: 24
94.131.143.0/24 maxlen: 24
94.131.144.0/23 maxlen: 23
94.131.144.0/24 maxlen: 24
94.131.145.0/24 maxlen: 24
94.131.146.0/24 maxlen: 24
94.131.147.0/24 maxlen: 24
94.131.148.0/24 maxlen: 24
94.131.149.0/24 maxlen: 24
94.131.150.0/24 maxlen: 24
94.131.151.0/24 maxlen: 24
94.131.152.0/24 maxlen: 24
94.131.153.0/24 maxlen: 24
94.131.154.0/24 maxlen: 24
94.131.155.0/24 maxlen: 24
94.131.156.0/24 maxlen: 24
94.131.157.0/24 maxlen: 24
94.131.158.0/24 maxlen: 24
94.131.159.0/24 maxlen: 24
94.131.160.0/20 maxlen: 24
94.131.161.0/24 maxlen: 24
94.131.162.0/24 maxlen: 24
94.131.163.0/24 maxlen: 24
94.131.165.0/24 maxlen: 24
94.131.166.0/24 maxlen: 24
94.131.167.0/24 maxlen: 24
94.131.169.0/24 maxlen: 24
94.131.170.0/24 maxlen: 24
94.131.172.0/24 maxlen: 24
94.131.173.0/24 maxlen: 24
94.131.174.0/24 maxlen: 24
95.164.124.0/22 maxlen: 24
95.164.176.0/20 maxlen: 24
95.164.208.0/20 maxlen: 24
195.214.208.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:70:1c:02:4c:f7:7e:25:3c:e9:09:4a:ee:e4:0a:23:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Nov 28 00:11:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99f58574cab0b02ef0728f27803ce0a975a158e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:78:36:ad:7e:05:c0:1a:e0:44:77:66:c5:a7:
a3:62:83:ac:6b:05:2a:ca:b7:78:46:5e:9d:ff:d4:
bd:ef:4a:7c:b6:89:7f:13:4f:8a:ed:6a:bd:5e:c5:
e8:68:48:04:f7:86:f4:48:29:da:87:f8:6a:b0:21:
c6:49:32:33:5b:aa:30:1d:be:58:a3:59:89:e2:b6:
7f:03:a2:e1:8d:f4:e8:7e:e6:e2:bd:5f:66:e8:ca:
cd:c4:03:cf:2f:52:f3:d0:8c:77:e1:f6:84:a4:a3:
1e:e7:7b:0c:09:d2:4f:23:d1:24:cc:df:53:fa:04:
e8:7c:37:75:2a:c0:1a:53:14:b7:26:2b:a4:5c:43:
6f:17:9a:a8:db:79:7e:09:ce:65:6b:2a:94:fd:cb:
7e:aa:a4:89:58:9b:ae:40:c2:d0:2c:86:69:2e:a4:
ec:6a:b1:67:d6:8c:94:02:19:a9:39:55:b9:01:ed:
73:03:22:25:5a:44:44:52:71:45:56:a0:97:8a:7b:
a2:dd:c6:c8:df:e2:af:10:a2:8b:a7:fa:62:42:44:
ce:5a:a8:4c:9a:80:2d:26:77:9b:97:44:61:8b:4a:
7c:4f:0f:22:d4:25:e6:5f:ae:55:b5:50:23:ab:76:
bb:b7:a2:b5:00:dd:57:fa:da:61:25:f1:a4:6a:ce:
8d:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:F5:85:74:CA:B0:B0:2E:F0:72:8F:27:80:3C:E0:A9:75:A1:58:E5
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/mfWFdMqwsC7wco8ngDzgqXWhWOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.32.0/20
94.131.128.0-94.131.175.255
95.164.124.0/22
95.164.176.0/20
95.164.208.0/20
195.214.208.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:9f:d9:57:9a:e0:06:1d:56:0f:bc:ef:c3:ca:29:e4:a9:20:
3b:ef:f1:cb:cc:8d:51:2d:12:61:ab:8a:7a:26:f9:64:4d:b4:
4b:e6:38:02:b4:be:99:b5:5c:9f:bf:48:f0:03:01:35:f2:4c:
e2:da:1b:3f:51:c6:3f:79:79:20:a2:af:4d:7d:6e:10:cc:f3:
40:64:19:e1:0e:fd:fb:06:8b:9d:56:79:76:b2:70:95:84:76:
b7:1d:f4:57:8a:75:7c:51:37:c8:f2:89:5d:bd:4a:c8:c6:b1:
d5:ae:b6:53:5d:9d:da:0b:c5:fa:d5:98:34:c2:8e:4a:60:09:
1d:ec:52:3b:e3:6c:bb:16:3d:d9:a9:d5:57:e9:03:ca:ea:05:
82:18:8c:2b:35:b1:23:c1:6c:c3:d4:73:9a:02:5b:eb:2f:6b:
08:4b:fe:7b:34:c8:10:9c:e6:37:b3:8a:80:e4:39:02:c0:59:
13:53:7c:9b:87:bd:60:8d:42:25:6b:fb:ab:ea:45:4a:2a:51:
5a:4c:9e:c6:c7:22:b3:dc:c2:20:3c:7a:a2:e9:41:e2:37:9e:
75:1e:bf:68:b6:67:45:ea:b3:43:89:34:c6:83:54:a5:75:01:
06:b0:e0:84:04:4f:59:61:f5:3c:1a:58:1d:fd:60:9c:fe:8b:
c8:cb:a3:29
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZNwHAJM934lPOkJSu7kCiORMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQxMTI4MDAxMTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWY1ODU3NGNhYjBiMDJlZjA3MjhmMjc4MDNjZTBhOTc1YTE1OGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlng2rX4FwBrgRHdmxaejYoOsawUq
yrd4Rl6d/9S970p8tol/E0+K7Wq9XsXoaEgE94b0SCnah/hqsCHGSTIzW6owHb5Y
o1mJ4rZ/A6LhjfTofubivV9m6MrNxAPPL1Lz0Ix34faEpKMe53sMCdJPI9EkzN9T
+gTofDd1KsAaUxS3JiukXENvF5qo23l+Cc5layqU/ct+qqSJWJuuQMLQLIZpLqTs
arFn1oyUAhmpOVW5Ae1zAyIlWkREUnFFVqCXinui3cbI3+KvEKKLp/piQkTOWqhM
moAtJnebl0Rhi0p8Tw8i1CXmX65VtVAjq3a7t6K1AN1X+tphJfGkas6NuQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFJn1hXTKsLAu8HKPJ4A84Kl1oVjlMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvbWZXRmRNcXdzQzd3Y284bmdEemdxWFdoV09VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQEXoMgMAwD
BAdeg4ADBAReg6ADBAJfpHwDBARfpLADBARfpNADBALD1tAwDQYJKoZIhvcNAQEL
BQADggEBAIuf2Vea4AYdVg+878PKKeSpIDvv8cvMjVEtEmGrinom+WRNtEvmOAK0
vpm1XJ+/SPADATXyTOLaGz9Rxj95eSCir019bhDM80BkGeEO/fsGi51WeXaycJWE
drcd9FeKdXxRN8jyiV29SsjGsdWutlNdndoLxfrVmDTCjkpgCR3sUjvjbLsWPdmp
1VfpA8rqBYIYjCs1sSPBbMPUc5oCW+svawhL/ns0yBCc5jezioDkOQLAWRNTfJuH
vWCNQiVr+6vqRUoqUVpMnsbHIrPcwiA8eqLpQeI3nnUev2i2Z0Xqs0OJNMaDVKV1
AQaw4IQET1lh9TwaWB39YJz+i8jLoyk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:04:10 2025 by rpki-client