Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/h2UcIe_9k70e0Pb4z1ywc34Eaug.roa
File: h2UcIe_9k70e0Pb4z1ywc34Eaug.roa (raw, json)
Hash identifier: bNAkNdDpA47/1KnQFoxTtJqxC0B3Q4CeIoX/dgWLt94=
Subject key identifier: 87:65:1C:21:EF:FD:93:BD:1E:D0:F6:F8:CF:5C:B0:73:7E:04:6A:E8
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 0197CAABBF805929FBB6612BAA335EAE9B33
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/h2UcIe_9k70e0Pb4z1ywc34Eaug.roa
Signing time: Wed 02 Jul 2025 10:25:42 +0000
ROA not before: Wed 02 Jul 2025 10:25:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48635
IP address blocks: 2.57.57.0/24 maxlen: 24
5.157.80.0/21 maxlen: 24
31.25.96.0/21 maxlen: 24
31.25.98.0/24 maxlen: 24
31.186.168.0/21 maxlen: 24
62.221.248.0/21 maxlen: 24
62.221.250.0/24 maxlen: 24
79.99.128.0/21 maxlen: 24
92.63.168.0/21 maxlen: 24
92.63.168.0/24 maxlen: 24
93.180.64.0/21 maxlen: 24
93.187.220.0/22 maxlen: 24
109.72.80.0/20 maxlen: 24
109.106.160.0/20 maxlen: 24
109.106.176.0/21 maxlen: 24
185.27.172.0/22 maxlen: 24
185.37.68.0/22 maxlen: 24
185.56.144.0/22 maxlen: 24
185.66.248.0/22 maxlen: 24
185.87.184.0/22 maxlen: 24
185.94.228.0/22 maxlen: 24
185.94.228.0/24 maxlen: 24
185.94.230.0/23 maxlen: 23
185.95.28.0/22 maxlen: 24
185.95.31.0/24 maxlen: 24
185.103.156.0/22 maxlen: 24
185.103.240.0/22 maxlen: 24
185.103.242.0/23 maxlen: 23
185.107.212.0/22 maxlen: 24
185.107.224.0/23 maxlen: 24
185.109.216.0/22 maxlen: 24
185.159.240.0/22 maxlen: 24
185.175.200.0/22 maxlen: 24
185.182.56.0/22 maxlen: 24
185.182.56.0/24 maxlen: 24
185.187.12.0/22 maxlen: 24
185.223.32.0/22 maxlen: 24
185.224.88.0/22 maxlen: 24
185.233.28.0/22 maxlen: 24
195.238.74.0/23 maxlen: 24
2a00:f10::/29 maxlen: 48
2a01:b940::/29 maxlen: 48
2a01:b942::/32 maxlen: 48
2a01:b944::/32 maxlen: 48
2a02:40c1::/32 maxlen: 48
2a03:3060::/29 maxlen: 48
2a04:6bc0::/36 maxlen: 48
2a05:1500::/29 maxlen: 48
2a05:1500:500::/40 maxlen: 40
2a05:1500:600::/40 maxlen: 40
2a0b:7280::/29 maxlen: 48
2a0b:8f80::/29 maxlen: 48
2a0b:8f80::/48 maxlen: 48
2a0c:84c0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ca:ab:bf:80:59:29:fb:b6:61:2b:aa:33:5e:ae:9b:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Jul 2 10:25:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87651c21effd93bd1ed0f6f8cf5cb0737e046ae8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:92:5d:5c:07:99:36:4d:86:69:c7:93:c7:b7:
1f:cb:a3:d9:16:83:33:2e:6b:94:7a:21:ff:bf:b4:
ab:36:a8:fb:f1:ee:ad:65:53:6b:d4:b7:f7:fb:30:
28:26:67:cc:69:1d:31:b4:a7:6b:00:35:9a:ac:17:
bf:f0:0e:fb:98:d7:51:8d:5e:ea:85:c3:15:95:d8:
ec:ab:10:a6:3c:81:5e:35:ea:e8:6f:82:b1:28:54:
30:ef:26:9e:4b:de:fc:77:20:81:27:f0:c3:70:04:
d0:9f:12:e9:ee:32:b5:ba:1d:f1:ba:0f:60:76:86:
8a:30:d6:d0:40:2f:ad:77:d4:8a:10:68:b5:bd:86:
7a:a6:63:14:0f:7a:73:cb:99:39:aa:ac:d6:e5:56:
39:66:16:9c:09:4c:c5:9e:c0:84:64:d0:fd:2d:42:
65:0b:8e:fa:b6:be:a9:60:1e:d8:6b:11:63:b7:82:
5f:ad:18:09:88:41:47:78:0e:3f:a6:d3:07:b4:c0:
48:47:de:9a:ba:ef:1b:a2:51:1c:d5:c7:a7:f9:bf:
ec:4e:45:65:5f:39:05:35:28:1d:8a:57:0c:4c:0f:
25:a7:23:fe:35:cb:b3:b3:76:56:ee:ab:fd:5b:9b:
be:cf:8f:7f:bf:bc:b0:92:e9:78:23:4f:37:f9:ba:
d4:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:65:1C:21:EF:FD:93:BD:1E:D0:F6:F8:CF:5C:B0:73:7E:04:6A:E8
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/h2UcIe_9k70e0Pb4z1ywc34Eaug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.57.0/24
5.157.80.0/21
31.25.96.0/21
31.186.168.0/21
62.221.248.0/21
79.99.128.0/21
92.63.168.0/21
93.180.64.0/21
93.187.220.0/22
109.72.80.0/20
109.106.160.0-109.106.183.255
185.27.172.0/22
185.37.68.0/22
185.56.144.0/22
185.66.248.0/22
185.87.184.0/22
185.94.228.0/22
185.95.28.0/22
185.103.156.0/22
185.103.240.0/22
185.107.212.0/22
185.107.224.0/23
185.109.216.0/22
185.159.240.0/22
185.175.200.0/22
185.182.56.0/22
185.187.12.0/22
185.223.32.0/22
185.224.88.0/22
185.233.28.0/22
195.238.74.0/23
IPv6:
2a00:f10::/29
2a01:b940::/29
2a02:40c1::/32
2a03:3060::/29
2a04:6bc0::/36
2a05:1500::/29
2a0b:7280::/29
2a0b:8f80::/29
2a0c:84c0::/29
Signature Algorithm: sha256WithRSAEncryption
1c:ff:1c:c6:c2:d9:07:29:0d:7b:64:dd:34:24:de:05:f5:73:
d9:f5:38:c0:54:c0:05:bf:c7:01:10:4d:f4:42:f1:6f:e3:65:
41:af:00:66:91:88:ee:69:7d:ce:b2:d4:1f:8d:74:cb:24:b8:
05:72:c1:28:3c:29:db:ae:62:42:2a:d0:09:f7:6d:f9:ab:4a:
6f:76:16:9a:d8:86:1a:96:f1:b8:da:bc:9e:35:4e:7f:b7:1c:
85:78:fb:ed:62:d8:c3:93:80:e9:dd:e2:32:12:25:2a:de:57:
c8:7b:cf:30:90:ad:55:f5:3c:8e:91:a3:5e:9b:3b:98:38:f4:
5d:81:56:1a:dd:49:01:1a:2d:4c:d4:a0:07:68:f1:ed:43:61:
e7:a3:93:2e:66:08:55:9d:9d:73:88:40:3f:f7:e8:6b:fb:eb:
95:3f:9e:72:0b:e0:33:b2:d3:7c:44:f8:ed:6d:74:d1:81:83:
1d:b9:12:1f:0e:1d:c3:71:48:07:0e:d5:3c:64:ba:56:1c:00:
4c:44:e0:a2:b0:57:22:fd:e4:9b:18:f9:20:6a:ca:5f:0b:f7:
cc:ce:3b:d4:e6:b2:fd:53:fe:a2:38:5f:1b:cb:58:9a:51:4b:
ca:27:9b:c3:54:50:08:ba:97:d9:c6:17:a7:f1:ef:fa:4f:91:
c8:f2:0f:15
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgISAZfKq7+AWSn7tmErqjNerpszMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjUwNzAyMTAyNTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzY1MWMyMWVmZmQ5M2JkMWVkMGY2ZjhjZjVjYjA3MzdlMDQ2YWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ZJdXAeZNk2GaceTx7cfy6PZFoMz
LmuUeiH/v7SrNqj78e6tZVNr1Lf3+zAoJmfMaR0xtKdrADWarBe/8A77mNdRjV7q
hcMVldjsqxCmPIFeNerob4KxKFQw7yaeS978dyCBJ/DDcATQnxLp7jK1uh3xug9g
doaKMNbQQC+td9SKEGi1vYZ6pmMUD3pzy5k5qqzW5VY5ZhacCUzFnsCEZND9LUJl
C476tr6pYB7YaxFjt4JfrRgJiEFHeA4/ptMHtMBIR96auu8bolEc1cen+b/sTkVl
XzkFNSgdilcMTA8lpyP+Ncuzs3ZW7qv9W5u+z49/v7ywkul4I083+brUVwIDAQAB
o4IDFTCCAxEwHQYDVR0OBBYEFIdlHCHv/ZO9HtD2+M9csHN+BGroMB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvaDJVY0llXzlrNzBlMFBiNHoxeXdjMzRFYXVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKQYIKwYBBQUHAQcBAf8EggEYMIIBFDCByQQCAAEwgcID
BAACOTkDBAMFnVADBAMfGWADBAMfuqgDBAM+3fgDBANPY4ADBANcP6gDBANdtEAD
BAJdu9wDBARtSFAwDAMEBW1qoAMEA21qsAMEArkbrAMEArklRAMEArk4kAMEArlC
+AMEArlXuAMEArle5AMEArlfHAMEArlnnAMEArln8AMEArlr1AMEAblr4AMEArlt
2AMEArmf8AMEArmvyAMEArm2OAMEArm7DAMEArnfIAMEArngWAMEArnpHAMEAcPu
SjBGBAIAAjBAAwUDKgAPEAMFAyoBuUADBQAqAkDBAwUDKgMwYAMGBCoEa8AAAwUD
KgUVAAMFAyoLcoADBQMqC4+AAwUDKgyEwDANBgkqhkiG9w0BAQsFAAOCAQEAHP8c
xsLZBykNe2TdNCTeBfVz2fU4wFTABb/HARBN9ELxb+NlQa8AZpGI7ml9zrLUH410
yyS4BXLBKDwp265iQirQCfdt+atKb3YWmtiGGpbxuNq8njVOf7cchXj77WLYw5OA
6d3iMhIlKt5XyHvPMJCtVfU8jpGjXps7mDj0XYFWGt1JARotTNSgB2jx7UNh56OT
LmYIVZ2dc4hAP/foa/vrlT+ecgvgM7LTfET47W100YGDHbkSHw4dw3FIBw7VPGS6
VhwATETgorBXIv3kmxj5IGrKXwv3zM471Oay/VP+ojhfG8tYmlFLyiebw1RQCLqX
2cYXp/Hv+k+RyPIPFQ==
-----END CERTIFICATE-----
Generated at Wed Jul 30 04:20:53 2025 by rpki-client