Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/DCSKcvdhAWGBeDOhVh0nRRu3Jr4.roa
File: DCSKcvdhAWGBeDOhVh0nRRu3Jr4.roa (raw, json)
Hash identifier: o5Z/5OOVY2+lNWps+489dBIyhN+UZqQo2EbM+ZP8NRg=
Subject key identifier: 0C:24:8A:72:F7:61:01:61:81:78:33:A1:56:1D:27:45:1B:B7:26:BE
Certificate issuer: /CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Certificate serial: 01942444E11400F10401B867816291E62473
Authority key identifier: 28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/DCSKcvdhAWGBeDOhVh0nRRu3Jr4.roa
Signing time: Wed 01 Jan 2025 23:48:01 +0000
ROA not before: Wed 01 Jan 2025 23:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202958
IP address blocks: 37.140.243.0/24 maxlen: 24
46.226.123.0/24 maxlen: 24
77.246.247.0/24 maxlen: 24
86.107.198.0/24 maxlen: 24
86.107.199.0/24 maxlen: 24
91.243.71.0/24 maxlen: 24
93.115.14.0/24 maxlen: 24
185.98.4.0/24 maxlen: 24
185.100.66.0/24 maxlen: 24
185.113.133.0/24 maxlen: 24
185.116.192.0/24 maxlen: 24
185.116.193.0/24 maxlen: 24
185.116.194.0/24 maxlen: 24
185.116.195.0/24 maxlen: 24
185.121.80.0/24 maxlen: 24
185.121.81.0/24 maxlen: 24
185.121.82.0/24 maxlen: 24
185.121.83.0/24 maxlen: 24
185.125.88.0/24 maxlen: 24
185.125.89.0/24 maxlen: 24
185.125.90.0/24 maxlen: 24
185.125.91.0/24 maxlen: 24
188.244.115.0/24 maxlen: 24
194.4.56.0/24 maxlen: 24
194.4.57.0/24 maxlen: 24
194.4.58.0/24 maxlen: 24
194.4.59.0/24 maxlen: 24
194.146.40.0/24 maxlen: 24
194.146.41.0/24 maxlen: 24
194.146.42.0/24 maxlen: 24
194.146.43.0/24 maxlen: 24
213.109.146.0/24 maxlen: 24
2a06:941::/48 maxlen: 48
2a06:941:1::/48 maxlen: 48
2a06:941:2::/48 maxlen: 48
2a06:941:3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:e1:14:00:f1:04:01:b8:67:81:62:91:e6:24:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Validity
Not Before: Jan 1 23:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c248a72f7610161817833a1561d27451bb726be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:9c:a3:66:1b:91:cd:e1:fe:68:18:36:ac:a3:
bc:c8:25:34:0f:5f:2b:bd:e6:39:dd:eb:28:21:53:
a0:4f:46:43:77:eb:68:b8:e3:e3:1a:dc:4f:89:dd:
cf:65:ef:ae:ca:c6:e3:f0:0b:ae:1b:0a:f9:7b:54:
85:88:81:8d:6c:be:d4:89:33:0d:be:88:63:1a:b4:
a9:6b:57:6d:11:3a:61:df:03:b1:c6:ac:9c:cc:b7:
4c:96:7a:25:b4:cb:8d:d5:20:2e:3b:33:26:01:ae:
a1:e8:60:e7:2e:31:ff:98:f6:37:a8:32:56:1f:f2:
3d:cc:4f:89:64:2a:b6:7f:54:28:e2:25:0b:1d:23:
ff:2e:ca:2d:68:f4:db:47:56:55:e7:70:61:cd:c0:
5f:e2:0f:67:2b:fc:b3:be:8a:bd:0c:ef:cf:47:84:
bd:35:84:95:40:04:9c:e9:3a:80:70:76:19:a5:fc:
fe:1d:3d:d4:64:d4:62:a3:50:53:11:46:e2:0e:b0:
60:92:89:91:72:45:b5:fc:e1:cf:bf:c5:36:ea:94:
a5:21:9f:13:71:41:8d:a6:f5:93:07:b1:04:53:fe:
34:fe:51:95:f9:8e:2d:8e:f5:b0:79:66:0a:98:9e:
a9:ee:00:81:38:c3:50:5a:ac:c3:dd:4a:77:95:5e:
54:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:24:8A:72:F7:61:01:61:81:78:33:A1:56:1D:27:45:1B:B7:26:BE
X509v3 Authority Key Identifier:
keyid:28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/DCSKcvdhAWGBeDOhVh0nRRu3Jr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.243.0/24
46.226.123.0/24
77.246.247.0/24
86.107.198.0/23
91.243.71.0/24
93.115.14.0/24
185.98.4.0/24
185.100.66.0/24
185.113.133.0/24
185.116.192.0/22
185.121.80.0/22
185.125.88.0/22
188.244.115.0/24
194.4.56.0/22
194.146.40.0/22
213.109.146.0/24
IPv6:
2a06:941::/46
Signature Algorithm: sha256WithRSAEncryption
69:4a:af:99:81:c2:72:3a:c8:05:3c:87:4f:23:bd:1f:5e:81:
39:e8:ca:77:d9:12:d9:6e:58:9d:3f:13:92:df:8c:01:5a:6b:
09:1f:22:f6:43:8f:80:2e:67:e1:e0:b4:b2:b2:1a:1d:23:7f:
e2:a5:fb:f3:ec:ad:c1:39:97:7a:78:d4:76:bd:16:c5:67:2a:
1e:70:01:de:fd:d0:4c:11:9f:1c:33:c7:5c:a8:93:5b:66:db:
47:b4:71:be:d2:7d:36:b0:ec:2a:4d:0a:4b:fe:cb:9b:d8:c7:
20:0c:22:48:9b:aa:b4:18:88:b5:b4:1f:40:83:20:a4:c9:f9:
5a:ef:36:67:16:04:0c:3b:dc:d4:bb:d1:1a:6e:b8:2f:72:83:
8c:eb:d1:71:8a:07:57:00:7c:eb:7d:31:45:c7:27:f2:ea:7d:
aa:2e:9b:2a:24:5e:38:f5:23:b1:47:fc:29:67:f4:1a:bb:e4:
41:68:a1:91:59:06:6f:ac:0e:56:c4:87:76:15:a8:91:69:f1:
eb:4a:be:3e:c5:a8:80:6b:c6:24:fc:e1:3b:29:c1:5d:b9:bf:
44:5a:59:5b:29:d8:79:7c:ca:96:7d:43:bf:be:fc:98:88:67:
87:a2:bf:43:aa:2f:8f:fd:e6:53:a1:d4:37:a5:14:9d:6b:96:
61:9d:3e:a1
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAZQkROEUAPEEAbhngWKR5iRzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ODU1ODUyYTRiY2QxYmYxZWM4MTNmM2MxM2IwZjFmMzcy
ZjM5NzEwHhcNMjUwMTAxMjM0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzI0OGE3MmY3NjEwMTYxODE3ODMzYTE1NjFkMjc0NTFiYjcyNmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5yjZhuRzeH+aBg2rKO8yCU0D18r
veY53esoIVOgT0ZDd+touOPjGtxPid3PZe+uysbj8AuuGwr5e1SFiIGNbL7UiTMN
vohjGrSpa1dtETph3wOxxqyczLdMlnoltMuN1SAuOzMmAa6h6GDnLjH/mPY3qDJW
H/I9zE+JZCq2f1Qo4iULHSP/LsotaPTbR1ZV53BhzcBf4g9nK/yzvoq9DO/PR4S9
NYSVQASc6TqAcHYZpfz+HT3UZNRio1BTEUbiDrBgkomRckW1/OHPv8U26pSlIZ8T
cUGNpvWTB7EEU/40/lGV+Y4tjvWweWYKmJ6p7gCBOMNQWqzD3Up3lV5UCwIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFAwkinL3YQFhgXgzoVYdJ0Ubtya+MB8GA1UdIwQY
MBaAFCiFWFKkvNG/HsgT88E7Dx83LzlxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEt
NzA0NDYzZWJhZDM2LzEvRENTS2N2ZGhBV0dCZURPaFZoMG5SUnUzSnI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEtNzA0NDYzZWJhZDM2
LzEvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwZgQCAAEwYAMEACWM8wME
AC7iewMEAE329wMEAVZrxgMEAFvzRwMEAF1zDgMEALliBAMEALlkQgMEALlxhQME
Arl0wAMEArl5UAMEArl9WAMEALz0cwMEAsIEOAMEAsKSKAMEANVtkjAPBAIAAjAJ
AwcCKgYJQQAAMA0GCSqGSIb3DQEBCwUAA4IBAQBpSq+ZgcJyOsgFPIdPI70fXoE5
6Mp32RLZblidPxOS34wBWmsJHyL2Q4+ALmfh4LSyshodI3/ipfvz7K3BOZd6eNR2
vRbFZyoecAHe/dBMEZ8cM8dcqJNbZttHtHG+0n02sOwqTQpL/sub2McgDCJIm6q0
GIi1tB9AgyCkyfla7zZnFgQMO9zUu9EabrgvcoOM69FxigdXAHzrfTFFxyfy6n2q
LpsqJF449SOxR/wpZ/Qau+RBaKGRWQZvrA5WxId2FaiRafHrSr4+xaiAa8Yk/OE7
KcFdub9EWllbKdh5fMqWfUO/vvyYiGeHor9Dqi+P/eZTodQ3pRSda5ZhnT6h
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:16:29 2025 by rpki-client