Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/zP8qZCQuiGnyynXqFEworI-l4Kk.roa
File: zP8qZCQuiGnyynXqFEworI-l4Kk.roa (raw, json)
Hash identifier: 8v3+9BYp2qaRN+mDEqf3MiLHJ2vk/UAqK532lYFyFAk=
Subject key identifier: CC:FF:2A:64:24:2E:88:69:F2:CA:75:EA:14:4C:28:AC:8F:A5:E0:A9
Certificate issuer: /CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Certificate serial: 019569ACFE3CF49A9D4E3EF1AF44F1291580
Authority key identifier: 28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/zP8qZCQuiGnyynXqFEworI-l4Kk.roa
Signing time: Thu 06 Mar 2025 04:18:19 +0000
ROA not before: Thu 06 Mar 2025 04:18:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202958
IP address blocks: 37.140.243.0/24 maxlen: 24
46.226.123.0/24 maxlen: 24
77.246.247.0/24 maxlen: 24
86.107.198.0/24 maxlen: 24
86.107.199.0/24 maxlen: 24
91.243.71.0/24 maxlen: 24
93.115.14.0/24 maxlen: 24
185.98.4.0/24 maxlen: 24
185.100.66.0/24 maxlen: 24
185.113.133.0/24 maxlen: 24
185.116.192.0/24 maxlen: 24
185.116.193.0/24 maxlen: 24
185.116.194.0/24 maxlen: 24
185.116.195.0/24 maxlen: 24
185.121.80.0/24 maxlen: 24
185.121.81.0/24 maxlen: 24
185.121.82.0/24 maxlen: 24
185.121.83.0/24 maxlen: 24
185.125.88.0/24 maxlen: 24
185.125.89.0/24 maxlen: 24
185.125.90.0/24 maxlen: 24
185.125.91.0/24 maxlen: 24
185.249.194.0/24 maxlen: 24
185.249.195.0/24 maxlen: 24
188.244.115.0/24 maxlen: 24
194.4.56.0/24 maxlen: 24
194.4.57.0/24 maxlen: 24
194.4.58.0/24 maxlen: 24
194.4.59.0/24 maxlen: 24
194.146.40.0/24 maxlen: 24
194.146.41.0/24 maxlen: 24
194.146.42.0/24 maxlen: 24
194.146.43.0/24 maxlen: 24
213.109.146.0/24 maxlen: 24
2a06:941::/48 maxlen: 48
2a06:941:1::/48 maxlen: 48
2a06:941:2::/48 maxlen: 48
2a06:941:3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:69:ac:fe:3c:f4:9a:9d:4e:3e:f1:af:44:f1:29:15:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Validity
Not Before: Mar 6 04:18:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ccff2a64242e8869f2ca75ea144c28ac8fa5e0a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:6f:33:6f:ad:ce:bf:be:78:de:3e:67:f4:31:
c7:cf:6a:33:ff:b0:3f:e5:10:75:89:d8:9e:f4:e8:
f9:2d:81:fc:96:a3:d6:2d:16:c8:25:0c:56:8a:20:
53:85:3c:17:77:6e:e2:fa:23:78:c2:f9:7b:7c:c0:
1e:f9:86:84:3e:ea:f7:7d:66:5b:d9:f8:7f:2f:1a:
2c:54:01:7b:da:f0:7d:9a:2b:c0:9a:a5:00:7f:c4:
80:f5:98:6c:10:8e:d7:94:fc:c5:82:bf:e4:e6:8a:
c2:f9:59:67:3e:98:d6:6c:c9:bf:30:e5:0b:26:4f:
fe:f1:7c:b7:a2:b9:63:57:4f:d0:95:68:aa:91:13:
1a:c7:97:82:98:41:e5:22:ee:26:6c:25:dc:10:4e:
46:47:13:8f:dc:8f:d2:64:c0:ac:0f:1c:c3:ec:77:
da:3c:14:3b:af:ba:0b:79:c8:3b:e2:57:f5:09:6c:
b5:6e:4a:88:f1:b2:b9:ef:3f:dd:5c:09:34:7a:3f:
17:ff:f8:3a:27:c3:c8:37:89:b3:b6:aa:2a:07:a5:
5c:d3:fd:03:0e:07:43:21:40:dd:ad:ba:62:cf:b6:
f5:81:72:b3:90:36:36:3b:78:e9:0c:8f:b8:09:e1:
5d:50:a9:9e:fa:f3:1b:20:22:51:e0:a0:cb:cd:65:
6e:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:FF:2A:64:24:2E:88:69:F2:CA:75:EA:14:4C:28:AC:8F:A5:E0:A9
X509v3 Authority Key Identifier:
keyid:28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/zP8qZCQuiGnyynXqFEworI-l4Kk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.243.0/24
46.226.123.0/24
77.246.247.0/24
86.107.198.0/23
91.243.71.0/24
93.115.14.0/24
185.98.4.0/24
185.100.66.0/24
185.113.133.0/24
185.116.192.0/22
185.121.80.0/22
185.125.88.0/22
185.249.194.0/23
188.244.115.0/24
194.4.56.0/22
194.146.40.0/22
213.109.146.0/24
IPv6:
2a06:941::/46
Signature Algorithm: sha256WithRSAEncryption
11:79:27:0b:04:3b:4e:78:90:9b:82:7c:db:3b:b7:42:e8:57:
5f:9d:83:d4:07:13:e7:86:32:aa:e2:4a:df:64:09:30:51:06:
d1:36:c4:67:7e:ff:44:5e:e0:34:fd:f9:b3:48:f6:4f:09:9a:
b4:8a:4d:cd:7e:8a:00:57:fb:e6:95:a9:49:55:98:86:d0:2c:
38:52:b8:9b:17:37:c4:ba:30:e5:ed:ae:46:57:14:7e:31:c6:
d8:18:c3:1b:7b:64:90:a9:d7:4f:d7:21:ba:0e:65:e5:3e:71:
47:0f:50:ef:65:88:98:94:52:95:ff:17:7c:53:fc:b7:d6:58:
98:1f:3a:b6:93:c2:63:b5:cc:9c:29:4a:28:56:0e:73:90:74:
51:93:c5:56:7c:18:e6:b2:a4:35:1b:07:7d:d3:3f:21:36:65:
3a:e8:34:18:7b:d2:b4:9a:5b:c2:3b:8c:fb:9a:ce:52:ff:e4:
45:18:95:3c:6c:59:7d:cd:07:01:d6:cf:20:d4:f2:ab:b0:7d:
67:cc:7c:25:55:0b:df:91:bf:2d:6a:52:34:d6:5b:11:a1:f3:
42:e1:16:b7:e4:c8:fe:43:c4:1a:fe:f7:35:d6:eb:2e:ca:3c:
00:87:fa:77:8a:21:88:e7:84:11:ca:f1:60:f5:97:07:8b:3b:
1e:1c:de:44
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgISAZVprP489JqdTj7xr0TxKRWAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ODU1ODUyYTRiY2QxYmYxZWM4MTNmM2MxM2IwZjFmMzcy
ZjM5NzEwHhcNMjUwMzA2MDQxODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2ZmMmE2NDI0MmU4ODY5ZjJjYTc1ZWExNDRjMjhhYzhmYTVlMGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6W8zb63Ov7543j5n9DHHz2oz/7A/
5RB1idie9Oj5LYH8lqPWLRbIJQxWiiBThTwXd27i+iN4wvl7fMAe+YaEPur3fWZb
2fh/LxosVAF72vB9mivAmqUAf8SA9ZhsEI7XlPzFgr/k5orC+VlnPpjWbMm/MOUL
Jk/+8Xy3orljV0/QlWiqkRMax5eCmEHlIu4mbCXcEE5GRxOP3I/SZMCsDxzD7Hfa
PBQ7r7oLecg74lf1CWy1bkqI8bK57z/dXAk0ej8X//g6J8PIN4mztqoqB6Vc0/0D
DgdDIUDdrbpiz7b1gXKzkDY2O3jpDI+4CeFdUKme+vMbICJR4KDLzWVuqwIDAQAB
o4ICfDCCAngwHQYDVR0OBBYEFMz/KmQkLohp8sp16hRMKKyPpeCpMB8GA1UdIwQY
MBaAFCiFWFKkvNG/HsgT88E7Dx83LzlxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEt
NzA0NDYzZWJhZDM2LzEvelA4cVpDUXVpR255eW5YcUZFd29ySS1sNEtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEtNzA0NDYzZWJhZDM2
LzEvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGRBggrBgEFBQcBBwEB/wSBgTB/MGwEAgABMGYDBAAljPMD
BAAu4nsDBABN9vcDBAFWa8YDBABb80cDBABdcw4DBAC5YgQDBAC5ZEIDBAC5cYUD
BAK5dMADBAK5eVADBAK5fVgDBAG5+cIDBAC89HMDBALCBDgDBALCkigDBADVbZIw
DwQCAAIwCQMHAioGCUEAADANBgkqhkiG9w0BAQsFAAOCAQEAEXknCwQ7TniQm4J8
2zu3QuhXX52D1AcT54YyquJK32QJMFEG0TbEZ37/RF7gNP35s0j2TwmatIpNzX6K
AFf75pWpSVWYhtAsOFK4mxc3xLow5e2uRlcUfjHG2BjDG3tkkKnXT9chug5l5T5x
Rw9Q72WImJRSlf8XfFP8t9ZYmB86tpPCY7XMnClKKFYOc5B0UZPFVnwY5rKkNRsH
fdM/ITZlOug0GHvStJpbwjuM+5rOUv/kRRiVPGxZfc0HAdbPINTyq7B9Z8x8JVUL
35G/LWpSNNZbEaHzQuEWt+TI/kPEGv73NdbrLso8AIf6d4ohiOeEEcrxYPWXB4s7
HhzeRA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:21:31 2025 by rpki-client