Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/jI6BNQdThJo2MEdSZOm1_susYMk.roa
File: jI6BNQdThJo2MEdSZOm1_susYMk.roa (raw, json)
Hash identifier: rpQAWWU68zMZ9YE0YNIh6QHC51Xor5PQY1DDvCq8+m8=
Subject key identifier: 8C:8E:81:35:07:53:84:9A:36:30:47:52:64:E9:B5:FE:CB:AC:60:C9
Certificate issuer: /CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Certificate serial: 019425221C7E1A00718E519E718134803A13
Authority key identifier: 8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/jI6BNQdThJo2MEdSZOm1_susYMk.roa
Signing time: Thu 02 Jan 2025 03:49:40 +0000
ROA not before: Thu 02 Jan 2025 03:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 80.81.192.0/21 maxlen: 21
80.81.202.0/24 maxlen: 24
80.81.203.0/24 maxlen: 24
185.0.4.0/24 maxlen: 24
185.0.5.0/24 maxlen: 24
185.0.6.0/24 maxlen: 24
185.0.7.0/24 maxlen: 24
185.0.8.0/24 maxlen: 24
185.0.17.0/24 maxlen: 24
185.0.33.0/24 maxlen: 24
185.0.35.0/24 maxlen: 24
185.1.8.0/24 maxlen: 24
185.1.46.0/24 maxlen: 24
185.1.47.0/24 maxlen: 24
185.1.48.0/24 maxlen: 24
185.1.119.0/24 maxlen: 24
185.1.131.0/24 maxlen: 24
185.1.170.0/23 maxlen: 23
185.1.176.0/24 maxlen: 24
185.1.182.0/24 maxlen: 24
185.1.183.0/24 maxlen: 24
185.1.187.0/24 maxlen: 24
185.1.192.0/23 maxlen: 23
185.1.197.0/24 maxlen: 24
185.1.204.0/24 maxlen: 24
185.1.208.0/23 maxlen: 23
185.1.210.0/23 maxlen: 23
185.1.220.0/24 maxlen: 24
185.1.244.0/24 maxlen: 24
185.1.245.0/24 maxlen: 24
185.1.246.0/24 maxlen: 24
185.1.248.0/24 maxlen: 24
185.1.252.0/24 maxlen: 24
185.1.253.0/24 maxlen: 24
185.176.192.0/24 maxlen: 24
2001:7f8::/48 maxlen: 48
2001:7f8:32::/48 maxlen: 48
2001:7f8:36::/48 maxlen: 48
2001:7f8:3d::/48 maxlen: 48
2001:7f8:3f::/48 maxlen: 48
2001:7f8:44::/48 maxlen: 48
2001:7f8:73::/48 maxlen: 48
2001:7f8:9e::/48 maxlen: 48
2001:7f8:a0::/48 maxlen: 48
2001:7f8:d5::/48 maxlen: 48
2001:7f8:df::/48 maxlen: 48
2001:7f8:106::/48 maxlen: 48
2001:7f8:10a::/48 maxlen: 48
2001:7f8:139::/48 maxlen: 48
2001:7f8:13a::/48 maxlen: 48
2001:7f8:13b::/48 maxlen: 48
2001:7f8:13c::/48 maxlen: 48
2001:7f8:13e::/48 maxlen: 48
2001:7f8:143::/48 maxlen: 48
2001:7f8:14e::/48 maxlen: 48
2a02:c50:4000::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:1c:7e:1a:00:71:8e:51:9e:71:81:34:80:3a:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Validity
Not Before: Jan 2 03:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8c8e81350753849a3630475264e9b5fecbac60c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ff:a8:4e:37:ab:0a:a2:ab:bd:f6:06:eb:15:
cc:de:ab:56:fe:7b:4c:ae:af:fe:da:ba:bd:ec:ef:
80:d4:91:e5:09:6f:a2:af:ad:6c:6b:42:b8:4b:56:
2e:d1:80:90:06:27:40:e4:b1:76:07:71:b4:bc:e4:
a8:46:10:af:c6:a0:6c:51:60:5d:d4:54:fa:64:70:
0c:47:ce:c7:94:82:f7:fc:3f:57:c7:98:fe:ae:64:
87:44:59:6c:91:79:3e:54:f1:a1:3a:ea:68:fc:ca:
c8:14:94:b7:2b:e9:02:36:03:54:34:96:8b:a9:b0:
54:55:46:22:61:6c:71:ea:fa:e6:e8:80:ec:0e:4c:
d4:a5:b8:5c:01:e4:28:dd:25:d5:52:5c:c0:42:57:
33:91:1c:d2:28:09:f4:67:b8:02:39:c8:27:7f:b5:
ae:12:b5:19:52:a3:aa:d1:ea:48:93:4f:d4:c0:4c:
97:cb:dc:7c:50:ab:c3:7a:89:32:85:9d:fd:c5:2f:
83:c7:0e:7a:06:10:88:61:84:9e:a0:b2:aa:7c:7c:
a6:d9:53:d9:12:9a:78:25:e4:24:fd:22:13:29:01:
9b:90:3e:26:15:cd:4c:4b:47:9d:84:95:08:46:58:
bc:b4:87:7d:1b:45:55:9c:d7:3c:00:63:d4:27:05:
09:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:8E:81:35:07:53:84:9A:36:30:47:52:64:E9:B5:FE:CB:AC:60:C9
X509v3 Authority Key Identifier:
keyid:8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/jI6BNQdThJo2MEdSZOm1_susYMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/i2n8YSi-WRQBrPgrwkYa9jbr6OY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.81.192.0/21
80.81.202.0/23
185.0.4.0-185.0.8.255
185.0.17.0/24
185.0.33.0/24
185.0.35.0/24
185.1.8.0/24
185.1.46.0-185.1.48.255
185.1.119.0/24
185.1.131.0/24
185.1.170.0/23
185.1.176.0/24
185.1.182.0/23
185.1.187.0/24
185.1.192.0/23
185.1.197.0/24
185.1.204.0/24
185.1.208.0/22
185.1.220.0/24
185.1.244.0-185.1.246.255
185.1.248.0/24
185.1.252.0/23
185.176.192.0/24
IPv6:
2001:7f8::/48
2001:7f8:32::/48
2001:7f8:36::/48
2001:7f8:3d::/48
2001:7f8:3f::/48
2001:7f8:44::/48
2001:7f8:73::/48
2001:7f8:9e::/48
2001:7f8:a0::/48
2001:7f8:d5::/48
2001:7f8:df::/48
2001:7f8:106::/48
2001:7f8:10a::/48
2001:7f8:139::-2001:7f8:13c:ffff:ffff:ffff:ffff:ffff
2001:7f8:13e::/48
2001:7f8:143::/48
2001:7f8:14e::/48
2a02:c50:4000::/44
Signature Algorithm: sha256WithRSAEncryption
53:db:40:7f:46:0d:d3:3b:f1:0f:72:05:4e:79:3c:09:13:2f:
8a:bd:9b:98:ce:04:f1:62:34:5a:fb:ce:1d:e9:03:3b:41:7e:
1a:34:a6:fa:27:19:0e:b6:5a:5c:46:fc:02:86:9f:e0:75:32:
e7:98:80:e1:db:f7:d9:8e:fb:db:7c:0b:3e:7a:8f:de:e6:6a:
c9:7b:1a:aa:d4:24:e3:53:78:21:17:7e:81:10:17:8a:0a:7f:
63:c0:80:cf:2d:ff:78:0b:a0:0d:8d:09:a6:ae:7e:61:0f:57:
88:4a:8d:41:ad:62:3a:e7:c6:df:0f:97:89:c6:0b:ad:d9:de:
68:12:e2:04:56:e8:9f:34:5e:69:4b:87:6c:f5:3d:95:b2:5d:
f8:55:29:1f:6e:92:f3:05:56:12:f9:2b:c1:23:e8:9f:58:25:
9b:05:dd:7e:26:50:f9:21:16:06:97:0d:31:d6:1a:c0:59:77:
c2:d4:40:7d:db:6a:8b:84:87:f2:7e:9b:08:6e:52:0c:a8:98:
e8:94:58:9a:6f:50:e4:8b:d3:a5:fa:fe:c0:29:65:04:75:61:
11:6c:ba:2f:0c:06:22:a5:1b:e8:80:18:0d:7f:99:a9:e5:e2:
fe:cd:a6:7a:b3:b4:a5:40:28:a4:a7:08:ef:1d:91:c4:9e:a7:
d6:b2:1a:a9
-----BEGIN CERTIFICATE-----
MIIGWDCCBUCgAwIBAgISAZQlIhx+GgBxjlGecYE0gDoTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNjlmYzYxMjhiZTU5MTQwMWFjZjgyYmMyNDYxYWY2MzZl
YmU4ZTYwHhcNMjUwMTAyMDM0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzhlODEzNTA3NTM4NDlhMzYzMDQ3NTI2NGU5YjVmZWNiYWM2MGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtv+oTjerCqKrvfYG6xXM3qtW/ntM
rq/+2rq97O+A1JHlCW+ir61sa0K4S1Yu0YCQBidA5LF2B3G0vOSoRhCvxqBsUWBd
1FT6ZHAMR87HlIL3/D9Xx5j+rmSHRFlskXk+VPGhOupo/MrIFJS3K+kCNgNUNJaL
qbBUVUYiYWxx6vrm6IDsDkzUpbhcAeQo3SXVUlzAQlczkRzSKAn0Z7gCOcgnf7Wu
ErUZUqOq0epIk0/UwEyXy9x8UKvDeokyhZ39xS+Dxw56BhCIYYSeoLKqfHym2VPZ
Epp4JeQk/SITKQGbkD4mFc1MS0edhJUIRli8tId9G0VVnNc8AGPUJwUJrwIDAQAB
o4IDZDCCA2AwHQYDVR0OBBYEFIyOgTUHU4SaNjBHUmTptf7LrGDJMB8GA1UdIwQY
MBaAFItp/GEovlkUAaz4K8JGGvY26+jmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUt
MjY1ZjJiZDBmOGYzLzEvakk2Qk5RZFRoSm8yTUVkU1pPbTFfc3VzWU1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUtMjY1ZjJiZDBmOGYz
LzEvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBeAYIKwYBBQUHAQcBAf8EggFnMIIBYzCBqQQCAAEwgaID
BANQUcADBAFQUcowDAMEArkABAMEALkACAMEALkAEQMEALkAIQMEALkAIwMEALkB
CDAMAwQBuQEuAwQAuQEwAwQAuQF3AwQAuQGDAwQBuQGqAwQAuQGwAwQBuQG2AwQA
uQG7AwQBuQHAAwQAuQHFAwQAuQHMAwQCuQHQAwQAuQHcMAwDBAK5AfQDBAC5AfYD
BAC5AfgDBAG5AfwDBAC5sMAwgbQEAgACMIGtAwcAIAEH+AAAAwcAIAEH+AAyAwcA
IAEH+AA2AwcAIAEH+AA9AwcAIAEH+AA/AwcAIAEH+ABEAwcAIAEH+ABzAwcAIAEH
+ACeAwcAIAEH+ACgAwcAIAEH+ADVAwcAIAEH+ADfAwcAIAEH+AEGAwcAIAEH+AEK
MBIDBwAgAQf4ATkDBwAgAQf4ATwDBwAgAQf4AT4DBwAgAQf4AUMDBwAgAQf4AU4D
BwQqAgxQQAAwDQYJKoZIhvcNAQELBQADggEBAFPbQH9GDdM78Q9yBU55PAkTL4q9
m5jOBPFiNFr7zh3pAztBfho0pvonGQ62WlxG/AKGn+B1MueYgOHb99mO+9t8Cz56
j97masl7GqrUJONTeCEXfoEQF4oKf2PAgM8t/3gLoA2NCaaufmEPV4hKjUGtYjrn
xt8Pl4nGC63Z3mgS4gRW6J80XmlLh2z1PZWyXfhVKR9ukvMFVhL5K8Ej6J9YJZsF
3X4mUPkhFgaXDTHWGsBZd8LUQH3baouEh/J+mwhuUgyomOiUWJpvUOSL06X6/sAp
ZQR1YRFsui8MBiKlG+iAGA1/manl4v7NpnqztKVAKKSnCO8dkcSep9ayGqk=
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:20:32 2025 by rpki-client