Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/ghdkEXOYieGGhOcxGRo9LY6w5LY.roa
File: ghdkEXOYieGGhOcxGRo9LY6w5LY.roa (raw, json)
Hash identifier: 4cdu+XE7YUzkOZIE2VvcRY1Ie1MDvn7w+dAFcHrze/w=
Subject key identifier: 82:17:64:11:73:98:89:E1:86:84:E7:31:19:1A:3D:2D:8E:B0:E4:B6
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 019427479DB312A3EC923008FE0D26FA76B0
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/ghdkEXOYieGGhOcxGRo9LY6w5LY.roa
Signing time: Thu 02 Jan 2025 13:49:52 +0000
ROA not before: Thu 02 Jan 2025 13:49:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49666
IP address blocks: 2.176.0.0/17 maxlen: 17
2.176.128.0/17 maxlen: 17
2.177.0.0/16 maxlen: 16
2.182.0.0/16 maxlen: 24
2.185.0.0/16 maxlen: 16
2.188.0.0/16 maxlen: 24
2.188.0.0/24 maxlen: 24
2.188.1.0/24 maxlen: 24
2.188.7.0/24 maxlen: 24
2.188.9.0/24 maxlen: 24
2.188.12.0/22 maxlen: 22
2.188.17.0/24 maxlen: 24
2.188.22.0/24 maxlen: 24
2.188.23.0/24 maxlen: 24
2.188.28.0/24 maxlen: 24
2.188.30.0/24 maxlen: 24
2.188.64.0/21 maxlen: 21
2.188.76.0/24 maxlen: 24
2.188.179.0/24 maxlen: 24
2.188.181.0/24 maxlen: 24
2.188.184.0/24 maxlen: 24
2.188.185.0/24 maxlen: 24
2.188.186.0/24 maxlen: 24
2.188.187.0/24 maxlen: 24
2.189.0.0/16 maxlen: 24
2.189.1.0/24 maxlen: 24
2.189.3.0/24 maxlen: 24
2.189.42.0/24 maxlen: 24
2.189.44.0/24 maxlen: 24
2.189.59.0/24 maxlen: 24
2.189.63.0/24 maxlen: 24
2.189.72.0/24 maxlen: 24
2.189.186.0/24 maxlen: 24
78.38.0.0/16 maxlen: 24
78.38.243.0/24 maxlen: 24
78.38.245.0/24 maxlen: 24
78.38.246.0/24 maxlen: 24
78.38.248.0/24 maxlen: 24
78.38.250.0/24 maxlen: 24
78.38.251.0/24 maxlen: 24
78.38.253.0/24 maxlen: 24
78.38.254.0/24 maxlen: 24
78.39.0.0/16 maxlen: 24
78.39.40.0/24 maxlen: 24
78.39.43.0/24 maxlen: 24
78.39.46.0/24 maxlen: 24
78.39.47.0/24 maxlen: 24
78.39.48.0/24 maxlen: 24
78.39.49.0/24 maxlen: 24
78.39.50.0/24 maxlen: 24
78.39.51.0/24 maxlen: 24
78.39.53.0/24 maxlen: 24
78.39.54.0/24 maxlen: 24
78.39.55.0/24 maxlen: 24
78.39.56.0/24 maxlen: 24
78.39.57.0/24 maxlen: 24
78.39.58.0/24 maxlen: 24
78.39.59.0/24 maxlen: 24
78.39.62.0/23 maxlen: 24
78.39.153.0/24 maxlen: 25
78.39.155.0/24 maxlen: 24
78.39.156.0/24 maxlen: 24
80.191.0.0/16 maxlen: 24
85.185.0.0/16 maxlen: 24
195.146.63.0/24 maxlen: 24
217.218.0.0/16 maxlen: 24
217.218.67.0/24 maxlen: 24
217.219.0.0/16 maxlen: 24
2001:4188:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:9d:b3:12:a3:ec:92:30:08:fe:0d:26:fa:76:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Jan 2 13:49:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=82176411739889e18684e731191a3d2d8eb0e4b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:4c:0f:a5:6a:bf:e4:d7:4a:a3:4a:18:51:09:
1e:20:75:52:2e:7f:6e:31:10:e2:e5:0a:62:1d:ca:
06:63:40:e7:dc:ab:3f:69:be:5f:f0:ff:34:42:98:
10:97:23:20:c5:f8:cb:70:46:30:bd:03:98:94:0d:
56:39:11:ef:f2:d8:32:20:00:89:c7:5a:3a:17:02:
01:41:02:d7:46:11:fe:db:9b:60:b1:3f:3e:03:41:
b2:c8:9e:ee:ab:56:3a:74:91:91:ca:d4:54:40:d7:
0c:5e:7b:a0:d6:ab:cc:f4:14:df:d4:de:1d:71:67:
bc:86:76:00:49:95:32:3d:b0:a0:eb:4d:4a:8d:f0:
fb:f7:fb:e0:d4:07:72:9c:de:db:4d:27:5b:cb:89:
b0:10:8b:8d:7e:45:cd:4b:e8:05:2b:73:95:91:86:
a6:80:22:84:ae:c0:f0:2f:b3:9f:b8:e8:15:ef:e8:
4a:75:7e:3e:e8:f0:d7:68:c6:e6:38:6f:05:01:a9:
05:28:2e:3a:1e:db:a5:9e:8d:df:87:9a:d7:97:94:
4b:26:40:08:e2:05:61:11:29:b3:a1:51:d7:d3:9b:
f9:1d:40:ea:ad:7d:f8:3b:14:57:61:2a:4b:39:7e:
8d:cd:72:50:c0:27:9d:30:16:22:35:8e:f7:bb:6a:
b0:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:17:64:11:73:98:89:E1:86:84:E7:31:19:1A:3D:2D:8E:B0:E4:B6
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/ghdkEXOYieGGhOcxGRo9LY6w5LY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.176.0.0/15
2.182.0.0/16
2.185.0.0/16
2.188.0.0/15
78.38.0.0/15
80.191.0.0/16
85.185.0.0/16
195.146.63.0/24
217.218.0.0/15
IPv6:
2001:4188:2::/48
Signature Algorithm: sha256WithRSAEncryption
94:c1:30:07:4f:d1:20:65:19:8c:48:e3:06:dc:fc:b7:b0:62:
14:f1:a9:0b:0d:e2:28:35:4a:49:92:2e:26:9d:ef:2e:b5:c9:
4f:3f:ef:18:a6:d1:ca:5b:af:7a:ab:af:9b:f5:b6:12:c6:a9:
ed:5d:17:79:47:30:2a:e5:fb:d6:3e:c9:fd:6e:65:a5:9a:9b:
d2:66:7b:25:01:8c:00:62:f7:6a:33:d3:71:95:fd:0b:56:fd:
07:d6:52:2c:3e:c7:9d:c5:bb:da:53:d1:10:e5:d8:69:a7:2d:
29:22:4f:07:1e:17:e7:07:9e:dc:3f:51:bb:91:d8:d3:ed:fb:
52:6c:f6:9d:74:04:79:fe:e5:07:03:bf:ac:32:e3:3f:41:b9:
43:95:73:41:74:53:70:37:d9:ba:39:1e:f6:68:86:f8:34:ae:
41:6f:68:41:40:bf:94:75:ff:33:0c:20:53:52:77:df:91:1b:
50:57:98:49:b4:4e:2d:3c:c2:98:5d:2c:3e:33:80:ed:98:f5:
f1:dd:c1:e9:38:3d:52:d4:a8:9b:2c:77:3c:6d:8a:c0:6d:70:
14:19:f6:e3:c4:0d:92:55:96:2b:02:37:49:8c:47:90:88:f3:
04:3f:b8:21:12:41:bc:b8:39:04:dd:5b:44:cb:9d:b1:eb:6c:
f1:f3:27:d7
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZQnR52zEqPskjAI/g0m+nawMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjUwMTAyMTM0OTUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjE3NjQxMTczOTg4OWUxODY4NGU3MzExOTFhM2QyZDhlYjBlNGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EwPpWq/5NdKo0oYUQkeIHVSLn9u
MRDi5QpiHcoGY0Dn3Ks/ab5f8P80QpgQlyMgxfjLcEYwvQOYlA1WORHv8tgyIACJ
x1o6FwIBQQLXRhH+25tgsT8+A0GyyJ7uq1Y6dJGRytRUQNcMXnug1qvM9BTf1N4d
cWe8hnYASZUyPbCg601KjfD79/vg1AdynN7bTSdby4mwEIuNfkXNS+gFK3OVkYam
gCKErsDwL7OfuOgV7+hKdX4+6PDXaMbmOG8FAakFKC46Htulno3fh5rXl5RLJkAI
4gVhESmzoVHX05v5HUDqrX34OxRXYSpLOX6NzXJQwCedMBYiNY73u2qwxQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFIIXZBFzmInhhoTnMRkaPS2OsOS2MB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvZ2hka0VYT1lpZUdHaE9jeEdSbzlMWTZ3NUxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA0BAIAATAuAwMBArADAwAC
tgMDAAK5AwMBArwDAwFOJgMDAFC/AwMAVbkDBADDkj8DAwHZ2jAPBAIAAjAJAwcA
IAFBiAACMA0GCSqGSIb3DQEBCwUAA4IBAQCUwTAHT9EgZRmMSOMG3Py3sGIU8akL
DeIoNUpJki4mne8utclPP+8YptHKW696q6+b9bYSxqntXRd5RzAq5fvWPsn9bmWl
mpvSZnslAYwAYvdqM9Nxlf0LVv0H1lIsPsedxbvaU9EQ5dhppy0pIk8HHhfnB57c
P1G7kdjT7ftSbPaddAR5/uUHA7+sMuM/QblDlXNBdFNwN9m6OR72aIb4NK5Bb2hB
QL+Udf8zDCBTUnffkRtQV5hJtE4tPMKYXSw+M4DtmPXx3cHpOD1S1KibLHc8bYrA
bXAUGfbjxA2SVZYrAjdJjEeQiPMEP7ghEkG8uDkE3VtEy52x62zx8yfX
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:27:28 2025 by rpki-client