Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/K9IKE8UzWzIlRqgdm5DBscj4DXI.roa
File: K9IKE8UzWzIlRqgdm5DBscj4DXI.roa (raw, json)
Hash identifier: TmNOvsKyJxclTHoJrrP+Wz2lJl3QKp06vZRtwf2Wkwo=
Subject key identifier: 2B:D2:0A:13:C5:33:5B:32:25:46:A8:1D:9B:90:C1:B1:C8:F8:0D:72
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 0195C8225CCE2289A575E8CF00B47B04F8CB
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/K9IKE8UzWzIlRqgdm5DBscj4DXI.roa
Signing time: Mon 24 Mar 2025 12:30:49 +0000
ROA not before: Mon 24 Mar 2025 12:30:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209372
IP address blocks: 158.46.128.0/18 maxlen: 24
158.46.148.0/24 maxlen: 24
158.46.149.0/24 maxlen: 24
158.46.160.0/23 maxlen: 23
158.46.162.0/23 maxlen: 23
158.46.162.0/24 maxlen: 24
158.46.176.0/24 maxlen: 24
158.46.177.0/24 maxlen: 24
158.46.181.0/24 maxlen: 24
158.46.188.0/22 maxlen: 24
158.46.192.0/19 maxlen: 24
158.46.192.0/22 maxlen: 22
158.46.196.0/22 maxlen: 24
158.46.200.0/21 maxlen: 24
158.46.205.0/24 maxlen: 24
158.46.207.0/24 maxlen: 24
158.46.250.0/23 maxlen: 24
158.46.250.0/24 maxlen: 24
158.46.251.0/24 maxlen: 24
178.171.0.0/17 maxlen: 24
178.171.0.0/20 maxlen: 24
178.171.20.0/22 maxlen: 24
178.171.32.0/22 maxlen: 22
178.171.36.0/24 maxlen: 24
178.171.37.0/24 maxlen: 24
178.171.48.0/23 maxlen: 24
178.171.50.0/23 maxlen: 24
178.171.60.0/23 maxlen: 24
178.171.62.0/23 maxlen: 24
178.171.69.0/24 maxlen: 24
178.171.70.0/24 maxlen: 24
178.171.84.0/22 maxlen: 24
178.171.86.0/24 maxlen: 24
178.171.88.0/23 maxlen: 23
178.171.94.0/24 maxlen: 24
178.171.100.0/24 maxlen: 24
178.171.101.0/24 maxlen: 24
178.171.102.0/24 maxlen: 24
178.171.104.0/24 maxlen: 24
178.171.106.0/23 maxlen: 23
178.171.110.0/23 maxlen: 24
178.171.119.0/24 maxlen: 24
178.171.123.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c8:22:5c:ce:22:89:a5:75:e8:cf:00:b4:7b:04:f8:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Mar 24 12:30:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2bd20a13c5335b322546a81d9b90c1b1c8f80d72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:02:39:00:0d:54:8f:c6:85:da:fa:2b:8e:dc:
5b:a0:be:fb:02:9f:d0:92:da:65:50:c5:34:e6:64:
d5:d0:43:5f:96:2a:c9:a9:4c:01:5e:0e:b0:c7:d9:
b4:dd:39:fa:2f:89:fa:9e:bd:80:fd:d7:c2:fe:5c:
7e:61:44:68:c1:77:00:1e:eb:dd:aa:94:80:8c:4a:
a0:3f:86:8b:63:23:76:e5:bd:6e:29:2a:d4:3f:37:
47:38:55:69:58:ef:37:b3:c7:d4:7b:9d:5c:5d:46:
25:ae:f0:35:ec:55:87:e5:64:ca:39:ee:9e:76:80:
6f:c8:50:3f:f0:7d:18:72:cc:57:9d:d2:63:c7:0f:
cf:6f:12:db:ac:30:d7:46:73:72:59:9c:a1:0c:a5:
70:9c:96:0b:fe:ff:c0:95:ff:fc:5b:12:2f:b5:a9:
61:bb:6c:19:db:6a:0f:81:db:fe:0d:73:57:37:d1:
24:0b:1a:1a:05:86:8f:1e:d9:3d:b0:b4:fc:71:fe:
ab:24:01:64:43:b2:87:af:de:32:5a:80:89:2d:e4:
fa:46:3d:1d:60:68:f9:96:a4:25:86:fe:8d:6f:a6:
76:c4:cd:8f:b5:32:21:2f:89:fb:d1:d2:85:82:95:
97:ec:dc:41:4c:fa:32:65:97:74:a3:83:12:5d:ce:
34:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:D2:0A:13:C5:33:5B:32:25:46:A8:1D:9B:90:C1:B1:C8:F8:0D:72
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/K9IKE8UzWzIlRqgdm5DBscj4DXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.128.0-158.46.223.255
158.46.250.0/23
178.171.0.0/17
Signature Algorithm: sha256WithRSAEncryption
4c:1d:7f:50:2d:84:10:61:0f:89:79:ed:50:0d:79:48:a6:22:
a8:b6:c2:59:bd:7d:1c:b5:96:87:f9:eb:cf:97:d5:fa:87:52:
19:5a:38:c9:8c:da:21:e7:b2:eb:9e:d3:52:5b:63:79:86:07:
39:b6:32:93:4f:50:31:8f:e0:1b:46:de:2c:89:75:1d:26:23:
73:ff:b2:2b:2c:ac:b8:7d:b6:f1:9a:a1:88:14:d6:fa:1f:3e:
80:a1:c1:6f:f5:01:73:df:ba:1e:c4:a6:f1:79:17:d3:a1:12:
d5:10:ea:b1:7b:d2:66:03:10:d3:8d:f3:56:89:6e:af:ca:0c:
7a:12:39:c2:5f:f9:e7:a8:d3:8b:d1:9a:fb:f9:91:0c:52:1c:
f4:64:52:3e:c7:93:d1:61:61:6e:f4:ff:16:eb:18:14:c8:07:
35:fd:42:e7:c2:2b:ad:8d:38:c2:89:e5:42:3a:d2:e6:73:7d:
06:e5:6e:3a:39:72:ef:28:54:e4:ec:7c:e8:1d:f4:ed:bd:7c:
ac:42:7a:3f:2a:2e:de:b9:8a:4e:d2:7c:d3:2d:31:fb:19:94:
7e:9e:1b:54:fa:db:b8:31:9d:24:75:3e:94:09:15:06:5a:5f:
93:74:c5:3d:5f:f5:4c:ba:37:5b:cc:0b:f4:c7:51:c7:5d:7b:
5f:9c:4e:7f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZXIIlzOIomldejPALR7BPjLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjUwMzI0MTIzMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmQyMGExM2M1MzM1YjMyMjU0NmE4MWQ5YjkwYzFiMWM4ZjgwZDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogI5AA1Uj8aF2vorjtxboL77Ap/Q
ktplUMU05mTV0ENflirJqUwBXg6wx9m03Tn6L4n6nr2A/dfC/lx+YURowXcAHuvd
qpSAjEqgP4aLYyN25b1uKSrUPzdHOFVpWO83s8fUe51cXUYlrvA17FWH5WTKOe6e
doBvyFA/8H0YcsxXndJjxw/PbxLbrDDXRnNyWZyhDKVwnJYL/v/Alf/8WxIvtalh
u2wZ22oPgdv+DXNXN9EkCxoaBYaPHtk9sLT8cf6rJAFkQ7KHr94yWoCJLeT6Rj0d
YGj5lqQlhv6Nb6Z2xM2PtTIhL4n70dKFgpWX7NxBTPoyZZd0o4MSXc402QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCvSChPFM1syJUaoHZuQwbHI+A1yMB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvSzlJS0U4VXpXeklsUnFnZG01REJzY2o0RFhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAeeLoAD
BAWeLsADBAGeLvoDBAeyqwAwDQYJKoZIhvcNAQELBQADggEBAEwdf1AthBBhD4l5
7VANeUimIqi2wlm9fRy1lof568+X1fqHUhlaOMmM2iHnsuue01JbY3mGBzm2MpNP
UDGP4BtG3iyJdR0mI3P/sissrLh9tvGaoYgU1vofPoChwW/1AXPfuh7EpvF5F9Oh
EtUQ6rF70mYDENON81aJbq/KDHoSOcJf+eeo04vRmvv5kQxSHPRkUj7Hk9FhYW70
/xbrGBTIBzX9QufCK62NOMKJ5UI60uZzfQblbjo5cu8oVOTsfOgd9O29fKxCej8q
Lt65ik7SfNMtMfsZlH6eG1T627gxnSR1PpQJFQZaX5N0xT1f9Uy6N1vMC/THUcdd
e1+cTn8=
-----END CERTIFICATE-----
Generated at Wed Apr 9 11:46:22 2025 by rpki-client