Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/oRT-je3o4jJflvRxEeTrSr6m72Y.roa
File: oRT-je3o4jJflvRxEeTrSr6m72Y.roa (raw, json)
Hash identifier: WQLunD+wwIWYEMzGH1wNZNUZzuudtEmUhq5neJTro0s=
Subject key identifier: A1:14:FE:8D:ED:E8:E2:32:5F:96:F4:71:11:E4:EB:4A:BE:A6:EF:66
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 0195619F3AD139906BB0A46D7E5FABA41C5A
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/oRT-je3o4jJflvRxEeTrSr6m72Y.roa
Signing time: Tue 04 Mar 2025 14:46:19 +0000
ROA not before: Tue 04 Mar 2025 14:46:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29262
IP address blocks: 91.106.216.0/24 maxlen: 24
91.106.217.0/24 maxlen: 24
91.106.218.0/24 maxlen: 24
91.106.219.0/24 maxlen: 24
185.85.189.0/24 maxlen: 24
185.85.190.0/24 maxlen: 24
185.85.191.0/24 maxlen: 24
185.85.237.0/24 maxlen: 24
185.85.238.0/24 maxlen: 24
185.85.239.0/24 maxlen: 24
185.86.5.0/24 maxlen: 24
185.86.13.0/24 maxlen: 24
185.86.153.0/24 maxlen: 24
185.86.154.0/24 maxlen: 24
185.86.164.0/24 maxlen: 24
185.86.165.0/24 maxlen: 24
185.86.166.0/24 maxlen: 24
185.86.167.0/24 maxlen: 24
185.87.24.0/24 maxlen: 24
185.87.26.0/24 maxlen: 24
185.87.27.0/24 maxlen: 24
185.87.121.0/24 maxlen: 24
185.87.122.0/24 maxlen: 24
185.87.123.0/24 maxlen: 24
185.98.60.0/24 maxlen: 24
185.119.80.0/24 maxlen: 24
185.119.81.0/24 maxlen: 24
185.119.82.0/24 maxlen: 24
185.119.83.0/24 maxlen: 24
185.141.32.0/24 maxlen: 24
185.185.235.0/24 maxlen: 24
193.35.204.0/24 maxlen: 24
193.35.205.0/24 maxlen: 24
193.35.206.0/24 maxlen: 24
193.35.207.0/24 maxlen: 24
194.127.116.0/24 maxlen: 24
194.127.117.0/24 maxlen: 24
194.127.118.0/24 maxlen: 24
194.127.119.0/24 maxlen: 24
2a0b:6780::/29 maxlen: 29
2a0c:67c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:61:9f:3a:d1:39:90:6b:b0:a4:6d:7e:5f:ab:a4:1c:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Mar 4 14:46:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a114fe8dede8e2325f96f47111e4eb4abea6ef66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:2a:44:33:45:9a:04:1d:84:6a:89:40:92:59:
df:4d:24:cd:96:a6:38:fa:8e:06:09:6b:b7:14:ba:
16:25:b0:93:11:43:bd:1e:b1:dc:75:1e:aa:84:c9:
61:55:58:f4:85:4e:9f:6f:b0:08:70:c3:b3:8d:a0:
c2:52:e7:64:e0:9b:29:91:2f:3a:2a:c8:f9:55:df:
1c:cc:c1:80:71:6a:88:50:91:0b:46:56:83:c3:5c:
c9:58:21:a8:23:86:d3:5e:eb:d5:b2:42:a7:65:90:
34:4f:4b:47:11:e9:2b:24:5a:78:86:e2:ec:02:89:
0a:18:34:6d:53:84:aa:6c:dc:aa:64:3e:31:14:6b:
86:69:9b:68:2c:55:ec:89:17:7d:95:90:09:95:69:
3a:2e:23:16:ed:2d:e4:fc:b8:e0:59:3a:47:16:2e:
5a:05:69:b9:56:d9:73:b7:fb:c9:82:aa:8a:f8:78:
83:9f:c8:85:f1:4a:46:4a:5c:76:18:9a:d2:a6:6e:
a4:19:e6:90:74:1f:55:6b:11:1d:ff:24:5e:0a:5e:
e7:11:1a:92:aa:70:8b:ec:59:f0:bc:86:cf:7b:c6:
22:73:38:b2:c5:09:68:81:37:83:7f:e4:1d:ad:2f:
b1:cf:fa:c8:1a:b5:b2:61:ac:2b:54:ba:b4:0c:80:
88:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:14:FE:8D:ED:E8:E2:32:5F:96:F4:71:11:E4:EB:4A:BE:A6:EF:66
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/oRT-je3o4jJflvRxEeTrSr6m72Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.216.0/22
185.85.189.0-185.85.191.255
185.85.237.0-185.85.239.255
185.86.5.0/24
185.86.13.0/24
185.86.153.0-185.86.154.255
185.86.164.0/22
185.87.24.0/24
185.87.26.0/23
185.87.121.0-185.87.123.255
185.98.60.0/24
185.119.80.0/22
185.141.32.0/24
185.185.235.0/24
193.35.204.0/22
194.127.116.0/22
IPv6:
2a0b:6780::/29
2a0c:67c0::/29
Signature Algorithm: sha256WithRSAEncryption
aa:58:64:b0:49:7c:af:88:1c:b4:ef:67:b9:4e:50:76:c0:07:
a4:9d:31:e0:e3:25:3b:5d:c2:fd:3f:d8:16:4e:cf:62:b5:34:
89:b6:2f:4e:13:61:d8:53:b3:82:67:f8:93:30:0d:b3:35:46:
31:4f:eb:42:a2:4d:07:0f:bc:89:14:00:88:72:db:f3:b6:13:
c3:17:02:01:98:ab:f8:6b:6f:01:91:6a:01:a0:ac:f4:53:50:
1e:f5:10:a9:a6:a5:ad:bb:e5:96:08:2a:1c:e4:bc:77:7e:23:
51:ea:54:84:7f:a6:6a:fb:2a:5d:e1:5e:50:ee:26:e3:1d:17:
15:09:4e:23:e7:e8:c2:32:27:ff:cc:49:9c:2a:d8:f8:21:70:
4d:17:e0:e0:68:b1:4c:10:ef:06:fb:48:fc:b3:0c:d6:b3:ce:
06:f8:40:8f:62:b8:c8:8a:90:4b:23:5e:af:f8:83:54:cd:56:
4e:08:3d:16:c8:29:65:8e:d9:dc:46:a8:19:5b:18:6e:ec:3c:
8e:a1:39:03:45:25:ac:3d:c4:b9:16:ad:5b:c2:75:0b:d7:9d:
07:20:38:8c:b5:d3:8f:67:55:06:8c:b7:63:93:db:24:29:c7:
03:42:d7:32:6f:2f:1d:79:6f:1f:39:49:f9:48:ef:42:31:7a:
ae:d2:96:97
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAZVhnzrROZBrsKRtfl+rpBxaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwMzA0MTQ0NjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTE0ZmU4ZGVkZThlMjMyNWY5NmY0NzExMWU0ZWI0YWJlYTZlZjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSpEM0WaBB2EaolAklnfTSTNlqY4
+o4GCWu3FLoWJbCTEUO9HrHcdR6qhMlhVVj0hU6fb7AIcMOzjaDCUudk4JspkS86
Ksj5Vd8czMGAcWqIUJELRlaDw1zJWCGoI4bTXuvVskKnZZA0T0tHEekrJFp4huLs
AokKGDRtU4SqbNyqZD4xFGuGaZtoLFXsiRd9lZAJlWk6LiMW7S3k/LjgWTpHFi5a
BWm5Vtlzt/vJgqqK+HiDn8iF8UpGSlx2GJrSpm6kGeaQdB9VaxEd/yReCl7nERqS
qnCL7FnwvIbPe8YicziyxQlogTeDf+QdrS+xz/rIGrWyYawrVLq0DICI/wIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFKEU/o3t6OIyX5b0cRHk60q+pu9mMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvb1JULWplM280akpmbHZSeEVlVHJTcjZtNzJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBhwQCAAEwgYADBAJb
atgwDAMEALlVvQMEBrlVgDAMAwQAuVXtAwQEuVXgAwQAuVYFAwQAuVYNMAwDBAC5
VpkDBAC5VpoDBAK5VqQDBAC5VxgDBAG5VxowDAMEALlXeQMEArlXeAMEALliPAME
Arl3UAMEALmNIAMEALm56wMEAsEjzAMEAsJ/dDAUBAIAAjAOAwUDKgtngAMFAyoM
Z8AwDQYJKoZIhvcNAQELBQADggEBAKpYZLBJfK+IHLTvZ7lOUHbAB6SdMeDjJTtd
wv0/2BZOz2K1NIm2L04TYdhTs4Jn+JMwDbM1RjFP60KiTQcPvIkUAIhy2/O2E8MX
AgGYq/hrbwGRagGgrPRTUB71EKmmpa275ZYIKhzkvHd+I1HqVIR/pmr7Kl3hXlDu
JuMdFxUJTiPn6MIyJ//MSZwq2PghcE0X4OBosUwQ7wb7SPyzDNazzgb4QI9iuMiK
kEsjXq/4g1TNVk4IPRbIKWWO2dxGqBlbGG7sPI6hOQNFJaw9xLkWrVvCdQvXnQcg
OIy1049nVQaMt2OT2yQpxwNC1zJvLx15bx85SflI70Ixeq7Slpc=
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:52:21 2025 by rpki-client