Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/4yEvjSkJPwatv3VjH1p6_Q8Fx_M.roa
File: 4yEvjSkJPwatv3VjH1p6_Q8Fx_M.roa (raw, json)
Hash identifier: JqC9SC7HPp7fwbt3+p8WbA/juj19CDmHgrQmhrfqwbM=
Subject key identifier: E3:21:2F:8D:29:09:3F:06:AD:BF:75:63:1F:5A:7A:FD:0F:05:C7:F3
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 0A1C9691
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/4yEvjSkJPwatv3VjH1p6_Q8Fx_M.roa
Signing time: Wed 02 Mar 2022 09:50:50 +0000
ROA not before: Wed 02 Mar 2022 09:50:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5501
IP address blocks: 129.233.128.0/17 maxlen: 17
153.96.220.0/22 maxlen: 22
153.96.253.0/24 maxlen: 24
153.96.254.0/24 maxlen: 24
129.233.252.0/24 maxlen: 24
129.233.252.0/22 maxlen: 22
129.233.253.0/24 maxlen: 24
192.102.165.0/24 maxlen: 24
129.233.255.0/24 maxlen: 24
129.233.254.0/24 maxlen: 24
192.102.172.0/23 maxlen: 23
192.102.171.0/24 maxlen: 24
192.44.0.0/22 maxlen: 22
153.96.54.0/23 maxlen: 23
192.44.10.0/24 maxlen: 24
192.44.13.0/24 maxlen: 24
192.44.17.0/24 maxlen: 24
192.44.24.0/24 maxlen: 24
192.44.37.0/24 maxlen: 24
153.96.0.0/21 maxlen: 21
153.96.10.0/24 maxlen: 24
153.96.8.0/23 maxlen: 23
153.96.12.0/22 maxlen: 22
153.96.16.0/23 maxlen: 23
153.96.24.0/24 maxlen: 24
153.96.18.0/24 maxlen: 24
137.251.0.0/16 maxlen: 16
153.96.19.0/24 maxlen: 24
192.42.64.0/24 maxlen: 24
192.42.63.0/24 maxlen: 24
153.96.144.0/23 maxlen: 23
129.233.0.0/17 maxlen: 17
2a03:db80:4410::/48 maxlen: 48
2a03:db80:4424::/48 maxlen: 48
2a03:db80:4484::/48 maxlen: 48
2a03:db80:4c84::/48 maxlen: 48
2a03:db80:4404::/48 maxlen: 48
2a03:db80:4480::/48 maxlen: 48
2a03:db80:4c80::/48 maxlen: 48
2a03:db80:4420::/48 maxlen: 48
2a03:db80:4414::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 169645713 (0xa1c9691)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Mar 2 09:50:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e3212f8d29093f06adbf75631f5a7afd0f05c7f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b9:b1:3b:1f:77:e1:01:47:08:3b:20:0f:85:
5b:07:e0:2f:bf:7f:f2:ff:9e:05:78:f0:62:eb:49:
04:9f:88:58:54:1b:72:58:48:84:a5:a0:44:b2:7b:
57:d3:29:5e:f5:6f:f8:89:9f:8d:18:91:36:86:37:
59:70:f1:9f:60:96:86:6b:83:3c:30:89:4d:a9:1a:
4c:c2:40:32:21:5c:e3:9c:9b:b7:d2:cc:e8:a3:21:
22:78:56:89:2e:64:48:be:67:9b:6e:2d:0b:d6:d8:
16:15:a8:96:0f:c7:a5:2c:c4:96:c0:18:79:98:4e:
35:86:63:5f:72:49:43:08:72:4a:f2:10:14:7f:b7:
f5:b9:39:d9:e5:2f:d1:01:d7:ba:db:5a:2a:82:3e:
80:e0:65:99:92:6b:99:45:f1:f8:71:99:cc:d9:bf:
1b:5b:cc:df:9d:89:dc:e1:78:72:6f:fe:06:d9:ff:
c5:b4:f1:15:63:d3:0d:64:78:67:eb:5e:50:26:15:
d3:d9:61:35:40:8d:3a:ed:f2:38:78:01:15:87:ae:
19:c6:d8:14:40:6a:56:e4:d3:4b:23:cd:0f:39:af:
fc:cd:69:e2:ad:55:e3:02:e9:e7:31:33:d9:b3:6a:
29:d6:2a:61:0a:cf:e0:d0:1f:8c:2f:41:cb:c5:de:
af:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:21:2F:8D:29:09:3F:06:AD:BF:75:63:1F:5A:7A:FD:0F:05:C7:F3
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/4yEvjSkJPwatv3VjH1p6_Q8Fx_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.233.0.0/16
137.251.0.0/16
153.96.0.0-153.96.10.255
153.96.12.0-153.96.19.255
153.96.24.0/24
153.96.54.0/23
153.96.144.0/23
153.96.220.0/22
153.96.253.0-153.96.254.255
192.42.63.0-192.42.64.255
192.44.0.0/22
192.44.10.0/24
192.44.13.0/24
192.44.17.0/24
192.44.24.0/24
192.44.37.0/24
192.102.165.0/24
192.102.171.0-192.102.173.255
IPv6:
2a03:db80:4404::/48
2a03:db80:4410::/48
2a03:db80:4414::/48
2a03:db80:4420::/48
2a03:db80:4424::/48
2a03:db80:4480::/48
2a03:db80:4484::/48
2a03:db80:4c80::/48
2a03:db80:4c84::/48
Signature Algorithm: sha256WithRSAEncryption
1a:ee:96:cd:2e:4a:96:ce:0c:a2:d6:8f:85:01:82:e4:2a:db:
59:e0:83:6f:41:f9:25:8f:d1:4b:4d:0b:77:8a:ce:34:db:1f:
00:8c:8f:ed:ba:f3:d2:08:77:91:43:f9:9b:36:de:93:8c:01:
87:67:4f:68:8b:3c:c2:c0:3c:18:80:b4:65:19:c7:b5:7f:18:
e2:20:f0:17:06:b7:47:ed:82:72:48:fd:be:c2:2a:ca:12:8b:
17:e1:a8:d7:19:96:f6:49:8d:a8:47:56:33:60:25:57:48:75:
66:f6:51:e6:8a:67:23:70:a3:17:a3:1b:be:e9:42:bb:19:4d:
d8:20:7c:c3:28:18:29:ac:e0:5c:74:de:0b:ff:68:5c:e5:03:
bf:62:6b:34:72:7e:8e:03:22:e6:39:5d:e6:61:d8:f6:60:f9:
6f:fc:0d:b5:d4:cc:af:70:45:31:f2:39:1a:8a:13:50:ff:11:
54:48:fe:4b:8f:d0:f9:e4:84:7a:53:11:af:83:e0:c0:9f:a8:
ef:2e:3a:16:4e:39:97:c2:83:9d:90:6c:55:75:b7:91:0d:79:
fb:86:91:55:94:b3:79:bc:d6:69:79:ff:0c:3c:fa:60:2c:1f:
0f:fe:90:93:3d:b7:5b:7a:4a:1b:2e:db:63:f6:84:8a:77:b0:
3f:9f:aa:58
-----BEGIN CERTIFICATE-----
MIIF2TCCBMGgAwIBAgIEChyWkTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NmE3NTgyNmU5OTEyMjVhNDI5ZmY4YTFlN2ZmZGM4MDQ2NjQyMGRmMB4XDTIyMDMw
MjA5NTA1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTMyMTJmOGQyOTA5
M2YwNmFkYmY3NTYzMWY1YTdhZmQwZjA1YzdmMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKW5sTsfd+EBRwg7IA+FWwfgL79/8v+eBXjwYutJBJ+IWFQb
clhIhKWgRLJ7V9MpXvVv+ImfjRiRNoY3WXDxn2CWhmuDPDCJTakaTMJAMiFc45yb
t9LM6KMhInhWiS5kSL5nm24tC9bYFhWolg/HpSzElsAYeZhONYZjX3JJQwhySvIQ
FH+39bk52eUv0QHXuttaKoI+gOBlmZJrmUXx+HGZzNm/G1vM352J3OF4cm/+Btn/
xbTxFWPTDWR4Z+teUCYV09lhNUCNOu3yOHgBFYeuGcbYFEBqVuTTSyPNDzmv/M1p
4q1V4wLp5zEz2bNqKdYqYQrP4NAfjC9By8Xer58CAwEAAaOCAvMwggLvMB0GA1Ud
DgQWBBTjIS+NKQk/Bq2/dWMfWnr9DwXH8zAfBgNVHSMEGDAWgBR2p1gm6ZEiWkKf
+KHn/9yARmQg3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RxZFlKdW1SSWxwQ25faWg1X19jZ0Vaa0lOOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDkvMWQzM2NhLThkMWMtNDljMC1iZTk3LWFkOGZiZWFhOGRkOS8x
LzR5RXZqU2tKUHdhdHYzVmpIMXA2X1E4RnhfTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDkv
MWQzM2NhLThkMWMtNDljMC1iZTk3LWFkOGZiZWFhOGRkOS8xL2RxZFlKdW1SSWxw
Q25faWg1X19jZ0Vaa0lOOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AQcGCCsGAQUFBwEHAQH/BIH3MIH0MIGYBAIAATCBkQMDAIHpAwMAifswCwMDBZlg
AwQAmWAKMAwDBAKZYAwDBAKZYBADBACZYBgDBAGZYDYDBAGZYJADBAKZYNwwDAME
AJlg/QMEAJlg/jAMAwQAwCo/AwQAwCpAAwQCwCwAAwQAwCwKAwQAwCwNAwQAwCwR
AwQAwCwYAwQAwCwlAwQAwGalMAwDBADAZqsDBAHAZqwwVwQCAAIwUQMHACoD24BE
BAMHACoD24BEEAMHACoD24BEFAMHACoD24BEIAMHACoD24BEJAMHACoD24BEgAMH
ACoD24BEhAMHACoD24BMgAMHACoD24BMhDANBgkqhkiG9w0BAQsFAAOCAQEAGu6W
zS5Kls4MotaPhQGC5CrbWeCDb0H5JY/RS00Ld4rONNsfAIyP7brz0gh3kUP5mzbe
k4wBh2dPaIs8wsA8GIC0ZRnHtX8Y4iDwFwa3R+2Cckj9vsIqyhKLF+Go1xmW9kmN
qEdWM2AlV0h1ZvZR5opnI3CjF6MbvulCuxlN2CB8wygYKazgXHTeC/9oXOUDv2Jr
NHJ+jgMi5jld5mHY9mD5b/wNtdTMr3BFMfI5GooTUP8RVEj+S4/Q+eSEelMRr4Pg
wJ+o7y46Fk45l8KDnZBsVXW3kQ15+4aRVZSzebzWaXn/DDz6YCwfD/6Qkz23W3pK
Gy7bY/aEinewP5+qWA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:48 2025 by rpki-client