Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/8np9ht0G3b67t2N9j69khCA5swc.roa
File: 8np9ht0G3b67t2N9j69khCA5swc.roa (raw, json)
Hash identifier: s5WWOQNVlSSecjPvMShY+13EouocPqyy6TUkRGLT9Sw=
Subject key identifier: F2:7A:7D:86:DD:06:DD:BE:BB:B7:63:7D:8F:AF:64:84:20:39:B3:07
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 019426D8E5BDD96A22D9ECC95D8E5FD523A6
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/8np9ht0G3b67t2N9j69khCA5swc.roa
Signing time: Thu 02 Jan 2025 11:48:56 +0000
ROA not before: Thu 02 Jan 2025 11:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5501
IP address blocks: 129.233.0.0/17 maxlen: 17
129.233.128.0/17 maxlen: 17
129.233.163.0/24 maxlen: 24
129.233.252.0/22 maxlen: 22
129.233.252.0/24 maxlen: 24
129.233.253.0/24 maxlen: 24
129.233.254.0/24 maxlen: 24
129.233.255.0/24 maxlen: 24
137.251.0.0/16 maxlen: 16
153.96.0.0/21 maxlen: 21
153.96.8.0/23 maxlen: 23
153.96.10.0/24 maxlen: 24
153.96.12.0/22 maxlen: 22
153.96.16.0/23 maxlen: 23
153.96.18.0/24 maxlen: 24
153.96.19.0/24 maxlen: 24
153.96.24.0/24 maxlen: 24
153.96.54.0/23 maxlen: 23
153.96.112.0/23 maxlen: 23
153.96.126.0/23 maxlen: 23
153.96.144.0/23 maxlen: 23
153.96.220.0/22 maxlen: 22
153.96.248.0/23 maxlen: 23
153.96.250.0/24 maxlen: 24
153.96.253.0/24 maxlen: 24
153.96.254.0/24 maxlen: 24
192.42.63.0/24 maxlen: 24
192.42.64.0/24 maxlen: 24
192.44.0.0/22 maxlen: 22
192.44.0.0/24 maxlen: 24
192.44.1.0/24 maxlen: 24
192.44.2.0/23 maxlen: 23
192.44.10.0/24 maxlen: 24
192.44.13.0/24 maxlen: 24
192.44.17.0/24 maxlen: 24
192.44.24.0/24 maxlen: 24
192.44.37.0/24 maxlen: 24
192.102.165.0/24 maxlen: 24
192.102.171.0/24 maxlen: 24
192.102.172.0/23 maxlen: 23
2a03:db80:4404::/48 maxlen: 48
2a03:db80:4410::/48 maxlen: 48
2a03:db80:4414::/48 maxlen: 48
2a03:db80:4415::/48 maxlen: 48
2a03:db80:4416::/48 maxlen: 48
2a03:db80:4420::/48 maxlen: 48
2a03:db80:4424::/48 maxlen: 48
2a03:db80:4434::/48 maxlen: 48
2a03:db80:4460::/48 maxlen: 48
2a03:db80:4470::/48 maxlen: 48
2a03:db80:4480::/48 maxlen: 48
2a03:db80:4484::/48 maxlen: 48
2a03:db80:4494::/48 maxlen: 48
2a03:db80:4c80::/48 maxlen: 48
2a03:db80:4c84::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:e5:bd:d9:6a:22:d9:ec:c9:5d:8e:5f:d5:23:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Jan 2 11:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f27a7d86dd06ddbebbb7637d8faf64842039b307
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:79:83:96:df:02:a5:25:fb:a7:45:4d:31:f1:
37:eb:3c:31:58:00:a3:66:01:96:93:42:5f:b3:5a:
0f:10:06:27:44:48:d0:ee:fd:9e:44:8e:61:f0:fb:
d0:e5:de:e3:4d:e7:ce:75:5a:b7:d6:6b:cf:84:af:
47:7c:54:b7:6a:60:62:df:eb:eb:8b:37:16:4c:e2:
a6:48:48:b5:60:fc:f7:65:b1:3d:b1:ea:56:26:00:
db:6a:2b:5b:f6:8f:02:c8:ac:0f:d2:0d:cd:a5:36:
09:29:d8:33:6e:8d:e9:c6:65:91:66:3a:2d:a7:8e:
df:4d:ec:64:db:bc:e7:ab:dd:19:59:e4:86:83:eb:
7d:6f:84:58:37:72:fe:8f:d2:3f:23:58:df:85:03:
7a:1f:05:59:67:cf:c9:6e:75:47:2b:e1:59:05:62:
3a:7b:ed:f8:0e:e7:5b:68:e8:56:13:c8:72:5f:c0:
95:66:73:1a:7e:d5:3f:f2:4f:5d:5f:0f:b4:ca:78:
1f:d7:ca:c6:e3:dd:61:14:0e:64:6d:b0:d6:84:a1:
39:c2:8c:b3:77:5f:65:c2:0f:d1:f8:46:fe:05:3c:
f3:62:5c:30:c5:8d:d9:da:0d:62:6d:9c:2c:ec:ae:
84:d2:94:92:cc:42:bb:7c:59:4b:f3:9d:25:37:ff:
1c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:7A:7D:86:DD:06:DD:BE:BB:B7:63:7D:8F:AF:64:84:20:39:B3:07
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/8np9ht0G3b67t2N9j69khCA5swc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.233.0.0/16
137.251.0.0/16
153.96.0.0-153.96.10.255
153.96.12.0-153.96.19.255
153.96.24.0/24
153.96.54.0/23
153.96.112.0/23
153.96.126.0/23
153.96.144.0/23
153.96.220.0/22
153.96.248.0-153.96.250.255
153.96.253.0-153.96.254.255
192.42.63.0-192.42.64.255
192.44.0.0/22
192.44.10.0/24
192.44.13.0/24
192.44.17.0/24
192.44.24.0/24
192.44.37.0/24
192.102.165.0/24
192.102.171.0-192.102.173.255
IPv6:
2a03:db80:4404::/48
2a03:db80:4410::/48
2a03:db80:4414::-2a03:db80:4416:ffff:ffff:ffff:ffff:ffff
2a03:db80:4420::/48
2a03:db80:4424::/48
2a03:db80:4434::/48
2a03:db80:4460::/48
2a03:db80:4470::/48
2a03:db80:4480::/48
2a03:db80:4484::/48
2a03:db80:4494::/48
2a03:db80:4c80::/48
2a03:db80:4c84::/48
Signature Algorithm: sha256WithRSAEncryption
33:41:d6:8f:94:ef:66:3a:62:bc:af:d0:bc:c7:48:4b:6c:75:
88:b9:7e:fa:9b:88:c1:25:c4:b4:42:7c:8d:5a:76:3e:59:1c:
51:f6:62:2f:8e:cf:cd:43:91:fe:00:1d:50:ac:f1:17:a3:9e:
15:26:98:77:be:85:4d:59:1f:14:d4:9c:b4:c9:19:4a:1f:28:
86:cc:1d:eb:41:8e:65:df:0c:90:86:df:1e:91:13:6e:86:07:
62:51:57:99:65:c7:01:c6:b3:7a:26:e8:cd:b1:7a:6a:5a:2a:
36:f1:eb:cf:99:1e:0d:6e:9d:45:0b:27:7d:15:7a:dd:d7:cd:
77:b1:80:c6:54:ba:ca:19:b3:3e:40:12:96:12:e4:62:7e:8d:
74:b7:84:20:96:fa:14:85:e4:03:9c:e2:10:43:2a:d2:ac:7c:
46:a2:4b:b6:f4:02:80:f8:b1:49:ff:b6:21:b8:f6:81:9e:73:
fc:16:49:e7:07:8e:04:6d:77:c9:52:a6:90:ac:6b:56:e6:d4:
d3:bb:c9:e8:99:04:7b:5f:07:81:be:06:36:24:6a:e2:95:0f:
6d:29:31:69:1c:22:49:84:bd:1b:a0:b6:02:82:08:f0:0a:91:
71:5a:eb:5f:34:c4:f6:6e:ca:c4:5e:9b:f4:49:81:60:be:15:
53:d3:57:65
-----BEGIN CERTIFICATE-----
MIIGNDCCBRygAwIBAgISAZQm2OW92Woi2ezJXY5f1SOmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTc1ODI2ZTk5MTIyNWE0MjlmZjhhMWU3ZmZkYzgwNDY2
NDIwZGYwHhcNMjUwMTAyMTE0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjdhN2Q4NmRkMDZkZGJlYmJiNzYzN2Q4ZmFmNjQ4NDIwMzliMzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nmDlt8CpSX7p0VNMfE36zwxWACj
ZgGWk0Jfs1oPEAYnREjQ7v2eRI5h8PvQ5d7jTefOdVq31mvPhK9HfFS3amBi3+vr
izcWTOKmSEi1YPz3ZbE9sepWJgDbaitb9o8CyKwP0g3NpTYJKdgzbo3pxmWRZjot
p47fTexk27znq90ZWeSGg+t9b4RYN3L+j9I/I1jfhQN6HwVZZ8/JbnVHK+FZBWI6
e+34DudbaOhWE8hyX8CVZnMaftU/8k9dXw+0yngf18rG491hFA5kbbDWhKE5woyz
d19lwg/R+Eb+BTzzYlwwxY3Z2g1ibZws7K6E0pSSzEK7fFlL850lN/8cSQIDAQAB
o4IDQDCCAzwwHQYDVR0OBBYEFPJ6fYbdBt2+u7djfY+vZIQgObMHMB8GA1UdIwQY
MBaAFHanWCbpkSJaQp/4oef/3IBGZCDfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTct
YWQ4ZmJlYWE4ZGQ5LzEvOG5wOWh0MEczYjY3dDJOOWo2OWtoQ0E1c3djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTctYWQ4ZmJlYWE4ZGQ5
LzEvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBVAYIKwYBBQUHAQcBAf8EggFDMIIBPzCBsgQCAAEwgasD
AwCB6QMDAIn7MAsDAwWZYAMEAJlgCjAMAwQCmWAMAwQCmWAQAwQAmWAYAwQBmWA2
AwQBmWBwAwQBmWB+AwQBmWCQAwQCmWDcMAwDBAOZYPgDBACZYPowDAMEAJlg/QME
AJlg/jAMAwQAwCo/AwQAwCpAAwQCwCwAAwQAwCwKAwQAwCwNAwQAwCwRAwQAwCwY
AwQAwCwlAwQAwGalMAwDBADAZqsDBAHAZqwwgYcEAgACMIGAAwcAKgPbgEQEAwcA
KgPbgEQQMBIDBwIqA9uARBQDBwAqA9uARBYDBwAqA9uARCADBwAqA9uARCQDBwAq
A9uARDQDBwAqA9uARGADBwAqA9uARHADBwAqA9uARIADBwAqA9uARIQDBwAqA9uA
RJQDBwAqA9uATIADBwAqA9uATIQwDQYJKoZIhvcNAQELBQADggEBADNB1o+U72Y6
Yryv0LzHSEtsdYi5fvqbiMElxLRCfI1adj5ZHFH2Yi+Oz81Dkf4AHVCs8RejnhUm
mHe+hU1ZHxTUnLTJGUofKIbMHetBjmXfDJCG3x6RE26GB2JRV5llxwHGs3om6M2x
empaKjbx68+ZHg1unUULJ30Vet3XzXexgMZUusoZsz5AEpYS5GJ+jXS3hCCW+hSF
5AOc4hBDKtKsfEaiS7b0AoD4sUn/tiG49oGec/wWSecHjgRtd8lSppCsa1bm1NO7
yeiZBHtfB4G+BjYkauKVD20pMWkcIkmEvRugtgKCCPAKkXFa6180xPZuysRem/RJ
gWC+FVPTV2U=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:09 2025 by rpki-client