Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/L2UCeVHHcg9euQRtLcEzhApV2UE.roa
File: L2UCeVHHcg9euQRtLcEzhApV2UE.roa (raw, json)
Hash identifier: awT5trUmAy4FPSzNkgCSgldj93M9lPrOlgd5pOswERE=
Subject key identifier: 2F:65:02:79:51:C7:72:0F:5E:B9:04:6D:2D:C1:33:84:0A:55:D9:41
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 019426D8E52CF859BAD7C2ABB3329B412ADC
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/L2UCeVHHcg9euQRtLcEzhApV2UE.roa
Signing time: Thu 02 Jan 2025 11:48:56 +0000
ROA not before: Thu 02 Jan 2025 11:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 680
IP address blocks: 84.246.64.0/21 maxlen: 21
129.26.0.0/16 maxlen: 16
129.233.128.0/18 maxlen: 18
129.233.210.0/24 maxlen: 24
129.233.224.0/20 maxlen: 20
153.96.0.0/16 maxlen: 16
192.35.149.0/24 maxlen: 24
192.35.150.0/23 maxlen: 23
192.35.150.0/24 maxlen: 24
192.35.151.0/24 maxlen: 24
192.35.153.0/24 maxlen: 24
192.44.4.0/24 maxlen: 24
192.44.5.0/24 maxlen: 24
192.44.6.0/24 maxlen: 24
192.44.8.0/24 maxlen: 24
192.44.12.0/24 maxlen: 24
192.44.15.0/24 maxlen: 24
192.44.18.0/24 maxlen: 24
192.44.20.0/23 maxlen: 23
192.44.23.0/24 maxlen: 24
192.44.25.0/24 maxlen: 24
192.44.26.0/24 maxlen: 24
192.44.28.0/24 maxlen: 24
192.44.29.0/24 maxlen: 24
192.44.30.0/23 maxlen: 23
192.44.36.0/24 maxlen: 24
192.44.37.0/24 maxlen: 24
192.44.38.0/23 maxlen: 23
192.44.40.0/24 maxlen: 24
192.54.34.0/23 maxlen: 23
192.76.148.0/24 maxlen: 24
192.76.241.0/24 maxlen: 24
192.76.245.0/24 maxlen: 24
192.76.246.0/23 maxlen: 23
192.76.248.0/24 maxlen: 24
192.88.108.0/24 maxlen: 24
192.102.150.0/23 maxlen: 23
192.102.152.0/23 maxlen: 23
192.102.156.0/24 maxlen: 24
192.102.158.0/23 maxlen: 23
192.102.160.0/24 maxlen: 24
192.102.161.0/24 maxlen: 24
192.102.162.0/23 maxlen: 23
192.102.164.0/24 maxlen: 24
192.102.167.0/24 maxlen: 24
192.102.168.0/24 maxlen: 24
192.102.169.0/24 maxlen: 24
192.102.170.0/24 maxlen: 24
192.102.172.0/24 maxlen: 24
192.102.174.0/24 maxlen: 24
192.102.175.0/24 maxlen: 24
192.102.176.0/23 maxlen: 23
192.109.177.0/24 maxlen: 24
212.44.192.0/19 maxlen: 19
2a03:db80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:e5:2c:f8:59:ba:d7:c2:ab:b3:32:9b:41:2a:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Jan 2 11:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f65027951c7720f5eb9046d2dc133840a55d941
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:4e:44:46:77:64:10:07:b3:79:56:e9:20:18:
e2:36:19:87:d5:9f:2e:92:e8:c8:4a:b8:ff:3e:4f:
ab:ed:c9:c1:d2:d7:a7:ce:46:c0:69:1d:bc:58:4e:
cc:e6:e8:a2:6f:f2:c7:e6:7f:06:85:45:06:27:ab:
18:02:09:11:2c:87:5c:2e:57:17:b5:6f:19:a7:e2:
82:ee:7a:6c:76:9c:b2:a6:5e:af:40:ed:f7:68:75:
94:28:af:5f:c8:f6:16:11:7f:26:9d:07:2b:a2:af:
90:66:43:1d:96:25:3e:61:d2:87:b5:07:98:8e:0f:
f4:a8:33:84:6f:0b:c5:12:63:f5:b5:9e:13:9d:ba:
27:e1:06:38:45:f4:9e:9d:2b:12:41:b3:18:5c:d8:
65:f0:f3:c7:5b:5d:a5:3a:69:0d:15:18:76:ef:7d:
16:58:ef:af:52:08:49:47:97:e0:53:06:e7:27:f5:
17:cc:10:8d:5e:f9:64:c1:52:2f:52:da:b6:6e:7b:
06:a6:40:7d:f5:f0:42:07:d7:76:23:75:c1:b8:2a:
c1:95:83:85:9e:24:bc:bf:e5:1b:af:67:0b:51:40:
bc:a8:81:39:3b:14:67:e5:a4:17:8d:3a:30:9e:b9:
0b:33:79:d3:1c:44:1a:4d:2d:9d:ec:0a:ac:e3:2e:
e9:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:65:02:79:51:C7:72:0F:5E:B9:04:6D:2D:C1:33:84:0A:55:D9:41
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/L2UCeVHHcg9euQRtLcEzhApV2UE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.246.64.0/21
129.26.0.0/16
129.233.128.0/18
129.233.210.0/24
129.233.224.0/20
153.96.0.0/16
192.35.149.0-192.35.151.255
192.35.153.0/24
192.44.4.0-192.44.6.255
192.44.8.0/24
192.44.12.0/24
192.44.15.0/24
192.44.18.0/24
192.44.20.0/23
192.44.23.0/24
192.44.25.0-192.44.26.255
192.44.28.0/22
192.44.36.0-192.44.40.255
192.54.34.0/23
192.76.148.0/24
192.76.241.0/24
192.76.245.0-192.76.248.255
192.88.108.0/24
192.102.150.0-192.102.153.255
192.102.156.0/24
192.102.158.0-192.102.164.255
192.102.167.0-192.102.170.255
192.102.172.0/24
192.102.174.0-192.102.177.255
192.109.177.0/24
212.44.192.0/19
IPv6:
2a03:db80::/32
Signature Algorithm: sha256WithRSAEncryption
af:18:1b:fc:11:d6:90:e6:d8:44:4d:d0:8d:87:e3:b4:fb:e5:
fc:76:5e:42:3f:db:df:04:af:8a:79:2d:00:0c:7e:15:4c:86:
a0:e4:6b:2d:29:d8:35:1a:71:1f:c3:93:a4:0d:52:4b:6d:eb:
b7:3a:6b:d8:dc:6f:2a:20:28:06:47:5e:c6:8b:af:3b:f5:29:
a7:59:3b:bd:fc:c0:7f:5f:18:8b:2e:6e:aa:5c:21:66:c5:b7:
c2:46:4a:32:1d:43:96:33:f3:73:08:58:68:40:eb:7e:4c:e1:
44:32:14:d9:f9:27:aa:21:5e:3e:e2:fc:88:32:23:34:59:24:
fa:a4:84:20:d1:e1:cd:51:1c:95:f8:af:2e:91:95:48:ee:fd:
b3:6a:ad:9b:17:22:b4:1a:da:93:6b:d7:26:f4:68:33:fd:76:
81:12:76:9c:30:f9:fa:65:62:f9:df:3a:91:6a:b0:17:4d:4d:
a1:2f:d9:30:b8:3e:3a:bf:e1:37:88:fb:3e:59:ce:be:86:98:
3a:0d:de:59:d1:cd:9a:60:09:a2:3f:1c:38:5f:77:11:5e:36:
11:12:40:d5:54:a8:31:1c:67:d7:5a:e4:9a:7e:5e:2c:a6:88:
1e:05:60:ff:56:53:58:ad:30:9c:56:c4:a9:53:a4:6d:80:3d:
88:4c:cd:47
-----BEGIN CERTIFICATE-----
MIIGEDCCBPigAwIBAgISAZQm2OUs+Fm618KrszKbQSrcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTc1ODI2ZTk5MTIyNWE0MjlmZjhhMWU3ZmZkYzgwNDY2
NDIwZGYwHhcNMjUwMTAyMTE0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjY1MDI3OTUxYzc3MjBmNWViOTA0NmQyZGMxMzM4NDBhNTVkOTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiU5ERndkEAezeVbpIBjiNhmH1Z8u
kujISrj/Pk+r7cnB0tenzkbAaR28WE7M5uiib/LH5n8GhUUGJ6sYAgkRLIdcLlcX
tW8Zp+KC7npsdpyypl6vQO33aHWUKK9fyPYWEX8mnQcroq+QZkMdliU+YdKHtQeY
jg/0qDOEbwvFEmP1tZ4Tnbon4QY4RfSenSsSQbMYXNhl8PPHW12lOmkNFRh2730W
WO+vUghJR5fgUwbnJ/UXzBCNXvlkwVIvUtq2bnsGpkB99fBCB9d2I3XBuCrBlYOF
niS8v+Ubr2cLUUC8qIE5OxRn5aQXjTownrkLM3nTHEQaTS2d7Aqs4y7pAwIDAQAB
o4IDHDCCAxgwHQYDVR0OBBYEFC9lAnlRx3IPXrkEbS3BM4QKVdlBMB8GA1UdIwQY
MBaAFHanWCbpkSJaQp/4oef/3IBGZCDfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTct
YWQ4ZmJlYWE4ZGQ5LzEvTDJVQ2VWSEhjZzlldVFSdExjRXpoQXBWMlVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTctYWQ4ZmJlYWE4ZGQ5
LzEvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMAYIKwYBBQUHAQcBAf8EggEfMIIBGzCCAQgEAgABMIIB
AAMEA1T2QAMDAIEaAwQGgemAAwQAgenSAwQEgengAwMAmWAwDAMEAMAjlQMEA8Aj
kAMEAMAjmTAMAwQCwCwEAwQAwCwGAwQAwCwIAwQAwCwMAwQAwCwPAwQAwCwSAwQB
wCwUAwQAwCwXMAwDBADALBkDBADALBoDBALALBwwDAMEAsAsJAMEAMAsKAMEAcA2
IgMEAMBMlAMEAMBM8TAMAwQAwEz1AwQAwEz4AwQAwFhsMAwDBAHAZpYDBAHAZpgD
BADAZpwwDAMEAcBmngMEAMBmpDAMAwQAwGanAwQAwGaqAwQAwGasMAwDBAHAZq4D
BAHAZrADBADAbbEDBAXULMAwDQQCAAIwBwMFACoD24AwDQYJKoZIhvcNAQELBQAD
ggEBAK8YG/wR1pDm2ERN0I2H47T75fx2XkI/298Er4p5LQAMfhVMhqDkay0p2DUa
cR/Dk6QNUktt67c6a9jcbyogKAZHXsaLrzv1KadZO738wH9fGIsubqpcIWbFt8JG
SjIdQ5Yz83MIWGhA635M4UQyFNn5J6ohXj7i/IgyIzRZJPqkhCDR4c1RHJX4ry6R
lUju/bNqrZsXIrQa2pNr1yb0aDP9doESdpww+fplYvnfOpFqsBdNTaEv2TC4Pjq/
4TeI+z5Zzr6GmDoN3lnRzZpgCaI/HDhfdxFeNhESQNVUqDEcZ9da5Jp+XiymiB4F
YP9WU1itMJxWxKlTpG2APYhMzUc=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:23 2025 by rpki-client