Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/_3Z17tGVt-P1VQ_arPU_Kz-4hnU.roa
File: _3Z17tGVt-P1VQ_arPU_Kz-4hnU.roa (raw, json)
Hash identifier: lfddm3K8RMez0k39Ck1sWBEoasY810+YMuXMmJpBPo0=
Subject key identifier: FF:76:75:EE:D1:95:B7:E3:F5:55:0F:DA:AC:F5:3F:2B:3F:B8:86:75
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 09885EA5
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/_3Z17tGVt-P1VQ_arPU_Kz-4hnU.roa
Signing time: Sat 01 Jan 2022 04:03:18 +0000
ROA not before: Sat 01 Jan 2022 04:03:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5501
IP address blocks: 129.233.128.0/17 maxlen: 17
153.96.220.0/22 maxlen: 22
153.96.253.0/24 maxlen: 24
153.96.254.0/24 maxlen: 24
129.233.252.0/24 maxlen: 24
129.233.252.0/22 maxlen: 22
129.233.253.0/24 maxlen: 24
192.102.165.0/24 maxlen: 24
129.233.255.0/24 maxlen: 24
129.233.254.0/24 maxlen: 24
192.102.172.0/23 maxlen: 23
192.102.171.0/24 maxlen: 24
192.44.0.0/22 maxlen: 22
153.96.54.0/23 maxlen: 23
192.44.10.0/24 maxlen: 24
192.44.13.0/24 maxlen: 24
192.44.17.0/24 maxlen: 24
192.44.24.0/24 maxlen: 24
192.44.37.0/24 maxlen: 24
153.96.0.0/21 maxlen: 21
153.96.10.0/24 maxlen: 24
153.96.8.0/23 maxlen: 23
153.96.12.0/22 maxlen: 22
153.96.16.0/23 maxlen: 23
153.96.24.0/24 maxlen: 24
137.251.0.0/16 maxlen: 16
153.96.19.0/24 maxlen: 24
192.42.64.0/24 maxlen: 24
192.42.63.0/24 maxlen: 24
153.96.144.0/23 maxlen: 23
129.233.0.0/17 maxlen: 17
2a03:db80:4410::/48 maxlen: 48
2a03:db80:4424::/48 maxlen: 48
2a03:db80:4484::/48 maxlen: 48
2a03:db80:4c84::/48 maxlen: 48
2a03:db80:4404::/48 maxlen: 48
2a03:db80:4480::/48 maxlen: 48
2a03:db80:4c80::/48 maxlen: 48
2a03:db80:4420::/48 maxlen: 48
2a03:db80:4414::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 159932069 (0x9885ea5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Jan 1 04:03:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ff7675eed195b7e3f5550fdaacf53f2b3fb88675
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:17:ef:bc:d5:05:1d:f0:69:fe:7c:21:f0:bc:
97:24:72:a6:0a:4f:86:df:31:65:bb:73:98:35:27:
4e:c2:fd:14:f7:db:cc:6d:2a:3d:dc:16:95:9b:5e:
33:c2:f0:9f:1d:86:51:8d:98:a4:a9:63:a5:56:15:
ca:9f:20:86:31:95:b3:cd:ce:57:00:03:b8:2b:72:
40:33:c8:ff:7b:f6:be:b0:ad:a5:15:91:06:2a:69:
c0:7d:ef:c6:d1:6c:8f:2b:5b:e1:06:ff:6c:bd:0e:
d1:a6:c5:d5:76:7e:e4:90:4f:15:98:71:3d:ec:34:
7d:0e:47:17:a7:74:98:88:26:3d:a7:af:6c:25:5e:
45:89:b7:b2:8b:36:6a:16:39:fb:a7:9d:8c:d6:22:
f3:69:79:ed:30:de:aa:ca:ca:e7:2d:08:ed:4e:7a:
f4:56:1a:fe:18:d2:b8:26:37:39:f0:f9:c7:f9:87:
01:7d:e4:38:1e:49:55:93:54:02:bf:25:8d:ad:05:
1e:e2:41:48:14:18:c8:4a:c2:56:ea:a2:62:1c:55:
36:74:5c:cf:db:f7:08:65:67:ee:8a:c7:07:d4:05:
54:c1:0e:aa:57:ec:ae:ad:f7:41:9e:94:94:50:be:
f1:3e:e9:b7:f2:ae:52:bd:d9:24:47:49:9f:75:aa:
c4:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:76:75:EE:D1:95:B7:E3:F5:55:0F:DA:AC:F5:3F:2B:3F:B8:86:75
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/_3Z17tGVt-P1VQ_arPU_Kz-4hnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.233.0.0/16
137.251.0.0/16
153.96.0.0-153.96.10.255
153.96.12.0-153.96.17.255
153.96.19.0/24
153.96.24.0/24
153.96.54.0/23
153.96.144.0/23
153.96.220.0/22
153.96.253.0-153.96.254.255
192.42.63.0-192.42.64.255
192.44.0.0/22
192.44.10.0/24
192.44.13.0/24
192.44.17.0/24
192.44.24.0/24
192.44.37.0/24
192.102.165.0/24
192.102.171.0-192.102.173.255
IPv6:
2a03:db80:4404::/48
2a03:db80:4410::/48
2a03:db80:4414::/48
2a03:db80:4420::/48
2a03:db80:4424::/48
2a03:db80:4480::/48
2a03:db80:4484::/48
2a03:db80:4c80::/48
2a03:db80:4c84::/48
Signature Algorithm: sha256WithRSAEncryption
a7:26:54:f5:e4:ef:ed:3f:6e:ad:82:64:ee:27:c5:e2:57:6d:
16:39:cc:d2:c1:f6:54:4a:12:ab:7a:93:33:43:90:e1:5a:55:
f8:98:d6:97:8d:b1:9d:94:93:0d:e6:d4:8d:0f:4d:cc:cc:4c:
98:87:15:39:40:b3:2d:e6:28:32:cc:43:c3:62:be:e7:11:14:
48:16:7a:01:6d:eb:fc:44:e5:ff:46:0f:65:e9:b6:05:09:18:
ae:3e:1f:7d:af:17:75:93:a8:53:14:f8:91:dd:cb:d4:f8:bf:
39:ab:a3:33:66:e6:74:03:83:e0:3c:4a:ad:48:55:b8:97:4e:
e7:7d:37:f3:17:a4:88:0a:1f:44:fd:76:3b:35:7c:c8:2c:98:
37:db:5d:51:97:9c:ac:11:11:8a:0a:ce:19:b1:e4:33:12:2d:
33:7d:35:c4:6c:c9:3c:01:fb:df:26:ca:4f:c9:f8:57:c3:ec:
fe:d1:00:bb:4d:24:5f:cb:ed:44:2d:cc:75:9d:60:14:71:aa:
15:bc:cc:14:dc:78:5e:a0:dc:0f:0b:6c:19:bb:2f:a0:be:43:
a0:f9:00:73:a4:34:8e:5e:58:1f:40:a8:de:f1:42:5c:a0:cf:
f1:81:76:3f:6e:1b:b2:bc:e1:d6:95:8a:42:41:88:c5:79:9f:
c7:65:dd:4c
-----BEGIN CERTIFICATE-----
MIIF3zCCBMegAwIBAgIECYhepTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NmE3NTgyNmU5OTEyMjVhNDI5ZmY4YTFlN2ZmZGM4MDQ2NjQyMGRmMB4XDTIyMDEw
MTA0MDMxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmY3Njc1ZWVkMTk1
YjdlM2Y1NTUwZmRhYWNmNTNmMmIzZmI4ODY3NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ4X77zVBR3waf58IfC8lyRypgpPht8xZbtzmDUnTsL9FPfb
zG0qPdwWlZteM8Lwnx2GUY2YpKljpVYVyp8ghjGVs83OVwADuCtyQDPI/3v2vrCt
pRWRBippwH3vxtFsjytb4Qb/bL0O0abF1XZ+5JBPFZhxPew0fQ5HF6d0mIgmPaev
bCVeRYm3sos2ahY5+6edjNYi82l57TDeqsrK5y0I7U569FYa/hjSuCY3OfD5x/mH
AX3kOB5JVZNUAr8lja0FHuJBSBQYyErCVuqiYhxVNnRcz9v3CGVn7orHB9QFVMEO
qlfsrq33QZ6UlFC+8T7pt/KuUr3ZJEdJn3WqxHkCAwEAAaOCAvkwggL1MB0GA1Ud
DgQWBBT/dnXu0ZW34/VVD9qs9T8rP7iGdTAfBgNVHSMEGDAWgBR2p1gm6ZEiWkKf
+KHn/9yARmQg3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RxZFlKdW1SSWxwQ25faWg1X19jZ0Vaa0lOOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDkvMWQzM2NhLThkMWMtNDljMC1iZTk3LWFkOGZiZWFhOGRkOS8x
L18zWjE3dEdWdC1QMVZRX2FyUFVfS3otNGhuVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDkv
MWQzM2NhLThkMWMtNDljMC1iZTk3LWFkOGZiZWFhOGRkOS8xL2RxZFlKdW1SSWxw
Q25faWg1X19jZ0Vaa0lOOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AQ0GCCsGAQUFBwEHAQH/BIH9MIH6MIGeBAIAATCBlwMDAIHpAwMAifswCwMDBZlg
AwQAmWAKMAwDBAKZYAwDBAGZYBADBACZYBMDBACZYBgDBAGZYDYDBAGZYJADBAKZ
YNwwDAMEAJlg/QMEAJlg/jAMAwQAwCo/AwQAwCpAAwQCwCwAAwQAwCwKAwQAwCwN
AwQAwCwRAwQAwCwYAwQAwCwlAwQAwGalMAwDBADAZqsDBAHAZqwwVwQCAAIwUQMH
ACoD24BEBAMHACoD24BEEAMHACoD24BEFAMHACoD24BEIAMHACoD24BEJAMHACoD
24BEgAMHACoD24BEhAMHACoD24BMgAMHACoD24BMhDANBgkqhkiG9w0BAQsFAAOC
AQEApyZU9eTv7T9urYJk7ifF4ldtFjnM0sH2VEoSq3qTM0OQ4VpV+JjWl42xnZST
DebUjQ9NzMxMmIcVOUCzLeYoMsxDw2K+5xEUSBZ6AW3r/ETl/0YPZem2BQkYrj4f
fa8XdZOoUxT4kd3L1Pi/OaujM2bmdAOD4DxKrUhVuJdO53038xekiAofRP12OzV8
yCyYN9tdUZecrBERigrOGbHkMxItM301xGzJPAH73ybKT8n4V8Ps/tEAu00kX8vt
RC3MdZ1gFHGqFbzMFNx4XqDcDwtsGbsvoL5DoPkAc6Q0jl5YH0Co3vFCXKDP8YF2
P24bsrzh1pWKQkGIxXmfx2XdTA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:28 2025 by rpki-client