Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/yVj16lz0wmhKIdyHV8mo_9RYEW0.roa
File: yVj16lz0wmhKIdyHV8mo_9RYEW0.roa (raw, json)
Hash identifier: zd+XfvQT5R9gh8VOJVnfbdqBDZRmWXfdBrEbxmFyq1g=
Subject key identifier: C9:58:F5:EA:5C:F4:C2:68:4A:21:DC:87:57:C9:A8:FF:D4:58:11:6D
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 01869853FA3F44592F2F5988C3326FBA8913
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/yVj16lz0wmhKIdyHV8mo_9RYEW0.roa
Signing time: Tue 28 Feb 2023 14:01:25 +0000
ROA not before: Tue 28 Feb 2023 14:01:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 192.76.245.0/24 maxlen: 24
192.76.246.0/23 maxlen: 23
192.76.241.0/24 maxlen: 24
192.76.248.0/24 maxlen: 24
192.109.177.0/24 maxlen: 24
192.35.150.0/24 maxlen: 24
192.35.150.0/23 maxlen: 23
192.35.149.0/24 maxlen: 24
192.35.151.0/24 maxlen: 24
192.35.153.0/24 maxlen: 24
129.26.0.0/16 maxlen: 16
192.76.148.0/24 maxlen: 24
129.233.128.0/18 maxlen: 18
192.88.108.0/24 maxlen: 24
212.44.192.0/19 maxlen: 19
192.102.150.0/23 maxlen: 23
192.102.152.0/23 maxlen: 23
192.102.156.0/24 maxlen: 24
192.102.158.0/23 maxlen: 23
192.102.164.0/24 maxlen: 24
192.102.161.0/24 maxlen: 24
192.102.160.0/24 maxlen: 24
192.102.162.0/23 maxlen: 23
192.102.168.0/24 maxlen: 24
192.102.167.0/24 maxlen: 24
192.102.170.0/24 maxlen: 24
192.102.169.0/24 maxlen: 24
192.102.172.0/24 maxlen: 24
192.102.175.0/24 maxlen: 24
192.102.174.0/24 maxlen: 24
192.102.176.0/23 maxlen: 23
129.233.210.0/24 maxlen: 24
129.233.224.0/20 maxlen: 20
192.44.4.0/24 maxlen: 24
192.54.34.0/23 maxlen: 23
192.44.8.0/24 maxlen: 24
192.44.5.0/24 maxlen: 24
192.44.6.0/24 maxlen: 24
192.44.15.0/24 maxlen: 24
192.44.12.0/24 maxlen: 24
192.44.23.0/24 maxlen: 24
192.44.18.0/24 maxlen: 24
192.44.20.0/23 maxlen: 23
192.44.30.0/23 maxlen: 23
192.44.29.0/24 maxlen: 24
192.44.26.0/24 maxlen: 24
192.44.25.0/24 maxlen: 24
192.44.28.0/24 maxlen: 24
192.44.37.0/24 maxlen: 24
192.44.36.0/24 maxlen: 24
84.246.64.0/21 maxlen: 21
192.44.38.0/23 maxlen: 23
192.44.40.0/24 maxlen: 24
2a03:db80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:98:53:fa:3f:44:59:2f:2f:59:88:c3:32:6f:ba:89:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Feb 28 14:01:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c958f5ea5cf4c2684a21dc8757c9a8ffd458116d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:98:4f:70:7f:41:25:98:cc:73:f9:bc:42:c0:
d1:cc:b5:93:d2:6f:ba:13:4c:88:00:dc:18:13:fe:
8c:41:d2:9b:49:d1:72:c9:95:1d:67:4f:d7:f5:9c:
48:6f:3a:a5:e9:49:55:0e:6d:ed:3e:8c:e6:16:b8:
9d:d9:bc:0f:ec:50:67:e9:76:9e:db:c4:9c:f8:67:
d4:e7:03:bb:b9:81:e4:44:8d:71:c1:8a:94:a2:be:
91:dd:3d:fe:8c:b5:48:6c:dc:93:52:56:37:00:36:
82:1b:ef:2b:5c:b9:23:61:a9:bf:67:dc:dd:56:94:
ba:0b:89:db:5f:34:9b:84:62:ac:71:91:fc:75:1e:
d1:33:ee:be:1c:e1:26:01:e8:6c:ab:be:e5:d8:99:
70:4d:16:f6:c8:ff:84:f5:a7:6d:1c:aa:af:62:99:
db:a3:35:45:1f:f7:38:44:6e:92:59:25:83:3c:34:
15:6e:28:aa:f2:be:dd:76:e1:ad:ee:8b:ed:a7:ae:
7b:30:23:0c:fe:bb:f9:04:bc:17:76:85:2e:3f:af:
cb:39:65:46:47:2a:31:f0:2d:45:d0:02:44:7f:b8:
21:83:a2:99:22:c7:b9:a4:90:a0:c0:18:f7:b3:27:
f7:65:ab:2a:05:e4:d7:fd:e3:f0:f7:d3:eb:fb:86:
10:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:58:F5:EA:5C:F4:C2:68:4A:21:DC:87:57:C9:A8:FF:D4:58:11:6D
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/yVj16lz0wmhKIdyHV8mo_9RYEW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.246.64.0/21
129.26.0.0/16
129.233.128.0/18
129.233.210.0/24
129.233.224.0/20
192.35.149.0-192.35.151.255
192.35.153.0/24
192.44.4.0-192.44.6.255
192.44.8.0/24
192.44.12.0/24
192.44.15.0/24
192.44.18.0/24
192.44.20.0/23
192.44.23.0/24
192.44.25.0-192.44.26.255
192.44.28.0/22
192.44.36.0-192.44.40.255
192.54.34.0/23
192.76.148.0/24
192.76.241.0/24
192.76.245.0-192.76.248.255
192.88.108.0/24
192.102.150.0-192.102.153.255
192.102.156.0/24
192.102.158.0-192.102.164.255
192.102.167.0-192.102.170.255
192.102.172.0/24
192.102.174.0-192.102.177.255
192.109.177.0/24
212.44.192.0/19
IPv6:
2a03:db80::/32
Signature Algorithm: sha256WithRSAEncryption
90:7a:9e:4c:e8:f4:4f:3a:bb:3f:57:26:2b:c3:50:d9:4d:b5:
23:c1:ff:44:0a:3c:a0:cc:87:02:8e:69:4e:d3:73:7d:d7:e7:
ca:dc:73:36:95:c5:dc:bf:50:51:e0:95:17:36:e9:22:70:5d:
d1:ca:21:f6:95:17:ed:33:6c:45:13:32:a0:90:45:3b:0d:0a:
2e:44:b2:c0:78:5b:29:ec:b3:ca:67:57:46:5e:6c:e7:77:4a:
72:74:cd:c8:2f:93:0a:47:1e:1e:c8:f0:a3:ba:1c:85:76:0b:
74:8e:ab:75:75:58:c6:e6:7e:be:f2:cc:1a:ae:e6:25:3e:1d:
e0:44:b3:df:79:11:6b:f4:55:77:ed:50:83:63:5b:23:7f:e0:
b2:f1:f5:ff:ab:01:86:4e:04:7f:c1:3b:2d:dc:7b:c5:e6:73:
dd:fc:19:02:b9:b9:09:7f:fb:d0:5e:02:07:d7:d6:20:98:60:
32:2f:1b:94:e8:fb:00:d7:c3:5f:ab:a0:0b:2b:c8:de:78:28:
9e:a3:d5:46:77:79:b6:88:ed:0d:d1:5e:9f:db:73:47:79:d9:
75:a7:4b:04:de:c2:62:17:e3:52:a1:4f:dd:2d:89:67:ac:37:
98:91:7c:61:92:0e:8e:b7:32:05:f3:70:1f:06:11:7e:e5:b7:
7a:84:79:e4
-----BEGIN CERTIFICATE-----
MIIGCjCCBPKgAwIBAgISAYaYU/o/RFkvL1mIwzJvuokTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTc1ODI2ZTk5MTIyNWE0MjlmZjhhMWU3ZmZkYzgwNDY2
NDIwZGYwHhcNMjMwMjI4MTQwMTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTU4ZjVlYTVjZjRjMjY4NGEyMWRjODc1N2M5YThmZmQ0NTgxMTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAophPcH9BJZjMc/m8QsDRzLWT0m+6
E0yIANwYE/6MQdKbSdFyyZUdZ0/X9ZxIbzql6UlVDm3tPozmFrid2bwP7FBn6Xae
28Sc+GfU5wO7uYHkRI1xwYqUor6R3T3+jLVIbNyTUlY3ADaCG+8rXLkjYam/Z9zd
VpS6C4nbXzSbhGKscZH8dR7RM+6+HOEmAehsq77l2JlwTRb2yP+E9adtHKqvYpnb
ozVFH/c4RG6SWSWDPDQVbiiq8r7dduGt7ovtp657MCMM/rv5BLwXdoUuP6/LOWVG
Ryox8C1F0AJEf7ghg6KZIse5pJCgwBj3syf3ZasqBeTX/ePw99Pr+4YQTQIDAQAB
o4IDFjCCAxIwHQYDVR0OBBYEFMlY9epc9MJoSiHch1fJqP/UWBFtMB8GA1UdIwQY
MBaAFHanWCbpkSJaQp/4oef/3IBGZCDfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTct
YWQ4ZmJlYWE4ZGQ5LzEveVZqMTZsejB3bWhLSWR5SFY4bW9fOVJZRVcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTctYWQ4ZmJlYWE4ZGQ5
LzEvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKgYIKwYBBQUHAQcBAf8EggEZMIIBFTCCAQIEAgABMIH7
AwQDVPZAAwMAgRoDBAaB6YADBACB6dIDBASB6eAwDAMEAMAjlQMEA8AjkAMEAMAj
mTAMAwQCwCwEAwQAwCwGAwQAwCwIAwQAwCwMAwQAwCwPAwQAwCwSAwQBwCwUAwQA
wCwXMAwDBADALBkDBADALBoDBALALBwwDAMEAsAsJAMEAMAsKAMEAcA2IgMEAMBM
lAMEAMBM8TAMAwQAwEz1AwQAwEz4AwQAwFhsMAwDBAHAZpYDBAHAZpgDBADAZpww
DAMEAcBmngMEAMBmpDAMAwQAwGanAwQAwGaqAwQAwGasMAwDBAHAZq4DBAHAZrAD
BADAbbEDBAXULMAwDQQCAAIwBwMFACoD24AwDQYJKoZIhvcNAQELBQADggEBAJB6
nkzo9E86uz9XJivDUNlNtSPB/0QKPKDMhwKOaU7Tc33X58rcczaVxdy/UFHglRc2
6SJwXdHKIfaVF+0zbEUTMqCQRTsNCi5EssB4Wynss8pnV0ZebOd3SnJ0zcgvkwpH
Hh7I8KO6HIV2C3SOq3V1WMbmfr7yzBqu5iU+HeBEs995EWv0VXftUINjWyN/4LLx
9f+rAYZOBH/BOy3ce8Xmc938GQK5uQl/+9BeAgfX1iCYYDIvG5To+wDXw1+roAsr
yN54KJ6j1UZ3ebaI7Q3RXp/bc0d52XWnSwTewmIX41KhT90tiWesN5iRfGGSDo63
MgXzcB8GEX7lt3qEeeQ=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:44 2025 by rpki-client