Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/2ffxMdRW46le1QDlCrYDr7RL5mo.roa
File: 2ffxMdRW46le1QDlCrYDr7RL5mo.roa (raw, json)
Hash identifier: KFRsTfCOBllolwfToLuJWP7ZkudwB6kowC0eXEkCwGs=
Subject key identifier: D9:F7:F1:31:D4:56:E3:A9:5E:D5:00:E5:0A:B6:03:AF:B4:4B:E6:6A
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 019528B2E2CBADBD7F8C8F9514346764B7EF
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/2ffxMdRW46le1QDlCrYDr7RL5mo.roa
Signing time: Fri 21 Feb 2025 13:29:26 +0000
ROA not before: Fri 21 Feb 2025 13:29:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29278
IP address blocks: 79.172.192.0/18 maxlen: 18
79.172.211.0/24 maxlen: 24
79.172.213.0/24 maxlen: 24
84.21.0.0/19 maxlen: 19
84.21.7.0/24 maxlen: 24
84.21.8.0/24 maxlen: 24
84.21.11.0/24 maxlen: 24
84.21.15.0/24 maxlen: 24
84.21.18.0/24 maxlen: 24
84.21.19.0/24 maxlen: 24
87.229.15.0/24 maxlen: 24
87.229.26.0/24 maxlen: 24
87.229.32.0/24 maxlen: 24
87.229.33.0/24 maxlen: 24
87.229.45.0/24 maxlen: 24
87.229.53.0/24 maxlen: 24
87.229.54.0/24 maxlen: 24
87.229.55.0/24 maxlen: 24
87.229.58.0/24 maxlen: 24
87.229.59.0/24 maxlen: 24
87.229.65.0/24 maxlen: 24
87.229.66.0/24 maxlen: 24
87.229.73.0/24 maxlen: 24
87.229.74.0/23 maxlen: 23
87.229.78.0/24 maxlen: 24
87.229.83.0/24 maxlen: 24
87.229.93.0/24 maxlen: 24
87.229.94.0/24 maxlen: 24
87.229.96.0/24 maxlen: 24
87.229.105.0/24 maxlen: 24
87.229.113.0/24 maxlen: 24
87.229.114.0/24 maxlen: 24
87.229.116.0/24 maxlen: 24
87.229.118.0/24 maxlen: 24
87.229.121.0/24 maxlen: 24
95.138.192.0/21 maxlen: 21
178.238.208.0/20 maxlen: 20
178.238.208.0/21 maxlen: 21
178.238.216.0/21 maxlen: 21
213.181.200.0/24 maxlen: 24
213.181.204.0/24 maxlen: 24
213.181.207.0/24 maxlen: 24
213.181.210.0/24 maxlen: 24
213.181.219.0/24 maxlen: 24
213.181.221.0/24 maxlen: 24
217.113.50.0/24 maxlen: 24
217.113.51.0/24 maxlen: 24
217.113.52.0/24 maxlen: 24
217.113.53.0/24 maxlen: 24
217.113.61.0/24 maxlen: 24
217.113.63.0/24 maxlen: 24
217.144.48.0/23 maxlen: 23
217.144.50.0/24 maxlen: 24
217.144.56.0/21 maxlen: 21
217.144.62.0/24 maxlen: 24
2a02:730::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:28:b2:e2:cb:ad:bd:7f:8c:8f:95:14:34:67:64:b7:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Feb 21 13:29:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9f7f131d456e3a95ed500e50ab603afb44be66a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:f7:42:1a:31:61:87:ec:78:8d:b2:1a:b2:91:
4a:63:1f:c7:ef:88:13:6c:d3:e9:3f:8b:3d:58:ab:
be:2c:69:40:cd:87:51:81:12:64:31:2f:65:f5:29:
1b:48:2e:65:13:c7:ff:d4:a4:ac:ea:73:9f:cd:e7:
f0:ed:3b:4d:27:4f:3d:05:3e:f8:5b:41:d0:7e:7a:
b0:90:1a:8a:65:1b:8d:40:77:13:13:4f:85:67:16:
07:43:97:e4:16:e0:58:03:70:86:ad:1a:f5:e8:fd:
43:9f:10:e5:56:b0:c1:ae:f0:74:a2:11:c9:a7:51:
e7:29:a7:b7:b7:66:70:50:a3:9d:57:f0:57:bd:db:
01:c8:1d:14:ca:42:2a:eb:95:80:7e:c1:ec:94:31:
d7:07:ac:72:6a:96:f1:09:c4:4a:19:ff:e3:4b:5d:
c7:df:9c:b4:43:3b:b6:2a:17:6a:db:77:ef:2c:45:
fd:ee:5c:e4:70:e0:08:b9:64:10:83:81:b2:87:df:
a7:3c:82:42:dc:d2:2b:9b:93:77:13:56:2e:67:85:
95:27:7d:47:d2:39:98:a3:3c:2b:15:28:75:92:87:
83:72:66:1d:1e:b2:33:8e:0e:94:71:ba:25:28:71:
4e:22:b8:76:d2:14:e3:7c:bf:78:4f:f7:54:40:d0:
57:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:F7:F1:31:D4:56:E3:A9:5E:D5:00:E5:0A:B6:03:AF:B4:4B:E6:6A
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/2ffxMdRW46le1QDlCrYDr7RL5mo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.192.0/18
84.21.0.0/19
87.229.15.0/24
87.229.26.0/24
87.229.32.0/23
87.229.45.0/24
87.229.53.0-87.229.55.255
87.229.58.0/23
87.229.65.0-87.229.66.255
87.229.73.0-87.229.75.255
87.229.78.0/24
87.229.83.0/24
87.229.93.0-87.229.94.255
87.229.96.0/24
87.229.105.0/24
87.229.113.0-87.229.114.255
87.229.116.0/24
87.229.118.0/24
87.229.121.0/24
95.138.192.0/21
178.238.208.0/20
213.181.200.0/24
213.181.204.0/24
213.181.207.0/24
213.181.210.0/24
213.181.219.0/24
213.181.221.0/24
217.113.50.0-217.113.53.255
217.113.61.0/24
217.113.63.0/24
217.144.48.0-217.144.50.255
217.144.56.0/21
IPv6:
2a02:730::/32
Signature Algorithm: sha256WithRSAEncryption
3d:ab:36:eb:a4:44:42:d1:13:6a:67:0c:a1:9e:b2:f4:53:8a:
4d:e8:14:ca:b7:e2:9e:9c:4d:3e:56:3f:09:b6:92:5e:98:76:
c7:1b:95:93:b2:2b:d7:66:f4:7f:28:0f:c0:17:52:b2:eb:51:
7b:54:d4:a2:b3:45:da:12:86:74:32:44:31:a6:c5:93:22:aa:
18:3d:c2:29:a6:9c:6b:b3:45:d0:4a:33:41:65:5e:23:1f:67:
66:f5:4f:62:88:e2:56:d1:a7:e5:23:85:61:52:95:12:23:20:
04:e8:bc:f0:0d:1b:2a:af:a2:fc:53:0f:dd:8d:07:c9:e5:e7:
d7:c3:17:43:79:04:08:aa:4d:39:5c:f9:c6:f5:ba:1b:5f:b0:
df:39:c4:67:18:69:d4:65:f0:76:52:2a:6c:59:af:df:f9:0f:
b6:26:1d:96:3a:2f:9b:77:e1:f4:d2:88:03:3d:01:b2:44:06:
39:be:84:63:39:1a:88:06:aa:d3:ec:a4:bd:f7:b7:c4:f6:5a:
b7:4e:d9:78:38:2f:1d:ec:12:dd:2c:aa:70:31:89:50:c2:5f:
ad:94:79:77:63:8e:af:d0:51:2f:bc:df:34:24:51:7f:08:d5:
0c:d3:4a:0a:5f:c1:13:aa:70:e5:21:cc:1e:65:b8:8a:83:cb:
78:2e:ad:14
-----BEGIN CERTIFICATE-----
MIIGBjCCBO6gAwIBAgISAZUosuLLrb1/jI+VFDRnZLfvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwMjIxMTMyOTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWY3ZjEzMWQ0NTZlM2E5NWVkNTAwZTUwYWI2MDNhZmI0NGJlNjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfdCGjFhh+x4jbIaspFKYx/H74gT
bNPpP4s9WKu+LGlAzYdRgRJkMS9l9SkbSC5lE8f/1KSs6nOfzefw7TtNJ089BT74
W0HQfnqwkBqKZRuNQHcTE0+FZxYHQ5fkFuBYA3CGrRr16P1DnxDlVrDBrvB0ohHJ
p1HnKae3t2ZwUKOdV/BXvdsByB0UykIq65WAfsHslDHXB6xyapbxCcRKGf/jS13H
35y0Qzu2Khdq23fvLEX97lzkcOAIuWQQg4Gyh9+nPIJC3NIrm5N3E1YuZ4WVJ31H
0jmYozwrFSh1koeDcmYdHrIzjg6UcbolKHFOIrh20hTjfL94T/dUQNBXpQIDAQAB
o4IDEjCCAw4wHQYDVR0OBBYEFNn38THUVuOpXtUA5Qq2A6+0S+ZqMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvMmZmeE1kUlc0NmxlMVFEbENyWURyN1JMNW1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJgYIKwYBBQUHAQcBAf8EggEVMIIBETCB/wQCAAEwgfgD
BAZPrMADBAVUFQADBABX5Q8DBABX5RoDBAFX5SADBABX5S0wDAMEAFflNQMEA1fl
MAMEAVflOjAMAwQAV+VBAwQAV+VCMAwDBABX5UkDBAJX5UgDBABX5U4DBABX5VMw
DAMEAFflXQMEAFflXgMEAFflYAMEAFflaTAMAwQAV+VxAwQAV+VyAwQAV+V0AwQA
V+V2AwQAV+V5AwQDX4rAAwQEsu7QAwQA1bXIAwQA1bXMAwQA1bXPAwQA1bXSAwQA
1bXbAwQA1bXdMAwDBAHZcTIDBAHZcTQDBADZcT0DBADZcT8wDAMEBNmQMAMEANmQ
MgMEA9mQODANBAIAAjAHAwUAKgIHMDANBgkqhkiG9w0BAQsFAAOCAQEAPas266RE
QtETamcMoZ6y9FOKTegUyrfinpxNPlY/CbaSXph2xxuVk7Ir12b0fygPwBdSsutR
e1TUorNF2hKGdDJEMabFkyKqGD3CKaaca7NF0EozQWVeIx9nZvVPYojiVtGn5SOF
YVKVEiMgBOi88A0bKq+i/FMP3Y0HyeXn18MXQ3kECKpNOVz5xvW6G1+w3znEZxhp
1GXwdlIqbFmv3/kPtiYdljovm3fh9NKIAz0BskQGOb6EYzkaiAaq0+ykvfe3xPZa
t07ZeDgvHewS3SyqcDGJUMJfrZR5d2OOr9BRL7zfNCRRfwjVDNNKCl/BE6pw5SHM
HmW4ioPLeC6tFA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:15:30 2025 by rpki-client