Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/iDMGcpKONw7667eGCLm0Qun3V9M.roa
File: iDMGcpKONw7667eGCLm0Qun3V9M.roa (raw, json)
Hash identifier: zZoFgHMABQeVm8fwMjpYyPIOwxMwS92P3AW1egAehBw=
Subject key identifier: 88:33:06:72:92:8E:37:0E:FA:EB:B7:86:08:B9:B4:42:E9:F7:57:D3
Certificate issuer: /CN=a4cb50e78a3a31e3375cf2aab865e845ff2e99c1
Certificate serial: 018571956F0094534DE3C5FEAE86B8E4FAE6
Authority key identifier: A4:CB:50:E7:8A:3A:31:E3:37:5C:F2:AA:B8:65:E8:45:FF:2E:99:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pMtQ54o6MeM3XPKquGXoRf8umcE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/iDMGcpKONw7667eGCLm0Qun3V9M.roa
Signing time: Mon 02 Jan 2023 08:24:56 +0000
ROA not before: Mon 02 Jan 2023 08:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5394
IP address blocks: 81.29.184.0/21 maxlen: 21
81.29.180.0/22 maxlen: 22
194.183.0.0/19 maxlen: 19
77.39.224.0/20 maxlen: 20
77.39.224.0/19 maxlen: 19
194.183.16.0/24 maxlen: 24
77.39.240.0/20 maxlen: 20
77.39.160.0/19 maxlen: 19
77.39.160.0/20 maxlen: 20
77.39.176.0/20 maxlen: 20
195.250.224.0/19 maxlen: 19
195.250.224.0/24 maxlen: 24
195.250.232.0/24 maxlen: 24
217.72.96.0/20 maxlen: 20
195.94.152.0/24 maxlen: 24
195.94.160.0/24 maxlen: 24
195.94.128.0/18 maxlen: 18
194.79.208.0/20 maxlen: 20
194.79.207.0/24 maxlen: 24
213.233.27.0/24 maxlen: 24
213.233.32.0/19 maxlen: 19
213.233.36.0/24 maxlen: 24
194.79.192.0/20 maxlen: 20
194.79.192.0/19 maxlen: 19
213.233.0.0/19 maxlen: 19
213.233.0.0/18 maxlen: 18
2a02:688::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:6f:00:94:53:4d:e3:c5:fe:ae:86:b8:e4:fa:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4cb50e78a3a31e3375cf2aab865e845ff2e99c1
Validity
Not Before: Jan 2 08:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88330672928e370efaebb78608b9b442e9f757d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:dc:32:ca:01:52:61:38:4a:9b:70:e2:72:60:
d0:03:17:08:87:34:26:a3:18:4d:36:79:93:8f:02:
6d:1d:5c:cc:05:ae:2c:cc:f4:94:a3:89:28:08:cf:
b1:2e:8a:a2:8f:5f:fa:22:e7:42:db:03:9f:7f:f3:
79:49:f6:71:6d:9f:78:f8:7a:61:fb:64:ad:50:1e:
9d:49:9a:83:51:a4:f8:59:85:b6:36:94:aa:33:f6:
b1:ef:f7:c5:fd:cc:e7:b2:47:7d:2b:3e:92:f7:a1:
3b:96:40:fc:c6:e0:98:8a:d1:e7:07:99:76:a4:fa:
09:90:00:17:8e:7e:50:7b:e2:0c:38:e6:e9:e5:40:
cd:72:5a:5b:f9:b1:7e:a2:3c:80:b8:90:79:db:8b:
41:d8:74:f5:42:24:aa:14:8f:f6:31:23:db:15:4f:
fe:d4:02:d1:cf:97:d2:0e:dd:1c:d8:40:37:08:25:
c5:84:71:d3:2b:12:40:20:a4:70:cd:21:d2:d0:cb:
4b:3d:56:11:55:73:76:1f:ae:e4:70:5b:fe:92:91:
ed:0e:ff:b5:5c:db:a2:7a:0c:0a:18:93:c4:ff:ab:
e3:fe:e1:2d:e1:57:7e:c0:33:41:21:de:c9:0d:e0:
bd:bd:1d:ac:54:0a:66:7d:f3:7e:4d:da:52:2b:42:
cb:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:33:06:72:92:8E:37:0E:FA:EB:B7:86:08:B9:B4:42:E9:F7:57:D3
X509v3 Authority Key Identifier:
keyid:A4:CB:50:E7:8A:3A:31:E3:37:5C:F2:AA:B8:65:E8:45:FF:2E:99:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pMtQ54o6MeM3XPKquGXoRf8umcE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/iDMGcpKONw7667eGCLm0Qun3V9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/pMtQ54o6MeM3XPKquGXoRf8umcE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.39.160.0/19
77.39.224.0/19
81.29.180.0-81.29.191.255
194.79.192.0/19
194.183.0.0/19
195.94.128.0/18
195.250.224.0/19
213.233.0.0/18
217.72.96.0/20
IPv6:
2a02:688::/32
Signature Algorithm: sha256WithRSAEncryption
46:76:90:73:05:b3:7e:90:68:b6:9f:75:30:c0:20:d6:ec:47:
79:e7:8f:cf:35:cf:f9:3b:39:84:c7:45:d6:32:53:3a:99:e0:
d0:5c:6c:f5:a2:d2:96:db:98:81:d1:f8:d1:44:72:c1:d6:04:
56:c0:a5:1c:58:ca:86:0e:7b:10:1e:39:57:f4:84:6b:6c:c2:
59:e9:d0:ef:29:49:ef:31:aa:9b:d1:50:f1:89:25:92:10:eb:
9f:73:e2:b9:19:e5:a9:ef:e1:73:63:42:6e:c5:d5:d7:2d:f4:
3a:41:76:ea:34:6b:1a:7b:27:d1:0f:0d:26:fd:84:22:99:bf:
f3:03:72:2e:a2:6e:a1:48:89:9d:53:02:e3:ab:ea:84:49:42:
71:40:51:68:9f:08:cd:3e:43:70:46:10:7d:1c:74:7d:09:4e:
84:b8:d9:5e:8a:2e:e3:8c:ab:cc:8b:43:a2:14:2d:e6:e3:ab:
65:61:54:3a:29:c5:02:6c:ff:b3:12:79:42:57:b6:d7:ca:b2:
34:9c:7f:0f:5c:82:ab:08:68:10:bf:8d:c5:0e:a4:52:c3:13:
5e:a0:18:0d:38:f8:bd:09:fc:48:d2:26:61:90:5e:65:26:bb:
be:8c:b6:93:ed:88:a6:de:c8:b6:c1:d2:66:56:d5:a9:3a:a3:
94:d1:f8:e9
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYVxlW8AlFNN48X+roa45PrmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0Y2I1MGU3OGEzYTMxZTMzNzVjZjJhYWI4NjVlODQ1ZmYy
ZTk5YzEwHhcNMjMwMTAyMDgyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODMzMDY3MjkyOGUzNzBlZmFlYmI3ODYwOGI5YjQ0MmU5Zjc1N2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNwyygFSYThKm3DicmDQAxcIhzQm
oxhNNnmTjwJtHVzMBa4szPSUo4koCM+xLoqij1/6IudC2wOff/N5SfZxbZ94+Hph
+2StUB6dSZqDUaT4WYW2NpSqM/ax7/fF/cznskd9Kz6S96E7lkD8xuCYitHnB5l2
pPoJkAAXjn5Qe+IMOObp5UDNclpb+bF+ojyAuJB524tB2HT1QiSqFI/2MSPbFU/+
1ALRz5fSDt0c2EA3CCXFhHHTKxJAIKRwzSHS0MtLPVYRVXN2H67kcFv+kpHtDv+1
XNuiegwKGJPE/6vj/uEt4Vd+wDNBId7JDeC9vR2sVApmffN+TdpSK0LL0QIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFIgzBnKSjjcO+uu3hgi5tELp91fTMB8GA1UdIwQY
MBaAFKTLUOeKOjHjN1zyqrhl6EX/LpnBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE10UTU0bzZNZU0zWFBLcXVHWG9SZjh1bWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9iMWYyZTAtOGE2MC00YzhhLTkwZGMt
NGJlNzk0ZDY0MDZkLzEvaURNR2NwS09Odzc2NjdlR0NMbTBRdW4zVjlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9iMWYyZTAtOGE2MC00YzhhLTkwZGMtNGJlNzk0ZDY0MDZk
LzEvcE10UTU0bzZNZU0zWFBLcXVHWG9SZjh1bWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBEBAIAATA+AwQFTSegAwQF
TSfgMAwDBAJRHbQDBAZRHYADBAXCT8ADBAXCtwADBAbDXoADBAXD+uADBAbV6QAD
BATZSGAwDQQCAAIwBwMFACoCBogwDQYJKoZIhvcNAQELBQADggEBAEZ2kHMFs36Q
aLafdTDAINbsR3nnj881z/k7OYTHRdYyUzqZ4NBcbPWi0pbbmIHR+NFEcsHWBFbA
pRxYyoYOexAeOVf0hGtswlnp0O8pSe8xqpvRUPGJJZIQ659z4rkZ5anv4XNjQm7F
1dct9DpBduo0axp7J9EPDSb9hCKZv/MDci6ibqFIiZ1TAuOr6oRJQnFAUWifCM0+
Q3BGEH0cdH0JToS42V6KLuOMq8yLQ6IULebjq2VhVDopxQJs/7MSeUJXttfKsjSc
fw9cgqsIaBC/jcUOpFLDE16gGA04+L0J/EjSJmGQXmUmu76MtpPtiKbeyLbB0mZW
1ak6o5TR+Ok=
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:15:26 2025 by rpki-client