Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/y_r6FuarsmCjE1IhQTmp32v0dcQ.roa
File: y_r6FuarsmCjE1IhQTmp32v0dcQ.roa (raw, json)
Hash identifier: SYOgFPsiL5qFWegrT/tZqPNa+UubbYIApWnFgfID8AE=
Subject key identifier: CB:FA:FA:16:E6:AB:B2:60:A3:13:52:21:41:39:A9:DF:6B:F4:75:C4
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019421440E4970545D058322F0F3A2EC2B72
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/y_r6FuarsmCjE1IhQTmp32v0dcQ.roa
Signing time: Wed 01 Jan 2025 09:48:15 +0000
ROA not before: Wed 01 Jan 2025 09:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62240
IP address blocks: 5.42.218.0/24 maxlen: 24
31.41.253.0/24 maxlen: 24
45.87.124.0/24 maxlen: 24
45.87.125.0/24 maxlen: 24
45.87.127.0/24 maxlen: 24
45.128.124.0/24 maxlen: 24
45.128.128.0/24 maxlen: 24
45.129.198.0/24 maxlen: 24
45.150.112.0/24 maxlen: 24
62.3.7.0/24 maxlen: 24
62.3.31.0/24 maxlen: 24
77.72.83.0/24 maxlen: 24
77.72.84.0/24 maxlen: 24
84.252.69.0/24 maxlen: 24
88.151.11.0/24 maxlen: 24
88.151.112.0/24 maxlen: 24
88.151.115.0/24 maxlen: 24
88.218.184.0/24 maxlen: 24
88.218.185.0/24 maxlen: 24
88.218.186.0/24 maxlen: 24
88.218.187.0/24 maxlen: 24
91.190.158.0/24 maxlen: 24
91.209.31.0/24 maxlen: 24
91.210.68.0/24 maxlen: 24
91.210.69.0/24 maxlen: 24
91.210.71.0/24 maxlen: 24
91.212.169.0/24 maxlen: 24
91.228.215.0/24 maxlen: 24
91.239.212.0/24 maxlen: 24
91.239.213.0/24 maxlen: 24
94.143.230.0/24 maxlen: 24
109.205.62.0/24 maxlen: 24
146.19.51.0/24 maxlen: 24
146.19.111.0/24 maxlen: 24
146.19.120.0/24 maxlen: 24
146.255.186.0/24 maxlen: 24
176.116.17.0/24 maxlen: 24
176.118.38.0/24 maxlen: 24
176.126.98.0/24 maxlen: 24
176.126.102.0/24 maxlen: 24
185.94.67.0/24 maxlen: 24
185.109.236.0/24 maxlen: 24
185.109.237.0/24 maxlen: 24
185.109.238.0/24 maxlen: 24
185.109.239.0/24 maxlen: 24
185.128.41.0/24 maxlen: 24
185.128.42.0/24 maxlen: 24
185.128.43.0/24 maxlen: 24
185.128.224.0/24 maxlen: 24
185.209.50.0/24 maxlen: 24
185.211.168.0/24 maxlen: 24
185.211.169.0/24 maxlen: 24
185.211.171.0/24 maxlen: 24
185.214.164.0/24 maxlen: 24
185.214.165.0/24 maxlen: 24
185.214.167.0/24 maxlen: 24
185.244.161.0/24 maxlen: 24
193.0.62.0/24 maxlen: 24
193.17.65.0/24 maxlen: 24
193.33.188.0/24 maxlen: 24
193.104.177.0/24 maxlen: 24
193.200.61.0/24 maxlen: 24
193.228.129.0/24 maxlen: 24
193.228.131.0/24 maxlen: 24
194.59.222.0/24 maxlen: 24
194.60.76.0/24 maxlen: 24
194.110.251.0/24 maxlen: 24
195.35.105.0/24 maxlen: 24
195.64.103.0/24 maxlen: 24
195.69.161.0/24 maxlen: 24
195.69.162.0/24 maxlen: 24
195.211.164.0/24 maxlen: 24
212.6.36.0/24 maxlen: 24
212.107.25.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:0e:49:70:54:5d:05:83:22:f0:f3:a2:ec:2b:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jan 1 09:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cbfafa16e6abb260a31352214139a9df6bf475c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:e9:bf:d1:33:30:51:e7:d1:13:9d:25:13:15:
d2:18:a1:f3:e5:9f:3e:d4:23:3d:2e:b2:df:2e:b2:
f1:09:09:4e:ad:62:a9:4b:fb:13:41:19:c0:53:a7:
96:a9:cf:a7:a4:0a:dc:26:32:78:57:f6:64:c3:4b:
fb:b5:dd:dc:92:48:c4:54:4b:ae:71:f5:55:c3:8d:
38:f0:a8:48:9e:6a:53:59:e6:f2:5d:d3:d0:a0:62:
f6:86:bd:a3:ca:fd:24:92:1b:61:94:dd:17:ce:85:
a1:c3:c2:ce:f0:df:db:76:61:35:db:dd:56:e5:67:
c4:4d:e5:6a:3b:ec:d0:24:49:a6:87:c3:e7:4b:e4:
20:f0:f4:9e:f4:4d:c9:2f:78:59:ab:f3:7d:26:75:
83:88:c7:b6:55:d8:ca:95:63:61:ee:54:15:7e:54:
26:02:27:11:a0:91:9c:b1:c7:f0:d1:da:24:7b:5c:
33:b8:b0:e5:ed:8e:b3:b9:74:35:18:33:a1:6a:ba:
89:72:0e:8f:d2:e5:4d:fe:66:fc:66:ee:ef:19:09:
f8:d4:32:d6:d8:0d:b8:54:b7:c0:d4:fd:3f:20:7f:
f1:3a:15:61:66:66:ca:28:a7:6e:4e:a4:c0:3c:e7:
b1:07:de:47:cb:ea:0f:20:1e:a7:41:15:41:cc:d7:
06:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:FA:FA:16:E6:AB:B2:60:A3:13:52:21:41:39:A9:DF:6B:F4:75:C4
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/y_r6FuarsmCjE1IhQTmp32v0dcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.218.0/24
31.41.253.0/24
45.87.124.0/23
45.87.127.0/24
45.128.124.0/24
45.128.128.0/24
45.129.198.0/24
45.150.112.0/24
62.3.7.0/24
62.3.31.0/24
77.72.83.0-77.72.84.255
84.252.69.0/24
88.151.11.0/24
88.151.112.0/24
88.151.115.0/24
88.218.184.0/22
91.190.158.0/24
91.209.31.0/24
91.210.68.0/23
91.210.71.0/24
91.212.169.0/24
91.228.215.0/24
91.239.212.0/23
94.143.230.0/24
109.205.62.0/24
146.19.51.0/24
146.19.111.0/24
146.19.120.0/24
146.255.186.0/24
176.116.17.0/24
176.118.38.0/24
176.126.98.0/24
176.126.102.0/24
185.94.67.0/24
185.109.236.0/22
185.128.41.0-185.128.43.255
185.128.224.0/24
185.209.50.0/24
185.211.168.0/23
185.211.171.0/24
185.214.164.0/23
185.214.167.0/24
185.244.161.0/24
193.0.62.0/24
193.17.65.0/24
193.33.188.0/24
193.104.177.0/24
193.200.61.0/24
193.228.129.0/24
193.228.131.0/24
194.59.222.0/24
194.60.76.0/24
194.110.251.0/24
195.35.105.0/24
195.64.103.0/24
195.69.161.0-195.69.162.255
195.211.164.0/24
212.6.36.0/24
212.107.25.0/24
Signature Algorithm: sha256WithRSAEncryption
86:f5:34:c7:13:a9:37:fc:ad:21:b4:a2:14:99:14:b8:08:af:
2a:2b:0f:b5:9e:9e:11:6b:cd:f2:71:03:07:a0:d9:d1:df:54:
d4:07:68:c3:1f:72:32:9d:05:ac:50:96:6d:8e:3c:95:d9:6e:
47:4f:83:49:10:67:dc:8f:29:a3:77:dd:dd:8f:37:88:a9:a4:
2b:a2:01:78:8d:75:3f:5f:06:4e:2a:c2:e0:80:90:00:5e:f1:
50:a4:a5:a2:1b:00:96:7c:4b:6b:a6:a2:b2:89:31:a9:97:29:
85:48:c7:c7:27:c5:85:7f:ce:92:14:ab:2b:12:35:b2:24:9b:
9b:4c:86:b8:ed:a8:3f:f9:95:f2:17:aa:9a:3d:26:3f:b6:51:
1d:4f:5a:00:43:5e:43:85:bb:64:37:8d:2d:ce:16:c1:16:ea:
da:73:4b:e8:1f:b4:c9:7c:39:7b:92:b7:4b:aa:52:68:af:18:
2d:99:74:37:74:76:35:67:de:5b:b0:82:34:5b:41:52:e6:e4:
c2:e2:7a:98:45:42:23:20:20:cd:ca:42:cd:1c:74:39:3b:59:
c2:ca:39:be:fa:be:0f:a1:4f:00:e7:2e:e6:e3:25:04:ee:be:
5b:30:cb:c1:bf:98:47:a8:26:1a:c0:32:df:a9:f0:41:4b:ad:
b7:b5:ae:d1
-----BEGIN CERTIFICATE-----
MIIGezCCBWOgAwIBAgISAZQhRA5JcFRdBYMi8POi7CtyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwMTAxMDk0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmZhZmExNmU2YWJiMjYwYTMxMzUyMjE0MTM5YTlkZjZiZjQ3NWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+em/0TMwUefRE50lExXSGKHz5Z8+
1CM9LrLfLrLxCQlOrWKpS/sTQRnAU6eWqc+npArcJjJ4V/Zkw0v7td3ckkjEVEuu
cfVVw4048KhInmpTWebyXdPQoGL2hr2jyv0kkhthlN0XzoWhw8LO8N/bdmE1291W
5WfETeVqO+zQJEmmh8PnS+Qg8PSe9E3JL3hZq/N9JnWDiMe2VdjKlWNh7lQVflQm
AicRoJGcscfw0doke1wzuLDl7Y6zuXQ1GDOharqJcg6P0uVN/mb8Zu7vGQn41DLW
2A24VLfA1P0/IH/xOhVhZmbKKKduTqTAPOexB95Hy+oPIB6nQRVBzNcG1QIDAQAB
o4IDhzCCA4MwHQYDVR0OBBYEFMv6+hbmq7JgoxNSIUE5qd9r9HXEMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEveV9yNkZ1YXJzbUNqRTFJaFFUbXAzMnYwZGNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBmwYIKwYBBQUHAQcBAf8EggGKMIIBhjCCAYIEAgABMIIB
egMEAAUq2gMEAB8p/QMEAS1XfAMEAC1XfwMEAC2AfAMEAC2AgAMEAC2BxgMEAC2W
cAMEAD4DBwMEAD4DHzAMAwQATUhTAwQATUhUAwQAVPxFAwQAWJcLAwQAWJdwAwQA
WJdzAwQCWNq4AwQAW76eAwQAW9EfAwQBW9JEAwQAW9JHAwQAW9SpAwQAW+TXAwQB
W+/UAwQAXo/mAwQAbc0+AwQAkhMzAwQAkhNvAwQAkhN4AwQAkv+6AwQAsHQRAwQA
sHYmAwQAsH5iAwQAsH5mAwQAuV5DAwQCuW3sMAwDBAC5gCkDBAK5gCgDBAC5gOAD
BAC50TIDBAG506gDBAC506sDBAG51qQDBAC51qcDBAC59KEDBADBAD4DBADBEUED
BADBIbwDBADBaLEDBADByD0DBADB5IEDBADB5IMDBADCO94DBADCPEwDBADCbvsD
BADDI2kDBADDQGcwDAMEAMNFoQMEAMNFogMEAMPTpAMEANQGJAMEANRrGTANBgkq
hkiG9w0BAQsFAAOCAQEAhvU0xxOpN/ytIbSiFJkUuAivKisPtZ6eEWvN8nEDB6DZ
0d9U1Adowx9yMp0FrFCWbY48ldluR0+DSRBn3I8po3fd3Y83iKmkK6IBeI11P18G
TirC4ICQAF7xUKSlohsAlnxLa6aisokxqZcphUjHxyfFhX/OkhSrKxI1siSbm0yG
uO2oP/mV8heqmj0mP7ZRHU9aAENeQ4W7ZDeNLc4WwRbq2nNL6B+0yXw5e5K3S6pS
aK8YLZl0N3R2NWfeW7CCNFtBUubkwuJ6mEVCIyAgzcpCzRx0OTtZwso5vvq+D6FP
AOcu5uMlBO6+WzDLwb+YR6gmGsAy36nwQUutt7Wu0Q==
-----END CERTIFICATE-----
Generated at Thu Apr 3 22:13:36 2025 by rpki-client