Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/TRibq3hMSV-ImSCJ9oVF8J8d0SU.roa
File: TRibq3hMSV-ImSCJ9oVF8J8d0SU.roa (raw, json)
Hash identifier: w47XRrGsi9PgIZOeiJ6Y2O1ZfBar9NzDYZ1SoDL3t80=
Subject key identifier: 4D:18:9B:AB:78:4C:49:5F:88:99:20:89:F6:85:45:F0:9F:1D:D1:25
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 0195BFA6BAAD95D04549352531FAA718D711
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/TRibq3hMSV-ImSCJ9oVF8J8d0SU.roa
Signing time: Sat 22 Mar 2025 20:58:49 +0000
ROA not before: Sat 22 Mar 2025 20:58:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50670
IP address blocks: 81.21.8.0/24 maxlen: 24
81.21.9.0/24 maxlen: 24
81.21.14.0/24 maxlen: 24
109.237.192.0/20 maxlen: 24
109.237.192.0/24 maxlen: 24
109.237.193.0/24 maxlen: 24
109.237.194.0/24 maxlen: 24
109.237.195.0/24 maxlen: 24
109.237.196.0/24 maxlen: 24
109.237.197.0/24 maxlen: 24
109.237.198.0/24 maxlen: 24
109.237.199.0/24 maxlen: 24
109.237.200.0/24 maxlen: 24
109.237.201.0/24 maxlen: 24
109.237.202.0/24 maxlen: 24
109.237.203.0/24 maxlen: 24
109.237.204.0/24 maxlen: 24
109.237.205.0/24 maxlen: 24
109.237.206.0/24 maxlen: 24
109.237.207.0/24 maxlen: 24
176.241.64.0/21 maxlen: 24
176.241.64.0/24 maxlen: 24
176.241.65.0/24 maxlen: 24
176.241.66.0/24 maxlen: 24
176.241.67.0/24 maxlen: 24
176.241.68.0/24 maxlen: 24
176.241.69.0/24 maxlen: 24
176.241.70.0/24 maxlen: 24
176.241.71.0/24 maxlen: 24
178.20.184.0/21 maxlen: 24
178.20.184.0/24 maxlen: 24
178.20.185.0/24 maxlen: 24
178.20.186.0/24 maxlen: 24
178.20.187.0/24 maxlen: 24
178.20.188.0/24 maxlen: 24
178.20.189.0/24 maxlen: 24
178.20.190.0/24 maxlen: 24
178.20.191.0/24 maxlen: 24
185.51.212.0/22 maxlen: 22
185.51.212.0/24 maxlen: 24
185.51.213.0/24 maxlen: 24
185.51.214.0/24 maxlen: 24
185.51.215.0/24 maxlen: 24
185.193.176.0/22 maxlen: 22
185.193.176.0/24 maxlen: 24
185.193.177.0/24 maxlen: 24
185.193.178.0/24 maxlen: 24
185.193.179.0/24 maxlen: 24
2a01:1d0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:bf:a6:ba:ad:95:d0:45:49:35:25:31:fa:a7:18:d7:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Mar 22 20:58:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d189bab784c495f88992089f68545f09f1dd125
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:8d:70:5f:6c:78:52:bd:a6:49:f0:68:9d:c9:
0a:ea:26:9f:77:ad:a1:47:4e:6c:ca:3a:d7:58:f2:
b3:67:73:91:17:bb:f4:2b:76:19:ba:7d:e9:54:d8:
2a:f6:f9:18:fb:4b:04:40:9d:da:f8:79:58:e3:72:
41:89:19:4b:93:bb:d8:62:a1:bb:92:1e:a0:b3:49:
6d:96:2f:ea:f7:64:a5:c6:51:52:86:ce:76:28:19:
03:38:1e:7f:24:90:cb:15:a7:f6:b2:df:65:95:10:
bb:9a:ec:da:4b:bf:f0:15:7a:ef:0e:f8:ea:40:42:
88:b4:74:b1:75:7a:1a:ed:3c:9c:3f:2c:37:6c:cd:
1b:88:fe:18:80:07:15:5f:ea:bd:db:09:0b:b8:2f:
b7:3c:a6:fa:1f:4e:46:ff:8f:7c:d2:b7:34:81:57:
08:21:ec:09:6d:61:21:66:a7:ab:85:eb:3a:55:39:
39:0c:c2:da:2a:e9:fc:2b:29:9d:03:7b:c0:49:9f:
28:68:a2:62:7d:a7:09:91:0d:35:43:69:bb:19:e6:
76:a9:94:ae:af:00:ba:e5:8a:8e:d0:62:74:e7:0f:
bb:b2:29:4f:5b:99:53:23:13:45:bc:dd:08:43:47:
f9:ae:1c:4a:52:fd:3b:fa:b0:ba:6a:ee:11:86:ca:
1d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:18:9B:AB:78:4C:49:5F:88:99:20:89:F6:85:45:F0:9F:1D:D1:25
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/TRibq3hMSV-ImSCJ9oVF8J8d0SU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.21.8.0/23
81.21.14.0/24
109.237.192.0/20
176.241.64.0/21
178.20.184.0/21
185.51.212.0/22
185.193.176.0/22
IPv6:
2a01:1d0::/32
Signature Algorithm: sha256WithRSAEncryption
7e:49:73:16:bf:31:9f:37:fc:10:78:50:75:63:a9:8a:b7:8b:
56:c2:93:f8:12:c6:99:3d:4a:b6:94:80:ce:00:f8:db:8b:42:
c1:41:3a:49:b1:d0:61:bb:7d:22:2a:d6:66:50:18:0d:be:f3:
82:12:4c:f4:09:20:2e:dc:b0:f3:9d:6c:ab:bc:4c:26:ce:90:
e8:31:65:4c:e1:57:9a:2d:f5:7a:57:ef:40:2b:d4:32:1b:61:
ac:37:f2:58:3c:8c:24:eb:8c:18:72:a9:2f:29:75:9f:ce:da:
da:c4:9f:20:8d:90:48:47:c9:a0:af:26:38:5f:92:cf:43:d3:
aa:ee:02:c2:71:29:20:4c:0a:f9:4e:80:b9:c3:f7:7d:51:ad:
f4:a4:49:ad:8b:33:1e:17:f6:79:f2:a2:1d:02:c5:5d:36:83:
95:b7:0e:bc:d6:1e:4e:a0:2d:88:12:1d:47:b4:9e:74:d8:ec:
84:02:8a:04:20:1c:b4:9a:fb:3c:6b:28:af:7f:2c:b3:32:c1:
8d:a5:0b:93:1b:a0:4f:7f:d5:1c:ab:5c:90:5b:31:93:ea:66:
6b:d8:a2:88:fa:6c:18:95:c8:bc:da:fd:85:71:2a:d3:27:df:
ec:21:19:be:26:16:a9:67:0c:9a:cb:11:03:c3:82:7a:b5:6e:
b6:c0:e0:a6
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZW/prqtldBFSTUlMfqnGNcRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjUwMzIyMjA1ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDE4OWJhYjc4NGM0OTVmODg5OTIwODlmNjg1NDVmMDlmMWRkMTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAto1wX2x4Ur2mSfBonckK6iafd62h
R05syjrXWPKzZ3ORF7v0K3YZun3pVNgq9vkY+0sEQJ3a+HlY43JBiRlLk7vYYqG7
kh6gs0ltli/q92SlxlFShs52KBkDOB5/JJDLFaf2st9llRC7muzaS7/wFXrvDvjq
QEKItHSxdXoa7TycPyw3bM0biP4YgAcVX+q92wkLuC+3PKb6H05G/4980rc0gVcI
IewJbWEhZqerhes6VTk5DMLaKun8KymdA3vASZ8oaKJifacJkQ01Q2m7GeZ2qZSu
rwC65YqO0GJ05w+7silPW5lTIxNFvN0IQ0f5rhxKUv07+rC6au4RhsodOQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFE0Ym6t4TElfiJkgifaFRfCfHdElMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvVFJpYnEzaE1TVi1JbVNDSjlvVkY4SjhkMFNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQBURUIAwQA
URUOAwQEbe3AAwQDsPFAAwQDshS4AwQCuTPUAwQCucGwMA0EAgACMAcDBQAqAQHQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB+SXMWvzGfN/wQeFB1Y6mKt4tWwpP4EsaZPUq2
lIDOAPjbi0LBQTpJsdBhu30iKtZmUBgNvvOCEkz0CSAu3LDznWyrvEwmzpDoMWVM
4VeaLfV6V+9AK9QyG2GsN/JYPIwk64wYcqkvKXWfztraxJ8gjZBIR8mgryY4X5LP
Q9Oq7gLCcSkgTAr5ToC5w/d9Ua30pEmtizMeF/Z58qIdAsVdNoOVtw681h5OoC2I
Eh1HtJ502OyEAooEIBy0mvs8ayivfyyzMsGNpQuTG6BPf9Ucq1yQWzGT6mZr2KKI
+mwYlci82v2FcSrTJ9/sIRm+JhapZwyayxEDw4J6tW62wOCm
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:53:25 2025 by rpki-client