Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/00ec78-7e44-49e4-8443-9db5be4d0eff/1/jKboLUfB9OdB4IMvWADdb2qrlM4.roa
File: jKboLUfB9OdB4IMvWADdb2qrlM4.roa (raw, json)
Hash identifier: PqQ43fQxF0I9EtTzxte2DNlgpduINYcEvfIupFXRZDY=
Subject key identifier: 8C:A6:E8:2D:47:C1:F4:E7:41:E0:83:2F:58:00:DD:6F:6A:AB:94:CE
Certificate issuer: /CN=cf640b02311376dc96eebfeca755c3b0061140ec
Certificate serial: 152C6B94
Authority key identifier: CF:64:0B:02:31:13:76:DC:96:EE:BF:EC:A7:55:C3:B0:06:11:40:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z2QLAjETdtyW7r_sp1XDsAYRQOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/00ec78-7e44-49e4-8443-9db5be4d0eff/1/jKboLUfB9OdB4IMvWADdb2qrlM4.roa
Signing time: Fri 18 Mar 2022 14:17:55 +0000
ROA not before: Fri 18 Mar 2022 14:17:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8315
IP address blocks: 162.248.199.0/24 maxlen: 24
185.113.196.0/22 maxlen: 24
94.198.24.0/21 maxlen: 24
185.113.224.0/22 maxlen: 24
5.100.224.0/21 maxlen: 24
213.171.128.0/19 maxlen: 24
213.171.144.0/20 maxlen: 24
79.99.184.0/21 maxlen: 24
185.113.52.0/22 maxlen: 24
89.18.160.0/19 maxlen: 24
162.251.32.0/21 maxlen: 24
185.12.132.0/22 maxlen: 24
178.251.192.0/21 maxlen: 24
176.62.192.0/21 maxlen: 24
213.214.96.0/19 maxlen: 24
83.98.192.0/21 maxlen: 24
194.105.128.0/23 maxlen: 24
83.98.200.0/22 maxlen: 24
83.98.208.0/20 maxlen: 24
213.247.32.0/19 maxlen: 24
91.216.113.0/24 maxlen: 24
193.34.150.0/23 maxlen: 24
91.216.141.0/24 maxlen: 24
85.92.128.0/19 maxlen: 24
185.38.156.0/22 maxlen: 24
91.200.51.0/24 maxlen: 24
91.200.48.0/23 maxlen: 24
85.158.160.0/21 maxlen: 24
134.0.88.0/22 maxlen: 24
134.0.92.0/23 maxlen: 24
213.189.0.0/19 maxlen: 24
213.189.0.0/21 maxlen: 24
213.189.8.0/22 maxlen: 24
185.77.120.0/22 maxlen: 24
194.165.34.0/24 maxlen: 24
217.195.112.0/20 maxlen: 24
185.74.77.0/24 maxlen: 24
185.74.76.0/24 maxlen: 24
89.30.128.0/17 maxlen: 24
83.98.128.0/18 maxlen: 24
213.189.16.0/20 maxlen: 24
85.222.192.0/21 maxlen: 24
93.175.176.0/20 maxlen: 24
89.30.224.0/22 maxlen: 24
185.30.236.0/22 maxlen: 24
2a00:1bd8::/32 maxlen: 48
2a02:2858::/29 maxlen: 48
2a02:20b0::/32 maxlen: 48
2001:4198::/32 maxlen: 48
2a02:2858:500::/40 maxlen: 40
2001:16f8::/32 maxlen: 48
2a02:20b2::/32 maxlen: 48
2a02:20b1::/32 maxlen: 48
2a03:5500::/31 maxlen: 48
2a01:40e0::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 355232660 (0x152c6b94)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf640b02311376dc96eebfeca755c3b0061140ec
Validity
Not Before: Mar 18 14:17:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8ca6e82d47c1f4e741e0832f5800dd6f6aab94ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:8e:2b:43:f4:e5:50:ce:40:6f:b2:10:36:5d:
4b:1a:b2:3c:58:f5:91:c5:b2:c7:55:b6:0e:3f:a5:
d8:bc:1c:a7:12:c0:42:f9:1d:5c:4f:bf:d4:bf:eb:
0d:87:59:eb:91:cc:62:3f:31:a0:51:26:01:f7:78:
2f:aa:7b:88:9f:fd:a0:f8:68:13:cc:90:fb:b7:fe:
e2:98:44:72:b5:14:e3:3f:c5:df:6f:af:f2:12:18:
83:b7:a7:de:80:02:12:b5:7a:01:25:7c:04:d3:5a:
14:1b:e6:e8:a3:41:4c:a6:22:d5:64:a7:8f:b0:1e:
95:97:b1:f2:f1:c7:77:c6:9a:c8:72:1d:20:1e:0e:
93:28:d3:ce:8f:b6:ac:54:48:6d:b3:c6:91:10:de:
ce:bc:15:70:08:bb:de:cd:33:eb:a6:3c:bd:71:c2:
75:79:8b:0c:b7:ee:5b:ce:13:62:43:fc:54:dd:17:
d5:c1:d6:69:3c:25:0d:dd:06:71:89:35:71:c4:c0:
d4:9b:58:df:73:de:e3:63:37:01:cf:ea:f4:b4:10:
dc:2d:c8:fd:92:64:ea:df:b9:f4:13:72:e9:c9:90:
34:77:dc:35:73:e1:9b:a1:8e:79:e1:05:88:90:16:
e0:41:3f:85:cf:b0:d7:bd:ed:14:7a:0c:0b:f7:db:
ac:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:A6:E8:2D:47:C1:F4:E7:41:E0:83:2F:58:00:DD:6F:6A:AB:94:CE
X509v3 Authority Key Identifier:
keyid:CF:64:0B:02:31:13:76:DC:96:EE:BF:EC:A7:55:C3:B0:06:11:40:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z2QLAjETdtyW7r_sp1XDsAYRQOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/00ec78-7e44-49e4-8443-9db5be4d0eff/1/jKboLUfB9OdB4IMvWADdb2qrlM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/00ec78-7e44-49e4-8443-9db5be4d0eff/1/z2QLAjETdtyW7r_sp1XDsAYRQOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.100.224.0/21
79.99.184.0/21
83.98.128.0-83.98.203.255
83.98.208.0/20
85.92.128.0/19
85.158.160.0/21
85.222.192.0/21
89.18.160.0/19
89.30.128.0/17
91.200.48.0/23
91.200.51.0/24
91.216.113.0/24
91.216.141.0/24
93.175.176.0/20
94.198.24.0/21
134.0.88.0-134.0.93.255
162.248.199.0/24
162.251.32.0/21
176.62.192.0/21
178.251.192.0/21
185.12.132.0/22
185.30.236.0/22
185.38.156.0/22
185.74.76.0/23
185.77.120.0/22
185.113.52.0/22
185.113.196.0/22
185.113.224.0/22
193.34.150.0/23
194.105.128.0/23
194.165.34.0/24
213.171.128.0/19
213.189.0.0/19
213.214.96.0/19
213.247.32.0/19
217.195.112.0/20
IPv6:
2001:16f8::/32
2001:4198::/32
2a00:1bd8::/32
2a01:40e0::/32
2a02:20b0::-2a02:20b2:ffff:ffff:ffff:ffff:ffff:ffff
2a02:2858::/29
2a03:5500::/31
Signature Algorithm: sha256WithRSAEncryption
1a:61:1b:2d:a9:f1:55:b6:a1:76:f5:46:11:0e:ce:6a:63:f4:
de:18:40:86:aa:25:1c:cb:c1:fc:00:62:d0:10:b6:30:5a:86:
b2:2b:44:4e:42:23:bf:05:93:6e:e8:7f:b3:c4:7a:80:28:5c:
bb:84:54:ee:dd:cd:33:56:91:e7:64:9c:01:fa:d8:5f:10:7d:
e4:32:95:9d:df:fd:da:e1:3e:36:75:c8:7e:70:bb:be:72:a8:
ff:95:ef:45:44:7e:1c:83:d2:62:16:2e:7d:18:d3:b8:45:32:
37:2b:ce:00:60:80:fd:4e:78:99:c2:36:64:ea:d9:b0:f2:89:
b8:b1:ad:df:9b:58:83:cf:d8:0f:f4:9b:ca:54:1b:d5:db:e8:
a8:fc:36:61:9c:61:2f:17:2d:7f:40:a8:70:09:a4:fb:75:2c:
d3:fd:7d:81:f9:8a:93:00:a4:b1:fa:61:18:e0:58:3b:55:f4:
a3:16:0b:85:59:76:a7:09:d1:e4:2a:ba:f6:8d:28:39:d8:aa:
21:24:63:0d:a4:56:44:7d:82:7b:57:14:91:d4:42:c8:37:d5:
30:be:c5:96:b7:ec:6b:11:c3:9d:b8:cd:36:22:e2:47:94:38:
35:03:b8:b2:a9:2d:34:11:ec:8b:c4:26:93:80:81:c2:a3:e6:
48:7a:d1:ef
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgIEFSxrlDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZjY0MGIwMjMxMTM3NmRjOTZlZWJmZWNhNzU1YzNiMDA2MTE0MGVjMB4XDTIyMDMx
ODE0MTc1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGNhNmU4MmQ0N2Mx
ZjRlNzQxZTA4MzJmNTgwMGRkNmY2YWFiOTRjZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIeOK0P05VDOQG+yEDZdSxqyPFj1kcWyx1W2Dj+l2LwcpxLA
QvkdXE+/1L/rDYdZ65HMYj8xoFEmAfd4L6p7iJ/9oPhoE8yQ+7f+4phEcrUU4z/F
32+v8hIYg7en3oACErV6ASV8BNNaFBvm6KNBTKYi1WSnj7AelZex8vHHd8aayHId
IB4OkyjTzo+2rFRIbbPGkRDezrwVcAi73s0z66Y8vXHCdXmLDLfuW84TYkP8VN0X
1cHWaTwlDd0GcYk1ccTA1JtY33Pe42M3Ac/q9LQQ3C3I/ZJk6t+59BNy6cmQNHfc
NXPhm6GOeeEFiJAW4EE/hc+w173tFHoMC/fbrKECAwEAAaOCAzUwggMxMB0GA1Ud
DgQWBBSMpugtR8H050Hggy9YAN1vaquUzjAfBgNVHSMEGDAWgBTPZAsCMRN23Jbu
v+ynVcOwBhFA7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3oyUUxBakVUZHR5VzdyX3NwMVhEc0FZUlFPdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjUvMDBlYzc4LTdlNDQtNDllNC04NDQzLTlkYjViZTRkMGVmZi8x
L2pLYm9MVWZCOU9kQjRJTXZXQURkYjJxcmxNNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUv
MDBlYzc4LTdlNDQtNDllNC04NDQzLTlkYjViZTRkMGVmZi8xL3oyUUxBakVUZHR5
VzdyX3NwMVhEc0FZUlFPdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AUkGCCsGAQUFBwEHAQH/BIIBODCCATQwge8EAgABMIHoAwQDBWTgAwQDT2O4MAwD
BAdTYoADBAJTYsgDBARTYtADBAVVXIADBANVnqADBANV3sADBAVZEqADBAdZHoAD
BAFbyDADBABbyDMDBABb2HEDBABb2I0DBARdr7ADBANexhgwDAMEA4YAWAMEAYYA
XAMEAKL4xwMEA6L7IAMEA7A+wAMEA7L7wAMEArkMhAMEArke7AMEArkmnAMEAblK
TAMEArlNeAMEArlxNAMEArlxxAMEArlx4AMEAcEilgMEAcJpgAMEAMKlIgMEBdWr
gAMEBdW9AAMEBdXWYAMEBdX3IAMEBNnDcDBABAIAAjA6AwUAIAEW+AMFACABQZgD
BQAqABvYAwUAKgFA4DAOAwUEKgIgsAMFACoCILIDBQMqAihYAwUBKgNVADANBgkq
hkiG9w0BAQsFAAOCAQEAGmEbLanxVbahdvVGEQ7OamP03hhAhqolHMvB/ABi0BC2
MFqGsitETkIjvwWTbuh/s8R6gChcu4RU7t3NM1aR52ScAfrYXxB95DKVnd/92uE+
NnXIfnC7vnKo/5XvRUR+HIPSYhYufRjTuEUyNyvOAGCA/U54mcI2ZOrZsPKJuLGt
35tYg8/YD/SbylQb1dvoqPw2YZxhLxctf0CocAmk+3Us0/19gfmKkwCksfphGOBY
O1X0oxYLhVl2pwnR5Cq69o0oOdiqISRjDaRWRH2Ce1cUkdRCyDfVML7FlrfsaxHD
nbjNNiLiR5Q4NQO4sqktNBHsi8Qmk4CBwqPmSHrR7w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:57 2024 by rpki-client on console-ams.rpki-client.org