Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/pDrGdKgcXes4quzk7Lh5Ka1vr9k.roa
File: pDrGdKgcXes4quzk7Lh5Ka1vr9k.roa (raw, json)
Hash identifier: JXmZvN6wvq9s/qrkI9tgKOrpx2n5jQb8xJL6vMObw8g=
Subject key identifier: A4:3A:C6:74:A8:1C:5D:EB:38:AA:EC:E4:EC:B8:79:29:AD:6F:AF:D9
Certificate issuer: /CN=77b8cf454b0962d16a4855808fd3abc15852bbd8
Certificate serial: 019424B373113EDFE755BD65CC0A51EC8BA3
Authority key identifier: 77:B8:CF:45:4B:09:62:D1:6A:48:55:80:8F:D3:AB:C1:58:52:BB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d7jPRUsJYtFqSFWAj9OrwVhSu9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/pDrGdKgcXes4quzk7Lh5Ka1vr9k.roa
Signing time: Thu 02 Jan 2025 01:48:47 +0000
ROA not before: Thu 02 Jan 2025 01:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8426
IP address blocks: 62.173.64.0/18 maxlen: 24
62.231.128.0/19 maxlen: 24
79.123.0.0/17 maxlen: 24
80.168.0.0/16 maxlen: 24
81.171.128.0/17 maxlen: 24
89.206.128.0/17 maxlen: 24
89.206.216.0/22 maxlen: 22
89.206.216.0/23 maxlen: 23
89.206.218.0/23 maxlen: 23
176.52.208.0/21 maxlen: 24
185.22.164.0/23 maxlen: 24
185.39.232.0/23 maxlen: 24
185.77.72.0/22 maxlen: 24
185.77.74.0/24 maxlen: 24
185.77.200.0/22 maxlen: 24
185.78.204.0/22 maxlen: 24
194.88.132.0/23 maxlen: 24
194.112.32.0/19 maxlen: 24
194.119.128.0/18 maxlen: 24
195.8.64.0/19 maxlen: 24
195.58.192.0/19 maxlen: 24
195.102.0.0/16 maxlen: 24
195.157.0.0/16 maxlen: 24
195.216.0.0/19 maxlen: 24
195.245.201.0/24 maxlen: 24
212.49.192.0/18 maxlen: 24
212.125.64.0/19 maxlen: 24
212.126.128.0/19 maxlen: 24
212.169.0.0/18 maxlen: 24
212.188.128.0/17 maxlen: 24
213.2.0.0/16 maxlen: 24
213.165.128.0/19 maxlen: 24
213.253.0.0/18 maxlen: 24
217.158.0.0/16 maxlen: 24
2001:67c:1088::/47 maxlen: 48
2001:67c:1089::/48 maxlen: 48
2001:67c:27dc::/48 maxlen: 48
2001:a88::/32 maxlen: 32
2a00:ed0::/32 maxlen: 32
2a00:62e0::/32 maxlen: 32
2a02:e100::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:73:11:3e:df:e7:55:bd:65:cc:0a:51:ec:8b:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77b8cf454b0962d16a4855808fd3abc15852bbd8
Validity
Not Before: Jan 2 01:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a43ac674a81c5deb38aaece4ecb87929ad6fafd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c0:ac:7e:bc:b9:1f:69:67:b1:ca:94:bb:ba:
53:60:d4:8a:fc:1b:25:9e:d1:d4:40:dd:95:98:05:
fc:81:75:1b:7a:54:b8:3a:b2:e5:66:be:0b:11:31:
5b:0e:6f:45:2a:be:2a:36:d7:ff:58:62:2e:83:99:
a3:62:df:6f:79:6f:85:a6:13:48:86:20:13:e3:41:
b7:18:40:95:63:8b:01:87:c9:ac:a7:47:af:f2:fd:
80:a0:58:8b:cd:59:56:b7:8f:be:79:f2:a0:48:ff:
db:ef:b9:1f:3c:71:c6:26:26:a9:42:72:03:22:e3:
45:ba:b8:1e:b0:97:52:40:dd:98:31:97:17:94:ef:
36:40:c3:3f:2f:35:74:22:74:cf:9c:60:75:e1:8f:
d6:cd:37:ed:f3:9d:56:4c:6f:8f:a1:1d:ed:a4:95:
dc:1f:f2:09:74:f0:3c:62:c5:7d:ae:1f:d8:a7:30:
0c:8d:d9:2d:f1:31:fc:07:82:d1:54:3c:c7:f5:9b:
36:d6:88:42:83:83:43:3d:5d:bf:14:c9:4c:0c:45:
4c:97:e2:b3:9b:d1:8c:d0:bc:8a:40:df:47:e3:a9:
c6:80:c5:cf:5a:c0:32:29:2f:45:47:22:a3:8c:07:
36:99:34:fc:80:5e:96:eb:9e:64:ea:64:b7:68:3e:
30:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:3A:C6:74:A8:1C:5D:EB:38:AA:EC:E4:EC:B8:79:29:AD:6F:AF:D9
X509v3 Authority Key Identifier:
keyid:77:B8:CF:45:4B:09:62:D1:6A:48:55:80:8F:D3:AB:C1:58:52:BB:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7jPRUsJYtFqSFWAj9OrwVhSu9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/pDrGdKgcXes4quzk7Lh5Ka1vr9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/d7jPRUsJYtFqSFWAj9OrwVhSu9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.173.64.0/18
62.231.128.0/19
79.123.0.0/17
80.168.0.0/16
81.171.128.0/17
89.206.128.0/17
176.52.208.0/21
185.22.164.0/23
185.39.232.0/23
185.77.72.0/22
185.77.200.0/22
185.78.204.0/22
194.88.132.0/23
194.112.32.0/19
194.119.128.0/18
195.8.64.0/19
195.58.192.0/19
195.102.0.0/16
195.157.0.0/16
195.216.0.0/19
195.245.201.0/24
212.49.192.0/18
212.125.64.0/19
212.126.128.0/19
212.169.0.0/18
212.188.128.0/17
213.2.0.0/16
213.165.128.0/19
213.253.0.0/18
217.158.0.0/16
IPv6:
2001:67c:1088::/47
2001:67c:27dc::/48
2001:a88::/32
2a00:ed0::/32
2a00:62e0::/32
2a02:e100::/29
Signature Algorithm: sha256WithRSAEncryption
34:5c:ed:47:c7:56:51:f6:9a:a4:74:97:2c:0c:01:b0:8e:14:
a3:ff:6d:82:89:34:ca:08:68:f8:35:6c:81:5b:98:0b:8b:11:
bd:27:0c:c6:6d:ad:2c:45:a0:76:13:36:2b:a3:6e:03:1b:30:
23:e3:6c:00:b5:ae:bd:3f:02:e2:75:eb:bc:b5:2c:03:8d:f2:
12:81:c3:d0:94:fa:d7:01:41:5c:62:03:77:5c:da:fb:c3:60:
7e:ac:b4:1c:3b:6b:0b:f0:d7:e9:4f:03:b4:1b:4e:a9:d8:38:
b2:bc:29:e4:3f:b5:eb:ab:4a:00:6d:a5:3a:f3:ec:b4:02:71:
6e:1f:71:47:fa:b7:d9:4d:51:a0:d5:ce:f8:6e:ff:0b:d2:a5:
13:89:c1:00:17:18:49:a9:14:50:5b:15:99:ad:e0:6d:00:f3:
7e:74:e1:6c:04:f0:ae:d2:96:82:9f:28:cc:24:3b:18:80:1a:
b9:16:48:ea:7d:35:80:ae:ca:01:fb:66:03:9f:86:80:15:ec:
1a:72:9c:cc:f8:93:81:01:d8:03:fa:89:80:0e:ec:b4:b2:c1:
4c:f8:bd:ec:9d:4c:46:9b:f8:e5:fa:1a:94:be:c8:90:74:32:
3a:ba:76:30:6b:6c:ae:ce:df:52:c4:93:c8:02:be:73:7f:ed:
bc:9e:1c:df
-----BEGIN CERTIFICATE-----
MIIF4jCCBMqgAwIBAgISAZQks3MRPt/nVb1lzApR7IujMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YjhjZjQ1NGIwOTYyZDE2YTQ4NTU4MDhmZDNhYmMxNTg1
MmJiZDgwHhcNMjUwMTAyMDE0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDNhYzY3NGE4MWM1ZGViMzhhYWVjZTRlY2I4NzkyOWFkNmZhZmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMCsfry5H2lnscqUu7pTYNSK/Bsl
ntHUQN2VmAX8gXUbelS4OrLlZr4LETFbDm9FKr4qNtf/WGIug5mjYt9veW+FphNI
hiAT40G3GECVY4sBh8msp0ev8v2AoFiLzVlWt4++efKgSP/b77kfPHHGJiapQnID
IuNFurgesJdSQN2YMZcXlO82QMM/LzV0InTPnGB14Y/WzTft851WTG+PoR3tpJXc
H/IJdPA8YsV9rh/YpzAMjdkt8TH8B4LRVDzH9Zs21ohCg4NDPV2/FMlMDEVMl+Kz
m9GM0LyKQN9H46nGgMXPWsAyKS9FRyKjjAc2mTT8gF6W655k6mS3aD4wnwIDAQAB
o4IC7jCCAuowHQYDVR0OBBYEFKQ6xnSoHF3rOKrs5Oy4eSmtb6/ZMB8GA1UdIwQY
MBaAFHe4z0VLCWLRakhVgI/Tq8FYUrvYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDdqUFJVc0pZdEZxU0ZXQWo5T3J3VmhTdTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9jMTcxY2EtNGIxYi00MTg3LWJhNDYt
YTRmYzllMjQ1OGVjLzEvcERyR2RLZ2NYZXM0cXV6azdMaDVLYTF2cjlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9jMTcxY2EtNGIxYi00MTg3LWJhNDYtYTRmYzllMjQ1OGVj
LzEvZDdqUFJVc0pZdEZxU0ZXQWo5T3J3VmhTdTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAgYIKwYBBQUHAQcBAf8EgfIwge8wgbYEAgABMIGvAwQG
Pq1AAwQFPueAAwQHT3sAAwMAUKgDBAdRq4ADBAdZzoADBAOwNNADBAG5FqQDBAG5
J+gDBAK5TUgDBAK5TcgDBAK5TswDBAHCWIQDBAXCcCADBAbCd4ADBAXDCEADBAXD
OsADAwDDZgMDAMOdAwQFw9gAAwQAw/XJAwQG1DHAAwQF1H1AAwQF1H6AAwQG1KkA
AwQH1LyAAwMA1QIDBAXVpYADBAbV/QADAwDZnjA0BAIAAjAuAwcBIAEGfBCIAwcA
IAEGfCfcAwUAIAEKiAMFACoADtADBQAqAGLgAwUDKgLhADANBgkqhkiG9w0BAQsF
AAOCAQEANFztR8dWUfaapHSXLAwBsI4Uo/9tgok0ygho+DVsgVuYC4sRvScMxm2t
LEWgdhM2K6NuAxswI+NsALWuvT8C4nXrvLUsA43yEoHD0JT61wFBXGIDd1za+8Ng
fqy0HDtrC/DX6U8DtBtOqdg4srwp5D+166tKAG2lOvPstAJxbh9xR/q32U1RoNXO
+G7/C9KlE4nBABcYSakUUFsVma3gbQDzfnThbATwrtKWgp8ozCQ7GIAauRZI6n01
gK7KAftmA5+GgBXsGnKczPiTgQHYA/qJgA7stLLBTPi97J1MRpv45foalL7IkHQy
Orp2MGtsrs7fUsSTyAK+c3/tvJ4c3w==
-----END CERTIFICATE-----
Generated at Wed Apr 9 03:44:58 2025 by rpki-client