Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/81df33-7538-40d8-b81e-d18610075efc/1/y90pAfzLQMR55Sa5PvGbioONASA.roa
File: y90pAfzLQMR55Sa5PvGbioONASA.roa (raw, json)
Hash identifier: n9aRyUE5bDJ/tLya1U0ZStHeIcqZXIPWtBR2+GDXo8s=
Subject key identifier: CB:DD:29:01:FC:CB:40:C4:79:E5:26:B9:3E:F1:9B:8A:83:8D:01:20
Certificate issuer: /CN=5336107179715609dca422bc07a098468c529452
Certificate serial: 019421B1F6559B3E83C385AA96491E3E8344
Authority key identifier: 53:36:10:71:79:71:56:09:DC:A4:22:BC:07:A0:98:46:8C:52:94:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UzYQcXlxVgncpCK8B6CYRoxSlFI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/81df33-7538-40d8-b81e-d18610075efc/1/y90pAfzLQMR55Sa5PvGbioONASA.roa
Signing time: Wed 01 Jan 2025 11:48:18 +0000
ROA not before: Wed 01 Jan 2025 11:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43927
IP address blocks: 45.131.128.0/23 maxlen: 24
46.102.240.0/21 maxlen: 24
77.81.240.0/21 maxlen: 24
89.32.144.0/21 maxlen: 24
89.33.197.0/24 maxlen: 24
89.45.248.0/21 maxlen: 24
91.188.224.0/24 maxlen: 24
91.188.225.0/24 maxlen: 24
91.188.226.0/24 maxlen: 24
91.188.227.0/24 maxlen: 24
92.114.98.0/24 maxlen: 24
93.113.174.0/24 maxlen: 24
185.105.32.0/22 maxlen: 24
185.125.108.0/24 maxlen: 24
185.125.109.0/24 maxlen: 24
185.125.110.0/23 maxlen: 24
185.199.172.0/24 maxlen: 24
185.199.173.0/24 maxlen: 24
185.199.174.0/24 maxlen: 24
185.199.175.0/24 maxlen: 24
185.250.104.0/24 maxlen: 24
185.250.105.0/24 maxlen: 24
185.250.106.0/24 maxlen: 24
185.250.107.0/24 maxlen: 24
188.240.47.0/24 maxlen: 24
188.241.112.0/21 maxlen: 24
2a06:cd40:1::/48 maxlen: 48
2a06:cd40:2::/48 maxlen: 48
2a06:cd40:3::/48 maxlen: 48
2a06:cd40:4::/48 maxlen: 48
2a06:cd40:100::/48 maxlen: 48
2a06:cd40:101::/48 maxlen: 64
2a06:cd40:200::/48 maxlen: 48
2a06:cd40:300::/48 maxlen: 64
2a06:cd40:301::/48 maxlen: 64
2a06:cd40:400::/48 maxlen: 48
2a06:cd40:cafe::/48 maxlen: 48
2a06:cd40:caff::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:f6:55:9b:3e:83:c3:85:aa:96:49:1e:3e:83:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5336107179715609dca422bc07a098468c529452
Validity
Not Before: Jan 1 11:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cbdd2901fccb40c479e526b93ef19b8a838d0120
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:54:1a:fe:02:93:ce:f6:f8:d8:16:0a:ea:65:
7f:ee:ff:06:a1:c3:4c:cf:9a:55:64:6e:fe:4c:18:
fd:43:3c:ce:dc:3b:8e:b9:96:e3:37:e6:97:e3:37:
25:a2:98:d3:21:60:43:2c:3a:61:a4:a6:76:d1:d8:
1d:8e:25:0a:01:40:6c:f3:bb:e2:95:da:10:14:a0:
2e:60:b9:db:18:65:ab:54:03:e0:d7:cc:d2:ec:aa:
d9:e3:16:1e:fe:32:03:43:fc:9e:84:30:d2:59:39:
1d:7c:17:07:84:7a:5f:89:09:d3:51:7a:53:3f:35:
bd:13:87:4b:f9:b7:a6:4c:c1:9c:21:ea:59:1c:9a:
a4:73:ec:84:69:94:6f:ac:24:89:16:c8:ad:ea:d6:
f9:71:d5:a7:fe:3d:33:1e:06:b8:c4:4d:4a:45:8d:
27:d5:55:42:00:35:d0:a9:86:a3:4c:b1:5c:a3:f7:
a7:ae:ac:3b:c5:52:53:7d:37:2f:36:f9:a9:4e:41:
6d:94:96:cc:50:9c:01:be:44:58:dc:b7:f0:c7:67:
49:81:86:44:06:b7:05:be:a3:c7:c7:23:c2:8b:f8:
db:b0:43:9d:67:da:63:85:3c:94:fd:93:77:d8:79:
b7:09:98:46:96:f2:ae:99:36:3d:e1:f0:19:71:86:
f8:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:DD:29:01:FC:CB:40:C4:79:E5:26:B9:3E:F1:9B:8A:83:8D:01:20
X509v3 Authority Key Identifier:
keyid:53:36:10:71:79:71:56:09:DC:A4:22:BC:07:A0:98:46:8C:52:94:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UzYQcXlxVgncpCK8B6CYRoxSlFI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/81df33-7538-40d8-b81e-d18610075efc/1/y90pAfzLQMR55Sa5PvGbioONASA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/81df33-7538-40d8-b81e-d18610075efc/1/UzYQcXlxVgncpCK8B6CYRoxSlFI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.128.0/23
46.102.240.0/21
77.81.240.0/21
89.32.144.0/21
89.33.197.0/24
89.45.248.0/21
91.188.224.0/22
92.114.98.0/24
93.113.174.0/24
185.105.32.0/22
185.125.108.0/22
185.199.172.0/22
185.250.104.0/22
188.240.47.0/24
188.241.112.0/21
IPv6:
2a06:cd40:1::-2a06:cd40:4:ffff:ffff:ffff:ffff:ffff
2a06:cd40:100::/47
2a06:cd40:200::/48
2a06:cd40:300::/47
2a06:cd40:400::/48
2a06:cd40:cafe::/47
Signature Algorithm: sha256WithRSAEncryption
c0:ad:f6:78:60:7e:13:d7:f8:f1:35:7a:1b:63:f2:6c:fd:4d:
7c:e1:15:ac:d5:3f:96:76:9a:2b:e7:98:01:bb:bd:4f:30:cc:
fb:c8:60:4d:0f:0e:ab:f3:f8:dc:e2:f8:67:ed:e2:e2:50:90:
25:12:3e:7d:31:6c:6c:a0:18:f2:91:63:d0:ac:50:7c:1b:19:
3a:b4:89:30:a6:fc:d9:37:c7:25:67:55:87:fc:34:72:cc:6e:
00:76:f1:e0:14:74:3d:98:42:b9:7f:43:14:e3:b1:42:8e:2d:
83:46:70:01:53:e1:8c:5b:29:d8:67:da:d6:a6:4f:a7:1f:99:
ce:32:22:89:c5:37:fd:29:c0:57:af:2b:64:8a:8b:05:02:92:
0b:3e:d4:b1:5c:2c:e2:ca:9c:a9:da:5d:87:57:2a:11:01:17:
63:26:cc:9d:ca:45:d2:e5:94:09:44:82:e6:60:65:dc:1a:54:
1e:5d:7f:cf:29:91:52:b5:31:e5:9b:d3:01:df:7b:58:54:d2:
49:21:5e:ab:ec:5e:34:96:89:29:f3:0e:6e:9f:d8:9b:1a:17:
5d:95:97:45:88:23:2e:e5:27:d1:0b:06:19:de:b7:42:39:45:
50:7d:e1:0e:4f:ef:9d:5a:a8:f0:02:ac:93:88:64:0e:74:60:
ba:c5:5e:43
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgISAZQhsfZVmz6Dw4WqlkkePoNEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMzYxMDcxNzk3MTU2MDlkY2E0MjJiYzA3YTA5ODQ2OGM1
Mjk0NTIwHhcNMjUwMTAxMTE0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmRkMjkwMWZjY2I0MGM0NzllNTI2YjkzZWYxOWI4YTgzOGQwMTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFQa/gKTzvb42BYK6mV/7v8GocNM
z5pVZG7+TBj9QzzO3DuOuZbjN+aX4zclopjTIWBDLDphpKZ20dgdjiUKAUBs87vi
ldoQFKAuYLnbGGWrVAPg18zS7KrZ4xYe/jIDQ/yehDDSWTkdfBcHhHpfiQnTUXpT
PzW9E4dL+bemTMGcIepZHJqkc+yEaZRvrCSJFsit6tb5cdWn/j0zHga4xE1KRY0n
1VVCADXQqYajTLFco/enrqw7xVJTfTcvNvmpTkFtlJbMUJwBvkRY3Lfwx2dJgYZE
BrcFvqPHxyPCi/jbsEOdZ9pjhTyU/ZN32Hm3CZhGlvKumTY94fAZcYb49QIDAQAB
o4ICqTCCAqUwHQYDVR0OBBYEFMvdKQH8y0DEeeUmuT7xm4qDjQEgMB8GA1UdIwQY
MBaAFFM2EHF5cVYJ3KQivAegmEaMUpRSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXpZUWNYbHhWZ25jcENLOEI2Q1lSb3hTbEZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS84MWRmMzMtNzUzOC00MGQ4LWI4MWUt
ZDE4NjEwMDc1ZWZjLzEveTkwcEFmekxRTVI1NVNhNVB2R2Jpb09OQVNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS84MWRmMzMtNzUzOC00MGQ4LWI4MWUtZDE4NjEwMDc1ZWZj
LzEvVXpZUWNYbHhWZ25jcENLOEI2Q1lSb3hTbEZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG+BggrBgEFBQcBBwEB/wSBrjCBqzBgBAIAATBaAwQBLYOA
AwQDLmbwAwQDTVHwAwQDWSCQAwQAWSHFAwQDWS34AwQCW7zgAwQAXHJiAwQAXXGu
AwQCuWkgAwQCuX1sAwQCucesAwQCufpoAwQAvPAvAwQDvPFwMEcEAgACMEEwEgMH
ACoGzUAAAQMHACoGzUAABAMHASoGzUABAAMHACoGzUACAAMHASoGzUADAAMHACoG
zUAEAAMHASoGzUDK/jANBgkqhkiG9w0BAQsFAAOCAQEAwK32eGB+E9f48TV6G2Py
bP1NfOEVrNU/lnaaK+eYAbu9TzDM+8hgTQ8Oq/P43OL4Z+3i4lCQJRI+fTFsbKAY
8pFj0KxQfBsZOrSJMKb82TfHJWdVh/w0csxuAHbx4BR0PZhCuX9DFOOxQo4tg0Zw
AVPhjFsp2Gfa1qZPpx+ZzjIiicU3/SnAV68rZIqLBQKSCz7UsVws4sqcqdpdh1cq
EQEXYybMncpF0uWUCUSC5mBl3BpUHl1/zymRUrUx5ZvTAd97WFTSSSFeq+xeNJaJ
KfMObp/YmxoXXZWXRYgjLuUn0QsGGd63QjlFUH3hDk/vnVqo8AKsk4hkDnRgusVe
Qw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:52:04 2025 by rpki-client