Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/kbI81xw-ZDaoDc8s-pa3GtACsqg.roa
File: kbI81xw-ZDaoDc8s-pa3GtACsqg.roa (raw, json)
Hash identifier: ZYCOls9ZE0SBIWMNNuzkBzOgjInZ8TrojpcuIsh3A+I=
Subject key identifier: 91:B2:3C:D7:1C:3E:64:36:A8:0D:CF:2C:FA:96:B7:1A:D0:02:B2:A8
Certificate issuer: /CN=d41703db3020cc1ef2fd71091a468f4a649c238f
Certificate serial: 018FBF77AE754F3ABA049A336FAB7E13504E
Authority key identifier: D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/kbI81xw-ZDaoDc8s-pa3GtACsqg.roa
Signing time: Tue 28 May 2024 13:50:42 +0000
ROA not before: Tue 28 May 2024 13:50:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49544
IP address blocks: 5.180.216.0/23 maxlen: 23
5.180.218.0/23 maxlen: 23
5.200.0.0/19 maxlen: 24
31.204.128.0/19 maxlen: 24
31.204.132.0/22 maxlen: 22
31.204.136.0/23 maxlen: 23
89.104.168.0/23 maxlen: 23
89.104.170.0/23 maxlen: 23
91.195.234.0/23 maxlen: 23
91.198.152.0/24 maxlen: 24
91.216.207.0/24 maxlen: 24
104.153.84.0/22 maxlen: 22
109.200.192.0/19 maxlen: 24
109.200.194.0/23 maxlen: 23
109.200.208.0/22 maxlen: 22
138.128.136.0/22 maxlen: 22
138.128.140.0/22 maxlen: 22
146.247.76.0/22 maxlen: 22
162.244.52.0/22 maxlen: 23
162.245.204.0/22 maxlen: 22
185.41.140.0/22 maxlen: 22
185.50.104.0/22 maxlen: 22
185.52.12.0/22 maxlen: 24
185.179.200.0/23 maxlen: 24
185.179.202.0/23 maxlen: 24
185.197.24.0/22 maxlen: 23
188.122.64.0/19 maxlen: 24
193.43.218.0/23 maxlen: 23
212.19.224.0/22 maxlen: 22
213.163.64.0/19 maxlen: 24
213.179.192.0/19 maxlen: 19
213.179.192.0/22 maxlen: 22
213.179.196.0/22 maxlen: 22
213.179.200.0/22 maxlen: 22
213.179.204.0/22 maxlen: 22
213.179.209.0/24 maxlen: 24
213.179.210.0/23 maxlen: 23
213.179.212.0/22 maxlen: 22
213.179.216.0/22 maxlen: 22
213.179.220.0/22 maxlen: 22
2a00:1630::/29 maxlen: 32
2a00:1630::/32 maxlen: 48
2a00:1631::/32 maxlen: 32
2a00:1632::/32 maxlen: 32
2a00:1637::/32 maxlen: 32
2a00:1d20::/29 maxlen: 32
2a00:1d26::/32 maxlen: 34
2a01:9580::/32 maxlen: 34
2a01:9580:c000::/34 maxlen: 34
2a04:c600::/29 maxlen: 34
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:bf:77:ae:75:4f:3a:ba:04:9a:33:6f:ab:7e:13:50:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d41703db3020cc1ef2fd71091a468f4a649c238f
Validity
Not Before: May 28 13:50:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91b23cd71c3e6436a80dcf2cfa96b71ad002b2a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9c:49:3b:f1:6b:86:5f:8f:e3:d1:12:31:fe:
20:9b:5e:d6:a2:47:2a:11:0f:a5:a5:79:54:c9:1d:
ad:92:cc:e4:8d:d7:fc:b7:81:d2:d9:06:03:2d:87:
09:03:c6:a4:4d:ae:a6:b1:ec:11:fd:bd:f3:9e:13:
9d:7a:21:c8:06:c3:74:25:76:8c:e3:15:ba:69:68:
f3:3b:a6:9a:ec:5c:6b:eb:7a:78:33:5d:03:6d:a8:
b3:45:d0:e3:5a:9f:6f:2e:a1:75:c7:03:e0:cd:89:
be:ad:60:1f:3e:f1:ef:72:d1:41:8b:1b:92:d0:e1:
41:e4:59:75:f8:e9:d9:1c:cf:91:2e:77:ba:e5:bc:
93:68:03:39:72:83:7a:90:3a:77:0a:34:41:ff:e1:
8b:e4:bf:70:97:82:c8:fb:25:de:96:6b:73:89:38:
4e:8e:2e:e7:cf:39:0a:2e:05:21:8a:c0:53:a1:72:
f2:39:01:f4:63:4c:c2:8d:76:2b:d3:e6:08:27:84:
f2:c1:1b:9c:b4:f1:77:7f:66:01:c3:a2:a9:51:cf:
52:15:d1:f6:32:82:d5:2c:4d:61:85:47:01:e8:49:
64:f7:0e:43:6c:f4:41:52:59:a4:30:16:f1:38:59:
12:d8:70:e5:56:84:7a:f4:79:a5:af:d1:75:b1:ae:
e9:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:B2:3C:D7:1C:3E:64:36:A8:0D:CF:2C:FA:96:B7:1A:D0:02:B2:A8
X509v3 Authority Key Identifier:
keyid:D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/kbI81xw-ZDaoDc8s-pa3GtACsqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/1BcD2zAgzB7y_XEJGkaPSmScI48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.216.0/22
5.200.0.0/19
31.204.128.0/19
89.104.168.0/22
91.195.234.0/23
91.198.152.0/24
91.216.207.0/24
104.153.84.0/22
109.200.192.0/19
138.128.136.0/21
146.247.76.0/22
162.244.52.0/22
162.245.204.0/22
185.41.140.0/22
185.50.104.0/22
185.52.12.0/22
185.179.200.0/22
185.197.24.0/22
188.122.64.0/19
193.43.218.0/23
212.19.224.0/22
213.163.64.0/19
213.179.192.0/19
IPv6:
2a00:1630::/29
2a00:1d20::/29
2a01:9580::/32
2a04:c600::/29
Signature Algorithm: sha256WithRSAEncryption
52:9f:57:91:3e:96:67:e3:3f:d4:26:a4:6e:69:54:46:2a:36:
71:a2:4e:13:ad:67:38:cd:8a:a0:cf:22:2b:23:03:25:fe:37:
da:3e:12:62:9c:cd:32:a1:fb:46:96:9f:fe:4b:53:aa:be:25:
a7:70:1e:38:8a:7a:5b:ef:7f:4c:5b:10:4b:4c:ea:9c:08:70:
9a:ac:79:7b:40:82:fc:5d:d8:c1:73:7f:19:80:fb:dd:72:73:
6c:71:cc:6a:ff:cd:a9:e3:83:e3:7e:50:e2:86:45:6e:83:b2:
6d:13:5f:87:d6:00:3f:59:e8:4b:3b:75:52:de:db:4c:8c:49:
5d:f3:4e:35:a4:68:3d:9d:a3:60:46:23:83:80:0f:d3:ab:0a:
1d:9e:70:47:18:91:9c:9e:be:40:15:cb:d3:c3:44:8e:5b:fb:
46:ae:6c:65:19:43:24:7a:a0:cf:49:0d:7f:5d:61:a9:17:66:
82:f8:16:ad:48:2f:63:43:f6:1a:81:4a:b4:bb:e6:23:0f:f4:
0d:a0:fc:4a:bd:a3:92:f6:bd:12:a0:94:4e:e8:5e:9a:5a:ca:
29:f5:0d:a9:73:4d:50:52:bf:e2:f2:e6:87:7c:15:3e:78:0d:
4c:bf:02:16:18:64:9a:4c:ca:65:d3:16:60:1f:c9:33:05:72:
07:a1:ba:96
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAY+/d651Tzq6BJozb6t+E1BOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MTcwM2RiMzAyMGNjMWVmMmZkNzEwOTFhNDY4ZjRhNjQ5
YzIzOGYwHhcNMjQwNTI4MTM1MDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWIyM2NkNzFjM2U2NDM2YTgwZGNmMmNmYTk2YjcxYWQwMDJiMmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZxJO/Frhl+P49ESMf4gm17Wokcq
EQ+lpXlUyR2tkszkjdf8t4HS2QYDLYcJA8akTa6msewR/b3znhOdeiHIBsN0JXaM
4xW6aWjzO6aa7Fxr63p4M10DbaizRdDjWp9vLqF1xwPgzYm+rWAfPvHvctFBixuS
0OFB5Fl1+OnZHM+RLne65byTaAM5coN6kDp3CjRB/+GL5L9wl4LI+yXelmtziThO
ji7nzzkKLgUhisBToXLyOQH0Y0zCjXYr0+YIJ4TywRuctPF3f2YBw6KpUc9SFdH2
MoLVLE1hhUcB6Elk9w5DbPRBUlmkMBbxOFkS2HDlVoR69Hmlr9F1sa7p2wIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFJGyPNccPmQ2qA3PLPqWtxrQArKoMB8GA1UdIwQY
MBaAFNQXA9swIMwe8v1xCRpGj0pknCOPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYt
NDhkMzFjNzVmMzFlLzEva2JJODF4dy1aRGFvRGM4cy1wYTNHdEFDc3FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYtNDhkMzFjNzVmMzFl
LzEvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBkQQCAAEwgYoDBAIF
tNgDBAUFyAADBAUfzIADBAJZaKgDBAFbw+oDBABbxpgDBABb2M8DBAJomVQDBAVt
yMADBAOKgIgDBAKS90wDBAKi9DQDBAKi9cwDBAK5KYwDBAK5MmgDBAK5NAwDBAK5
s8gDBAK5xRgDBAW8ekADBAHBK9oDBALUE+ADBAXVo0ADBAXVs8AwIgQCAAIwHAMF
AyoAFjADBQMqAB0gAwUAKgGVgAMFAyoExgAwDQYJKoZIhvcNAQELBQADggEBAFKf
V5E+lmfjP9QmpG5pVEYqNnGiThOtZzjNiqDPIisjAyX+N9o+EmKczTKh+0aWn/5L
U6q+JadwHjiKelvvf0xbEEtM6pwIcJqseXtAgvxd2MFzfxmA+91yc2xxzGr/zanj
g+N+UOKGRW6Dsm0TX4fWAD9Z6Es7dVLe20yMSV3zTjWkaD2do2BGI4OAD9OrCh2e
cEcYkZyevkAVy9PDRI5b+0aubGUZQyR6oM9JDX9dYakXZoL4Fq1IL2ND9hqBSrS7
5iMP9A2g/Eq9o5L2vRKglE7oXppayin1DalzTVBSv+Ly5od8FT54DUy/AhYYZJpM
ymXTFmAfyTMFcgehupY=
-----END CERTIFICATE-----
Generated at Tue Apr 8 17:28:32 2025 by rpki-client