Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/u0DuyAdjXVGy9upEOuSQPJ_gv54.roa
File: u0DuyAdjXVGy9upEOuSQPJ_gv54.roa (raw, json)
Hash identifier: 8/IJm1QmD+iL9UBxk+lA38HMUo4jG6/5srzplsbrdjs=
Subject key identifier: BB:40:EE:C8:07:63:5D:51:B2:F6:EA:44:3A:E4:90:3C:9F:E0:BF:9E
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 019503CBA7A92C0534C70C67BDAC03055210
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/u0DuyAdjXVGy9upEOuSQPJ_gv54.roa
Signing time: Fri 14 Feb 2025 09:30:33 +0000
ROA not before: Fri 14 Feb 2025 09:30:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12325
IP address blocks: 37.156.35.0/24 maxlen: 24
84.247.36.0/22 maxlen: 24
85.204.241.0/24 maxlen: 24
86.105.151.0/24 maxlen: 24
86.105.224.0/24 maxlen: 24
86.107.77.0/24 maxlen: 24
86.107.184.0/24 maxlen: 24
86.107.244.0/23 maxlen: 24
89.33.81.0/24 maxlen: 24
89.33.87.0/24 maxlen: 24
89.34.90.0/24 maxlen: 24
89.34.174.0/24 maxlen: 24
89.35.26.0/24 maxlen: 24
89.35.51.0/24 maxlen: 24
89.35.172.0/24 maxlen: 24
89.37.142.0/24 maxlen: 24
89.39.80.0/24 maxlen: 24
89.39.90.0/24 maxlen: 24
89.39.214.0/24 maxlen: 24
89.39.245.0/24 maxlen: 24
89.40.69.0/24 maxlen: 24
89.40.204.0/24 maxlen: 24
89.42.158.0/23 maxlen: 24
92.114.104.0/23 maxlen: 24
93.113.98.0/23 maxlen: 24
93.113.214.0/23 maxlen: 24
93.115.56.0/23 maxlen: 24
93.117.175.0/24 maxlen: 24
94.176.3.0/24 maxlen: 24
176.223.168.0/22 maxlen: 24
188.212.131.0/24 maxlen: 24
188.215.68.0/23 maxlen: 24
188.241.66.0/23 maxlen: 24
188.241.127.0/24 maxlen: 24
188.241.128.0/22 maxlen: 24
188.241.132.0/23 maxlen: 24
188.241.138.0/23 maxlen: 24
188.241.143.0/24 maxlen: 24
188.241.213.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:03:cb:a7:a9:2c:05:34:c7:0c:67:bd:ac:03:05:52:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Feb 14 09:30:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb40eec807635d51b2f6ea443ae4903c9fe0bf9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:6d:f4:6b:6c:c8:e4:5f:de:eb:d1:7a:e4:df:
1c:ce:57:20:92:95:c8:d6:55:95:50:04:0c:03:4b:
40:41:97:f1:2c:2d:0e:44:e5:7c:6e:c2:58:e6:a5:
64:fa:42:f4:45:e0:4f:79:a6:08:44:1f:70:43:f5:
20:b6:9d:93:9c:6a:4c:b3:ef:6f:d9:1d:7c:59:6a:
5d:be:12:76:51:1b:c2:d3:67:b7:47:2a:a0:81:5d:
67:40:cc:4d:fb:52:2b:25:39:3d:06:7b:ed:05:aa:
37:91:89:52:8b:61:a1:db:a0:ed:a7:43:62:fe:65:
b2:bd:8d:8b:87:40:2d:ab:db:c8:70:72:47:01:b4:
cc:67:27:76:f7:5a:e3:b2:44:97:d0:31:31:04:0f:
e5:a1:d6:c7:4b:1b:8a:af:ac:0f:d2:05:4a:94:57:
cc:06:0b:63:ff:3e:14:bf:e6:5c:f3:8c:0a:64:7d:
c5:fe:67:ca:15:c5:a6:8e:fc:3c:13:ed:3b:10:a6:
c8:9e:db:1e:ea:bd:01:d4:ac:77:bd:58:25:f3:7c:
a6:e9:22:ef:e5:0c:a6:ab:77:1f:08:2a:16:03:5d:
3b:03:30:38:5f:eb:f8:36:d3:e5:9a:de:aa:92:ea:
c0:50:3c:2a:66:59:04:5d:14:0c:20:61:8e:d3:97:
c7:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:40:EE:C8:07:63:5D:51:B2:F6:EA:44:3A:E4:90:3C:9F:E0:BF:9E
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/u0DuyAdjXVGy9upEOuSQPJ_gv54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.35.0/24
84.247.36.0/22
85.204.241.0/24
86.105.151.0/24
86.105.224.0/24
86.107.77.0/24
86.107.184.0/24
86.107.244.0/23
89.33.81.0/24
89.33.87.0/24
89.34.90.0/24
89.34.174.0/24
89.35.26.0/24
89.35.51.0/24
89.35.172.0/24
89.37.142.0/24
89.39.80.0/24
89.39.90.0/24
89.39.214.0/24
89.39.245.0/24
89.40.69.0/24
89.40.204.0/24
89.42.158.0/23
92.114.104.0/23
93.113.98.0/23
93.113.214.0/23
93.115.56.0/23
93.117.175.0/24
94.176.3.0/24
176.223.168.0/22
188.212.131.0/24
188.215.68.0/23
188.241.66.0/23
188.241.127.0-188.241.133.255
188.241.138.0/23
188.241.143.0/24
188.241.213.0/24
Signature Algorithm: sha256WithRSAEncryption
09:6a:45:66:23:74:80:19:39:f4:60:54:b9:16:1e:2a:39:ba:
e6:46:da:8c:ec:91:9e:b8:70:bd:3d:55:b0:cf:f7:02:da:5a:
55:9a:7d:9a:3a:fc:65:f1:e4:1c:97:6b:1a:56:11:0f:4e:51:
a5:88:06:4f:da:3d:8a:38:84:10:d6:10:68:b2:94:9b:46:91:
b6:e3:93:e9:92:31:29:f4:6a:10:15:23:b6:50:ae:0c:66:a6:
13:a2:9d:22:76:6c:3f:51:1b:0d:d2:e3:e8:64:fb:6f:4f:f5:
86:bf:18:1d:f6:56:f9:63:9f:2f:25:90:3b:24:11:4d:44:e2:
06:f6:92:68:e6:da:d3:0e:0f:ae:0c:9c:47:71:fb:50:81:90:
0a:ce:97:c2:be:f4:a5:79:85:ea:28:06:9a:69:bc:03:19:7c:
48:14:39:04:fb:2b:31:0b:d2:dd:f3:68:16:3a:87:c3:09:bd:
7d:ec:11:20:17:e8:75:c5:b6:67:db:88:f2:41:47:2b:af:88:
80:58:03:a3:81:8c:80:83:32:29:29:1a:f7:54:90:20:67:d5:
55:75:9c:6a:a3:e2:c4:c5:be:a2:ae:a3:c8:59:a2:87:82:81:
65:f6:0f:00:22:eb:a3:53:4a:a7:96:c2:a9:31:25:c6:6d:d3:
a9:0e:f9:85
-----BEGIN CERTIFICATE-----
MIIF5TCCBM2gAwIBAgISAZUDy6epLAU0xwxnvawDBVIQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjUwMjE0MDkzMDMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjQwZWVjODA3NjM1ZDUxYjJmNmVhNDQzYWU0OTAzYzlmZTBiZjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2G30a2zI5F/e69F65N8czlcgkpXI
1lWVUAQMA0tAQZfxLC0OROV8bsJY5qVk+kL0ReBPeaYIRB9wQ/Ugtp2TnGpMs+9v
2R18WWpdvhJ2URvC02e3RyqggV1nQMxN+1IrJTk9BnvtBao3kYlSi2Gh26Dtp0Ni
/mWyvY2Lh0Atq9vIcHJHAbTMZyd291rjskSX0DExBA/lodbHSxuKr6wP0gVKlFfM
Bgtj/z4Uv+Zc84wKZH3F/mfKFcWmjvw8E+07EKbIntse6r0B1Kx3vVgl83ym6SLv
5Qymq3cfCCoWA107AzA4X+v4NtPlmt6qkurAUDwqZlkEXRQMIGGO05fHTwIDAQAB
o4IC8TCCAu0wHQYDVR0OBBYEFLtA7sgHY11RsvbqRDrkkDyf4L+eMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL3UwRHV5QWRqWFZHeTl1cEVPdVNRUEpfZ3Y1NC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggEDBggrBgEFBQcBBwEB/wSB8zCB8DCB7QQCAAEwgeYD
BAAlnCMDBAJU9yQDBABVzPEDBABWaZcDBABWaeADBABWa00DBABWa7gDBAFWa/QD
BABZIVEDBABZIVcDBABZIloDBABZIq4DBABZIxoDBABZIzMDBABZI6wDBABZJY4D
BABZJ1ADBABZJ1oDBABZJ9YDBABZJ/UDBABZKEUDBABZKMwDBAFZKp4DBAFccmgD
BAFdcWIDBAFdcdYDBAFdczgDBABdda8DBABesAMDBAKw36gDBAC81IMDBAG810QD
BAG88UIwDAMEALzxfwMEAbzxhAMEAbzxigMEALzxjwMEALzx1TANBgkqhkiG9w0B
AQsFAAOCAQEACWpFZiN0gBk59GBUuRYeKjm65kbajOyRnrhwvT1VsM/3AtpaVZp9
mjr8ZfHkHJdrGlYRD05RpYgGT9o9ijiEENYQaLKUm0aRtuOT6ZIxKfRqEBUjtlCu
DGamE6KdInZsP1EbDdLj6GT7b0/1hr8YHfZW+WOfLyWQOyQRTUTiBvaSaOba0w4P
rgycR3H7UIGQCs6Xwr70pXmF6igGmmm8Axl8SBQ5BPsrMQvS3fNoFjqHwwm9fewR
IBfodcW2Z9uI8kFHK6+IgFgDo4GMgIMyKSka91SQIGfVVXWcaqPixMW+oq6jyFmi
h4KBZfYPACLro1NKp5bCqTElxm3TqQ75hQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:58 2025 by rpki-client