Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/yKoxV-6M6xkebvfJ-LK1Pi2FfE4.roa
File: yKoxV-6M6xkebvfJ-LK1Pi2FfE4.roa (raw, json)
Hash identifier: BokFvMbsrr4nAc7qB6GIDJeX4FQmEPo1VOjQtgLqvj0=
Subject key identifier: C8:AA:31:57:EE:8C:EB:19:1E:6E:F7:C9:F8:B2:B5:3E:2D:85:7C:4E
Certificate issuer: /CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Certificate serial: 0194BC4DDB799EAFBAA21212CB453836D6B6
Authority key identifier: F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/yKoxV-6M6xkebvfJ-LK1Pi2FfE4.roa
Signing time: Fri 31 Jan 2025 12:20:06 +0000
ROA not before: Fri 31 Jan 2025 12:20:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201341
IP address blocks: 37.153.134.0/24 maxlen: 24
37.156.6.0/24 maxlen: 24
46.102.251.0/24 maxlen: 24
85.204.245.0/24 maxlen: 24
85.204.251.0/24 maxlen: 24
86.105.7.0/24 maxlen: 24
86.105.13.0/24 maxlen: 24
86.107.102.0/24 maxlen: 24
89.33.117.0/24 maxlen: 24
89.33.118.0/24 maxlen: 24
89.34.172.0/24 maxlen: 24
89.35.126.0/24 maxlen: 24
89.36.142.0/24 maxlen: 24
89.36.225.0/24 maxlen: 24
89.37.234.0/24 maxlen: 24
89.39.122.0/24 maxlen: 24
94.177.22.0/24 maxlen: 24
176.223.67.0/24 maxlen: 24
185.77.164.0/22 maxlen: 22
185.77.164.0/24 maxlen: 24
185.77.165.0/24 maxlen: 24
185.77.166.0/24 maxlen: 24
185.77.167.0/24 maxlen: 24
188.208.102.0/24 maxlen: 24
188.211.26.0/24 maxlen: 24
188.213.218.0/24 maxlen: 24
188.215.34.0/24 maxlen: 24
188.240.69.0/24 maxlen: 24
188.240.211.0/24 maxlen: 24
2a05:6300::/29 maxlen: 29
2a11:3bc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bc:4d:db:79:9e:af:ba:a2:12:12:cb:45:38:36:d6:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Validity
Not Before: Jan 31 12:20:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c8aa3157ee8ceb191e6ef7c9f8b2b53e2d857c4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a0:b1:8e:7f:bb:97:df:0d:7b:3e:1e:46:5b:
22:00:ff:8f:7e:e8:ca:01:40:ef:89:77:e7:c1:f8:
f1:34:48:c9:85:08:78:f6:5b:ae:e0:4e:5d:3a:16:
1d:03:5f:cb:4e:5d:16:f7:ce:88:2d:3a:63:53:17:
3e:e6:4e:f6:25:32:3a:4f:89:68:7e:a6:5c:b3:c9:
37:49:12:94:b3:93:c1:6d:53:02:4b:64:da:28:79:
fb:cd:74:0c:72:aa:f4:4f:35:d6:5b:f5:2d:13:bd:
99:40:3f:8d:d1:80:51:67:26:e9:89:6d:22:21:f5:
7e:c4:5b:12:57:76:51:08:90:ad:a5:41:b1:eb:1d:
b6:e5:30:f3:60:1f:08:42:ad:c3:cf:43:d7:b5:e3:
2d:ff:11:97:fc:d8:18:30:6b:8c:8c:da:76:77:ea:
a3:97:3f:1f:bd:42:39:74:6f:c5:4c:9e:83:61:8c:
70:64:45:6a:c7:c0:d6:91:0a:39:36:4f:6c:e5:3b:
09:05:58:68:48:f6:5e:52:a9:03:95:e6:82:db:4e:
f3:9a:e0:07:d7:ee:c3:5e:94:08:91:49:cc:ef:b4:
cb:cf:66:23:9a:c0:56:05:8f:ac:a1:29:64:89:0d:
ea:40:8e:44:00:a0:c2:f4:7d:6a:1d:6c:d1:38:3a:
93:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:AA:31:57:EE:8C:EB:19:1E:6E:F7:C9:F8:B2:B5:3E:2D:85:7C:4E
X509v3 Authority Key Identifier:
keyid:F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/yKoxV-6M6xkebvfJ-LK1Pi2FfE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.134.0/24
37.156.6.0/24
46.102.251.0/24
85.204.245.0/24
85.204.251.0/24
86.105.7.0/24
86.105.13.0/24
86.107.102.0/24
89.33.117.0-89.33.118.255
89.34.172.0/24
89.35.126.0/24
89.36.142.0/24
89.36.225.0/24
89.37.234.0/24
89.39.122.0/24
94.177.22.0/24
176.223.67.0/24
185.77.164.0/22
188.208.102.0/24
188.211.26.0/24
188.213.218.0/24
188.215.34.0/24
188.240.69.0/24
188.240.211.0/24
IPv6:
2a05:6300::/29
2a11:3bc0::/29
Signature Algorithm: sha256WithRSAEncryption
6b:6c:b5:37:51:8c:e5:08:ad:30:f6:27:b8:ee:34:07:1f:10:
b6:16:7f:c0:11:ed:30:72:9d:34:f0:56:8c:b6:15:47:d0:7a:
fa:69:b8:8a:4c:f0:64:9f:c0:cb:5d:e3:4a:dc:a0:92:16:e6:
7b:a5:9a:01:58:e7:c0:bc:55:cf:e0:b3:41:10:2d:83:b7:c3:
bf:b3:2f:dc:cd:1b:0c:8f:e5:ab:37:19:00:c2:ca:90:3d:b4:
d4:99:4b:80:95:e8:5a:bf:f3:39:5d:22:0d:72:50:40:3a:fc:
d7:b3:12:bd:e8:af:d5:39:a2:ba:ea:fb:f7:e3:91:e8:0a:76:
fc:7b:8a:72:d7:5f:88:b7:5f:c7:f4:4d:ef:fe:10:64:05:5e:
bb:09:cb:9c:9f:b7:10:18:3a:20:f5:6c:5f:15:ea:44:30:7e:
f7:c5:80:ef:86:5f:3f:7e:01:b9:cb:bc:2b:9c:a3:73:9c:33:
bc:0a:2f:3f:32:2f:d2:3e:c4:a9:4b:89:eb:f2:b8:d2:f0:c0:
f8:c5:bf:59:ba:a5:d1:b2:8d:a6:23:9f:08:59:1e:68:21:5a:
f0:de:3d:ae:80:1c:7e:65:09:50:73:83:13:6c:07:40:af:2d:
ff:17:0a:6c:6a:c1:30:ed:fa:99:f9:ea:fe:46:1e:a6:36:01:
8c:5d:f8:f9
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAZS8Tdt5nq+6ohISy0U4Nta2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZmIzMmQyMjY2YjFmOWJjZTU3Y2FjOThiYzAyNDdmMmM5
MTk3ZjIwHhcNMjUwMTMxMTIyMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGFhMzE1N2VlOGNlYjE5MWU2ZWY3YzlmOGIyYjUzZTJkODU3YzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6Cxjn+7l98Nez4eRlsiAP+PfujK
AUDviXfnwfjxNEjJhQh49luu4E5dOhYdA1/LTl0W986ILTpjUxc+5k72JTI6T4lo
fqZcs8k3SRKUs5PBbVMCS2TaKHn7zXQMcqr0TzXWW/UtE72ZQD+N0YBRZybpiW0i
IfV+xFsSV3ZRCJCtpUGx6x225TDzYB8IQq3Dz0PXteMt/xGX/NgYMGuMjNp2d+qj
lz8fvUI5dG/FTJ6DYYxwZEVqx8DWkQo5Nk9s5TsJBVhoSPZeUqkDleaC207zmuAH
1+7DXpQIkUnM77TLz2YjmsBWBY+soSlkiQ3qQI5EAKDC9H1qHWzRODqT6wIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFMiqMVfujOsZHm73yfiytT4thXxOMB8GA1UdIwQY
MBaAFPX7MtImax+bzlfKyYvAJH8skZfyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAt
MmQxNDNkN2I4NTNjLzEveUtveFYtNk02eGtlYnZmSi1MSzFQaTJGZkU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAtMmQxNDNkN2I4NTNj
LzEvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBnwQCAAEwgZgDBAAl
mYYDBAAlnAYDBAAuZvsDBABVzPUDBABVzPsDBABWaQcDBABWaQ0DBABWa2YwDAME
AFkhdQMEAFkhdgMEAFkirAMEAFkjfgMEAFkkjgMEAFkk4QMEAFkl6gMEAFknegME
AF6xFgMEALDfQwMEArlNpAMEALzQZgMEALzTGgMEALzV2gMEALzXIgMEALzwRQME
ALzw0zAUBAIAAjAOAwUDKgVjAAMFAyoRO8AwDQYJKoZIhvcNAQELBQADggEBAGts
tTdRjOUIrTD2J7juNAcfELYWf8AR7TBynTTwVoy2FUfQevppuIpM8GSfwMtd40rc
oJIW5nulmgFY58C8Vc/gs0EQLYO3w7+zL9zNGwyP5as3GQDCypA9tNSZS4CV6Fq/
8zldIg1yUEA6/NezEr3or9U5orrq+/fjkegKdvx7inLXX4i3X8f0Te/+EGQFXrsJ
y5yftxAYOiD1bF8V6kQwfvfFgO+GXz9+AbnLvCuco3OcM7wKLz8yL9I+xKlLievy
uNLwwPjFv1m6pdGyjaYjnwhZHmghWvDePa6AHH5lCVBzgxNsB0CvLf8XCmxqwTDt
+pn56v5GHqY2AYxd+Pk=
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:17:39 2025 by rpki-client