Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/c34ccf-5856-4e4e-a74f-fd24c38cbca4/1/ePol-KRYuq-OPRIFya_V8ZcEKLA.roa
File: ePol-KRYuq-OPRIFya_V8ZcEKLA.roa (raw, json)
Hash identifier: cTGicDqqdpRJkZ5nbpiIDd2XnzrtlMUHsRqx3vHxDkc=
Subject key identifier: 78:FA:25:F8:A4:58:BA:AF:8E:3D:12:05:C9:AF:D5:F1:97:04:28:B0
Certificate issuer: /CN=19ddf5ff519d97014ae6496a59e730f99c019772
Certificate serial: 096B6972
Authority key identifier: 19:DD:F5:FF:51:9D:97:01:4A:E6:49:6A:59:E7:30:F9:9C:01:97:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gd31_1GdlwFK5klqWecw-ZwBl3I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/c34ccf-5856-4e4e-a74f-fd24c38cbca4/1/ePol-KRYuq-OPRIFya_V8ZcEKLA.roa
Signing time: Sat 01 Jan 2022 15:04:48 +0000
ROA not before: Sat 01 Jan 2022 15:04:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60517
IP address blocks: 185.118.244.0/22 maxlen: 22
185.118.245.0/24 maxlen: 24
185.118.244.0/24 maxlen: 24
185.118.246.0/24 maxlen: 24
185.118.247.0/24 maxlen: 24
185.51.128.0/24 maxlen: 24
185.51.128.0/22 maxlen: 22
185.51.130.0/24 maxlen: 24
185.51.129.0/24 maxlen: 24
185.51.131.0/24 maxlen: 24
185.36.95.0/24 maxlen: 24
185.36.92.0/22 maxlen: 22
185.36.93.0/24 maxlen: 24
185.36.92.0/24 maxlen: 24
185.36.94.0/24 maxlen: 24
185.131.182.0/24 maxlen: 24
185.131.181.0/24 maxlen: 24
185.131.183.0/24 maxlen: 24
185.131.180.0/24 maxlen: 24
185.131.180.0/22 maxlen: 22
185.175.213.0/24 maxlen: 24
185.175.212.0/22 maxlen: 22
185.175.212.0/24 maxlen: 24
185.175.215.0/24 maxlen: 24
185.175.214.0/24 maxlen: 24
185.91.172.0/22 maxlen: 22
185.91.172.0/24 maxlen: 24
178.157.98.0/24 maxlen: 24
178.157.97.0/24 maxlen: 24
185.91.175.0/24 maxlen: 24
185.91.174.0/24 maxlen: 24
178.157.96.0/24 maxlen: 24
178.157.96.0/22 maxlen: 22
185.91.173.0/24 maxlen: 24
178.157.99.0/24 maxlen: 24
185.27.123.0/24 maxlen: 24
185.27.122.0/24 maxlen: 24
185.27.121.0/24 maxlen: 24
185.27.120.0/22 maxlen: 22
185.27.120.0/24 maxlen: 24
2a06:96c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 158034290 (0x96b6972)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ddf5ff519d97014ae6496a59e730f99c019772
Validity
Not Before: Jan 1 15:04:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=78fa25f8a458baaf8e3d1205c9afd5f1970428b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c9:ca:37:4e:ed:d3:9c:95:96:71:75:30:12:
56:f6:f3:50:ca:25:c8:71:54:45:83:54:ff:16:2d:
ef:39:8a:ed:65:22:d7:29:83:7b:0e:ae:15:c1:f6:
8c:62:8f:e9:ed:7c:af:2e:bf:ef:a8:ee:0c:27:dd:
ac:0d:36:12:7d:99:0a:f8:63:8a:ce:d2:fa:ef:55:
ce:f1:62:55:8a:48:f7:3a:b9:fc:42:e8:d7:10:c2:
27:2e:5d:b0:70:b9:f8:54:42:8b:44:25:fe:44:5c:
9c:7b:8d:2b:bf:90:62:04:b3:03:01:b2:ec:fa:4a:
d4:fe:29:09:35:1a:86:36:e8:12:c8:04:88:ce:66:
cd:7a:e1:04:bd:cc:0d:93:a2:4a:f4:dd:1d:a5:1a:
f8:11:ea:61:e4:06:f6:9e:32:1a:f8:ca:12:e8:8f:
ab:a7:ac:61:11:66:56:5a:f7:19:fe:0f:3a:e0:4f:
f1:cd:21:46:63:74:fd:f8:d4:8b:fd:1a:48:c9:91:
3e:4b:78:08:f7:33:41:bf:6e:8f:bf:2c:59:4f:57:
86:1a:ee:8d:de:3d:3e:90:f6:f8:45:03:4c:56:2d:
86:ee:50:8a:a9:3c:59:25:fe:33:bc:2c:00:8c:05:
48:2c:50:39:68:d3:b2:98:ae:1e:09:e3:72:05:f1:
04:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:FA:25:F8:A4:58:BA:AF:8E:3D:12:05:C9:AF:D5:F1:97:04:28:B0
X509v3 Authority Key Identifier:
keyid:19:DD:F5:FF:51:9D:97:01:4A:E6:49:6A:59:E7:30:F9:9C:01:97:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gd31_1GdlwFK5klqWecw-ZwBl3I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c34ccf-5856-4e4e-a74f-fd24c38cbca4/1/ePol-KRYuq-OPRIFya_V8ZcEKLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c34ccf-5856-4e4e-a74f-fd24c38cbca4/1/Gd31_1GdlwFK5klqWecw-ZwBl3I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.157.96.0/22
185.27.120.0/22
185.36.92.0/22
185.51.128.0/22
185.91.172.0/22
185.118.244.0/22
185.131.180.0/22
185.175.212.0/22
IPv6:
2a06:96c0::/29
Signature Algorithm: sha256WithRSAEncryption
9b:b9:36:80:f5:76:ce:d4:78:8f:f7:c9:2f:ad:ab:3c:00:7d:
c9:95:95:04:40:d4:26:cc:4f:a2:ab:6c:59:f7:fc:41:78:c5:
aa:68:ea:3d:82:18:ae:aa:77:4f:80:9f:38:6e:62:e8:6a:80:
14:6d:ca:b9:7f:29:95:6a:70:f3:f7:9f:24:bb:03:58:51:d2:
d2:69:25:39:a5:b6:a0:dc:f6:6a:e6:ee:17:ae:04:3a:23:e2:
3a:ee:93:25:d5:67:7f:36:61:fa:9e:60:83:43:3b:79:9c:7d:
0c:13:2c:a6:ba:8e:82:a9:c5:0f:eb:44:86:b9:4e:48:dc:6a:
3c:2d:22:50:92:71:9c:d0:10:e0:46:b7:4b:b1:38:2c:30:38:
14:29:f2:88:a2:27:2f:b1:6b:08:f6:09:a0:32:f3:a3:3b:02:
23:6e:5a:24:d6:a0:2e:e1:7f:08:ae:5c:a6:55:d8:59:cc:8d:
0d:eb:4c:56:61:4b:df:a4:1c:82:b8:df:28:eb:cd:3e:78:55:
77:13:04:b4:c8:f5:a2:2b:87:12:36:de:98:71:8f:b1:6a:70:
25:48:51:38:fe:ae:f9:d7:83:e6:be:69:81:93:a4:5d:b6:b1:
e0:05:73:05:7e:a7:69:a9:8c:82:5e:26:76:34:7d:d8:91:6c:
13:89:65:7e
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIECWtpcjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OWRkZjVmZjUxOWQ5NzAxNGFlNjQ5NmE1OWU3MzBmOTljMDE5NzcyMB4XDTIyMDEw
MTE1MDQ0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzhmYTI1ZjhhNDU4
YmFhZjhlM2QxMjA1YzlhZmQ1ZjE5NzA0MjhiMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKjJyjdO7dOclZZxdTASVvbzUMolyHFURYNU/xYt7zmK7WUi
1ymDew6uFcH2jGKP6e18ry6/76juDCfdrA02En2ZCvhjis7S+u9VzvFiVYpI9zq5
/ELo1xDCJy5dsHC5+FRCi0Ql/kRcnHuNK7+QYgSzAwGy7PpK1P4pCTUahjboEsgE
iM5mzXrhBL3MDZOiSvTdHaUa+BHqYeQG9p4yGvjKEuiPq6esYRFmVlr3Gf4POuBP
8c0hRmN0/fjUi/0aSMmRPkt4CPczQb9uj78sWU9Xhhrujd49PpD2+EUDTFYthu5Q
iqk8WSX+M7wsAIwFSCxQOWjTspiuHgnjcgXxBEECAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBR4+iX4pFi6r449EgXJr9XxlwQosDAfBgNVHSMEGDAWgBQZ3fX/UZ2XAUrm
SWpZ5zD5nAGXcjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dkMzFfMUdkbHdGSzVrbHFXZWN3LVp3QmwzSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvYzM0Y2NmLTU4NTYtNGU0ZS1hNzRmLWZkMjRjMzhjYmNhNC8x
L2VQb2wtS1JZdXEtT1BSSUZ5YV9WOFpjRUtMQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
YzM0Y2NmLTU4NTYtNGU0ZS1hNzRmLWZkMjRjMzhjYmNhNC8xL0dkMzFfMUdkbHdG
SzVrbHFXZWN3LVp3QmwzSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEArKdYAMEArkbeAMEArkkXAMEArkz
gAMEArlbrAMEArl29AMEArmDtAMEArmv1DANBAIAAjAHAwUDKgaWwDANBgkqhkiG
9w0BAQsFAAOCAQEAm7k2gPV2ztR4j/fJL62rPAB9yZWVBEDUJsxPoqtsWff8QXjF
qmjqPYIYrqp3T4CfOG5i6GqAFG3KuX8plWpw8/efJLsDWFHS0mklOaW2oNz2aubu
F64EOiPiOu6TJdVnfzZh+p5gg0M7eZx9DBMsprqOgqnFD+tEhrlOSNxqPC0iUJJx
nNAQ4Ea3S7E4LDA4FCnyiKInL7FrCPYJoDLzozsCI25aJNagLuF/CK5cplXYWcyN
DetMVmFL36QcgrjfKOvNPnhVdxMEtMj1oiuHEjbemHGPsWpwJUhROP6u+deD5r5p
gZOkXbax4AVzBX6naamMgl4mdjR92JFsE4llfg==
-----END CERTIFICATE-----
Generated at Wed Mar 12 13:15:10 2025 by rpki-client