Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/48cb86-2750-4d6a-8a71-1be525576863/1/y4QVmAXcms0cdgo6XsesAJBVa2M.roa
File: y4QVmAXcms0cdgo6XsesAJBVa2M.roa (raw, json)
Hash identifier: OEaqDCFI1Hn754G2KUdIgx5PpxfVH1tS9p9yajKssLk=
Subject key identifier: CB:84:15:98:05:DC:9A:CD:1C:76:0A:3A:5E:C7:AC:00:90:55:6B:63
Certificate issuer: /CN=c8f6f5dec09bc7a1203045699ba058295d38e346
Certificate serial: 01857227C9482F81F72D55053A79ADF44071
Authority key identifier: C8:F6:F5:DE:C0:9B:C7:A1:20:30:45:69:9B:A0:58:29:5D:38:E3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yPb13sCbx6EgMEVpm6BYKV0440Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/48cb86-2750-4d6a-8a71-1be525576863/1/y4QVmAXcms0cdgo6XsesAJBVa2M.roa
Signing time: Mon 02 Jan 2023 11:04:48 +0000
ROA not before: Mon 02 Jan 2023 11:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25408
IP address blocks: 109.167.215.0/24 maxlen: 24
109.167.218.0/24 maxlen: 24
109.167.225.0/24 maxlen: 24
109.167.243.0/24 maxlen: 24
109.167.192.0/24 maxlen: 24
109.167.192.0/18 maxlen: 18
77.244.16.0/20 maxlen: 20
77.244.17.0/24 maxlen: 24
77.244.31.0/24 maxlen: 24
77.244.30.0/24 maxlen: 24
77.244.25.0/24 maxlen: 24
194.24.240.0/24 maxlen: 24
194.24.241.0/24 maxlen: 24
84.52.64.0/18 maxlen: 18
84.52.77.0/24 maxlen: 24
84.52.79.0/24 maxlen: 24
84.52.88.0/24 maxlen: 24
84.52.97.0/24 maxlen: 24
84.52.99.0/24 maxlen: 24
195.177.122.0/24 maxlen: 24
195.177.121.0/24 maxlen: 24
195.177.120.0/24 maxlen: 24
195.177.120.0/22 maxlen: 22
195.177.123.0/24 maxlen: 24
185.202.212.0/22 maxlen: 22
185.202.214.0/23 maxlen: 23
109.167.128.0/18 maxlen: 18
91.202.220.0/22 maxlen: 22
62.182.89.0/24 maxlen: 24
62.182.88.0/21 maxlen: 21
194.246.112.0/24 maxlen: 24
195.64.141.0/24 maxlen: 24
195.64.140.0/23 maxlen: 23
194.246.113.0/24 maxlen: 24
2a00:1c78::/29 maxlen: 29
2a00:1c78::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:27:c9:48:2f:81:f7:2d:55:05:3a:79:ad:f4:40:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8f6f5dec09bc7a1203045699ba058295d38e346
Validity
Not Before: Jan 2 11:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb84159805dc9acd1c760a3a5ec7ac0090556b63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:24:b8:57:52:6a:71:9c:91:86:87:5d:52:59:
5a:5b:10:11:0e:45:9e:df:5d:cc:9c:6c:eb:a7:30:
9f:07:f3:16:5d:4b:75:60:0d:ff:2c:fe:a9:f0:2b:
1f:80:88:e9:e7:66:fc:37:f9:79:9e:9e:62:76:7c:
dd:cb:d7:56:15:de:58:2b:0a:df:bc:f7:e5:2a:23:
19:a0:b2:d6:93:69:ef:40:52:57:36:c0:be:67:80:
fe:fa:90:58:7f:0b:5d:54:fe:9b:d8:0e:36:73:a1:
fe:58:41:9f:9b:93:58:e5:6c:db:f8:1b:ea:c1:7b:
94:07:65:e6:52:6b:4c:fd:66:18:90:1b:76:f1:8e:
ff:a3:49:de:11:62:13:c4:60:9d:ba:aa:18:4e:d6:
fc:77:60:50:e1:2e:37:72:b7:94:50:09:df:60:79:
ac:58:b6:44:15:73:16:7f:72:12:65:45:65:05:59:
6c:56:3b:d9:61:cc:20:c4:85:93:93:e7:ad:83:92:
32:8a:d2:84:15:50:51:1e:ef:ce:2f:07:a0:bf:a7:
0b:a6:d2:61:25:69:34:b2:9a:47:a5:33:2a:a1:5c:
76:39:1f:4c:20:ff:28:1c:52:4b:fb:2f:2c:8a:62:
fd:aa:bf:97:91:99:d4:b2:4f:e7:34:27:51:a2:55:
78:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:84:15:98:05:DC:9A:CD:1C:76:0A:3A:5E:C7:AC:00:90:55:6B:63
X509v3 Authority Key Identifier:
keyid:C8:F6:F5:DE:C0:9B:C7:A1:20:30:45:69:9B:A0:58:29:5D:38:E3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yPb13sCbx6EgMEVpm6BYKV0440Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/48cb86-2750-4d6a-8a71-1be525576863/1/y4QVmAXcms0cdgo6XsesAJBVa2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/48cb86-2750-4d6a-8a71-1be525576863/1/yPb13sCbx6EgMEVpm6BYKV0440Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.88.0/21
77.244.16.0/20
84.52.64.0/18
91.202.220.0/22
109.167.128.0/17
185.202.212.0/22
194.24.240.0/23
194.246.112.0/23
195.64.140.0/23
195.177.120.0/22
IPv6:
2a00:1c78::/29
Signature Algorithm: sha256WithRSAEncryption
a9:0b:b2:5f:1c:45:8f:c0:b0:38:d7:ad:5c:58:e8:e6:a1:36:
50:86:1d:76:c4:19:8c:d9:db:58:20:cf:4f:0d:6f:5f:95:bc:
8f:72:70:a5:d2:1e:42:13:e6:84:78:84:82:dd:8b:88:8e:ce:
f7:a3:c8:23:23:ed:97:bc:b4:40:d8:51:5d:d7:5b:4f:a8:f2:
a2:37:5e:17:b9:ba:cf:39:b2:5f:b0:9e:0a:a9:72:a2:98:04:
0a:34:73:c0:4d:32:1b:88:54:13:75:f2:a3:c5:42:68:77:85:
71:ef:8b:cf:0f:39:58:f6:d8:5b:39:75:e8:d6:be:5a:6d:be:
61:f9:35:5b:ea:b6:88:16:b9:ac:14:d4:ef:47:f7:a6:f1:54:
e1:fb:2a:0d:c2:10:06:97:b1:8f:84:55:03:53:57:4c:26:8e:
6a:80:a8:12:19:96:01:fa:b7:44:18:e0:32:c5:80:67:99:e7:
85:a1:1b:6d:44:2c:f8:23:fd:e7:e6:40:a4:b3:86:f3:1a:72:
3d:e2:b4:1e:71:97:3f:a2:10:70:02:87:e4:9e:8d:5d:91:75:
9f:fa:ec:6a:8c:d7:6e:f6:be:35:56:e9:5f:b4:d0:19:0e:a6:
e4:3f:c3:f1:9d:82:09:1f:79:c6:88:81:11:a4:f6:b7:3d:2e:
ea:d8:f4:96
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYVyJ8lIL4H3LVUFOnmt9EBxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZjZmNWRlYzA5YmM3YTEyMDMwNDU2OTliYTA1ODI5NWQz
OGUzNDYwHhcNMjMwMTAyMTEwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjg0MTU5ODA1ZGM5YWNkMWM3NjBhM2E1ZWM3YWMwMDkwNTU2YjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhiS4V1JqcZyRhoddUllaWxARDkWe
313MnGzrpzCfB/MWXUt1YA3/LP6p8CsfgIjp52b8N/l5np5idnzdy9dWFd5YKwrf
vPflKiMZoLLWk2nvQFJXNsC+Z4D++pBYfwtdVP6b2A42c6H+WEGfm5NY5Wzb+Bvq
wXuUB2XmUmtM/WYYkBt28Y7/o0neEWITxGCduqoYTtb8d2BQ4S43creUUAnfYHms
WLZEFXMWf3ISZUVlBVlsVjvZYcwgxIWTk+etg5IyitKEFVBRHu/OLwegv6cLptJh
JWk0sppHpTMqoVx2OR9MIP8oHFJL+y8simL9qr+XkZnUsk/nNCdRolV4AQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFMuEFZgF3JrNHHYKOl7HrACQVWtjMB8GA1UdIwQY
MBaAFMj29d7Am8ehIDBFaZugWCldOONGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVBiMTNzQ2J4NkVnTUVWcG02QllLVjA0NDBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS80OGNiODYtMjc1MC00ZDZhLThhNzEt
MWJlNTI1NTc2ODYzLzEveTRRVm1BWGNtczBjZGdvNlhzZXNBSkJWYTJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS80OGNiODYtMjc1MC00ZDZhLThhNzEtMWJlNTI1NTc2ODYz
LzEveVBiMTNzQ2J4NkVnTUVWcG02QllLVjA0NDBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQDPrZYAwQE
TfQQAwQGVDRAAwQCW8rcAwQHbaeAAwQCucrUAwQBwhjwAwQBwvZwAwQBw0CMAwQC
w7F4MA0EAgACMAcDBQMqABx4MA0GCSqGSIb3DQEBCwUAA4IBAQCpC7JfHEWPwLA4
161cWOjmoTZQhh12xBmM2dtYIM9PDW9flbyPcnCl0h5CE+aEeISC3YuIjs73o8gj
I+2XvLRA2FFd11tPqPKiN14XubrPObJfsJ4KqXKimAQKNHPATTIbiFQTdfKjxUJo
d4Vx74vPDzlY9thbOXXo1r5abb5h+TVb6raIFrmsFNTvR/em8VTh+yoNwhAGl7GP
hFUDU1dMJo5qgKgSGZYB+rdEGOAyxYBnmeeFoRttRCz4I/3n5kCks4bzGnI94rQe
cZc/ohBwAofkno1dkXWf+uxqjNdu9r41VulftNAZDqbkP8PxnYIJH3nGiIERpPa3
PS7q2PSW
-----END CERTIFICATE-----
Generated at Fri Apr 18 18:24:20 2025 by rpki-client