Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/XM0Srjm1Woxo4h2h7-4xScQXxe4.roa
File: XM0Srjm1Woxo4h2h7-4xScQXxe4.roa (raw, json)
Hash identifier: ctVXqEr7HGV069ZgYQbXqNRuaxXfnedjN6jS0pDSqRw=
Subject key identifier: 5C:CD:12:AE:39:B5:5A:8C:68:E2:1D:A1:EF:EE:31:49:C4:17:C5:EE
Certificate issuer: /CN=24147c8b3f37850e9f9074993845c4e069f8efe2
Certificate serial: 019561943D7764A649206B83DA9742A85922
Authority key identifier: 24:14:7C:8B:3F:37:85:0E:9F:90:74:99:38:45:C4:E0:69:F8:EF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JBR8iz83hQ6fkHSZOEXE4Gn47-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/XM0Srjm1Woxo4h2h7-4xScQXxe4.roa
Signing time: Tue 04 Mar 2025 14:34:19 +0000
ROA not before: Tue 04 Mar 2025 14:34:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9141
IP address blocks: 31.178.0.0/17 maxlen: 17
31.178.128.0/17 maxlen: 17
31.179.0.0/17 maxlen: 17
31.179.128.0/17 maxlen: 24
31.186.192.0/19 maxlen: 19
77.236.0.0/21 maxlen: 21
77.236.8.0/21 maxlen: 21
77.236.16.0/21 maxlen: 21
77.236.24.0/21 maxlen: 21
81.18.192.0/22 maxlen: 22
81.18.196.0/22 maxlen: 22
81.18.200.0/22 maxlen: 22
81.18.204.0/22 maxlen: 22
81.18.208.0/22 maxlen: 22
81.18.212.0/22 maxlen: 22
81.18.216.0/22 maxlen: 22
81.18.220.0/22 maxlen: 22
83.144.64.0/19 maxlen: 19
83.144.96.0/19 maxlen: 19
83.175.176.0/20 maxlen: 20
84.10.0.0/18 maxlen: 18
84.10.64.0/18 maxlen: 18
84.10.128.0/18 maxlen: 18
84.10.192.0/18 maxlen: 18
85.222.0.0/19 maxlen: 19
85.222.32.0/19 maxlen: 19
85.222.52.0/22 maxlen: 22
85.222.64.0/19 maxlen: 19
85.222.96.0/19 maxlen: 19
87.206.0.0/17 maxlen: 17
87.206.128.0/17 maxlen: 17
87.207.0.0/17 maxlen: 17
87.207.128.0/17 maxlen: 17
89.64.0.0/14 maxlen: 14
89.68.0.0/14 maxlen: 14
89.70.108.0/22 maxlen: 22
89.72.0.0/14 maxlen: 14
89.72.228.0/22 maxlen: 22
89.76.0.0/14 maxlen: 14
89.77.216.0/22 maxlen: 22
91.150.192.0/20 maxlen: 20
91.150.208.0/20 maxlen: 20
92.244.32.0/21 maxlen: 21
92.244.40.0/21 maxlen: 21
92.244.48.0/21 maxlen: 21
92.244.56.0/21 maxlen: 21
94.75.64.0/20 maxlen: 20
94.75.96.0/20 maxlen: 20
94.75.112.0/20 maxlen: 20
195.34.210.0/23 maxlen: 23
217.119.64.0/20 maxlen: 20
2a02:a300::/29 maxlen: 29
2a02:a308::/29 maxlen: 29
2a02:a310::/32 maxlen: 32
2a02:a311::/32 maxlen: 32
2a02:a312::/32 maxlen: 32
2a02:a313::/32 maxlen: 32
2a02:a315:e500::/40 maxlen: 40
2a02:a316:e100::/40 maxlen: 40
2a02:a319:6000::/40 maxlen: 40
2a02:a31b:c400::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:61:94:3d:77:64:a6:49:20:6b:83:da:97:42:a8:59:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24147c8b3f37850e9f9074993845c4e069f8efe2
Validity
Not Before: Mar 4 14:34:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ccd12ae39b55a8c68e21da1efee3149c417c5ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:96:8a:09:69:66:e5:6e:d2:27:b4:f9:29:cb:
e8:a5:fd:bc:a2:8a:af:0d:03:09:db:ee:7e:d7:6b:
7a:6b:92:3e:cb:67:63:ca:d3:68:7d:20:5d:f1:89:
b5:2b:05:5f:47:11:98:c2:53:46:3d:ad:04:bb:34:
d2:45:7f:fb:18:7b:c3:53:d5:18:a2:ec:58:d0:a6:
d7:6c:2f:25:e4:1b:f0:e3:b1:a6:2e:12:b5:eb:ec:
75:c7:fa:a6:db:2a:13:6c:0f:74:28:fd:96:e4:9d:
71:66:42:42:9a:42:e2:9b:9f:ab:b8:7b:a0:74:5a:
1f:c9:b6:77:45:f5:8e:68:bc:26:1a:ef:95:7a:50:
42:bb:9f:93:91:9a:cf:af:66:b1:09:fa:7b:8e:65:
c8:9d:8f:f5:68:96:be:61:29:30:83:5b:b6:58:a7:
ae:cd:9d:3d:e7:d4:31:16:3f:98:ec:35:1b:5a:f8:
ad:bf:10:43:c7:fb:bd:a8:95:d7:24:2d:97:5d:9d:
9e:9d:49:c2:47:79:0e:f2:ad:62:f9:a1:77:3a:12:
36:85:33:09:54:8d:58:73:75:82:71:4c:65:da:1d:
d0:5f:ea:17:89:3f:8c:7e:d6:76:a0:70:b5:86:80:
5f:9d:35:fe:36:d8:60:22:9d:a5:df:c7:6e:46:09:
a6:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:CD:12:AE:39:B5:5A:8C:68:E2:1D:A1:EF:EE:31:49:C4:17:C5:EE
X509v3 Authority Key Identifier:
keyid:24:14:7C:8B:3F:37:85:0E:9F:90:74:99:38:45:C4:E0:69:F8:EF:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JBR8iz83hQ6fkHSZOEXE4Gn47-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/XM0Srjm1Woxo4h2h7-4xScQXxe4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/JBR8iz83hQ6fkHSZOEXE4Gn47-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.178.0.0/15
31.186.192.0/19
77.236.0.0/19
81.18.192.0/19
83.144.64.0/18
83.175.176.0/20
84.10.0.0/16
85.222.0.0/17
87.206.0.0/15
89.64.0.0/12
91.150.192.0/19
92.244.32.0/19
94.75.64.0/20
94.75.96.0/19
195.34.210.0/23
217.119.64.0/20
IPv6:
2a02:a300::-2a02:a313:ffff:ffff:ffff:ffff:ffff:ffff
2a02:a315:e500::/40
2a02:a316:e100::/40
2a02:a319:6000::/40
2a02:a31b:c400::/40
Signature Algorithm: sha256WithRSAEncryption
51:5b:78:8d:d0:5c:e3:7d:d9:36:3b:29:aa:93:e0:29:88:e6:
c0:8b:e7:8f:82:c2:d8:e7:ea:6b:d6:b0:79:d3:78:72:45:59:
e8:c3:c5:32:aa:94:81:01:ba:a7:7c:26:1d:74:5b:ea:45:f5:
43:7f:da:02:66:66:94:92:21:50:30:ea:2f:29:aa:e2:aa:1c:
0c:24:cf:3d:88:de:7b:85:70:b6:77:43:2f:86:7e:ee:5f:f0:
2d:2d:f4:9b:5e:af:f3:15:d8:43:54:b4:64:4b:a8:4a:c8:8b:
b7:64:07:af:5d:61:d0:72:97:ff:f2:ca:c6:8b:19:c3:dc:9a:
b9:f2:16:91:93:8e:ad:0f:1f:e3:40:c3:6a:c7:5b:50:ce:b9:
f4:57:32:af:83:59:13:79:bc:15:c9:15:12:af:d7:7e:f7:0c:
6b:2b:08:8b:10:a2:c0:76:04:df:56:43:64:1d:7a:9e:d8:bd:
05:c8:d2:25:89:c6:90:ea:ae:28:0d:3c:f9:43:87:71:fb:ae:
6b:2c:83:2b:72:6c:d8:7e:5b:d1:da:b1:9a:cf:eb:07:50:04:
bc:95:83:cf:4a:b8:23:80:93:c7:eb:93:ee:65:49:9d:24:09:
b0:77:24:cd:2a:b3:f2:f8:a4:7c:10:52:a2:4a:02:3b:aa:de:
9a:cb:54:54
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAZVhlD13ZKZJIGuD2pdCqFkiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MTQ3YzhiM2YzNzg1MGU5ZjkwNzQ5OTM4NDVjNGUwNjlm
OGVmZTIwHhcNMjUwMzA0MTQzNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2NkMTJhZTM5YjU1YThjNjhlMjFkYTFlZmVlMzE0OWM0MTdjNWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJaKCWlm5W7SJ7T5Kcvopf28ooqv
DQMJ2+5+12t6a5I+y2djytNofSBd8Ym1KwVfRxGYwlNGPa0EuzTSRX/7GHvDU9UY
ouxY0KbXbC8l5Bvw47GmLhK16+x1x/qm2yoTbA90KP2W5J1xZkJCmkLim5+ruHug
dFofybZ3RfWOaLwmGu+VelBCu5+TkZrPr2axCfp7jmXInY/1aJa+YSkwg1u2WKeu
zZ0959QxFj+Y7DUbWvitvxBDx/u9qJXXJC2XXZ2enUnCR3kO8q1i+aF3OhI2hTMJ
VI1Yc3WCcUxl2h3QX+oXiT+MftZ2oHC1hoBfnTX+NthgIp2l38duRgmmyQIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFFzNEq45tVqMaOIdoe/uMUnEF8XuMB8GA1UdIwQY
MBaAFCQUfIs/N4UOn5B0mThFxOBp+O/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkJSOGl6ODNoUTZma0hTWk9FWEU0R240Ny1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS84ZGE1ZmUtZjQwNS00Y2UwLWIyZDEt
YjM1MzViNGNhNTBmLzEvWE0wU3JqbTFXb3hvNGgyaDctNHhTY1FYeGU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS84ZGE1ZmUtZjQwNS00Y2UwLWIyZDEtYjM1MzViNGNhNTBm
LzEvSkJSOGl6ODNoUTZma0hTWk9FWEU0R240Ny1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGuBggrBgEFBQcBBwEB/wSBnjCBmzBiBAIAATBcAwMBH7ID
BAUfusADBAVN7AADBAVREsADBAZTkEADBARTr7ADAwBUCgMEB1XeAAMDAVfOAwME
WUADBAVblsADBAVc9CADBAReS0ADBAVeS2ADBAHDItIDBATZd0AwNQQCAAIwLzAN
AwQAKgKjAwUCKgKjEAMGACoCoxXlAwYAKgKjFuEDBgAqAqMZYAMGACoCoxvEMA0G
CSqGSIb3DQEBCwUAA4IBAQBRW3iN0Fzjfdk2Oymqk+ApiObAi+ePgsLY5+pr1rB5
03hyRVnow8UyqpSBAbqnfCYddFvqRfVDf9oCZmaUkiFQMOovKariqhwMJM89iN57
hXC2d0Mvhn7uX/AtLfSbXq/zFdhDVLRkS6hKyIu3ZAevXWHQcpf/8srGixnD3Jq5
8haRk46tDx/jQMNqx1tQzrn0VzKvg1kTebwVyRUSr9d+9wxrKwiLEKLAdgTfVkNk
HXqe2L0FyNIlicaQ6q4oDTz5Q4dx+65rLIMrcmzYflvR2rGaz+sHUAS8lYPPSrgj
gJPH65PuZUmdJAmwdyTNKrPy+KR8EFKiSgI7qt6ay1RU
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:59:29 2025 by rpki-client