Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/kNQfehPlCVulvbwM2lGda2Nd7UY.roa
File: kNQfehPlCVulvbwM2lGda2Nd7UY.roa (raw, json)
Hash identifier: kC4MtkHN72ZG4cOC5D81BILBQn5BEqf76JOXdvh92tE=
Subject key identifier: 90:D4:1F:7A:13:E5:09:5B:A5:BD:BC:0C:DA:51:9D:6B:63:5D:ED:46
Certificate issuer: /CN=24147c8b3f37850e9f9074993845c4e069f8efe2
Certificate serial: 01955BD4FD02E716C5B2FA39AA397D2108E9
Authority key identifier: 24:14:7C:8B:3F:37:85:0E:9F:90:74:99:38:45:C4:E0:69:F8:EF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JBR8iz83hQ6fkHSZOEXE4Gn47-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/kNQfehPlCVulvbwM2lGda2Nd7UY.roa
Signing time: Mon 03 Mar 2025 11:47:19 +0000
ROA not before: Mon 03 Mar 2025 11:47:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9141
IP address blocks: 31.178.0.0/17 maxlen: 17
31.178.128.0/17 maxlen: 17
31.179.0.0/17 maxlen: 17
31.179.128.0/17 maxlen: 24
31.186.192.0/19 maxlen: 19
77.236.0.0/21 maxlen: 21
77.236.8.0/21 maxlen: 21
77.236.16.0/21 maxlen: 21
77.236.24.0/21 maxlen: 21
81.18.192.0/22 maxlen: 22
81.18.196.0/22 maxlen: 22
81.18.200.0/22 maxlen: 22
81.18.204.0/22 maxlen: 22
81.18.208.0/22 maxlen: 22
81.18.212.0/22 maxlen: 22
81.18.216.0/22 maxlen: 22
81.18.220.0/22 maxlen: 22
83.144.64.0/19 maxlen: 19
83.144.96.0/19 maxlen: 19
83.175.176.0/20 maxlen: 20
84.10.0.0/18 maxlen: 18
84.10.64.0/18 maxlen: 18
84.10.128.0/18 maxlen: 18
84.10.192.0/18 maxlen: 18
85.222.0.0/19 maxlen: 19
85.222.32.0/19 maxlen: 19
85.222.52.0/22 maxlen: 22
85.222.64.0/19 maxlen: 19
85.222.96.0/19 maxlen: 19
87.206.0.0/17 maxlen: 17
87.206.128.0/17 maxlen: 17
87.207.0.0/17 maxlen: 17
87.207.128.0/17 maxlen: 17
89.64.0.0/14 maxlen: 14
89.68.0.0/14 maxlen: 14
89.70.108.0/22 maxlen: 22
89.72.0.0/14 maxlen: 14
89.72.228.0/22 maxlen: 22
89.76.0.0/14 maxlen: 14
89.77.216.0/22 maxlen: 22
91.150.192.0/20 maxlen: 20
91.150.208.0/20 maxlen: 20
92.244.32.0/21 maxlen: 21
92.244.40.0/21 maxlen: 21
92.244.48.0/21 maxlen: 21
92.244.56.0/21 maxlen: 21
195.34.210.0/23 maxlen: 23
217.119.64.0/20 maxlen: 20
2a02:a300::/29 maxlen: 29
2a02:a308::/29 maxlen: 29
2a02:a310::/32 maxlen: 32
2a02:a311::/32 maxlen: 32
2a02:a312::/32 maxlen: 32
2a02:a313::/32 maxlen: 32
2a02:a315:e500::/40 maxlen: 40
2a02:a316:e100::/40 maxlen: 40
2a02:a319:6000::/40 maxlen: 40
2a02:a31b:c400::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5b:d4:fd:02:e7:16:c5:b2:fa:39:aa:39:7d:21:08:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24147c8b3f37850e9f9074993845c4e069f8efe2
Validity
Not Before: Mar 3 11:47:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90d41f7a13e5095ba5bdbc0cda519d6b635ded46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:90:bd:b7:b2:15:ea:06:96:3d:21:e8:7d:9b:
f8:a2:7f:b2:42:f5:fe:e7:d0:b0:dd:a3:a8:c8:ea:
60:5d:e0:9f:c7:5a:fb:40:b9:50:49:17:64:8a:3b:
9f:4b:54:d1:39:51:12:6e:4a:52:66:4a:c0:5b:70:
c2:c9:e1:93:c4:f2:70:94:cf:d7:99:e2:35:4e:81:
c1:7d:84:7e:6a:fe:8d:fc:f7:34:94:57:2e:fe:56:
9c:2b:68:a0:31:e3:15:32:b9:be:c3:02:50:51:6f:
db:34:f9:a6:ef:88:78:a3:fd:16:34:30:f2:66:19:
48:04:d9:b6:d0:4c:05:43:29:7f:ac:4b:b2:62:df:
0e:dd:27:d7:a5:79:d3:40:a9:51:72:67:b6:39:a8:
cd:24:dc:01:18:4a:4e:7f:4b:63:9f:db:99:d4:2a:
fc:94:12:64:e1:dc:35:aa:65:2d:99:8f:76:18:45:
a2:88:a3:35:e9:78:5b:a0:b1:81:7a:67:34:af:12:
42:2e:33:e4:89:70:bf:3d:30:20:e5:42:32:ee:68:
8d:90:9f:72:d4:82:ab:1a:d4:30:27:58:13:da:50:
3f:a6:8c:07:7e:6e:24:24:a8:2a:02:99:1d:09:9d:
7e:32:1d:ce:fa:3f:45:77:fe:b5:f0:65:a0:39:6d:
d2:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:D4:1F:7A:13:E5:09:5B:A5:BD:BC:0C:DA:51:9D:6B:63:5D:ED:46
X509v3 Authority Key Identifier:
keyid:24:14:7C:8B:3F:37:85:0E:9F:90:74:99:38:45:C4:E0:69:F8:EF:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JBR8iz83hQ6fkHSZOEXE4Gn47-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/kNQfehPlCVulvbwM2lGda2Nd7UY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/JBR8iz83hQ6fkHSZOEXE4Gn47-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.178.0.0/15
31.186.192.0/19
77.236.0.0/19
81.18.192.0/19
83.144.64.0/18
83.175.176.0/20
84.10.0.0/16
85.222.0.0/17
87.206.0.0/15
89.64.0.0/12
91.150.192.0/19
92.244.32.0/19
195.34.210.0/23
217.119.64.0/20
IPv6:
2a02:a300::-2a02:a313:ffff:ffff:ffff:ffff:ffff:ffff
2a02:a315:e500::/40
2a02:a316:e100::/40
2a02:a319:6000::/40
2a02:a31b:c400::/40
Signature Algorithm: sha256WithRSAEncryption
89:fd:ae:93:2f:b0:29:9a:3a:88:dc:e6:b5:b1:e8:1d:a6:0c:
b6:0a:f6:80:09:43:8d:a4:10:e2:33:13:0a:34:eb:97:12:89:
f4:96:43:01:1f:ac:18:4e:61:60:9c:09:1b:f4:e3:fe:e3:24:
bd:ee:27:19:11:88:4e:0f:57:6a:4e:40:7a:a2:48:8b:0b:a7:
68:2b:5c:b1:d4:47:68:c4:6d:27:01:2e:c1:f9:8f:1e:59:48:
bb:68:ff:c9:d2:40:ef:47:a6:a9:d9:f3:08:88:8d:55:60:3d:
3a:12:9d:fd:51:1c:4a:9d:61:8f:01:53:fc:7b:a5:61:5f:24:
f6:ae:d8:fb:1e:81:28:9f:af:d5:b9:1f:28:90:5a:39:7e:a2:
62:80:54:79:1e:73:40:44:4d:c9:69:1f:27:5e:20:5f:ee:19:
ca:b3:4a:26:cd:3b:b8:a3:df:63:75:aa:25:91:87:e6:e0:08:
17:cb:77:8c:aa:c1:30:c7:f0:67:1d:c1:f5:df:53:b9:f6:a3:
c0:da:a0:04:50:8b:2c:47:3e:1d:cf:71:91:52:6e:6f:01:70:
15:1a:64:6a:0e:28:70:0e:75:50:17:97:78:eb:bd:59:b5:f4:
ec:0f:cd:fd:0e:a9:01:13:1b:e6:a8:d8:e4:30:24:09:ac:44:
70:43:6d:47
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAZVb1P0C5xbFsvo5qjl9IQjpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MTQ3YzhiM2YzNzg1MGU5ZjkwNzQ5OTM4NDVjNGUwNjlm
OGVmZTIwHhcNMjUwMzAzMTE0NzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGQ0MWY3YTEzZTUwOTViYTViZGJjMGNkYTUxOWQ2YjYzNWRlZDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2JC9t7IV6gaWPSHofZv4on+yQvX+
59Cw3aOoyOpgXeCfx1r7QLlQSRdkijufS1TROVESbkpSZkrAW3DCyeGTxPJwlM/X
meI1ToHBfYR+av6N/Pc0lFcu/lacK2igMeMVMrm+wwJQUW/bNPmm74h4o/0WNDDy
ZhlIBNm20EwFQyl/rEuyYt8O3SfXpXnTQKlRcme2OajNJNwBGEpOf0tjn9uZ1Cr8
lBJk4dw1qmUtmY92GEWiiKM16XhboLGBemc0rxJCLjPkiXC/PTAg5UIy7miNkJ9y
1IKrGtQwJ1gT2lA/powHfm4kJKgqApkdCZ1+Mh3O+j9Fd/618GWgOW3SBQIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFJDUH3oT5Qlbpb28DNpRnWtjXe1GMB8GA1UdIwQY
MBaAFCQUfIs/N4UOn5B0mThFxOBp+O/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkJSOGl6ODNoUTZma0hTWk9FWEU0R240Ny1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS84ZGE1ZmUtZjQwNS00Y2UwLWIyZDEt
YjM1MzViNGNhNTBmLzEva05RZmVoUGxDVnVsdmJ3TTJsR2RhMk5kN1VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS84ZGE1ZmUtZjQwNS00Y2UwLWIyZDEtYjM1MzViNGNhNTBm
LzEvSkJSOGl6ODNoUTZma0hTWk9FWEU0R240Ny1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzBWBAIAATBQAwMBH7ID
BAUfusADBAVN7AADBAVREsADBAZTkEADBARTr7ADAwBUCgMEB1XeAAMDAVfOAwME
WUADBAVblsADBAVc9CADBAHDItIDBATZd0AwNQQCAAIwLzANAwQAKgKjAwUCKgKj
EAMGACoCoxXlAwYAKgKjFuEDBgAqAqMZYAMGACoCoxvEMA0GCSqGSIb3DQEBCwUA
A4IBAQCJ/a6TL7ApmjqI3Oa1segdpgy2CvaACUONpBDiMxMKNOuXEon0lkMBH6wY
TmFgnAkb9OP+4yS97icZEYhOD1dqTkB6okiLC6doK1yx1EdoxG0nAS7B+Y8eWUi7
aP/J0kDvR6ap2fMIiI1VYD06Ep39URxKnWGPAVP8e6VhXyT2rtj7HoEon6/VuR8o
kFo5fqJigFR5HnNARE3JaR8nXiBf7hnKs0omzTu4o99jdaolkYfm4AgXy3eMqsEw
x/BnHcH131O59qPA2qAEUIssRz4dz3GRUm5vAXAVGmRqDihwDnVQF5d4671ZtfTs
D839DqkBExvmqNjkMCQJrERwQ21H
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:46:50 2025 by rpki-client