Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/pPVeiHOLM_JNt_WyCC-qbnPvHLA.roa
File: pPVeiHOLM_JNt_WyCC-qbnPvHLA.roa (raw, json)
Hash identifier: in0fgGvpUXF861aTBpJ6hHJKP2za6YVoSI4VCCDbtrw=
Subject key identifier: A4:F5:5E:88:73:8B:33:F2:4D:B7:F5:B2:08:2F:AA:6E:73:EF:1C:B0
Certificate issuer: /CN=24147c8b3f37850e9f9074993845c4e069f8efe2
Certificate serial: 01955B311B8D3A06327B64B1D3356BCD93ED
Authority key identifier: 24:14:7C:8B:3F:37:85:0E:9F:90:74:99:38:45:C4:E0:69:F8:EF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JBR8iz83hQ6fkHSZOEXE4Gn47-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/pPVeiHOLM_JNt_WyCC-qbnPvHLA.roa
Signing time: Mon 03 Mar 2025 08:48:19 +0000
ROA not before: Mon 03 Mar 2025 08:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9141
IP address blocks: 31.178.0.0/17 maxlen: 17
31.178.128.0/17 maxlen: 17
31.179.0.0/17 maxlen: 17
31.179.128.0/17 maxlen: 24
31.186.192.0/19 maxlen: 19
77.236.0.0/21 maxlen: 21
77.236.8.0/21 maxlen: 21
77.236.16.0/21 maxlen: 21
77.236.24.0/21 maxlen: 21
81.18.192.0/22 maxlen: 22
81.18.196.0/22 maxlen: 22
81.18.200.0/22 maxlen: 22
81.18.204.0/22 maxlen: 22
81.18.208.0/22 maxlen: 22
81.18.212.0/22 maxlen: 22
81.18.216.0/22 maxlen: 22
81.18.220.0/22 maxlen: 22
83.175.176.0/20 maxlen: 20
85.222.0.0/19 maxlen: 19
85.222.32.0/19 maxlen: 19
85.222.52.0/22 maxlen: 22
85.222.64.0/19 maxlen: 19
85.222.96.0/19 maxlen: 19
89.68.0.0/14 maxlen: 14
89.70.108.0/22 maxlen: 22
89.72.0.0/14 maxlen: 14
89.72.228.0/22 maxlen: 22
89.77.216.0/22 maxlen: 22
195.34.210.0/23 maxlen: 23
217.119.64.0/20 maxlen: 20
2a02:a300::/29 maxlen: 29
2a02:a308::/29 maxlen: 29
2a02:a310::/32 maxlen: 32
2a02:a311::/32 maxlen: 32
2a02:a312::/32 maxlen: 32
2a02:a313::/32 maxlen: 32
2a02:a315:e500::/40 maxlen: 40
2a02:a316:e100::/40 maxlen: 40
2a02:a319:6000::/40 maxlen: 40
2a02:a31b:c400::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5b:31:1b:8d:3a:06:32:7b:64:b1:d3:35:6b:cd:93:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24147c8b3f37850e9f9074993845c4e069f8efe2
Validity
Not Before: Mar 3 08:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4f55e88738b33f24db7f5b2082faa6e73ef1cb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f3:02:b1:73:83:93:37:23:e7:2d:ba:43:cf:
2a:39:7a:43:e7:66:22:e8:9f:37:d5:37:ba:a6:72:
a9:5a:6c:e8:87:bc:2a:be:2f:d2:bd:4f:42:34:b9:
8b:66:7b:07:cf:6d:b2:4c:56:9e:00:98:a6:d9:90:
10:bb:6e:c4:99:f8:d7:6a:77:ca:4c:36:1b:8e:e1:
87:87:aa:20:14:8a:3a:c0:26:53:8a:83:b2:07:a7:
a4:e1:6d:de:fc:03:5c:43:0f:8b:67:92:1a:56:a4:
d5:1e:60:8c:c7:02:3c:6f:f1:6e:e7:6f:e1:30:21:
c7:d5:02:b1:ec:d5:5a:03:1c:7c:42:ca:cf:8f:73:
de:1a:5f:37:53:af:d6:29:af:67:e4:4a:09:73:a8:
bb:b1:6a:f5:bc:3b:af:ea:99:cb:74:49:d2:0f:d4:
6c:1c:dd:ca:9d:ea:6e:cc:b1:ca:6d:2c:f3:f8:0b:
e8:d6:2f:ae:24:a8:af:05:5d:df:b2:b2:80:07:2a:
e4:b2:fc:10:81:d0:77:99:4c:09:07:0c:f2:a2:f6:
6f:9d:49:0a:cc:75:e0:c2:a6:4c:d5:d2:2d:a5:a3:
b4:2e:43:c3:b8:93:c7:b0:58:4f:e5:14:c2:76:01:
c5:54:fc:0d:44:9a:1c:be:3f:2b:92:31:1a:73:76:
83:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:F5:5E:88:73:8B:33:F2:4D:B7:F5:B2:08:2F:AA:6E:73:EF:1C:B0
X509v3 Authority Key Identifier:
keyid:24:14:7C:8B:3F:37:85:0E:9F:90:74:99:38:45:C4:E0:69:F8:EF:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JBR8iz83hQ6fkHSZOEXE4Gn47-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/pPVeiHOLM_JNt_WyCC-qbnPvHLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/JBR8iz83hQ6fkHSZOEXE4Gn47-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.178.0.0/15
31.186.192.0/19
77.236.0.0/19
81.18.192.0/19
83.175.176.0/20
85.222.0.0/17
89.68.0.0-89.75.255.255
89.77.216.0/22
195.34.210.0/23
217.119.64.0/20
IPv6:
2a02:a300::-2a02:a313:ffff:ffff:ffff:ffff:ffff:ffff
2a02:a315:e500::/40
2a02:a316:e100::/40
2a02:a319:6000::/40
2a02:a31b:c400::/40
Signature Algorithm: sha256WithRSAEncryption
6c:40:83:d9:e9:d1:e6:b8:49:ae:22:0f:61:21:7a:d2:83:94:
67:ba:8e:63:b5:5a:a1:10:aa:bf:78:be:a5:e5:94:b8:40:9d:
9a:10:d1:17:30:06:82:0e:55:16:05:3a:0b:14:9a:bc:06:3a:
f7:0a:70:b7:5e:1a:39:87:eb:1b:e3:b3:6a:ba:8b:9e:a4:0d:
fc:9f:31:df:78:35:2f:a2:dc:49:e1:2f:0b:3e:c9:6e:07:e9:
ac:d2:f5:a7:2f:4e:6e:95:c0:d3:b1:0c:5f:34:e8:95:a2:5c:
a9:fb:5f:5e:a4:13:3a:9e:a8:c7:41:18:df:a7:fd:83:7f:57:
2e:cc:7a:2f:77:b1:08:82:22:9a:c1:ad:5f:4c:68:00:45:13:
46:34:91:d3:e8:f0:15:84:e8:51:bb:78:eb:1f:98:ea:78:1c:
7d:ab:a9:17:af:dc:05:9d:7a:46:de:4c:16:8c:73:ca:fd:97:
0e:95:09:26:62:14:84:e0:85:0a:63:a8:50:69:a2:4e:47:60:
fa:c0:c5:a9:c3:41:45:5d:fd:5a:fd:9c:79:f5:14:0c:b6:4f:
7f:42:1d:c8:6d:9e:26:a5:09:c7:ae:50:fd:e0:9d:18:b9:77:
ca:f1:0c:e9:73:db:42:23:4f:09:d7:da:67:2e:b5:01:1a:fb:
7a:66:5b:67
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAZVbMRuNOgYye2Sx0zVrzZPtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MTQ3YzhiM2YzNzg1MGU5ZjkwNzQ5OTM4NDVjNGUwNjlm
OGVmZTIwHhcNMjUwMzAzMDg0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGY1NWU4ODczOGIzM2YyNGRiN2Y1YjIwODJmYWE2ZTczZWYxY2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/MCsXODkzcj5y26Q88qOXpD52Yi
6J831Te6pnKpWmzoh7wqvi/SvU9CNLmLZnsHz22yTFaeAJim2ZAQu27EmfjXanfK
TDYbjuGHh6ogFIo6wCZTioOyB6ek4W3e/ANcQw+LZ5IaVqTVHmCMxwI8b/Fu52/h
MCHH1QKx7NVaAxx8QsrPj3PeGl83U6/WKa9n5EoJc6i7sWr1vDuv6pnLdEnSD9Rs
HN3KnepuzLHKbSzz+Avo1i+uJKivBV3fsrKAByrksvwQgdB3mUwJBwzyovZvnUkK
zHXgwqZM1dItpaO0LkPDuJPHsFhP5RTCdgHFVPwNRJocvj8rkjEac3aDGwIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFKT1XohzizPyTbf1sggvqm5z7xywMB8GA1UdIwQY
MBaAFCQUfIs/N4UOn5B0mThFxOBp+O/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkJSOGl6ODNoUTZma0hTWk9FWEU0R240Ny1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS84ZGE1ZmUtZjQwNS00Y2UwLWIyZDEt
YjM1MzViNGNhNTBmLzEvcFBWZWlIT0xNX0pOdF9XeUNDLXFiblB2SExBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS84ZGE1ZmUtZjQwNS00Y2UwLWIyZDEtYjM1MzViNGNhNTBm
LzEvSkJSOGl6ODNoUTZma0hTWk9FWEU0R240Ny1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDBHBAIAATBBAwMBH7ID
BAUfusADBAVN7AADBAVREsADBARTr7ADBAdV3gAwCgMDAllEAwMCWUgDBAJZTdgD
BAHDItIDBATZd0AwNQQCAAIwLzANAwQAKgKjAwUCKgKjEAMGACoCoxXlAwYAKgKj
FuEDBgAqAqMZYAMGACoCoxvEMA0GCSqGSIb3DQEBCwUAA4IBAQBsQIPZ6dHmuEmu
Ig9hIXrSg5Rnuo5jtVqhEKq/eL6l5ZS4QJ2aENEXMAaCDlUWBToLFJq8Bjr3CnC3
Xho5h+sb47NquouepA38nzHfeDUvotxJ4S8LPsluB+ms0vWnL05ulcDTsQxfNOiV
olyp+19epBM6nqjHQRjfp/2Df1cuzHovd7EIgiKawa1fTGgARRNGNJHT6PAVhOhR
u3jrH5jqeBx9q6kXr9wFnXpG3kwWjHPK/ZcOlQkmYhSE4IUKY6hQaaJOR2D6wMWp
w0FFXf1a/Zx59RQMtk9/Qh3IbZ4mpQnHrlD94J0YuXfK8Qzpc9tCI08J19pnLrUB
Gvt6Zltn
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:53:51 2025 by rpki-client