Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/yfHMUBz7S74f_byIXoV_ZR-2Obk.roa
File: yfHMUBz7S74f_byIXoV_ZR-2Obk.roa (raw, json)
Hash identifier: +QU+9F/N0I9RboJ2G4Sp3t5UHUGzCTFCBMh8p/ita04=
Subject key identifier: C9:F1:CC:50:1C:FB:4B:BE:1F:FD:BC:88:5E:85:7F:65:1F:B6:39:B9
Certificate issuer: /CN=24147c8b3f37850e9f9074993845c4e069f8efe2
Certificate serial: 0195D1F1A71F6BB33FCF0D9B6CCB54E16EE0
Authority key identifier: 24:14:7C:8B:3F:37:85:0E:9F:90:74:99:38:45:C4:E0:69:F8:EF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JBR8iz83hQ6fkHSZOEXE4Gn47-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/yfHMUBz7S74f_byIXoV_ZR-2Obk.roa
Signing time: Wed 26 Mar 2025 10:13:49 +0000
ROA not before: Wed 26 Mar 2025 10:13:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6830
IP address blocks: 31.178.0.0/15 maxlen: 15
31.178.0.0/16 maxlen: 16
31.179.0.0/16 maxlen: 16
31.186.192.0/19 maxlen: 19
31.187.0.0/18 maxlen: 18
31.187.0.0/19 maxlen: 19
31.187.32.0/19 maxlen: 19
77.236.0.0/19 maxlen: 19
77.236.0.0/20 maxlen: 20
77.236.16.0/20 maxlen: 20
81.18.192.0/20 maxlen: 20
81.18.192.0/21 maxlen: 21
81.18.200.0/21 maxlen: 21
81.18.208.0/20 maxlen: 20
81.18.208.0/21 maxlen: 21
81.18.216.0/21 maxlen: 21
83.144.64.0/18 maxlen: 18
84.10.0.0/16 maxlen: 16
84.10.0.0/17 maxlen: 17
84.10.128.0/17 maxlen: 17
85.222.0.0/17 maxlen: 17
85.222.0.0/18 maxlen: 18
85.222.64.0/18 maxlen: 18
87.206.0.0/15 maxlen: 15
87.206.0.0/16 maxlen: 16
87.207.0.0/16 maxlen: 16
89.64.0.0/12 maxlen: 12
89.64.0.0/13 maxlen: 13
89.72.0.0/13 maxlen: 13
91.150.192.0/19 maxlen: 19
92.244.32.0/19 maxlen: 19
92.244.32.0/20 maxlen: 20
92.244.48.0/20 maxlen: 20
94.75.64.0/18 maxlen: 18
94.75.64.0/19 maxlen: 19
94.75.96.0/19 maxlen: 19
94.172.0.0/16 maxlen: 16
94.172.0.0/17 maxlen: 17
94.172.128.0/17 maxlen: 17
95.158.64.0/18 maxlen: 18
178.73.0.0/18 maxlen: 18
178.73.0.0/19 maxlen: 19
178.73.32.0/19 maxlen: 19
188.93.160.0/21 maxlen: 21
188.93.160.0/22 maxlen: 22
188.93.164.0/22 maxlen: 22
193.47.158.0/23 maxlen: 23
193.47.160.0/24 maxlen: 24
194.187.40.0/22 maxlen: 22
195.34.208.0/22 maxlen: 22
212.76.32.0/19 maxlen: 19
212.76.32.0/20 maxlen: 20
212.76.48.0/20 maxlen: 20
213.134.160.0/19 maxlen: 19
213.134.160.0/20 maxlen: 20
213.134.176.0/20 maxlen: 20
2001:4050::/32 maxlen: 32
2001:4050::/33 maxlen: 33
2001:4050:8000::/33 maxlen: 33
2a02:a300::/27 maxlen: 27
2a02:a300::/28 maxlen: 28
2a02:a310::/28 maxlen: 28
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d1:f1:a7:1f:6b:b3:3f:cf:0d:9b:6c:cb:54:e1:6e:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24147c8b3f37850e9f9074993845c4e069f8efe2
Validity
Not Before: Mar 26 10:13:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c9f1cc501cfb4bbe1ffdbc885e857f651fb639b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:e8:f6:a5:e9:2e:75:ac:d6:a3:e8:4d:21:af:
86:fc:bc:d6:2d:92:f1:20:f9:68:40:a3:d8:f9:cc:
73:27:c2:43:50:8a:e6:41:1b:ba:14:25:04:9a:59:
10:05:82:92:6e:f9:fa:33:bc:9a:b8:80:1c:b2:07:
b7:7d:9a:69:05:0b:90:72:51:1d:02:b3:59:cf:9a:
66:79:62:5d:4d:54:59:f0:5e:0f:6a:d3:c7:b7:80:
b2:f8:1c:2c:2d:43:6f:58:00:eb:87:a2:4e:0b:d9:
2c:cd:1c:e0:af:dd:5f:81:06:df:fa:4f:d3:aa:09:
e4:47:da:1f:2c:90:0f:92:eb:0c:89:5f:e5:f5:db:
fd:ca:bc:53:38:f4:c9:54:af:df:4c:c8:28:3e:45:
37:4a:81:70:f9:ff:65:2a:08:59:32:46:05:1e:7b:
71:03:bf:85:a3:15:7b:8a:26:11:c8:6d:b1:f1:0c:
d6:79:80:30:6d:c6:39:d2:5f:b9:7d:b1:e0:91:4e:
5c:54:4e:ed:a4:06:86:50:5b:59:97:a2:af:1d:85:
1a:61:4a:df:d8:c8:35:31:5d:18:dc:e4:58:37:63:
5d:a4:64:b5:e9:66:31:a7:14:28:67:73:8f:25:72:
1c:83:c1:be:b2:c9:9f:14:f5:f4:a3:4c:68:10:2c:
e7:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:F1:CC:50:1C:FB:4B:BE:1F:FD:BC:88:5E:85:7F:65:1F:B6:39:B9
X509v3 Authority Key Identifier:
keyid:24:14:7C:8B:3F:37:85:0E:9F:90:74:99:38:45:C4:E0:69:F8:EF:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JBR8iz83hQ6fkHSZOEXE4Gn47-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/yfHMUBz7S74f_byIXoV_ZR-2Obk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/JBR8iz83hQ6fkHSZOEXE4Gn47-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.178.0.0/15
31.186.192.0/19
31.187.0.0/18
77.236.0.0/19
81.18.192.0/19
83.144.64.0/18
84.10.0.0/16
85.222.0.0/17
87.206.0.0/15
89.64.0.0/12
91.150.192.0/19
92.244.32.0/19
94.75.64.0/18
94.172.0.0/16
95.158.64.0/18
178.73.0.0/18
188.93.160.0/21
193.47.158.0-193.47.160.255
194.187.40.0/22
195.34.208.0/22
212.76.32.0/19
213.134.160.0/19
IPv6:
2001:4050::/32
2a02:a300::/27
Signature Algorithm: sha256WithRSAEncryption
12:0f:1d:7b:7b:54:eb:10:9d:d4:66:af:d6:cf:6a:06:d2:6f:
67:c4:e7:0a:58:70:9b:73:20:4b:45:27:0b:6d:f2:6a:c1:48:
5f:59:4a:a3:69:f4:a7:78:78:87:3d:44:fd:0b:74:13:85:42:
87:83:9a:6f:da:84:d4:4b:d3:50:4a:ce:2e:58:0a:04:60:62:
f5:ab:7d:0b:4f:4f:8d:d1:7a:8b:23:e7:48:dd:89:e3:47:7e:
ca:c1:ae:32:76:8b:cb:de:86:34:ba:f5:a5:09:90:78:72:b7:
1a:58:c1:89:39:5d:2f:09:5b:eb:60:40:a8:8b:68:d4:23:51:
ca:09:a9:b7:d8:37:96:ab:39:84:2d:27:22:3e:4d:61:2d:dc:
21:9e:bc:4d:3c:5d:8c:b2:8e:5b:bf:9b:28:66:da:9b:12:6e:
ee:86:12:af:83:20:b3:29:96:d3:f0:8f:74:82:f5:7c:39:64:
ad:24:55:46:52:64:ef:5b:6e:0f:49:a5:0c:e6:ef:ed:37:bb:
a3:c0:88:24:ff:8c:6a:02:9e:32:95:6d:35:c8:9b:2f:a5:17:
07:75:5d:39:1f:be:46:01:d5:b9:21:36:93:ce:d1:c0:37:5a:
70:58:be:0b:ec:03:f2:cd:50:42:1c:8d:c0:27:69:e6:e5:e1:
63:12:40:46
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgISAZXR8acfa7M/zw2bbMtU4W7gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MTQ3YzhiM2YzNzg1MGU5ZjkwNzQ5OTM4NDVjNGUwNjlm
OGVmZTIwHhcNMjUwMzI2MTAxMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWYxY2M1MDFjZmI0YmJlMWZmZGJjODg1ZTg1N2Y2NTFmYjYzOWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ej2pekudazWo+hNIa+G/LzWLZLx
IPloQKPY+cxzJ8JDUIrmQRu6FCUEmlkQBYKSbvn6M7yauIAcsge3fZppBQuQclEd
ArNZz5pmeWJdTVRZ8F4PatPHt4Cy+BwsLUNvWADrh6JOC9kszRzgr91fgQbf+k/T
qgnkR9ofLJAPkusMiV/l9dv9yrxTOPTJVK/fTMgoPkU3SoFw+f9lKghZMkYFHntx
A7+FoxV7iiYRyG2x8QzWeYAwbcY50l+5fbHgkU5cVE7tpAaGUFtZl6KvHYUaYUrf
2Mg1MV0Y3ORYN2NdpGS16WYxpxQoZ3OPJXIcg8G+ssmfFPX0o0xoECznJwIDAQAB
o4ICpTCCAqEwHQYDVR0OBBYEFMnxzFAc+0u+H/28iF6Ff2Uftjm5MB8GA1UdIwQY
MBaAFCQUfIs/N4UOn5B0mThFxOBp+O/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkJSOGl6ODNoUTZma0hTWk9FWEU0R240Ny1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS84ZGE1ZmUtZjQwNS00Y2UwLWIyZDEt
YjM1MzViNGNhNTBmLzEveWZITVVCejdTNzRmX2J5SVhvVl9aUi0yT2JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS84ZGE1ZmUtZjQwNS00Y2UwLWIyZDEtYjM1MzViNGNhNTBm
LzEvSkJSOGl6ODNoUTZma0hTWk9FWEU0R240Ny1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG6BggrBgEFBQcBBwEB/wSBqjCBpzCBjgQCAAEwgYcDAwEf
sgMEBR+6wAMEBh+7AAMEBU3sAAMEBVESwAMEBlOQQAMDAFQKAwQHVd4AAwMBV84D
AwRZQAMEBVuWwAMEBVz0IAMEBl5LQAMDAF6sAwQGX55AAwQGskkAAwQDvF2gMAwD
BAHBL54DBADBL6ADBALCuygDBALDItADBAXUTCADBAXVhqAwFAQCAAIwDgMFACAB
QFADBQUqAqMAMA0GCSqGSIb3DQEBCwUAA4IBAQASDx17e1TrEJ3UZq/Wz2oG0m9n
xOcKWHCbcyBLRScLbfJqwUhfWUqjafSneHiHPUT9C3QThUKHg5pv2oTUS9NQSs4u
WAoEYGL1q30LT0+N0XqLI+dI3YnjR37Kwa4ydovL3oY0uvWlCZB4crcaWMGJOV0v
CVvrYECoi2jUI1HKCam32DeWqzmELSciPk1hLdwhnrxNPF2Mso5bv5soZtqbEm7u
hhKvgyCzKZbT8I90gvV8OWStJFVGUmTvW24PSaUM5u/tN7ujwIgk/4xqAp4ylW01
yJsvpRcHdV05H75GAdW5ITaTztHAN1pwWL4L7APyzVBCHI3AJ2nm5eFjEkBG
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:52:06 2025 by rpki-client