Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6LcT7NU28fBjeAEOm8qam9oNlZw.roa
File: 6LcT7NU28fBjeAEOm8qam9oNlZw.roa (raw, json)
Hash identifier: Rm2nSa3n6NzOkBAPTG5IhpU/lhW0Z8TWgGYNbR5hjw0=
Subject key identifier: E8:B7:13:EC:D5:36:F1:F0:63:78:01:0E:9B:CA:9A:9B:DA:0D:95:9C
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0195C2221BA9EECA5F91E95C7D72CCE82E37
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6LcT7NU28fBjeAEOm8qam9oNlZw.roa
Signing time: Sun 23 Mar 2025 08:32:50 +0000
ROA not before: Sun 23 Mar 2025 08:32:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 81.168.116.0/24 maxlen: 24
82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
82.153.243.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.127.0/24 maxlen: 24
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.159.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.171.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.193.0/24 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
109.176.252.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
185.101.47.0/24 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.130.132.0/22 maxlen: 22
213.152.43.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.210.54.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.226.0/24 maxlen: 24
213.218.244.0/22 maxlen: 22
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c2:22:1b:a9:ee:ca:5f:91:e9:5c:7d:72:cc:e8:2e:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 23 08:32:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e8b713ecd536f1f06378010e9bca9a9bda0d959c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:17:ff:8e:0c:69:d7:13:aa:db:4f:a2:66:1c:
28:ef:41:1c:94:b7:02:41:b3:a5:07:69:4e:68:5c:
e2:e2:07:35:7c:14:49:fd:69:ad:b5:cd:90:2b:d8:
14:0c:d3:be:bc:9a:7e:18:af:9e:47:25:27:ec:b8:
62:b4:4e:d8:f3:72:14:01:8a:5c:2d:a8:a2:98:0d:
8e:b0:de:d9:cf:6f:de:02:e7:e7:a3:0f:54:56:9b:
cb:48:15:cf:97:8e:e6:d6:9f:ff:8e:81:96:a5:6a:
42:77:66:86:57:95:67:b7:2e:d0:42:19:6c:ad:bb:
9b:9f:cf:72:7b:89:69:00:da:c0:cf:cd:67:23:33:
64:ca:96:39:9e:90:fd:02:ad:2f:24:05:8f:65:c0:
2b:a5:63:89:2c:ce:7d:2c:2d:b0:1f:b2:b9:c5:22:
83:ec:aa:6f:d4:43:43:d1:d1:f8:4d:c3:57:7b:5d:
74:c6:0c:5a:02:ba:d5:5f:31:13:96:79:32:b4:61:
83:64:b0:bc:7c:47:99:d0:74:4e:de:cf:d6:3d:ac:
d8:59:10:f7:73:92:b3:11:7d:b1:83:1a:9d:00:52:
99:f8:9f:46:a4:98:d7:4e:0c:b9:42:8d:c5:8e:68:
17:24:aa:05:8a:d4:81:4e:96:02:92:b0:33:23:25:
dd:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:B7:13:EC:D5:36:F1:F0:63:78:01:0E:9B:CA:9A:9B:DA:0D:95:9C
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6LcT7NU28fBjeAEOm8qam9oNlZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.116.0/24
82.152.8.0/24
82.152.176.0/23
82.153.136.0/22
82.153.243.0/24
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.127.0/24
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.169.0/24
89.213.171.0-89.213.176.255
89.213.181.0/24
89.213.183.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.193.0/24
109.176.204.0/22
109.176.242.0/23
109.176.252.0/24
185.49.126.0/23
185.101.47.0/24
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.130.132.0/22
213.152.43.0/24
213.210.52.0/22
213.218.211.0/24
213.218.226.0/24
213.218.244.0/22
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
61:7e:f6:23:bd:18:38:6c:45:e7:1e:25:ce:4d:e9:d0:7c:bb:
dd:bc:96:bc:ce:0b:81:11:88:e3:6f:a8:50:f2:a9:98:61:95:
0b:4c:7c:53:e4:79:26:49:5c:6d:e2:fd:f1:e6:0a:bb:28:b9:
6b:4b:bf:bf:af:a7:a9:b5:ce:29:3b:f8:1f:22:8b:f7:ed:3c:
a5:50:e9:65:b7:3a:10:c9:57:5f:33:4d:ce:1a:59:81:d5:a0:
9d:6e:07:b5:3e:54:c6:e1:76:0a:fb:0b:3d:74:45:74:0c:10:
82:7a:5f:8c:a8:45:85:30:88:40:38:a2:a0:db:e2:5a:46:17:
9d:20:c0:be:2c:87:1b:ff:1d:58:ff:1c:49:fd:5d:f1:db:23:
12:5b:42:1f:a3:ca:a9:d9:c6:3b:26:93:a1:4a:84:8a:db:d3:
37:03:a8:20:84:84:f3:c9:26:fb:3f:54:34:c8:f2:a4:78:ba:
ba:39:e2:95:7d:1e:0b:8e:97:ae:5c:be:a3:87:9f:82:90:2e:
02:03:50:7e:17:1d:ec:00:94:f2:1d:c6:c9:97:1d:6e:de:5b:
3b:34:4f:49:51:c4:ab:2c:4d:81:04:24:98:c9:c6:e4:4d:94:
33:d6:72:c4:50:22:69:ea:d2:23:87:b1:7f:59:46:0e:a4:91:
d5:ec:db:6a
-----BEGIN CERTIFICATE-----
MIIGMzCCBRugAwIBAgISAZXCIhup7spfkelcfXLM6C43MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMzIzMDgzMjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGI3MTNlY2Q1MzZmMWYwNjM3ODAxMGU5YmNhOWE5YmRhMGQ5NTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRf/jgxp1xOq20+iZhwo70EclLcC
QbOlB2lOaFzi4gc1fBRJ/Wmttc2QK9gUDNO+vJp+GK+eRyUn7LhitE7Y83IUAYpc
LaiimA2OsN7Zz2/eAufnow9UVpvLSBXPl47m1p//joGWpWpCd2aGV5Vnty7QQhls
rbubn89ye4lpANrAz81nIzNkypY5npD9Aq0vJAWPZcArpWOJLM59LC2wH7K5xSKD
7Kpv1END0dH4TcNXe110xgxaArrVXzETlnkytGGDZLC8fEeZ0HRO3s/WPazYWRD3
c5KzEX2xgxqdAFKZ+J9GpJjXTgy5Qo3FjmgXJKoFitSBTpYCkrAzIyXdJQIDAQAB
o4IDPzCCAzswHQYDVR0OBBYEFOi3E+zVNvHwY3gBDpvKmpvaDZWcMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNkxjVDdOVTI4ZkJqZUFFT204cWFtOW9ObFp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBUwYIKwYBBQUHAQcBAf8EggFCMIIBPjCCAToEAgABMIIB
MgMEAFGodAMEAFKYCAMEAVKYsAMEAlKZiAMEAFKZ8wMEAVnVLAMEAVnVMgMEAlnV
OAMEAFnVfwMEAFnVgQMEAFnVhAMEAFnViwMEAFnVjzAMAwQAWdWRAwQAWdWSMAwD
BAJZ1ZQDBAVZ1YADBABZ1aIDBABZ1aQDBABZ1acDBABZ1akwDAMEAFnVqwMEAFnV
sAMEAFnVtQMEAFnVtwMEAFnVvzAMAwQCWdXEAwQEWdXAMAwDBAJZ1eQDBARZ1eAD
BANtsBADBABtsMEDBAJtsMwDBAFtsPIDBABtsPwDBAG5MX4DBAC5ZS8DBATCaVAD
BADUJk8DBAHUJlgDBALVgoQDBADVmCsDBALV0jQDBADV2tMDBADV2uIDBALV2vQw
DAMEANmRQQMEANmRQgMEA9mRSDANBgkqhkiG9w0BAQsFAAOCAQEAYX72I70YOGxF
5x4lzk3p0Hy73byWvM4LgRGI42+oUPKpmGGVC0x8U+R5JklcbeL98eYKuyi5a0u/
v6+nqbXOKTv4HyKL9+08pVDpZbc6EMlXXzNNzhpZgdWgnW4HtT5UxuF2CvsLPXRF
dAwQgnpfjKhFhTCIQDiioNviWkYXnSDAviyHG/8dWP8cSf1d8dsjEltCH6PKqdnG
OyaToUqEitvTNwOoIISE88km+z9UNMjypHi6ujnilX0eC46Xrly+o4efgpAuAgNQ
fhcd7ACU8h3GyZcdbt5bOzRPSVHEqyxNgQQkmMnG5E2UM9ZyxFAiaerSI4exf1lG
DqSR1ezbag==
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:29:32 2025 by rpki-client