Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/GW5f0Nv1U8bwOTd0NvJUsgfriO0.roa
File: GW5f0Nv1U8bwOTd0NvJUsgfriO0.roa (raw, json)
Hash identifier: 55y5pL2HJIMAq0UMm/scDz45YscHNsESx8hzJLXfSU8=
Subject key identifier: 19:6E:5F:D0:DB:F5:53:C6:F0:39:37:74:36:F2:54:B2:07:EB:88:ED
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019576056601D343F6DF41C70BFB34BF0D4E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/GW5f0Nv1U8bwOTd0NvJUsgfriO0.roa
Signing time: Sat 08 Mar 2025 13:50:20 +0000
ROA not before: Sat 08 Mar 2025 13:50:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 81.168.119.0/24 maxlen: 24
81.168.126.0/24 maxlen: 24
82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
82.153.243.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.159.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.171.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
109.176.252.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
185.101.47.0/24 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.152.43.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.210.54.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.226.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:76:05:66:01:d3:43:f6:df:41:c7:0b:fb:34:bf:0d:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 8 13:50:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=196e5fd0dbf553c6f039377436f254b207eb88ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:31:4b:85:57:3e:20:b7:7a:11:7c:ab:14:69:
4f:8a:a7:4f:19:18:af:c8:2b:64:e8:e7:ca:01:68:
16:6c:d1:c9:0f:79:03:09:7a:35:f1:3b:94:8b:fb:
12:7c:45:87:e7:a1:9a:1c:bc:fa:d1:6c:18:83:c9:
74:4b:b7:f7:29:b9:ea:fc:e9:8c:80:bc:c4:16:08:
8f:be:7e:64:dd:02:c1:84:cb:e8:4c:13:df:eb:77:
23:00:c5:dc:a8:c3:79:83:0e:d4:b1:23:ec:5b:ca:
bf:76:5d:8a:0b:a8:9e:30:8d:08:72:11:1e:08:4a:
c4:83:18:78:68:32:0a:88:49:43:1b:3e:21:38:08:
87:f7:a0:a0:69:12:05:aa:e8:7e:dd:33:87:95:c5:
ea:e2:50:e8:5a:42:f6:56:e4:61:9b:d9:e5:59:03:
4c:f5:52:7b:b7:d4:86:e6:ba:e2:64:33:ef:92:f3:
a0:50:2f:b9:ce:86:a9:86:77:f9:98:b5:ec:d7:35:
09:bf:b7:14:8c:17:cf:ea:da:52:8a:c2:26:28:4c:
50:19:68:c9:c6:d4:d1:fd:0a:1c:7c:06:7d:41:a4:
26:a1:25:23:71:2c:2e:c5:84:4f:f9:f9:d3:03:a5:
a9:d0:ad:05:7e:7a:9f:fa:a0:69:e9:3f:df:d1:34:
72:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:6E:5F:D0:DB:F5:53:C6:F0:39:37:74:36:F2:54:B2:07:EB:88:ED
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/GW5f0Nv1U8bwOTd0NvJUsgfriO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.119.0/24
81.168.126.0/24
82.152.8.0/24
82.152.176.0/23
82.153.136.0/22
82.153.243.0/24
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.169.0/24
89.213.171.0-89.213.175.255
89.213.181.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
109.176.252.0/24
185.49.126.0/23
185.101.47.0/24
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.152.43.0/24
213.210.52.0/22
213.218.211.0/24
213.218.226.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
0f:b9:70:24:2d:4c:b6:f8:41:69:57:c3:7a:b4:9a:b1:d5:c0:
e9:ea:7c:df:3c:35:c8:13:ce:5f:94:17:79:56:66:3d:ad:d7:
5b:cb:0e:a3:42:54:b2:c2:ca:7e:b0:8c:e5:b0:a5:4c:95:06:
69:8a:84:5c:d1:d9:1a:05:91:26:a6:07:51:d8:95:02:89:c3:
ec:60:34:ff:30:00:c7:4d:54:d9:14:2c:f2:06:1f:1e:eb:51:
fd:0c:ec:cc:0d:df:62:99:24:e9:41:cb:70:f7:4f:ec:82:47:
57:f5:c3:12:22:d1:ab:db:ef:08:cf:aa:9f:91:9a:ad:d7:9f:
f6:02:dd:f3:7e:10:54:3a:15:4b:15:0b:ee:04:16:b3:58:af:
9f:a3:71:75:da:71:6f:50:af:7f:45:ca:e9:e9:a8:51:a4:ba:
98:f7:d7:ca:80:0c:d3:50:0b:cd:b4:83:ed:60:51:30:24:bf:
22:e1:0d:2b:60:bc:c4:92:9a:ed:94:7c:6c:91:3a:fd:b9:70:
6e:e8:90:2b:99:fb:d2:29:00:b8:1c:2e:cf:6e:3b:99:4e:ce:
5e:19:a2:34:8c:64:eb:7f:57:51:df:b3:39:f9:46:c1:3c:08:
de:33:a9:a1:5d:85:bc:07:88:c0:14:e1:f6:d7:fe:99:9b:68:
b7:d6:44:e9
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgISAZV2BWYB00P230HHC/s0vw1OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMzA4MTM1MDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTZlNWZkMGRiZjU1M2M2ZjAzOTM3NzQzNmYyNTRiMjA3ZWI4OGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTFLhVc+ILd6EXyrFGlPiqdPGRiv
yCtk6OfKAWgWbNHJD3kDCXo18TuUi/sSfEWH56GaHLz60WwYg8l0S7f3Kbnq/OmM
gLzEFgiPvn5k3QLBhMvoTBPf63cjAMXcqMN5gw7UsSPsW8q/dl2KC6ieMI0IchEe
CErEgxh4aDIKiElDGz4hOAiH96CgaRIFquh+3TOHlcXq4lDoWkL2VuRhm9nlWQNM
9VJ7t9SG5rriZDPvkvOgUC+5zoaphnf5mLXs1zUJv7cUjBfP6tpSisImKExQGWjJ
xtTR/QocfAZ9QaQmoSUjcSwuxYRP+fnTA6Wp0K0Ffnqf+qBp6T/f0TRyZwIDAQAB
o4IDJzCCAyMwHQYDVR0OBBYEFBluX9Db9VPG8Dk3dDbyVLIH64jtMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvR1c1ZjBOdjFVOGJ3T1RkME52SlVzZ2ZyaU8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOwYIKwYBBQUHAQcBAf8EggEqMIIBJjCCASIEAgABMIIB
GgMEAFGodwMEAFGofgMEAFKYCAMEAVKYsAMEAlKZiAMEAFKZ8wMEAVnVLAMEAVnV
MgMEAlnVOAMEAFnVgQMEAFnVhAMEAFnViwMEAFnVjzAMAwQAWdWRAwQAWdWSMAwD
BAJZ1ZQDBAVZ1YADBABZ1aIDBABZ1aQDBABZ1acDBABZ1akwDAMEAFnVqwMEBFnV
oAMEAFnVtQMEAFnVvzAMAwQCWdXEAwQEWdXAMAwDBAJZ1eQDBARZ1eADBANtsBAD
BAJtsMwDBAFtsPIDBABtsPwDBAG5MX4DBAC5ZS8DBATCaVADBADUJk8DBAHUJlgD
BADVmCsDBALV0jQDBADV2tMDBADV2uIwDAMEANmRQQMEANmRQgMEA9mRSDANBgkq
hkiG9w0BAQsFAAOCAQEAD7lwJC1MtvhBaVfDerSasdXA6ep83zw1yBPOX5QXeVZm
Pa3XW8sOo0JUssLKfrCM5bClTJUGaYqEXNHZGgWRJqYHUdiVAonD7GA0/zAAx01U
2RQs8gYfHutR/QzszA3fYpkk6UHLcPdP7IJHV/XDEiLRq9vvCM+qn5Gardef9gLd
834QVDoVSxUL7gQWs1ivn6Nxddpxb1Cvf0XK6emoUaS6mPfXyoAM01ALzbSD7WBR
MCS/IuENK2C8xJKa7ZR8bJE6/blwbuiQK5n70ikAuBwuz247mU7OXhmiNIxk639X
Ud+zOflGwTwI3jOpoV2FvAeIwBTh9tf+mZtot9ZE6Q==
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:27:19 2025 by rpki-client