Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zQfTUoiuCcDvWwh_z604cVaeb0I.roa
File: zQfTUoiuCcDvWwh_z604cVaeb0I.roa (raw, json)
Hash identifier: bOz9Xzt0E4OQ9lqAg+bkimCqmZHksfN5gukrMpcKGOA=
Subject key identifier: CD:07:D3:52:88:AE:09:C0:EF:5B:08:7F:CF:AD:38:71:56:9E:6F:42
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019590AC5FBCEFF398D4AE44BF8C9C48BC7D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zQfTUoiuCcDvWwh_z604cVaeb0I.roa
Signing time: Thu 13 Mar 2025 18:02:50 +0000
ROA not before: Thu 13 Mar 2025 18:02:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
82.153.243.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.159.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.171.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.193.0/24 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
109.176.252.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
185.101.47.0/24 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.130.132.0/22 maxlen: 22
213.152.43.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.210.54.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.226.0/24 maxlen: 24
213.218.244.0/22 maxlen: 22
213.218.244.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:90:ac:5f:bc:ef:f3:98:d4:ae:44:bf:8c:9c:48:bc:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 13 18:02:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd07d35288ae09c0ef5b087fcfad3871569e6f42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:07:ef:e7:82:0d:9f:c5:3a:4c:ab:8b:31:8c:
0f:f0:69:b8:4d:26:90:19:bd:fa:26:71:2a:1d:3e:
8e:a8:e9:99:95:85:16:5a:8e:28:4e:08:9e:51:b5:
b7:bd:db:a0:d2:fc:fc:19:30:93:11:b0:99:62:6f:
88:fd:80:3a:22:12:5b:bd:5b:f8:bd:d3:f7:c6:9a:
62:11:83:78:3a:43:83:e1:87:2b:de:e2:ac:e9:3a:
ae:16:26:67:6d:0c:ac:f6:fb:fc:ad:7f:86:1b:6f:
32:63:60:e3:fb:5b:a9:91:42:0d:47:54:73:03:97:
71:6b:26:12:eb:a5:ce:36:c2:06:79:d0:bf:d8:36:
79:8b:08:d1:10:68:53:e4:4d:a5:3c:a1:c4:02:33:
99:9a:dd:ce:06:a2:60:f1:59:4f:6e:05:11:be:81:
50:d3:b3:65:af:90:20:c5:01:bb:30:8e:f5:40:b6:
29:d5:93:fa:0d:38:1b:42:b6:08:fd:de:0e:88:e8:
2d:73:5d:a5:c3:10:61:fa:95:47:14:fc:1e:a3:73:
5d:ee:2a:e7:ea:26:35:5f:a6:69:a7:0a:58:0e:6c:
d2:ec:09:5b:7e:31:59:6f:e1:20:87:84:37:43:d3:
33:11:53:2b:d3:e7:93:45:7b:4e:a3:6b:60:a2:4d:
f3:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:07:D3:52:88:AE:09:C0:EF:5B:08:7F:CF:AD:38:71:56:9E:6F:42
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zQfTUoiuCcDvWwh_z604cVaeb0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.176.0/23
82.153.136.0/22
82.153.243.0/24
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.169.0/24
89.213.171.0-89.213.175.255
89.213.181.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.193.0/24
109.176.204.0/22
109.176.242.0/23
109.176.252.0/24
185.49.126.0/23
185.101.47.0/24
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.130.132.0/22
213.152.43.0/24
213.210.52.0/22
213.218.211.0/24
213.218.226.0/24
213.218.244.0/22
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
60:0e:ad:f5:f3:5d:99:2c:11:3c:61:3d:50:56:87:45:83:f4:
3e:f3:f8:52:b4:1d:e9:d7:20:7e:74:48:8d:72:2f:e3:ab:25:
c5:78:3d:95:dc:ce:41:b3:cb:3d:12:6f:a4:e6:be:1f:90:19:
62:ff:71:5c:c0:b9:a5:64:92:e1:64:8b:16:7e:24:b1:dd:b2:
39:f1:ad:39:20:e1:c4:62:ba:0d:75:c4:e4:9e:be:44:cc:ef:
55:2d:cb:8c:72:31:62:69:e5:cf:12:c4:d7:00:8d:fa:a2:19:
ef:00:bb:2c:5e:cd:24:4e:79:6b:e9:98:e8:38:b9:f1:c5:2f:
d6:4a:8e:9b:20:36:21:e6:da:ce:ef:8b:ab:6c:56:78:bf:8f:
0a:c8:e2:1a:ec:43:60:bc:0e:20:8a:59:d8:af:eb:26:28:2c:
81:fd:e3:e1:90:cf:33:61:f8:33:0d:0f:03:46:5e:30:ca:45:
b6:ca:31:99:52:34:bc:1f:56:94:fa:51:02:ed:1b:0b:98:07:
81:de:ac:f0:6c:c8:58:07:1a:de:36:66:fa:25:3f:00:2d:fe:
57:76:6b:92:91:ab:a0:36:b2:22:26:d6:ae:18:80:0c:96:ca:
d3:11:64:4d:9e:79:97:62:a0:da:96:9e:b4:88:49:a3:75:68:
5a:91:bc:5b
-----BEGIN CERTIFICATE-----
MIIGITCCBQmgAwIBAgISAZWQrF+87/OY1K5Ev4ycSLx9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMzEzMTgwMjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDA3ZDM1Mjg4YWUwOWMwZWY1YjA4N2ZjZmFkMzg3MTU2OWU2ZjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwfv54INn8U6TKuLMYwP8Gm4TSaQ
Gb36JnEqHT6OqOmZlYUWWo4oTgieUbW3vdug0vz8GTCTEbCZYm+I/YA6IhJbvVv4
vdP3xppiEYN4OkOD4Ycr3uKs6TquFiZnbQys9vv8rX+GG28yY2Dj+1upkUINR1Rz
A5dxayYS66XONsIGedC/2DZ5iwjREGhT5E2lPKHEAjOZmt3OBqJg8VlPbgURvoFQ
07Nlr5AgxQG7MI71QLYp1ZP6DTgbQrYI/d4OiOgtc12lwxBh+pVHFPweo3Nd7irn
6iY1X6ZppwpYDmzS7AlbfjFZb+Egh4Q3Q9MzEVMr0+eTRXtOo2tgok3zOwIDAQAB
o4IDLTCCAykwHQYDVR0OBBYEFM0H01KIrgnA71sIf8+tOHFWnm9CMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvelFmVFVvaXVDY0R2V3doX3o2MDRjVmFlYjBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQQYIKwYBBQUHAQcBAf8EggEwMIIBLDCCASgEAgABMIIB
IAMEAFKYCAMEAVKYsAMEAlKZiAMEAFKZ8wMEAVnVLAMEAVnVMgMEAlnVOAMEAFnV
gQMEAFnVhAMEAFnViwMEAFnVjzAMAwQAWdWRAwQAWdWSMAwDBAJZ1ZQDBAVZ1YAD
BABZ1aIDBABZ1aQDBABZ1acDBABZ1akwDAMEAFnVqwMEBFnVoAMEAFnVtQMEAFnV
vzAMAwQCWdXEAwQEWdXAMAwDBAJZ1eQDBARZ1eADBANtsBADBABtsMEDBAJtsMwD
BAFtsPIDBABtsPwDBAG5MX4DBAC5ZS8DBATCaVADBADUJk8DBAHUJlgDBALVgoQD
BADVmCsDBALV0jQDBADV2tMDBADV2uIDBALV2vQwDAMEANmRQQMEANmRQgMEA9mR
SDANBgkqhkiG9w0BAQsFAAOCAQEAYA6t9fNdmSwRPGE9UFaHRYP0PvP4UrQd6dcg
fnRIjXIv46slxXg9ldzOQbPLPRJvpOa+H5AZYv9xXMC5pWSS4WSLFn4ksd2yOfGt
OSDhxGK6DXXE5J6+RMzvVS3LjHIxYmnlzxLE1wCN+qIZ7wC7LF7NJE55a+mY6Di5
8cUv1kqOmyA2Iebazu+Lq2xWeL+PCsjiGuxDYLwOIIpZ2K/rJigsgf3j4ZDPM2H4
Mw0PA0ZeMMpFtsoxmVI0vB9WlPpRAu0bC5gHgd6s8GzIWAca3jZm+iU/AC3+V3Zr
kpGroDayIibWrhiADJbK0xFkTZ55l2Kg2paetIhJo3VoWpG8Ww==
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:24:23 2025 by rpki-client