Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/DiC6BYjvQBsaqiz-IhqnYt2GR-k.roa
File: DiC6BYjvQBsaqiz-IhqnYt2GR-k.roa (raw, json)
Hash identifier: JErhhMZGS6bu6C2oaLj0TvwUjcOhsc+ldDkrrTxeLgk=
Subject key identifier: 0E:20:BA:05:88:EF:40:1B:1A:AA:2C:FE:22:1A:A7:62:DD:86:47:E9
Certificate issuer: /CN=84bfc451fc4f2411addd00a9fbb17346ad6e8996
Certificate serial: 0195C983C192B86738D34C3C50FCEC624C87
Authority key identifier: 84:BF:C4:51:FC:4F:24:11:AD:DD:00:A9:FB:B1:73:46:AD:6E:89:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hL_EUfxPJBGt3QCp-7FzRq1uiZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/DiC6BYjvQBsaqiz-IhqnYt2GR-k.roa
Signing time: Mon 24 Mar 2025 18:56:49 +0000
ROA not before: Mon 24 Mar 2025 18:56:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207375
IP address blocks: 31.14.180.0/23 maxlen: 23
31.14.182.0/24 maxlen: 24
37.156.69.0/24 maxlen: 24
37.156.70.0/24 maxlen: 24
45.81.169.0/24 maxlen: 24
45.81.170.0/24 maxlen: 24
45.81.171.0/24 maxlen: 24
84.247.44.0/23 maxlen: 25
85.204.109.0/24 maxlen: 24
86.105.24.0/24 maxlen: 24
86.105.232.0/24 maxlen: 24
86.107.186.0/23 maxlen: 23
89.32.171.0/24 maxlen: 24
89.32.240.0/21 maxlen: 21
89.33.17.0/24 maxlen: 24
89.33.30.0/24 maxlen: 24
89.33.65.0/24 maxlen: 24
89.35.34.0/24 maxlen: 24
89.35.76.0/24 maxlen: 24
89.35.88.0/24 maxlen: 24
89.35.91.0/24 maxlen: 24
89.35.163.0/24 maxlen: 24
89.35.248.0/24 maxlen: 24
89.37.40.0/24 maxlen: 24
89.46.40.0/23 maxlen: 23
89.47.176.0/23 maxlen: 23
89.47.178.0/24 maxlen: 24
89.47.180.0/23 maxlen: 23
89.47.182.0/24 maxlen: 24
93.113.72.0/21 maxlen: 21
176.223.144.0/20 maxlen: 20
188.211.172.0/22 maxlen: 22
188.212.157.0/24 maxlen: 24
188.213.86.0/23 maxlen: 23
188.240.70.0/24 maxlen: 24
193.164.216.0/23 maxlen: 23
2a00:bba0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c9:83:c1:92:b8:67:38:d3:4c:3c:50:fc:ec:62:4c:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84bfc451fc4f2411addd00a9fbb17346ad6e8996
Validity
Not Before: Mar 24 18:56:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e20ba0588ef401b1aaa2cfe221aa762dd8647e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c4:b2:d1:cd:d0:f1:c1:a1:6d:1e:3d:04:b0:
dd:97:91:fa:ac:a2:f2:8d:18:6b:e0:c0:95:8c:bb:
d7:97:8e:63:60:ab:fd:66:4d:be:d6:17:86:0b:85:
20:b9:14:ee:1f:e4:f6:52:58:be:9f:9f:4a:64:c1:
dc:ab:1a:6e:4d:c5:79:52:2c:85:46:b5:d8:cc:21:
ca:8e:72:74:eb:5e:58:9d:a9:89:7d:ec:43:87:6a:
52:db:94:09:6e:6d:96:01:2f:02:52:8b:45:06:3e:
84:9e:51:7d:25:df:80:54:73:0e:6d:7e:1e:a5:f4:
c5:f6:60:02:51:fc:82:2e:f8:4e:ec:51:cf:b5:9e:
b9:89:fb:a1:68:bb:43:8a:bb:28:f3:9a:98:cb:4b:
5b:e3:4e:ac:cb:6b:b7:a3:73:88:28:42:95:0d:9c:
0d:dc:c5:14:bb:13:86:15:9a:4a:e7:85:de:71:ec:
c7:c4:a9:16:d1:0a:3c:21:e8:00:c4:dd:32:d1:a9:
9c:1b:3f:8a:11:5d:cb:b2:dd:b5:3e:c7:24:51:cf:
ce:6d:ed:0d:eb:5d:1c:a4:47:67:43:7d:53:1c:f3:
f7:a5:02:d4:aa:97:49:3b:13:a8:3e:00:a6:02:c6:
27:06:4a:d7:26:d4:95:9f:ca:73:47:4a:ff:bf:ec:
8a:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:20:BA:05:88:EF:40:1B:1A:AA:2C:FE:22:1A:A7:62:DD:86:47:E9
X509v3 Authority Key Identifier:
keyid:84:BF:C4:51:FC:4F:24:11:AD:DD:00:A9:FB:B1:73:46:AD:6E:89:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hL_EUfxPJBGt3QCp-7FzRq1uiZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/DiC6BYjvQBsaqiz-IhqnYt2GR-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/hL_EUfxPJBGt3QCp-7FzRq1uiZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.180.0-31.14.182.255
37.156.69.0-37.156.70.255
45.81.169.0-45.81.171.255
84.247.44.0/23
85.204.109.0/24
86.105.24.0/24
86.105.232.0/24
86.107.186.0/23
89.32.171.0/24
89.32.240.0/21
89.33.17.0/24
89.33.30.0/24
89.33.65.0/24
89.35.34.0/24
89.35.76.0/24
89.35.88.0/24
89.35.91.0/24
89.35.163.0/24
89.35.248.0/24
89.37.40.0/24
89.46.40.0/23
89.47.176.0-89.47.178.255
89.47.180.0-89.47.182.255
93.113.72.0/21
176.223.144.0/20
188.211.172.0/22
188.212.157.0/24
188.213.86.0/23
188.240.70.0/24
193.164.216.0/23
IPv6:
2a00:bba0::/32
Signature Algorithm: sha256WithRSAEncryption
1d:ba:c3:f1:1e:78:0d:50:e3:8e:dd:14:d5:6d:89:65:c7:94:
ea:9e:04:ef:2c:87:72:dc:f5:e8:6c:ef:a3:57:90:7c:65:14:
b7:8b:d3:9a:ad:93:99:91:4f:5c:ad:92:a2:09:28:6f:e8:fb:
1c:ec:1b:13:dd:c6:dc:75:46:1c:8a:e5:06:a1:e0:a3:62:c8:
ec:3d:d6:f4:d7:31:9a:e0:a6:84:f5:be:13:1d:1d:37:b8:8e:
d7:d9:5d:62:75:d7:b3:a7:ae:56:37:d3:76:83:6b:18:c2:34:
53:4f:fc:29:a0:dc:04:35:1e:62:fd:7b:44:a0:1f:25:c5:aa:
42:3e:be:7f:3b:42:6b:7c:c4:6a:6a:02:d1:89:fa:0f:a5:30:
41:72:b5:c1:89:ab:86:32:70:03:ae:93:a5:24:bc:15:88:31:
ac:92:e7:42:8c:88:39:a2:cc:d2:71:b7:25:23:53:81:fb:ea:
35:b0:24:1c:eb:85:d4:b4:33:93:30:e5:34:02:4a:0a:92:8e:
e7:d2:42:83:43:0d:cd:51:5a:fa:84:70:d9:36:cc:d0:33:a3:
05:b6:5a:06:01:31:5f:fc:f1:bd:8d:91:84:c7:f6:05:8e:38:
05:1f:29:e2:48:52:42:dc:89:2e:cc:83:65:e0:a5:e0:53:c5:
2a:27:c9:ad
-----BEGIN CERTIFICATE-----
MIIF6DCCBNCgAwIBAgISAZXJg8GSuGc400w8UPzsYkyHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YmZjNDUxZmM0ZjI0MTFhZGRkMDBhOWZiYjE3MzQ2YWQ2
ZTg5OTYwHhcNMjUwMzI0MTg1NjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTIwYmEwNTg4ZWY0MDFiMWFhYTJjZmUyMjFhYTc2MmRkODY0N2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMSy0c3Q8cGhbR49BLDdl5H6rKLy
jRhr4MCVjLvXl45jYKv9Zk2+1heGC4UguRTuH+T2Uli+n59KZMHcqxpuTcV5UiyF
RrXYzCHKjnJ0615YnamJfexDh2pS25QJbm2WAS8CUotFBj6EnlF9Jd+AVHMObX4e
pfTF9mACUfyCLvhO7FHPtZ65ifuhaLtDirso85qYy0tb406sy2u3o3OIKEKVDZwN
3MUUuxOGFZpK54XecezHxKkW0Qo8IegAxN0y0amcGz+KEV3Lst21PsckUc/Obe0N
610cpEdnQ31THPP3pQLUqpdJOxOoPgCmAsYnBkrXJtSVn8pzR0r/v+yK9wIDAQAB
o4IC9DCCAvAwHQYDVR0OBBYEFA4gugWI70AbGqos/iIap2LdhkfpMB8GA1UdIwQY
MBaAFIS/xFH8TyQRrd0Aqfuxc0atbomWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExfRVVmeFBKQkd0M1FDcC03RnpScTF1aVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9iN2JlNjQtODZkNC00NDNiLTk2ODYt
ZjY2MzE3OTc3OTY4LzEvRGlDNkJZanZRQnNhcWl6LUlocW5ZdDJHUi1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9iN2JlNjQtODZkNC00NDNiLTk2ODYtZjY2MzE3OTc3OTY4
LzEvaExfRVVmeFBKQkd0M1FDcC03RnpScTF1aVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCAYIKwYBBQUHAQcBAf8EgfgwgfUwgeMEAgABMIHcMAwD
BAIfDrQDBAAfDrYwDAMEACWcRQMEACWcRjAMAwQALVGpAwQCLVGoAwQBVPcsAwQA
VcxtAwQAVmkYAwQAVmnoAwQBVmu6AwQAWSCrAwQDWSDwAwQAWSERAwQAWSEeAwQA
WSFBAwQAWSMiAwQAWSNMAwQAWSNYAwQAWSNbAwQAWSOjAwQAWSP4AwQAWSUoAwQB
WS4oMAwDBARZL7ADBABZL7IwDAMEAlkvtAMEAFkvtgMEA11xSAMEBLDfkAMEArzT
rAMEALzUnQMEAbzVVgMEALzwRgMEAcGk2DANBAIAAjAHAwUAKgC7oDANBgkqhkiG
9w0BAQsFAAOCAQEAHbrD8R54DVDjjt0U1W2JZceU6p4E7yyHctz16Gzvo1eQfGUU
t4vTmq2TmZFPXK2Sogkob+j7HOwbE93G3HVGHIrlBqHgo2LI7D3W9NcxmuCmhPW+
Ex0dN7iO19ldYnXXs6euVjfTdoNrGMI0U0/8KaDcBDUeYv17RKAfJcWqQj6+fztC
a3zEamoC0Yn6D6UwQXK1wYmrhjJwA66TpSS8FYgxrJLnQoyIOaLM0nG3JSNTgfvq
NbAkHOuF1LQzkzDlNAJKCpKO59JCg0MNzVFa+oRw2TbM0DOjBbZaBgExX/zxvY2R
hMf2BY44BR8p4khSQtyJLsyDZeCl4FPFKifJrQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 21:08:45 2025 by rpki-client