Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/Y0ZmW6fO9uh13kDuWfLvCcjcnAI.roa
File: Y0ZmW6fO9uh13kDuWfLvCcjcnAI.roa (raw, json)
Hash identifier: 66401DOTMyvdts1UDU5iZg83lWf6n8I+L3FyJ4qLSyM=
Subject key identifier: 63:46:66:5B:A7:CE:F6:E8:75:DE:40:EE:59:F2:EF:09:C8:DC:9C:02
Certificate issuer: /CN=53b62ace615b906b42ab27f4fb1d203df36d5436
Certificate serial: 018FDD147E5D8BD3A47FB0AAE5539D05E022
Authority key identifier: 53:B6:2A:CE:61:5B:90:6B:42:AB:27:F4:FB:1D:20:3D:F3:6D:54:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7YqzmFbkGtCqyf0-x0gPfNtVDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/Y0ZmW6fO9uh13kDuWfLvCcjcnAI.roa
Signing time: Mon 03 Jun 2024 07:50:58 +0000
ROA not before: Mon 03 Jun 2024 07:50:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31708
IP address blocks: 31.193.168.0/21 maxlen: 21
31.193.170.0/24 maxlen: 24
62.197.40.0/23 maxlen: 23
62.197.44.0/23 maxlen: 23
62.197.44.0/24 maxlen: 24
62.197.50.0/23 maxlen: 23
83.142.24.0/22 maxlen: 22
83.142.28.0/24 maxlen: 24
83.142.29.0/24 maxlen: 24
85.13.192.0/18 maxlen: 18
85.13.192.0/24 maxlen: 24
85.13.199.0/24 maxlen: 24
85.13.208.0/24 maxlen: 24
85.13.209.0/24 maxlen: 24
85.13.214.0/24 maxlen: 24
85.13.216.0/24 maxlen: 24
85.13.222.0/24 maxlen: 24
85.13.228.0/24 maxlen: 24
85.13.230.0/24 maxlen: 24
85.13.234.0/24 maxlen: 24
85.13.247.0/24 maxlen: 24
85.13.251.0/24 maxlen: 24
89.187.64.0/22 maxlen: 22
89.187.70.0/23 maxlen: 23
89.187.72.0/24 maxlen: 24
89.187.74.0/23 maxlen: 23
89.187.76.0/24 maxlen: 24
89.187.78.0/23 maxlen: 23
89.187.78.0/24 maxlen: 24
89.187.79.0/24 maxlen: 24
89.187.80.0/21 maxlen: 21
89.187.80.0/24 maxlen: 24
89.187.81.0/24 maxlen: 24
89.187.84.0/24 maxlen: 24
89.187.85.0/24 maxlen: 24
89.187.86.0/24 maxlen: 24
89.187.88.0/22 maxlen: 22
89.187.91.0/24 maxlen: 24
89.187.92.0/24 maxlen: 24
89.187.94.0/23 maxlen: 23
89.187.95.0/24 maxlen: 24
109.70.136.0/21 maxlen: 21
109.70.141.0/24 maxlen: 24
109.70.143.0/24 maxlen: 24
185.101.80.0/22 maxlen: 24
185.101.80.0/23 maxlen: 23
185.101.83.0/24 maxlen: 24
193.26.222.0/24 maxlen: 24
2a01:c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:dd:14:7e:5d:8b:d3:a4:7f:b0:aa:e5:53:9d:05:e0:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b62ace615b906b42ab27f4fb1d203df36d5436
Validity
Not Before: Jun 3 07:50:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6346665ba7cef6e875de40ee59f2ef09c8dc9c02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:7b:cd:ff:62:be:3d:38:19:1e:41:99:d9:c6:
c8:09:ba:f1:f1:4f:bd:b5:58:ce:87:51:ed:4f:ab:
b0:d4:27:68:d4:57:bb:b0:9f:26:a4:ee:ba:4a:de:
65:2a:23:32:ec:7a:58:67:dc:54:f1:cd:b0:85:78:
9e:cc:80:80:a9:11:0d:aa:34:88:c3:28:6a:cb:ec:
0e:95:4e:bf:d2:75:b3:34:a1:fc:2f:a3:9d:43:6e:
8d:b1:b2:c2:8e:50:43:f3:07:35:a6:2a:d6:02:c5:
66:67:16:43:e8:0f:08:0d:45:71:40:56:f2:51:5d:
ea:ba:d5:74:7c:af:b9:33:b1:df:20:49:38:25:5e:
b7:1a:9e:d0:4c:c5:b7:cb:bb:fe:5c:7d:a6:b6:1a:
90:41:51:4f:ba:e9:38:e0:9c:13:37:2f:ea:5c:97:
e8:78:b1:00:8d:c2:2c:91:c3:96:dc:85:53:c7:df:
8d:f1:88:dc:1f:0a:5a:59:35:b9:2f:f0:a4:7b:83:
8c:ba:a8:7b:58:97:c2:4c:53:fe:7d:d6:7e:e4:65:
e8:7b:56:1e:52:4c:93:32:37:53:57:be:62:3b:9f:
94:49:b9:66:ca:3f:7b:93:2a:bb:5c:5c:1d:29:d1:
44:85:1c:e7:3a:d9:c7:55:ca:ef:80:99:5c:12:62:
f3:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:46:66:5B:A7:CE:F6:E8:75:DE:40:EE:59:F2:EF:09:C8:DC:9C:02
X509v3 Authority Key Identifier:
keyid:53:B6:2A:CE:61:5B:90:6B:42:AB:27:F4:FB:1D:20:3D:F3:6D:54:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7YqzmFbkGtCqyf0-x0gPfNtVDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/Y0ZmW6fO9uh13kDuWfLvCcjcnAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/U7YqzmFbkGtCqyf0-x0gPfNtVDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.168.0/21
62.197.40.0/23
62.197.44.0/23
62.197.50.0/23
83.142.24.0-83.142.29.255
85.13.192.0/18
89.187.64.0/22
89.187.70.0-89.187.72.255
89.187.74.0-89.187.76.255
89.187.78.0-89.187.92.255
89.187.94.0/23
109.70.136.0/21
185.101.80.0/22
193.26.222.0/24
IPv6:
2a01:c0::/32
Signature Algorithm: sha256WithRSAEncryption
9b:73:05:f4:3c:31:0a:ae:38:b7:a8:fd:8c:33:aa:81:e1:8c:
eb:54:2c:90:a9:6c:59:08:cc:35:74:59:e1:82:45:cd:df:24:
69:23:43:01:f0:55:5d:c1:26:07:dd:2d:ce:ef:3a:5e:67:31:
4d:ba:74:eb:9a:27:17:b8:3b:b1:b8:4c:03:e5:6b:fd:53:f1:
8a:09:6c:2a:de:20:3a:2b:93:de:12:5e:0d:af:4e:08:8e:6c:
98:ec:7d:46:c5:51:b2:89:71:ca:71:eb:cd:f9:2e:dc:7a:ff:
7e:7e:14:23:9c:f7:73:d5:a4:5f:b1:b3:0d:e8:02:6e:13:25:
db:af:d0:be:03:a1:48:78:3a:d5:52:ea:60:fe:87:b0:1c:c0:
8d:a7:de:e5:03:e7:48:86:40:c6:3f:41:94:e1:e3:50:ab:a1:
f5:d7:18:b1:ed:41:a8:08:be:fb:1e:21:b8:c3:f6:42:5c:cd:
27:32:b3:c1:d0:85:49:0a:55:7e:36:0d:2f:9d:ad:75:55:ed:
f7:89:1e:ff:d0:e4:3a:ea:87:93:e6:99:19:8f:a7:c8:05:b4:
fd:a1:9e:e0:8a:e2:36:fc:c1:e1:62:d4:05:fb:ba:1b:85:68:
7e:a2:00:0a:ab:f1:e3:61:04:1f:c0:60:30:48:be:43:3b:33:
79:4c:b0:de
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAY/dFH5di9Okf7Cq5VOdBeAiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjYyYWNlNjE1YjkwNmI0MmFiMjdmNGZiMWQyMDNkZjM2
ZDU0MzYwHhcNMjQwNjAzMDc1MDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzQ2NjY1YmE3Y2VmNmU4NzVkZTQwZWU1OWYyZWYwOWM4ZGM5YzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHvN/2K+PTgZHkGZ2cbICbrx8U+9
tVjOh1HtT6uw1Cdo1Fe7sJ8mpO66St5lKiMy7HpYZ9xU8c2whXiezICAqRENqjSI
wyhqy+wOlU6/0nWzNKH8L6OdQ26NsbLCjlBD8wc1pirWAsVmZxZD6A8IDUVxQFby
UV3qutV0fK+5M7HfIEk4JV63Gp7QTMW3y7v+XH2mthqQQVFPuuk44JwTNy/qXJfo
eLEAjcIskcOW3IVTx9+N8YjcHwpaWTW5L/Cke4OMuqh7WJfCTFP+fdZ+5GXoe1Ye
UkyTMjdTV75iO5+USblmyj97kyq7XFwdKdFEhRznOtnHVcrvgJlcEmLz9wIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFGNGZlunzvbodd5A7lny7wnI3JwCMB8GA1UdIwQY
MBaAFFO2Ks5hW5BrQqsn9PsdID3zbVQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdZcXptRmJrR3RDcXlmMC14MGdQZk50VkRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC84YjA3Y2QtMGNlZC00YWZjLThkMDIt
OTcyYTRjM2RjM2YzLzEvWTBabVc2Zk85dWgxM2tEdVdmTHZDY2pjbkFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC84YjA3Y2QtMGNlZC00YWZjLThkMDItOTcyYTRjM2RjM2Yz
LzEvVTdZcXptRmJrR3RDcXlmMC14MGdQZk50VkRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizB6BAIAATB0AwQDH8Go
AwQBPsUoAwQBPsUsAwQBPsUyMAwDBANTjhgDBAFTjhwDBAZVDcADBAJZu0AwDAME
AVm7RgMEAFm7SDAMAwQBWbtKAwQAWbtMMAwDBAFZu04DBABZu1wDBAFZu14DBANt
RogDBAK5ZVADBADBGt4wDQQCAAIwBwMFACoBAMAwDQYJKoZIhvcNAQELBQADggEB
AJtzBfQ8MQquOLeo/YwzqoHhjOtULJCpbFkIzDV0WeGCRc3fJGkjQwHwVV3BJgfd
Lc7vOl5nMU26dOuaJxe4O7G4TAPla/1T8YoJbCreIDork94SXg2vTgiObJjsfUbF
UbKJccpx6835Ltx6/35+FCOc93PVpF+xsw3oAm4TJduv0L4DoUh4OtVS6mD+h7Ac
wI2n3uUD50iGQMY/QZTh41CrofXXGLHtQagIvvseIbjD9kJczScys8HQhUkKVX42
DS+drXVV7feJHv/Q5Drqh5PmmRmPp8gFtP2hnuCK4jb8weFi1AX7uhuFaH6iAAqr
8eNhBB/AYDBIvkM7M3lMsN4=
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:34:16 2025 by rpki-client