Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/_Swn7rfHkqyddWiH6mJBPzEvtPw.roa
File: _Swn7rfHkqyddWiH6mJBPzEvtPw.roa (raw, json)
Hash identifier: DdKMWCZ6/KHD8pm9QRG9mImRVRpGoqtnHO9unsKXibs=
Subject key identifier: FD:2C:27:EE:B7:C7:92:AC:9D:75:68:87:EA:62:41:3F:31:2F:B4:FC
Certificate issuer: /CN=53b62ace615b906b42ab27f4fb1d203df36d5436
Certificate serial: 019420D61FBF850352C9097ED9F1612C11CF
Authority key identifier: 53:B6:2A:CE:61:5B:90:6B:42:AB:27:F4:FB:1D:20:3D:F3:6D:54:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7YqzmFbkGtCqyf0-x0gPfNtVDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/_Swn7rfHkqyddWiH6mJBPzEvtPw.roa
Signing time: Wed 01 Jan 2025 07:48:11 +0000
ROA not before: Wed 01 Jan 2025 07:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31708
IP address blocks: 31.193.168.0/21 maxlen: 21
31.193.170.0/24 maxlen: 24
62.197.40.0/23 maxlen: 23
62.197.44.0/24 maxlen: 24
62.197.50.0/23 maxlen: 23
83.142.24.0/22 maxlen: 22
83.142.29.0/24 maxlen: 24
85.13.192.0/18 maxlen: 18
85.13.192.0/24 maxlen: 24
85.13.199.0/24 maxlen: 24
85.13.208.0/24 maxlen: 24
85.13.209.0/24 maxlen: 24
85.13.214.0/24 maxlen: 24
85.13.216.0/24 maxlen: 24
85.13.222.0/24 maxlen: 24
85.13.228.0/24 maxlen: 24
85.13.230.0/24 maxlen: 24
85.13.234.0/24 maxlen: 24
85.13.247.0/24 maxlen: 24
85.13.251.0/24 maxlen: 24
89.187.64.0/22 maxlen: 22
89.187.70.0/23 maxlen: 23
89.187.72.0/24 maxlen: 24
89.187.74.0/23 maxlen: 23
89.187.76.0/24 maxlen: 24
89.187.78.0/23 maxlen: 23
89.187.78.0/24 maxlen: 24
89.187.79.0/24 maxlen: 24
89.187.80.0/21 maxlen: 21
89.187.80.0/24 maxlen: 24
89.187.81.0/24 maxlen: 24
89.187.84.0/24 maxlen: 24
89.187.85.0/24 maxlen: 24
89.187.86.0/24 maxlen: 24
89.187.88.0/22 maxlen: 22
89.187.91.0/24 maxlen: 24
89.187.92.0/24 maxlen: 24
89.187.94.0/23 maxlen: 23
89.187.95.0/24 maxlen: 24
109.70.136.0/21 maxlen: 21
109.70.141.0/24 maxlen: 24
109.70.143.0/24 maxlen: 24
193.26.222.0/24 maxlen: 24
2a01:c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:1f:bf:85:03:52:c9:09:7e:d9:f1:61:2c:11:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b62ace615b906b42ab27f4fb1d203df36d5436
Validity
Not Before: Jan 1 07:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd2c27eeb7c792ac9d756887ea62413f312fb4fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:bd:85:61:74:fd:c1:59:51:b8:c8:28:f1:ac:
ef:a5:55:72:f6:59:af:6d:51:ac:27:8f:e7:1f:59:
88:83:2e:41:58:7e:e7:47:8e:2e:0c:16:c3:81:25:
06:7d:ac:45:96:cd:21:3b:0d:90:06:75:84:c3:35:
f6:16:77:71:80:93:0a:5d:ba:fe:fd:40:73:da:34:
7d:78:aa:6c:15:24:60:5c:f9:45:5b:68:5b:5c:fa:
89:2b:8e:20:49:ff:0f:e3:eb:5e:16:72:5d:d6:4b:
88:3a:e1:66:8d:8c:de:df:41:32:ea:c8:96:9d:de:
1d:8b:56:a5:a9:13:de:2a:cd:0f:d9:7d:85:a6:65:
b8:0c:1f:5c:b3:ed:b2:39:0c:7c:f1:17:9f:87:43:
de:e0:c4:44:a0:68:cc:a2:bc:6f:8a:2b:65:8c:0a:
3c:05:6a:af:ef:9c:8b:13:3c:9d:13:60:b3:f7:d8:
c9:93:c2:24:5b:06:ff:ee:c9:c5:6a:2e:4a:12:15:
31:43:a5:be:bb:72:f6:a1:4b:4c:3d:c5:d8:d0:02:
5a:7e:ce:0f:61:83:c2:ec:fa:8c:60:30:b8:79:a5:
0e:77:c8:3f:b0:81:db:4e:dd:5a:1a:8b:d8:82:0d:
e2:ba:f7:3a:0d:78:58:61:89:43:24:25:7d:d7:1c:
78:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:2C:27:EE:B7:C7:92:AC:9D:75:68:87:EA:62:41:3F:31:2F:B4:FC
X509v3 Authority Key Identifier:
keyid:53:B6:2A:CE:61:5B:90:6B:42:AB:27:F4:FB:1D:20:3D:F3:6D:54:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7YqzmFbkGtCqyf0-x0gPfNtVDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/_Swn7rfHkqyddWiH6mJBPzEvtPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/U7YqzmFbkGtCqyf0-x0gPfNtVDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.168.0/21
62.197.40.0/23
62.197.44.0/24
62.197.50.0/23
83.142.24.0/22
83.142.29.0/24
85.13.192.0/18
89.187.64.0/22
89.187.70.0-89.187.72.255
89.187.74.0-89.187.76.255
89.187.78.0-89.187.92.255
89.187.94.0/23
109.70.136.0/21
193.26.222.0/24
IPv6:
2a01:c0::/32
Signature Algorithm: sha256WithRSAEncryption
7a:e1:64:23:0e:1f:8e:07:2a:dd:81:1d:0d:41:2b:17:5b:21:
12:5c:9f:a7:4f:47:e0:9c:9f:8b:80:96:cf:0d:00:d8:65:80:
99:c4:6d:7d:9e:d9:40:f9:66:0a:e1:c9:ba:8f:58:6d:67:d5:
b4:08:0e:27:60:8c:12:71:75:58:41:bf:01:00:5e:b6:0f:46:
6d:aa:df:68:b3:0d:60:7d:6c:a8:7c:65:84:bf:c4:fd:5a:fa:
f7:85:a9:b2:fa:02:ed:c6:6b:d2:4e:0f:29:b9:68:95:5b:04:
a7:6c:39:64:6c:8d:66:23:32:e5:dd:13:2d:3d:34:9b:91:e6:
53:4f:2f:e2:57:ff:cf:33:b2:fb:9e:66:5c:c4:bd:a2:8b:73:
99:8e:e1:3c:5f:cb:11:8a:2d:5a:db:89:4a:68:ef:10:8b:dd:
39:8e:6a:0f:3c:4c:bd:9a:04:07:69:c3:73:b3:b8:35:ba:32:
ae:df:04:ee:36:c4:1a:dd:16:46:21:d0:83:62:c4:29:77:1b:
73:5a:4b:a5:9b:9b:50:d4:99:4f:df:d7:17:ca:3f:e9:a1:d5:
65:63:40:3c:a2:f4:da:f5:a9:09:97:b6:83:50:34:91:24:c9:
51:94:f9:29:af:dc:0f:58:ce:cc:13:46:45:38:2e:19:17:f9:
00:38:d3:31
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZQg1h+/hQNSyQl+2fFhLBHPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjYyYWNlNjE1YjkwNmI0MmFiMjdmNGZiMWQyMDNkZjM2
ZDU0MzYwHhcNMjUwMTAxMDc0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDJjMjdlZWI3Yzc5MmFjOWQ3NTY4ODdlYTYyNDEzZjMxMmZiNGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArL2FYXT9wVlRuMgo8azvpVVy9lmv
bVGsJ4/nH1mIgy5BWH7nR44uDBbDgSUGfaxFls0hOw2QBnWEwzX2FndxgJMKXbr+
/UBz2jR9eKpsFSRgXPlFW2hbXPqJK44gSf8P4+teFnJd1kuIOuFmjYze30Ey6siW
nd4di1alqRPeKs0P2X2FpmW4DB9cs+2yOQx88Refh0Pe4MREoGjMorxviitljAo8
BWqv75yLEzydE2Cz99jJk8IkWwb/7snFai5KEhUxQ6W+u3L2oUtMPcXY0AJafs4P
YYPC7PqMYDC4eaUOd8g/sIHbTt1aGovYgg3iuvc6DXhYYYlDJCV91xx4ywIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFP0sJ+63x5KsnXVoh+piQT8xL7T8MB8GA1UdIwQY
MBaAFFO2Ks5hW5BrQqsn9PsdID3zbVQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdZcXptRmJrR3RDcXlmMC14MGdQZk50VkRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC84YjA3Y2QtMGNlZC00YWZjLThkMDIt
OTcyYTRjM2RjM2YzLzEvX1N3bjdyZkhrcXlkZFdpSDZtSkJQekV2dFB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC84YjA3Y2QtMGNlZC00YWZjLThkMDItOTcyYTRjM2RjM2Yz
LzEvVTdZcXptRmJrR3RDcXlmMC14MGdQZk50VkRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzByBAIAATBsAwQDH8Go
AwQBPsUoAwQAPsUsAwQBPsUyAwQCU44YAwQAU44dAwQGVQ3AAwQCWbtAMAwDBAFZ
u0YDBABZu0gwDAMEAVm7SgMEAFm7TDAMAwQBWbtOAwQAWbtcAwQBWbteAwQDbUaI
AwQAwRreMA0EAgACMAcDBQAqAQDAMA0GCSqGSIb3DQEBCwUAA4IBAQB64WQjDh+O
ByrdgR0NQSsXWyESXJ+nT0fgnJ+LgJbPDQDYZYCZxG19ntlA+WYK4cm6j1htZ9W0
CA4nYIwScXVYQb8BAF62D0Ztqt9osw1gfWyofGWEv8T9Wvr3hamy+gLtxmvSTg8p
uWiVWwSnbDlkbI1mIzLl3RMtPTSbkeZTTy/iV//PM7L7nmZcxL2ii3OZjuE8X8sR
ii1a24lKaO8Qi905jmoPPEy9mgQHacNzs7g1ujKu3wTuNsQa3RZGIdCDYsQpdxtz
Wkulm5tQ1JlP39cXyj/podVlY0A8ovTa9akJl7aDUDSRJMlRlPkpr9wPWM7ME0ZF
OC4ZF/kAONMx
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:42:47 2025 by rpki-client