Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/jZZQ117MrYD6QSdQsNATRgEh9Js.roa
File: jZZQ117MrYD6QSdQsNATRgEh9Js.roa (raw, json)
Hash identifier: F74W3mlUaYmiXG4eRCyJ8iNyFuD8U//X0zL2pTBsPr0=
Subject key identifier: 8D:96:50:D7:5E:CC:AD:80:FA:41:27:50:B0:D0:13:46:01:21:F4:9B
Certificate issuer: /CN=84f824d32df1a5113d82101345d785a38addbde5
Certificate serial: 0194266C3AD208E2A4FEFD8D446F782B7000
Authority key identifier: 84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/jZZQ117MrYD6QSdQsNATRgEh9Js.roa
Signing time: Thu 02 Jan 2025 09:50:14 +0000
ROA not before: Thu 02 Jan 2025 09:50:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209854
IP address blocks: 46.102.177.0/24 maxlen: 24
46.102.178.0/24 maxlen: 24
77.81.90.0/24 maxlen: 24
77.81.91.0/24 maxlen: 24
86.104.2.0/24 maxlen: 24
86.104.213.0/24 maxlen: 24
86.106.116.0/24 maxlen: 24
89.37.93.0/24 maxlen: 24
89.37.94.0/24 maxlen: 24
89.41.27.0/24 maxlen: 24
89.42.154.0/24 maxlen: 24
93.119.125.0/24 maxlen: 24
176.223.160.0/24 maxlen: 24
188.208.48.0/24 maxlen: 24
188.208.220.0/24 maxlen: 24
188.208.221.0/24 maxlen: 24
188.208.223.0/24 maxlen: 24
188.209.124.0/24 maxlen: 24
188.209.125.0/24 maxlen: 24
193.30.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:3a:d2:08:e2:a4:fe:fd:8d:44:6f:78:2b:70:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f824d32df1a5113d82101345d785a38addbde5
Validity
Not Before: Jan 2 09:50:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8d9650d75eccad80fa412750b0d013460121f49b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:65:8c:1d:02:b1:1b:c3:cc:37:c5:9e:9a:de:
e3:a2:04:13:3d:17:52:c4:07:1f:14:82:4e:e1:9d:
3b:f6:7b:b3:5c:e5:33:b9:f5:9f:64:1f:c1:d5:26:
a4:6e:e0:fb:d6:bd:bd:39:5e:90:c8:88:b3:8e:f8:
04:b2:91:af:9f:78:bb:ae:01:c1:21:13:28:ce:52:
22:77:12:25:23:05:2e:26:24:d2:c8:3e:25:d1:df:
df:7f:36:c9:02:ad:8c:c1:3e:88:d5:ab:00:05:16:
a8:49:74:fc:3b:68:57:30:98:8b:a1:46:6e:5b:20:
0e:f0:ff:6a:61:8f:ef:b4:4e:9b:06:37:81:74:ab:
f1:2f:c2:a3:90:0d:7b:0b:49:80:77:1b:7f:51:bc:
10:c4:0c:41:77:59:ac:98:b4:e8:c2:66:bb:34:d6:
99:40:41:72:c9:bd:a5:e5:be:c3:a7:08:ae:a9:20:
be:5d:af:be:73:3a:6b:b2:9b:14:15:82:67:b2:cc:
6a:c9:89:ff:a8:0f:d8:96:a4:32:1c:b3:6c:6a:4c:
f5:a4:7b:83:dc:1a:75:6f:67:c7:ca:df:14:12:da:
b6:47:34:27:80:42:ef:1a:e2:7e:04:55:fa:0a:36:
95:99:63:fe:5d:75:12:71:9a:e0:e0:59:a8:dc:3d:
d7:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:96:50:D7:5E:CC:AD:80:FA:41:27:50:B0:D0:13:46:01:21:F4:9B
X509v3 Authority Key Identifier:
keyid:84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/jZZQ117MrYD6QSdQsNATRgEh9Js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.177.0-46.102.178.255
77.81.90.0/23
86.104.2.0/24
86.104.213.0/24
86.106.116.0/24
89.37.93.0-89.37.94.255
89.41.27.0/24
89.42.154.0/24
93.119.125.0/24
176.223.160.0/24
188.208.48.0/24
188.208.220.0/23
188.208.223.0/24
188.209.124.0/23
193.30.255.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:7c:3e:e3:3b:4c:68:ff:f0:b6:85:e8:0b:d4:cb:db:31:db:
a6:b4:c2:2f:be:d3:13:81:c8:16:2e:22:5a:66:23:6b:42:b0:
f8:3a:fe:11:38:91:9e:a8:26:04:93:ba:62:b6:6a:05:9b:6d:
ff:4b:74:83:73:24:be:72:b4:22:26:02:05:66:df:cf:47:95:
01:e6:fc:13:c4:8a:5f:ed:c6:92:55:8a:18:30:9b:90:44:09:
40:40:ba:dc:22:73:89:0b:00:ee:a4:bd:b7:bb:db:c7:85:ac:
1b:d7:d5:2e:25:7d:db:13:37:06:37:ec:3d:5e:11:c3:03:43:
3e:91:4a:0c:b0:2e:7f:5e:98:ec:6d:72:53:e0:00:ab:d2:de:
22:35:bd:56:36:65:f5:1e:0b:77:f9:5d:7b:a6:e1:78:39:8e:
07:09:4d:4b:85:9f:19:cf:1e:59:d7:bf:c1:8a:1d:6f:88:b6:
22:91:b3:53:3a:a7:2d:29:ee:15:cc:cf:39:85:e4:5c:af:d5:
c7:fb:14:14:80:69:19:d0:ae:0a:df:ee:92:24:db:7e:28:c6:
52:b5:6b:d5:4b:d7:8b:96:45:08:b5:9a:a3:e8:0a:69:22:49:
4b:e8:49:e2:98:04:de:87:db:41:9a:87:55:7e:56:1f:18:c2:
fb:54:76:b5
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZQmbDrSCOKk/v2NRG94K3AAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjgyNGQzMmRmMWE1MTEzZDgyMTAxMzQ1ZDc4NWEzOGFk
ZGJkZTUwHhcNMjUwMTAyMDk1MDE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDk2NTBkNzVlY2NhZDgwZmE0MTI3NTBiMGQwMTM0NjAxMjFmNDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmWMHQKxG8PMN8Wemt7jogQTPRdS
xAcfFIJO4Z079nuzXOUzufWfZB/B1SakbuD71r29OV6QyIizjvgEspGvn3i7rgHB
IRMozlIidxIlIwUuJiTSyD4l0d/ffzbJAq2MwT6I1asABRaoSXT8O2hXMJiLoUZu
WyAO8P9qYY/vtE6bBjeBdKvxL8KjkA17C0mAdxt/UbwQxAxBd1msmLTowma7NNaZ
QEFyyb2l5b7DpwiuqSC+Xa++czprspsUFYJnssxqyYn/qA/YlqQyHLNsakz1pHuD
3Bp1b2fHyt8UEtq2RzQngELvGuJ+BFX6CjaVmWP+XXUScZrg4Fmo3D3X1QIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFI2WUNdezK2A+kEnULDQE0YBIfSbMB8GA1UdIwQY
MBaAFIT4JNMt8aURPYIQE0XXhaOK3b3lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgt
NDM3Mzk0OTM4YzUyLzEvalpaUTExN01yWUQ2UVNkUXNOQVRSZ0VoOUpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgtNDM3Mzk0OTM4YzUy
LzEvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwajAMAwQALmax
AwQALmayAwQBTVFaAwQAVmgCAwQAVmjVAwQAVmp0MAwDBABZJV0DBABZJV4DBABZ
KRsDBABZKpoDBABdd30DBACw36ADBAC80DADBAG80NwDBAC80N8DBAG80XwDBADB
Hv8wDQYJKoZIhvcNAQELBQADggEBAKN8PuM7TGj/8LaF6AvUy9sx26a0wi++0xOB
yBYuIlpmI2tCsPg6/hE4kZ6oJgSTumK2agWbbf9LdINzJL5ytCImAgVm389HlQHm
/BPEil/txpJVihgwm5BECUBAutwic4kLAO6kvbe728eFrBvX1S4lfdsTNwY37D1e
EcMDQz6RSgywLn9emOxtclPgAKvS3iI1vVY2ZfUeC3f5XXum4Xg5jgcJTUuFnxnP
HlnXv8GKHW+ItiKRs1M6py0p7hXMzzmF5Fyv1cf7FBSAaRnQrgrf7pIk234oxlK1
a9VL14uWRQi1mqPoCmkiSUvoSeKYBN6H20Gah1V+Vh8YwvtUdrU=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:57:11 2025 by rpki-client