Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/NYpGsgvZZnS43WLsZ6IiOuK1URk.roa
File: NYpGsgvZZnS43WLsZ6IiOuK1URk.roa (raw, json)
Hash identifier: 1DbDkDpg7L2mWH/maxc8wFOk6zRLCwxEnE3jGY7E3oU=
Subject key identifier: 35:8A:46:B2:0B:D9:66:74:B8:DD:62:EC:67:A2:22:3A:E2:B5:51:19
Certificate issuer: /CN=0a41a5a2a18339629cc1303e6dec8bb605ddca65
Certificate serial: 01942747509C2C1724A837C070CC7AC30446
Authority key identifier: 0A:41:A5:A2:A1:83:39:62:9C:C1:30:3E:6D:EC:8B:B6:05:DD:CA:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CkGloqGDOWKcwTA-beyLtgXdymU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/NYpGsgvZZnS43WLsZ6IiOuK1URk.roa
Signing time: Thu 02 Jan 2025 13:49:32 +0000
ROA not before: Thu 02 Jan 2025 13:49:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29182
IP address blocks: 37.46.128.0/23 maxlen: 23
37.46.130.0/23 maxlen: 23
37.46.132.0/23 maxlen: 23
37.46.134.0/23 maxlen: 23
62.109.0.0/20 maxlen: 20
62.109.0.0/21 maxlen: 21
62.109.8.0/21 maxlen: 21
62.109.16.0/21 maxlen: 21
62.109.24.0/22 maxlen: 22
62.109.28.0/22 maxlen: 22
77.246.156.0/22 maxlen: 22
77.246.156.0/23 maxlen: 23
77.246.158.0/23 maxlen: 23
80.87.192.0/23 maxlen: 23
80.87.194.0/23 maxlen: 23
80.87.196.0/23 maxlen: 23
80.87.198.0/23 maxlen: 23
80.87.200.0/23 maxlen: 23
80.87.202.0/24 maxlen: 24
80.87.203.0/24 maxlen: 24
82.146.32.0/21 maxlen: 21
82.146.32.0/23 maxlen: 23
82.146.34.0/23 maxlen: 23
82.146.36.0/23 maxlen: 23
82.146.38.0/23 maxlen: 23
82.146.40.0/21 maxlen: 21
82.146.48.0/23 maxlen: 23
82.146.50.0/23 maxlen: 23
82.146.52.0/23 maxlen: 23
82.146.54.0/23 maxlen: 23
82.146.56.0/21 maxlen: 21
82.202.160.0/23 maxlen: 23
82.202.162.0/23 maxlen: 23
82.202.165.0/24 maxlen: 24
82.202.166.0/23 maxlen: 23
82.202.168.0/23 maxlen: 23
82.202.170.0/23 maxlen: 23
82.202.172.0/23 maxlen: 23
82.202.174.0/23 maxlen: 23
83.220.168.0/23 maxlen: 23
83.220.170.0/23 maxlen: 23
83.220.172.0/23 maxlen: 23
83.220.174.0/23 maxlen: 23
85.198.72.0/23 maxlen: 23
85.198.74.0/23 maxlen: 23
85.198.116.0/23 maxlen: 23
85.198.118.0/23 maxlen: 23
89.169.40.0/23 maxlen: 23
89.169.42.0/23 maxlen: 23
91.240.84.0/23 maxlen: 23
91.240.86.0/23 maxlen: 23
92.63.96.0/21 maxlen: 21
92.63.104.0/22 maxlen: 22
92.63.108.0/22 maxlen: 22
92.63.108.0/24 maxlen: 24
92.63.109.0/24 maxlen: 24
92.63.110.0/23 maxlen: 23
185.43.4.0/23 maxlen: 23
185.43.6.0/23 maxlen: 23
185.63.188.0/22 maxlen: 22
185.146.156.0/23 maxlen: 23
185.146.158.0/23 maxlen: 23
185.246.64.0/23 maxlen: 23
185.246.66.0/23 maxlen: 23
185.253.32.0/23 maxlen: 23
185.253.34.0/23 maxlen: 23
195.140.144.0/23 maxlen: 23
195.140.146.0/23 maxlen: 23
212.109.192.0/22 maxlen: 22
212.109.196.0/23 maxlen: 23
212.109.198.0/23 maxlen: 23
212.109.216.0/23 maxlen: 23
212.109.218.0/23 maxlen: 23
212.109.220.0/23 maxlen: 23
212.109.222.0/24 maxlen: 24
212.109.223.0/24 maxlen: 24
213.159.208.0/23 maxlen: 23
213.159.210.0/23 maxlen: 23
213.159.212.0/23 maxlen: 23
213.159.214.0/23 maxlen: 23
2a09:f900::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:50:9c:2c:17:24:a8:37:c0:70:cc:7a:c3:04:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a41a5a2a18339629cc1303e6dec8bb605ddca65
Validity
Not Before: Jan 2 13:49:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=358a46b20bd96674b8dd62ec67a2223ae2b55119
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e7:0e:e3:8c:08:a3:af:7a:f9:61:1a:6e:6f:
e9:a5:2e:f0:55:03:cb:25:77:4b:36:07:4b:a8:33:
db:8f:d1:f5:c5:13:1f:8e:85:44:34:ab:d0:1c:89:
6f:b0:f0:14:53:de:9d:12:f8:92:ff:8c:0d:ca:a8:
32:d0:eb:99:41:ba:a5:46:42:e6:66:dc:8e:b0:02:
ce:f1:41:90:e4:61:99:d7:16:23:29:59:74:19:c5:
31:38:be:da:51:72:61:aa:29:2d:55:b8:f7:ce:11:
5d:de:1f:6f:84:01:9e:32:a8:18:ec:57:48:5c:3e:
a7:76:24:17:62:95:84:3e:de:1e:ba:28:18:2f:a4:
fa:a5:fa:21:6c:aa:b4:ae:e2:05:0d:c5:46:b9:59:
5d:44:05:d1:1d:0d:a8:62:13:77:7c:38:dc:81:9b:
34:6c:f3:b6:bd:d6:f5:d1:63:87:cc:53:b4:c6:a4:
28:7c:85:78:03:c3:67:bc:7b:a9:18:82:e2:9f:07:
f8:66:0f:7a:e3:ef:b2:ba:36:ee:44:a0:5f:7e:49:
a6:7e:06:6e:25:7b:ad:43:e1:eb:75:d7:a1:67:39:
bf:2f:f9:c1:0f:f1:47:77:11:4f:9e:e7:00:b0:51:
35:c8:5a:ee:98:37:89:de:dd:ae:cc:b3:27:de:54:
75:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:8A:46:B2:0B:D9:66:74:B8:DD:62:EC:67:A2:22:3A:E2:B5:51:19
X509v3 Authority Key Identifier:
keyid:0A:41:A5:A2:A1:83:39:62:9C:C1:30:3E:6D:EC:8B:B6:05:DD:CA:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CkGloqGDOWKcwTA-beyLtgXdymU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/NYpGsgvZZnS43WLsZ6IiOuK1URk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/CkGloqGDOWKcwTA-beyLtgXdymU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.128.0/21
62.109.0.0/19
77.246.156.0/22
80.87.192.0-80.87.203.255
82.146.32.0/19
82.202.160.0/22
82.202.165.0-82.202.175.255
83.220.168.0/21
85.198.72.0/22
85.198.116.0/22
89.169.40.0/22
91.240.84.0/22
92.63.96.0/20
185.43.4.0/22
185.63.188.0/22
185.146.156.0/22
185.246.64.0/22
185.253.32.0/22
195.140.144.0/22
212.109.192.0/21
212.109.216.0/21
213.159.208.0/21
IPv6:
2a09:f900::/48
Signature Algorithm: sha256WithRSAEncryption
21:d5:02:4d:11:d7:9c:63:6b:94:e8:39:7e:32:b0:8f:b3:1c:
22:85:4b:47:c5:a5:17:ea:3c:65:37:37:11:fa:22:21:a6:62:
78:02:bb:80:7e:10:71:6a:b2:35:89:6f:12:35:9e:c0:4d:55:
3c:0d:95:8d:3a:88:34:60:af:eb:14:72:f4:bb:dc:39:d8:60:
e9:b7:e1:2d:94:0e:d4:8e:2e:06:08:e6:6d:7a:ed:62:3c:36:
e9:b5:07:fe:05:a9:41:69:92:ff:03:11:86:be:d9:21:d9:ef:
28:3d:a6:cf:25:ac:69:a2:59:72:a0:da:a3:81:64:51:cf:a0:
f7:c6:f5:02:57:fa:6c:87:14:bf:cc:c1:33:10:28:97:5b:9c:
ef:a7:81:12:4a:9a:37:34:b7:5f:72:d2:9b:24:db:ae:62:78:
1f:0b:db:41:99:35:b3:93:ba:20:07:76:40:ba:a3:70:dc:b0:
e0:e3:f6:f5:ca:f4:40:5d:41:b3:40:43:fd:41:59:58:a3:b7:
d5:f2:14:00:d3:00:f1:3a:4f:55:6f:aa:57:8e:e3:78:70:dc:
e4:d9:54:ac:f1:be:6e:5e:45:28:73:8a:d5:20:fd:eb:5f:7b:
68:f5:ad:d3:1c:91:07:88:16:93:a5:23:61:d9:bd:a3:53:a8:
e1:3b:d4:0f
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgISAZQnR1CcLBckqDfAcMx6wwRGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNDFhNWEyYTE4MzM5NjI5Y2MxMzAzZTZkZWM4YmI2MDVk
ZGNhNjUwHhcNMjUwMTAyMTM0OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNThhNDZiMjBiZDk2Njc0YjhkZDYyZWM2N2EyMjIzYWUyYjU1MTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzecO44wIo696+WEabm/ppS7wVQPL
JXdLNgdLqDPbj9H1xRMfjoVENKvQHIlvsPAUU96dEviS/4wNyqgy0OuZQbqlRkLm
ZtyOsALO8UGQ5GGZ1xYjKVl0GcUxOL7aUXJhqiktVbj3zhFd3h9vhAGeMqgY7FdI
XD6ndiQXYpWEPt4euigYL6T6pfohbKq0ruIFDcVGuVldRAXRHQ2oYhN3fDjcgZs0
bPO2vdb10WOHzFO0xqQofIV4A8NnvHupGILinwf4Zg964++yujbuRKBffkmmfgZu
JXutQ+HrddehZzm/L/nBD/FHdxFPnucAsFE1yFrumDeJ3t2uzLMn3lR13QIDAQAB
o4ICrTCCAqkwHQYDVR0OBBYEFDWKRrIL2WZ0uN1i7GeiIjritVEZMB8GA1UdIwQY
MBaAFApBpaKhgzlinMEwPm3si7YF3cplMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2tHbG9xR0RPV0tjd1RBLWJleUx0Z1hkeW1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kNDNjMmMtNzRlOS00N2Q0LWJmNjIt
ODBmN2ZkNmVhOWM5LzEvTllwR3NndlpablM0M1dMc1o2SWlPdUsxVVJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9kNDNjMmMtNzRlOS00N2Q0LWJmNjItODBmN2ZkNmVhOWM5
LzEvQ2tHbG9xR0RPV0tjd1RBLWJleUx0Z1hkeW1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHCBggrBgEFBQcBBwEB/wSBsjCBrzCBmwQCAAEwgZQDBAMl
LoADBAU+bQADBAJN9pwwDAMEBlBXwAMEAlBXyAMEBVKSIAMEAlLKoDAMAwQAUsql
AwQEUsqgAwQDU9yoAwQCVcZIAwQCVcZ0AwQCWakoAwQCW/BUAwQEXD9gAwQCuSsE
AwQCuT+8AwQCuZKcAwQCufZAAwQCuf0gAwQCw4yQAwQD1G3AAwQD1G3YAwQD1Z/Q
MA8EAgACMAkDBwAqCfkAAAAwDQYJKoZIhvcNAQELBQADggEBACHVAk0R15xja5To
OX4ysI+zHCKFS0fFpRfqPGU3NxH6IiGmYngCu4B+EHFqsjWJbxI1nsBNVTwNlY06
iDRgr+sUcvS73DnYYOm34S2UDtSOLgYI5m167WI8Num1B/4FqUFpkv8DEYa+2SHZ
7yg9ps8lrGmiWXKg2qOBZFHPoPfG9QJX+myHFL/MwTMQKJdbnO+ngRJKmjc0t19y
0psk265ieB8L20GZNbOTuiAHdkC6o3DcsODj9vXK9EBdQbNAQ/1BWVijt9XyFADT
APE6T1VvqleO43hw3OTZVKzxvm5eRShzitUg/etfe2j1rdMckQeIFpOlI2HZvaNT
qOE71A8=
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:43:25 2025 by rpki-client