Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/2ReKdgaYtIp3NshswWa0Ynp0WRg.roa
File: 2ReKdgaYtIp3NshswWa0Ynp0WRg.roa (raw, json)
Hash identifier: mQx2YD8epmmqsl3MP9UUukVpCGzOBVTsrzitNDkbPKs=
Subject key identifier: D9:17:8A:76:06:98:B4:8A:77:36:C8:6C:C1:66:B4:62:7A:74:59:18
Certificate issuer: /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial: 0194266BC1F637E5B6E7888AEEF24F5B7428
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/2ReKdgaYtIp3NshswWa0Ynp0WRg.roa
Signing time: Thu 02 Jan 2025 09:49:43 +0000
ROA not before: Thu 02 Jan 2025 09:49:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8447
IP address blocks: 46.74.0.0/15 maxlen: 23
46.206.0.0/15 maxlen: 15
62.46.0.0/15 maxlen: 15
62.116.32.0/19 maxlen: 19
80.75.32.0/19 maxlen: 22
80.75.34.0/24 maxlen: 24
80.75.56.0/21 maxlen: 21
80.89.96.0/20 maxlen: 20
80.120.0.0/14 maxlen: 24
80.240.224.0/20 maxlen: 24
81.5.192.0/18 maxlen: 18
84.20.160.0/19 maxlen: 19
85.90.128.0/19 maxlen: 19
88.116.0.0/15 maxlen: 15
88.116.217.0/24 maxlen: 24
89.144.192.0/18 maxlen: 18
91.112.0.0/14 maxlen: 14
92.248.0.0/17 maxlen: 17
93.82.0.0/15 maxlen: 15
93.111.0.0/16 maxlen: 23
176.66.0.0/18 maxlen: 18
176.66.128.0/17 maxlen: 17
178.188.0.0/14 maxlen: 14
185.157.248.0/22 maxlen: 22
188.20.0.0/14 maxlen: 24
188.45.0.0/16 maxlen: 16
192.164.0.0/19 maxlen: 19
192.164.32.0/22 maxlen: 22
192.164.39.0/24 maxlen: 24
192.164.40.0/21 maxlen: 21
192.164.48.0/20 maxlen: 20
192.164.64.0/21 maxlen: 21
192.164.80.0/20 maxlen: 20
192.164.96.0/19 maxlen: 19
192.164.128.0/19 maxlen: 19
192.164.208.0/20 maxlen: 20
192.164.224.0/19 maxlen: 19
193.80.0.0/15 maxlen: 15
193.83.0.0/16 maxlen: 16
193.154.0.0/16 maxlen: 16
193.187.212.0/22 maxlen: 22
193.187.216.0/21 maxlen: 21
193.187.224.0/20 maxlen: 20
193.187.240.0/22 maxlen: 22
194.48.124.0/22 maxlen: 22
194.48.128.0/21 maxlen: 21
194.48.136.0/22 maxlen: 22
194.48.136.0/24 maxlen: 24
194.96.0.0/16 maxlen: 16
194.118.0.0/16 maxlen: 16
194.152.96.0/19 maxlen: 19
194.152.160.0/19 maxlen: 19
194.166.0.0/16 maxlen: 16
195.3.64.0/18 maxlen: 18
195.64.0.0/19 maxlen: 19
195.170.64.0/19 maxlen: 19
195.230.32.0/19 maxlen: 19
212.16.32.0/19 maxlen: 19
212.60.160.0/19 maxlen: 19
212.88.0.0/19 maxlen: 19
212.88.160.0/19 maxlen: 24
212.124.128.0/19 maxlen: 19
212.183.0.0/17 maxlen: 24
212.197.128.0/18 maxlen: 18
213.33.0.0/17 maxlen: 17
213.33.63.0/24 maxlen: 24
213.147.160.0/19 maxlen: 19
213.157.128.0/19 maxlen: 19
213.225.0.0/18 maxlen: 18
213.240.64.0/18 maxlen: 18
217.149.160.0/20 maxlen: 20
2001:850::/29 maxlen: 29
2001:870::/29 maxlen: 29
2001:890::/29 maxlen: 29
2001:4bb8::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:c1:f6:37:e5:b6:e7:88:8a:ee:f2:4f:5b:74:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Validity
Not Before: Jan 2 09:49:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9178a760698b48a7736c86cc166b4627a745918
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:4a:5d:ee:c5:9f:5a:b1:29:e1:6c:1d:d1:90:
6b:30:db:a6:55:7c:e1:9c:59:2e:90:93:45:93:d5:
8c:68:bc:f9:76:d4:1a:ef:91:71:23:fb:d2:24:7f:
58:66:3e:de:8c:43:31:aa:4c:4c:11:36:9c:3c:7f:
12:71:28:59:de:2e:4d:36:ef:4c:4d:fa:46:c0:cd:
65:de:fc:23:27:15:62:82:57:ad:c7:ca:64:b9:ac:
b5:ac:9c:18:06:7d:29:95:b3:1a:1e:08:08:25:17:
62:46:82:34:a5:29:c3:4b:26:94:4e:ac:03:c2:ca:
1a:72:84:e3:d4:07:4f:00:80:fa:3b:11:15:2c:a3:
90:f9:bd:c5:1a:f9:28:cc:86:06:34:6f:59:b8:01:
43:b6:cb:2e:bd:d1:fe:dd:b6:b8:f1:fc:b4:fb:50:
cd:00:71:f4:32:19:38:26:92:fe:be:0f:01:d9:c8:
94:68:1f:5a:81:49:8a:99:ca:b6:c7:7d:23:70:66:
33:cf:ff:be:01:5b:f7:42:c3:20:13:87:eb:57:0f:
18:a0:77:50:5d:49:ee:1a:d5:21:96:70:bb:60:db:
60:e6:4f:01:88:d2:d2:5f:e8:f6:07:5c:ad:e5:3b:
1f:8f:12:d9:a2:c8:6c:28:b2:fd:81:af:7b:3d:b8:
ed:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:17:8A:76:06:98:B4:8A:77:36:C8:6C:C1:66:B4:62:7A:74:59:18
X509v3 Authority Key Identifier:
keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/2ReKdgaYtIp3NshswWa0Ynp0WRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.74.0.0/15
46.206.0.0/15
62.46.0.0/15
62.116.32.0/19
80.75.32.0/19
80.89.96.0/20
80.120.0.0/14
80.240.224.0/20
81.5.192.0/18
84.20.160.0/19
85.90.128.0/19
88.116.0.0/15
89.144.192.0/18
91.112.0.0/14
92.248.0.0/17
93.82.0.0/15
93.111.0.0/16
176.66.0.0/18
176.66.128.0/17
178.188.0.0/14
185.157.248.0/22
188.20.0.0/14
188.45.0.0/16
192.164.0.0-192.164.35.255
192.164.39.0-192.164.71.255
192.164.80.0-192.164.159.255
192.164.208.0-192.164.255.255
193.80.0.0/15
193.83.0.0/16
193.154.0.0/16
193.187.212.0-193.187.243.255
194.48.124.0-194.48.139.255
194.96.0.0/16
194.118.0.0/16
194.152.96.0/19
194.152.160.0/19
194.166.0.0/16
195.3.64.0/18
195.64.0.0/19
195.170.64.0/19
195.230.32.0/19
212.16.32.0/19
212.60.160.0/19
212.88.0.0/19
212.88.160.0/19
212.124.128.0/19
212.183.0.0/17
212.197.128.0/18
213.33.0.0/17
213.147.160.0/19
213.157.128.0/19
213.225.0.0/18
213.240.64.0/18
217.149.160.0/20
IPv6:
2001:850::/29
2001:870::/29
2001:890::/29
2001:4bb8::/29
Signature Algorithm: sha256WithRSAEncryption
cc:0e:0a:c8:05:a6:be:06:60:bd:cc:a7:df:72:16:ac:7c:49:
08:d3:f2:17:8e:ce:c2:81:7b:78:a9:c2:74:b2:22:dc:32:97:
90:9f:a4:ea:f7:09:e1:ad:71:ba:f0:b1:d8:08:ec:b0:a2:56:
ba:1f:a2:bd:09:01:22:e2:8e:06:25:77:b3:86:c5:39:9c:8e:
c0:28:87:bc:06:44:fb:cc:68:8c:da:a8:c2:4a:ee:01:7f:ea:
4f:63:62:ec:eb:95:17:e9:a0:57:c7:eb:eb:60:f0:a3:cf:26:
b9:5e:a8:62:f0:c4:86:b1:c3:83:3f:5e:ee:95:6e:bc:7e:00:
8e:49:81:c7:d6:2d:cb:93:e3:af:10:a7:a4:84:93:e9:5a:5e:
56:d8:10:c6:4f:31:09:e5:34:e9:41:68:70:c4:59:77:35:b7:
06:22:9a:ea:ab:e8:61:c5:5f:2b:cc:17:bb:9c:d3:8f:01:b1:
67:67:50:8b:f2:71:4f:bf:9c:14:32:c1:ad:dc:75:a8:1b:7f:
52:8f:af:18:a9:5e:cf:0c:01:4f:86:21:b1:22:6b:37:36:9c:
67:7e:d4:a1:25:22:50:e8:75:be:f8:f5:e8:1a:a6:50:4a:bf:
78:3b:f3:47:27:1d:95:fd:21:5c:8a:5b:cd:6d:77:d0:fd:f4:
11:9a:b5:36
-----BEGIN CERTIFICATE-----
MIIGhjCCBW6gAwIBAgISAZQma8H2N+W254iK7vJPW3QoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjUwMTAyMDk0OTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTE3OGE3NjA2OThiNDhhNzczNmM4NmNjMTY2YjQ2MjdhNzQ1OTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0pd7sWfWrEp4Wwd0ZBrMNumVXzh
nFkukJNFk9WMaLz5dtQa75FxI/vSJH9YZj7ejEMxqkxMETacPH8ScShZ3i5NNu9M
TfpGwM1l3vwjJxVigletx8pkuay1rJwYBn0plbMaHggIJRdiRoI0pSnDSyaUTqwD
wsoacoTj1AdPAID6OxEVLKOQ+b3FGvkozIYGNG9ZuAFDtssuvdH+3ba48fy0+1DN
AHH0Mhk4JpL+vg8B2ciUaB9agUmKmcq2x30jcGYzz/++AVv3QsMgE4frVw8YoHdQ
XUnuGtUhlnC7YNtg5k8BiNLSX+j2B1yt5TsfjxLZoshsKLL9ga97PbjtGQIDAQAB
o4IDkjCCA44wHQYDVR0OBBYEFNkXinYGmLSKdzbIbMFmtGJ6dFkYMB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvMlJlS2RnYVl0SXAzTnNoc3dXYTBZbnAwV1JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBpgYIKwYBBQUHAQcBAf8EggGVMIIBkTCCAWkEAgABMIIB
YQMDAS5KAwMBLs4DAwE+LgMEBT50IAMEBVBLIAMEBFBZYAMDAlB4AwQEUPDgAwQG
UQXAAwQFVBSgAwQFVVqAAwMBWHQDBAZZkMADAwJbcAMEB1z4AAMDAV1SAwMAXW8D
BAawQgADBAewQoADAwKyvAMEArmd+AMDArwUAwMAvC0wCwMDAsCkAwQCwKQgMAwD
BADApCcDBAPApEAwDAMEBMCkUAMEBcCkgDALAwQEwKTQAwMAwKQDAwHBUAMDAMFT
AwMAwZowDAMEAsG71AMEAsG78DAMAwQCwjB8AwQCwjCIAwMAwmADAwDCdgMEBcKY
YAMEBcKYoAMDAMKmAwQGwwNAAwQFw0AAAwQFw6pAAwQFw+YgAwQF1BAgAwQF1Dyg
AwQF1FgAAwQF1FigAwQF1HyAAwQH1LcAAwQG1MWAAwQH1SEAAwQF1ZOgAwQF1Z2A
AwQG1eEAAwQG1fBAAwQE2ZWgMCIEAgACMBwDBQMgAQhQAwUDIAEIcAMFAyABCJAD
BQMgAUu4MA0GCSqGSIb3DQEBCwUAA4IBAQDMDgrIBaa+BmC9zKffchasfEkI0/IX
js7CgXt4qcJ0siLcMpeQn6Tq9wnhrXG68LHYCOywola6H6K9CQEi4o4GJXezhsU5
nI7AKIe8BkT7zGiM2qjCSu4Bf+pPY2Ls65UX6aBXx+vrYPCjzya5Xqhi8MSGscOD
P17ulW68fgCOSYHH1i3Lk+OvEKekhJPpWl5W2BDGTzEJ5TTpQWhwxFl3NbcGIprq
q+hhxV8rzBe7nNOPAbFnZ1CL8nFPv5wUMsGt3HWoG39Sj68YqV7PDAFPhiGxIms3
NpxnftShJSJQ6HW++PXoGqZQSr94O/NHJx2V/SFcilvNbXfQ/fQRmrU2
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:32:21 2025 by rpki-client