Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/cUPSsBWZ4irx4TApxzbroJpf5do.roa
File: cUPSsBWZ4irx4TApxzbroJpf5do.roa (raw, json)
Hash identifier: 6GPPFraRfTGyKrm5jIIIVF8Jt+KHlsZR8YFMwLgpuuE=
Subject key identifier: 71:43:D2:B0:15:99:E2:2A:F1:E1:30:29:C7:36:EB:A0:9A:5F:E5:DA
Certificate issuer: /CN=df0198a7b3afdcdd7003562a0871878e238760ad
Certificate serial: 0194214432D91FD66AC7C7CACFDEA019E3BF
Authority key identifier: DF:01:98:A7:B3:AF:DC:DD:70:03:56:2A:08:71:87:8E:23:87:60:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/cUPSsBWZ4irx4TApxzbroJpf5do.roa
Signing time: Wed 01 Jan 2025 09:48:25 +0000
ROA not before: Wed 01 Jan 2025 09:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21334
IP address blocks: 5.63.192.0/18 maxlen: 18
5.148.192.0/18 maxlen: 18
5.148.192.0/19 maxlen: 19
5.148.224.0/19 maxlen: 19
5.206.128.0/18 maxlen: 18
37.188.80.0/21 maxlen: 21
37.188.80.0/22 maxlen: 22
37.188.84.0/22 maxlen: 22
37.191.0.0/18 maxlen: 18
37.191.0.0/19 maxlen: 19
37.191.32.0/19 maxlen: 19
37.220.192.0/18 maxlen: 18
78.139.0.0/18 maxlen: 18
78.139.0.0/19 maxlen: 19
78.139.32.0/19 maxlen: 19
80.98.0.0/15 maxlen: 15
80.98.0.0/16 maxlen: 16
80.99.0.0/16 maxlen: 16
80.244.96.0/20 maxlen: 20
86.101.0.0/16 maxlen: 16
86.101.0.0/17 maxlen: 17
86.101.128.0/17 maxlen: 17
88.87.240.0/21 maxlen: 21
88.87.240.0/22 maxlen: 22
88.87.244.0/22 maxlen: 22
89.132.0.0/14 maxlen: 14
89.132.0.0/15 maxlen: 15
89.134.0.0/15 maxlen: 15
89.134.0.0/20 maxlen: 20
89.134.16.0/20 maxlen: 20
89.135.60.0/24 maxlen: 24
89.223.128.0/17 maxlen: 17
89.223.128.0/18 maxlen: 18
89.223.192.0/18 maxlen: 18
94.44.0.0/16 maxlen: 16
94.44.0.0/17 maxlen: 17
94.44.128.0/17 maxlen: 17
130.43.192.0/18 maxlen: 18
151.0.64.0/18 maxlen: 18
176.63.0.0/16 maxlen: 16
176.63.0.0/17 maxlen: 17
176.63.0.0/20 maxlen: 20
176.63.16.0/20 maxlen: 20
176.63.128.0/17 maxlen: 17
178.48.0.0/16 maxlen: 16
178.48.0.0/17 maxlen: 17
178.48.128.0/17 maxlen: 17
185.10.124.0/22 maxlen: 22
185.10.124.0/23 maxlen: 23
185.10.126.0/23 maxlen: 23
185.33.80.0/23 maxlen: 23
185.33.80.0/24 maxlen: 24
185.33.81.0/24 maxlen: 24
185.123.28.0/22 maxlen: 23
188.142.160.0/19 maxlen: 19
188.142.160.0/20 maxlen: 20
188.142.176.0/20 maxlen: 20
188.142.192.0/18 maxlen: 18
188.142.192.0/19 maxlen: 19
188.142.224.0/19 maxlen: 19
195.184.160.0/19 maxlen: 19
195.184.160.0/20 maxlen: 20
195.184.176.0/20 maxlen: 20
212.48.240.0/20 maxlen: 20
212.48.240.0/21 maxlen: 21
212.48.248.0/21 maxlen: 21
212.96.32.0/19 maxlen: 19
212.96.32.0/20 maxlen: 20
212.96.48.0/20 maxlen: 20
213.222.128.0/18 maxlen: 18
213.222.128.0/19 maxlen: 19
213.222.160.0/19 maxlen: 19
2a02:ab80::/28 maxlen: 28
2a02:ab80::/29 maxlen: 29
2a02:ab86:a04::/47 maxlen: 47
2a02:ab86:a06::/47 maxlen: 47
2a02:ab88::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:32:d9:1f:d6:6a:c7:c7:ca:cf:de:a0:19:e3:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df0198a7b3afdcdd7003562a0871878e238760ad
Validity
Not Before: Jan 1 09:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7143d2b01599e22af1e13029c736eba09a5fe5da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:9f:37:a7:e7:22:9a:40:d5:be:7f:9f:39:2d:
a8:46:09:be:8a:54:7f:e9:15:67:e0:84:89:7a:62:
ac:16:29:c8:4f:3b:05:c7:0d:a8:8d:40:89:4a:c0:
1e:75:32:b9:99:11:c1:14:59:e2:c5:e6:74:80:80:
5b:e3:85:13:d1:96:40:a8:6b:11:a6:55:e0:e6:e1:
66:0f:38:7d:f5:44:a0:36:6b:5d:54:d2:a2:b0:c0:
07:cf:c4:bb:80:6a:0d:e7:d9:e7:4f:2d:6c:30:46:
c6:0b:20:0b:e4:d5:14:43:6a:65:55:95:a8:d8:50:
94:e5:2b:42:34:18:0e:ff:5a:98:9e:c3:48:14:e4:
f1:cd:e0:16:ba:07:f3:cf:f4:21:4d:13:c2:06:06:
6f:2a:f3:6c:03:d8:27:d0:e0:bd:5d:6e:a9:2d:7b:
ef:36:b6:09:90:45:b7:a7:18:8b:db:8c:f2:06:cd:
03:11:3d:c9:1d:5a:76:6e:ad:df:db:f9:4a:ef:65:
9f:29:52:de:8a:ce:b9:95:fb:91:d3:f9:75:82:0e:
83:43:9f:c9:c3:6e:f1:05:b1:b3:4c:92:9b:cc:2d:
7a:9d:4c:f1:fa:52:7f:32:c0:f2:22:ec:dc:61:16:
86:bd:44:5c:f4:c5:00:aa:13:cc:2d:d5:75:96:62:
1e:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:43:D2:B0:15:99:E2:2A:F1:E1:30:29:C7:36:EB:A0:9A:5F:E5:DA
X509v3 Authority Key Identifier:
keyid:DF:01:98:A7:B3:AF:DC:DD:70:03:56:2A:08:71:87:8E:23:87:60:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/cUPSsBWZ4irx4TApxzbroJpf5do.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.192.0/18
5.148.192.0/18
5.206.128.0/18
37.188.80.0/21
37.191.0.0/18
37.220.192.0/18
78.139.0.0/18
80.98.0.0/15
80.244.96.0/20
86.101.0.0/16
88.87.240.0/21
89.132.0.0/14
89.223.128.0/17
94.44.0.0/16
130.43.192.0/18
151.0.64.0/18
176.63.0.0/16
178.48.0.0/16
185.10.124.0/22
185.33.80.0/23
185.123.28.0/22
188.142.160.0-188.142.255.255
195.184.160.0/19
212.48.240.0/20
212.96.32.0/19
213.222.128.0/18
IPv6:
2a02:ab80::/28
Signature Algorithm: sha256WithRSAEncryption
0f:b1:63:21:47:0e:e9:a8:16:9c:bd:0d:ed:f1:5f:50:20:6b:
fe:b4:94:50:94:59:3a:79:b2:66:4a:b2:46:95:3e:e1:5a:63:
ef:45:67:60:88:6a:a1:ca:f0:90:d7:55:91:79:da:8d:46:5b:
2a:ca:ec:16:49:b1:b3:4d:e5:c2:85:79:ec:39:5a:e4:c7:ec:
99:bd:fa:bb:05:62:3e:95:bc:2b:63:75:21:bf:16:e9:98:cc:
c5:41:23:2a:2e:db:d5:de:c0:dc:70:a6:0d:63:35:83:20:d2:
3a:97:ce:51:9c:00:20:67:a9:fa:35:6c:5a:3c:a8:67:39:dc:
13:78:24:ad:d2:54:45:13:93:b3:a8:fa:53:16:60:1d:e4:71:
75:f6:3c:c1:0c:ae:9d:6a:1a:96:c6:bd:fa:2f:f1:17:d9:91:
6a:cc:66:33:8b:54:df:39:1f:18:50:cf:0c:5f:05:28:59:6e:
5f:44:6a:44:9f:7b:ac:23:35:c8:9d:87:f1:a9:5e:bd:be:e6:
47:f2:8a:3d:81:1d:63:5b:c6:c9:10:ef:99:c1:a8:b9:a8:d8:
f3:0d:ba:2c:0d:b0:41:8f:f8:22:d5:f0:47:08:f3:3b:96:0d:
0a:63:72:b5:5d:95:c4:a8:c6:1f:30:e7:0c:95:92:ed:b9:5d:
d7:e3:50:7c
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAZQhRDLZH9Zqx8fKz96gGeO/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMDE5OGE3YjNhZmRjZGQ3MDAzNTYyYTA4NzE4NzhlMjM4
NzYwYWQwHhcNMjUwMTAxMDk0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTQzZDJiMDE1OTllMjJhZjFlMTMwMjljNzM2ZWJhMDlhNWZlNWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJ83p+cimkDVvn+fOS2oRgm+ilR/
6RVn4ISJemKsFinITzsFxw2ojUCJSsAedTK5mRHBFFnixeZ0gIBb44UT0ZZAqGsR
plXg5uFmDzh99USgNmtdVNKisMAHz8S7gGoN59nnTy1sMEbGCyAL5NUUQ2plVZWo
2FCU5StCNBgO/1qYnsNIFOTxzeAWugfzz/QhTRPCBgZvKvNsA9gn0OC9XW6pLXvv
NrYJkEW3pxiL24zyBs0DET3JHVp2bq3f2/lK72WfKVLeis65lfuR0/l1gg6DQ5/J
w27xBbGzTJKbzC16nUzx+lJ/MsDyIuzcYRaGvURc9MUAqhPMLdV1lmIeJwIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFHFD0rAVmeIq8eEwKcc266CaX+XaMB8GA1UdIwQY
MBaAFN8BmKezr9zdcANWKghxh44jh2CtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3dHWXA3T3YzTjF3QTFZcUNIR0hqaU9IWUswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9kM2ZjYTYtZWNiNS00M2FhLThjOWQt
MGZjYzZjMzAxMWZjLzEvY1VQU3NCV1o0aXJ4NFRBcHh6YnJvSnBmNWRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9kM2ZjYTYtZWNiNS00M2FhLThjOWQtMGZjYzZjMzAxMWZj
LzEvM3dHWXA3T3YzTjF3QTFZcUNIR0hqaU9IWUswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBpAQCAAEwgZ0DBAYF
P8ADBAYFlMADBAYFzoADBAMlvFADBAYlvwADBAYl3MADBAZOiwADAwFQYgMEBFD0
YAMDAFZlAwQDWFfwAwMCWYQDBAdZ34ADAwBeLAMEBoIrwAMEBpcAQAMDALA/AwMA
sjADBAK5CnwDBAG5IVADBAK5exwwCwMEBbyOoAMDALyOAwQFw7igAwQE1DDwAwQF
1GAgAwQG1d6AMA0EAgACMAcDBQQqAquAMA0GCSqGSIb3DQEBCwUAA4IBAQAPsWMh
Rw7pqBacvQ3t8V9QIGv+tJRQlFk6ebJmSrJGlT7hWmPvRWdgiGqhyvCQ11WRedqN
RlsqyuwWSbGzTeXChXnsOVrkx+yZvfq7BWI+lbwrY3UhvxbpmMzFQSMqLtvV3sDc
cKYNYzWDINI6l85RnAAgZ6n6NWxaPKhnOdwTeCSt0lRFE5OzqPpTFmAd5HF19jzB
DK6dahqWxr36L/EX2ZFqzGYzi1TfOR8YUM8MXwUoWW5fRGpEn3usIzXInYfxqV69
vuZH8oo9gR1jW8bJEO+Zwai5qNjzDbosDbBBj/gi1fBHCPM7lg0KY3K1XZXEqMYf
MOcMlZLtuV3X41B8
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:56:37 2025 by rpki-client