Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/VwgQhqtb3ecFPrI0aYpc0t0J7gk.roa
File: VwgQhqtb3ecFPrI0aYpc0t0J7gk.roa (raw, json)
Hash identifier: rm6a0e5mqLR6JDK0YGMF4JtEpu3q5ynciW+xvLZxAcY=
Subject key identifier: 57:08:10:86:AB:5B:DD:E7:05:3E:B2:34:69:8A:5C:D2:DD:09:EE:09
Certificate issuer: /CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Certificate serial: 018745D44FAEC25F5D12471AB55668E72E15
Authority key identifier: 1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/VwgQhqtb3ecFPrI0aYpc0t0J7gk.roa
Signing time: Mon 03 Apr 2023 06:35:54 +0000
ROA not before: Mon 03 Apr 2023 06:35:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207990
IP address blocks: 185.125.192.0/22 maxlen: 32
93.114.8.0/23 maxlen: 32
93.114.10.0/23 maxlen: 32
93.114.12.0/22 maxlen: 32
92.43.84.0/22 maxlen: 32
95.215.36.0/22 maxlen: 32
45.142.92.0/22 maxlen: 32
185.229.250.0/24 maxlen: 32
203.166.152.0/22 maxlen: 32
203.166.148.0/22 maxlen: 32
188.119.116.0/22 maxlen: 32
89.249.51.0/24 maxlen: 32
94.176.112.0/20 maxlen: 32
185.38.102.0/24 maxlen: 32
150.129.92.0/22 maxlen: 32
43.240.140.0/22 maxlen: 32
89.38.132.0/23 maxlen: 32
83.229.76.0/22 maxlen: 32
119.13.192.0/20 maxlen: 32
83.229.104.0/22 maxlen: 32
121.91.80.0/21 maxlen: 32
185.90.243.0/24 maxlen: 32
78.138.40.0/24 maxlen: 32
78.138.50.0/24 maxlen: 32
78.138.48.0/24 maxlen: 32
78.138.47.0/24 maxlen: 32
89.19.42.0/23 maxlen: 32
103.204.124.0/22 maxlen: 32
209.20.176.0/21 maxlen: 32
185.131.220.0/24 maxlen: 32
93.180.192.0/20 maxlen: 32
93.115.12.0/23 maxlen: 32
89.34.78.0/23 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:45:d4:4f:ae:c2:5f:5d:12:47:1a:b5:56:68:e7:2e:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Validity
Not Before: Apr 3 06:35:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=57081086ab5bdde7053eb234698a5cd2dd09ee09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:82:d8:8a:fe:c3:71:c1:51:ea:7d:57:da:85:
bf:32:01:bd:7b:77:90:ed:52:1b:06:5f:06:88:74:
b7:aa:25:ac:a5:1b:ee:47:e2:aa:cb:99:01:57:a9:
a8:7e:16:b5:d3:e2:e3:66:48:67:36:69:10:33:f7:
fa:7c:7c:c8:19:58:a3:92:3a:9d:21:0e:73:38:60:
a9:cd:75:e4:f5:c0:c1:10:e9:d2:45:48:2d:28:61:
78:70:95:c6:ab:b0:65:86:d0:cc:43:55:d6:f0:4f:
d4:31:6c:83:41:61:fa:a5:f0:1e:09:66:26:dd:ad:
41:a3:f9:20:df:4f:63:5b:ef:a9:33:ab:ff:91:97:
ad:a6:6e:9e:9a:e7:5d:86:a8:c7:11:e5:32:56:76:
e9:2a:32:bf:33:38:50:d6:aa:ce:21:a2:92:b8:77:
bb:3c:8d:11:e0:c1:81:cd:78:46:9f:10:7c:90:aa:
6e:24:25:99:2a:85:b9:52:2b:ed:73:59:ff:74:0e:
8c:1c:ec:15:78:e6:20:25:cf:d0:8e:a3:37:2a:d7:
2b:b5:1a:14:bb:68:42:8b:ce:60:46:f2:d2:0e:29:
2b:61:33:6e:b5:79:46:76:50:f6:de:b4:4d:26:ba:
e3:ba:f6:a0:50:01:07:13:38:d4:33:86:d0:39:db:
62:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:08:10:86:AB:5B:DD:E7:05:3E:B2:34:69:8A:5C:D2:DD:09:EE:09
X509v3 Authority Key Identifier:
keyid:1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/VwgQhqtb3ecFPrI0aYpc0t0J7gk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.240.140.0/22
45.142.92.0/22
78.138.40.0/24
78.138.47.0-78.138.48.255
78.138.50.0/24
83.229.76.0/22
83.229.104.0/22
89.19.42.0/23
89.34.78.0/23
89.38.132.0/23
89.249.51.0/24
92.43.84.0/22
93.114.8.0/21
93.115.12.0/23
93.180.192.0/20
94.176.112.0/20
95.215.36.0/22
103.204.124.0/22
119.13.192.0/20
121.91.80.0/21
150.129.92.0/22
185.38.102.0/24
185.90.243.0/24
185.125.192.0/22
185.131.220.0/24
185.229.250.0/24
188.119.116.0/22
203.166.148.0-203.166.155.255
209.20.176.0/21
Signature Algorithm: sha256WithRSAEncryption
6d:c0:65:00:a5:7c:cc:ca:fd:1f:ab:19:bf:75:30:ae:e9:39:
ba:dd:61:41:09:1f:4e:3a:47:34:10:4e:53:78:c7:57:5a:52:
8c:aa:7b:71:55:e1:b5:47:49:41:50:4d:34:22:71:0a:10:f0:
f2:c3:05:16:2b:f1:16:14:1b:61:70:15:ee:10:f9:98:02:60:
7a:6e:b2:8b:34:b4:c1:22:39:ce:7d:9b:25:6e:71:9e:a9:5a:
7d:f6:66:4c:c6:c2:71:bf:70:dc:e9:7e:cf:23:9e:a4:8c:7a:
a0:e0:d6:5c:9f:6a:3e:f2:af:c9:f2:00:35:a3:6c:5e:4a:ec:
86:09:01:2d:e6:0c:a8:aa:da:8b:10:2b:04:58:34:bd:8a:05:
b7:cb:b0:36:5f:74:45:49:97:cb:fe:9d:6f:43:e8:80:53:4e:
1c:de:1d:5d:07:9c:d1:6a:19:8c:70:75:be:fb:f5:d3:94:b7:
49:ce:db:94:35:ef:41:57:db:62:5c:2b:ea:55:d8:3a:c2:79:
25:7f:db:bb:4c:2d:30:bf:0f:ec:f3:55:9c:1f:7a:85:71:bb:
c8:55:32:f1:f9:11:5a:fc:7d:2c:7f:ce:4c:e2:75:d4:94:75:
87:be:b9:60:4a:dd:4c:23:56:de:ff:5d:f2:87:b5:c9:96:48:
87:2a:65:f7
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgISAYdF1E+uwl9dEkcatVZo5y4VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYTUxYTBiYzBmMGFmZWJiZjZkNWQ5MjdmZTFmOTgxNmY1
MjM1MmQwHhcNMjMwNDAzMDYzNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzA4MTA4NmFiNWJkZGU3MDUzZWIyMzQ2OThhNWNkMmRkMDllZTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkoLYiv7DccFR6n1X2oW/MgG9e3eQ
7VIbBl8GiHS3qiWspRvuR+Kqy5kBV6mofha10+LjZkhnNmkQM/f6fHzIGVijkjqd
IQ5zOGCpzXXk9cDBEOnSRUgtKGF4cJXGq7BlhtDMQ1XW8E/UMWyDQWH6pfAeCWYm
3a1Bo/kg309jW++pM6v/kZetpm6emuddhqjHEeUyVnbpKjK/MzhQ1qrOIaKSuHe7
PI0R4MGBzXhGnxB8kKpuJCWZKoW5Uivtc1n/dA6MHOwVeOYgJc/QjqM3KtcrtRoU
u2hCi85gRvLSDikrYTNutXlGdlD23rRNJrrjuvagUAEHEzjUM4bQOdtiJwIDAQAB
o4ICxjCCAsIwHQYDVR0OBBYEFFcIEIarW93nBT6yNGmKXNLdCe4JMB8GA1UdIwQY
MBaAFBulGgvA8K/rv21dkn/h+YFvUjUtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQt
ODcxZjllZDcwOGUwLzEvVndnUWhxdGIzZWNGUHJJMGFZcGMwdDBKN2drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQtODcxZjllZDcwOGUw
LzEvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHbBggrBgEFBQcBBwEB/wSByzCByDCBxQQCAAEwgb4DBAIr
8IwDBAItjlwDBABOiigwDAMEAE6KLwMEAE6KMAMEAE6KMgMEAlPlTAMEAlPlaAME
AVkTKgMEAVkiTgMEAVkmhAMEAFn5MwMEAlwrVAMEA11yCAMEAV1zDAMEBF20wAME
BF6wcAMEAl/XJAMEAmfMfAMEBHcNwAMEA3lbUAMEApaBXAMEALkmZgMEALla8wME
Arl9wAMEALmD3AMEALnl+gMEArx3dDAMAwQCy6aUAwQCy6aYAwQD0RSwMA0GCSqG
SIb3DQEBCwUAA4IBAQBtwGUApXzMyv0fqxm/dTCu6Tm63WFBCR9OOkc0EE5TeMdX
WlKMqntxVeG1R0lBUE00InEKEPDywwUWK/EWFBthcBXuEPmYAmB6brKLNLTBIjnO
fZslbnGeqVp99mZMxsJxv3Dc6X7PI56kjHqg4NZcn2o+8q/J8gA1o2xeSuyGCQEt
5gyoqtqLECsEWDS9igW3y7A2X3RFSZfL/p1vQ+iAU04c3h1dB5zRahmMcHW++/XT
lLdJztuUNe9BV9tiXCvqVdg6wnklf9u7TC0wvw/s81WcH3qFcbvIVTLx+RFa/H0s
f85M4nXUlHWHvrlgSt1MI1be/13yh7XJlkiHKmX3
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:31:19 2025 by rpki-client