Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/i2HYpKIvdGotH7mKcmQ5RAG3huY.roa
File: i2HYpKIvdGotH7mKcmQ5RAG3huY.roa (raw, json)
Hash identifier: 4Nz6YUMbPlVe3PbppTQU2sGDWl5KATygr4DtzeG8qCU=
Subject key identifier: 8B:61:D8:A4:A2:2F:74:6A:2D:1F:B9:8A:72:64:39:44:01:B7:86:E6
Certificate issuer: /CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Certificate serial: 019427481893FC10C54E6D020EB648917B9D
Authority key identifier: A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/i2HYpKIvdGotH7mKcmQ5RAG3huY.roa
Signing time: Thu 02 Jan 2025 13:50:23 +0000
ROA not before: Thu 02 Jan 2025 13:50:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210403
IP address blocks: 31.207.32.0/24 maxlen: 24
31.207.33.0/24 maxlen: 24
31.207.34.0/24 maxlen: 24
31.207.35.0/24 maxlen: 24
31.207.36.0/24 maxlen: 24
31.207.37.0/24 maxlen: 24
31.207.38.0/24 maxlen: 24
31.207.39.0/24 maxlen: 24
78.24.248.0/21 maxlen: 24
78.138.45.0/24 maxlen: 24
78.138.58.0/24 maxlen: 24
83.229.19.0/24 maxlen: 24
91.199.179.0/24 maxlen: 24
91.216.107.0/24 maxlen: 24
91.234.194.0/24 maxlen: 24
91.234.195.0/24 maxlen: 24
180.149.196.0/24 maxlen: 24
180.149.197.0/24 maxlen: 24
180.149.198.0/24 maxlen: 24
180.149.199.0/24 maxlen: 24
185.98.128.0/24 maxlen: 24
185.98.129.0/24 maxlen: 24
185.98.131.0/24 maxlen: 24
185.98.136.0/24 maxlen: 24
185.98.137.0/24 maxlen: 24
185.98.138.0/24 maxlen: 24
185.98.139.0/24 maxlen: 24
185.135.132.0/24 maxlen: 24
185.238.116.0/24 maxlen: 24
192.162.68.0/24 maxlen: 24
192.162.69.0/24 maxlen: 24
192.162.70.0/24 maxlen: 24
192.162.71.0/24 maxlen: 24
193.37.145.0/24 maxlen: 24
193.203.239.0/24 maxlen: 24
194.126.193.0/24 maxlen: 24
195.110.34.0/24 maxlen: 24
195.110.35.0/24 maxlen: 24
213.156.132.0/22 maxlen: 24
213.255.195.0/24 maxlen: 24
2a00:7ee0::/48 maxlen: 48
2a00:7ee0:1::/48 maxlen: 48
2a00:7ee0:2::/48 maxlen: 48
2a00:7ee0:8::/48 maxlen: 48
2a00:7ee0:9::/48 maxlen: 48
2a00:7ee0:40::/44 maxlen: 48
2a00:7ee0:2000::/48 maxlen: 48
2a00:7ee0:3000::/48 maxlen: 48
2a00:7ee0:4000::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:18:93:fc:10:c5:4e:6d:02:0e:b6:48:91:7b:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Validity
Not Before: Jan 2 13:50:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b61d8a4a22f746a2d1fb98a7264394401b786e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ea:5b:a3:72:64:17:4f:aa:af:a3:5e:58:31:
cf:98:8d:5f:9b:57:68:85:a2:41:97:99:cd:15:94:
2f:8c:36:c3:47:31:e0:51:51:67:11:01:74:0b:fb:
be:fc:a8:96:65:8b:44:22:a1:87:90:ca:55:df:06:
c9:fc:00:10:8e:aa:2a:d3:a7:5b:54:3a:78:c2:0f:
12:95:09:66:5b:45:58:62:89:87:cc:6f:89:b7:81:
25:cd:22:9a:1b:db:84:37:51:0c:5f:db:5e:ca:84:
0f:16:4c:8e:99:b1:91:66:d2:67:aa:de:2d:e1:ce:
b2:dc:69:44:b9:f4:98:1e:18:93:90:e1:ca:79:c7:
57:2f:f3:50:d9:34:41:6d:0b:59:9e:d9:7d:90:de:
45:64:c7:f6:0f:1f:09:66:f2:5b:44:35:10:c0:b8:
3d:be:24:dd:ee:e6:d1:96:ec:f3:4b:73:2f:06:b0:
e1:b4:d0:bc:e6:db:f2:ec:e5:1b:8c:67:02:68:49:
1d:02:06:e3:2f:64:95:05:b4:3e:2e:ab:34:81:9c:
60:53:2a:06:00:51:93:f0:f3:a9:03:87:c0:21:38:
82:a7:c3:7e:e8:fe:9f:da:7d:3c:9d:a0:cb:0b:75:
10:28:36:5b:3d:d9:9e:6c:da:c8:e4:68:e6:14:0d:
02:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:61:D8:A4:A2:2F:74:6A:2D:1F:B9:8A:72:64:39:44:01:B7:86:E6
X509v3 Authority Key Identifier:
keyid:A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/i2HYpKIvdGotH7mKcmQ5RAG3huY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.207.32.0/21
78.24.248.0/21
78.138.45.0/24
78.138.58.0/24
83.229.19.0/24
91.199.179.0/24
91.216.107.0/24
91.234.194.0/23
180.149.196.0/22
185.98.128.0/23
185.98.131.0/24
185.98.136.0/22
185.135.132.0/24
185.238.116.0/24
192.162.68.0/22
193.37.145.0/24
193.203.239.0/24
194.126.193.0/24
195.110.34.0/23
213.156.132.0/22
213.255.195.0/24
IPv6:
2a00:7ee0::-2a00:7ee0:2:ffff:ffff:ffff:ffff:ffff
2a00:7ee0:8::/47
2a00:7ee0:40::/44
2a00:7ee0:2000::/48
2a00:7ee0:3000::/48
2a00:7ee0:4000::/36
Signature Algorithm: sha256WithRSAEncryption
16:12:1f:4f:d1:6a:67:3d:ad:83:95:45:28:eb:d4:ca:3e:9f:
11:e3:6b:3b:6e:c0:49:f1:67:98:ad:a1:70:3c:26:ce:44:2c:
15:45:a3:ad:55:90:cc:75:06:05:0b:3a:35:9d:c5:6a:cb:ba:
f3:55:5d:c9:e0:c4:2c:d7:ee:04:59:51:c4:07:e9:1b:2e:b4:
88:c2:4a:a7:74:b9:bc:8e:99:36:1d:16:45:d3:26:48:99:2d:
8a:fc:86:b5:f9:09:18:f5:77:a1:4a:b9:c0:98:0a:4d:83:24:
44:11:5e:19:85:f1:69:c7:3d:2f:b8:47:61:d2:0e:de:5a:e3:
d6:3f:26:2d:a8:69:4a:8f:6b:20:7e:7d:88:4d:d5:3f:77:4b:
3d:96:9a:5a:21:23:0e:6b:8e:2d:c1:d7:1a:96:05:49:9c:d2:
0f:d7:78:10:4d:28:5b:2a:54:68:e4:65:a5:f9:d2:05:8b:0b:
1e:71:f7:b7:2a:a6:01:7d:5c:4c:d9:59:5c:29:2c:8f:79:a2:
b6:07:d6:28:3a:bc:87:6f:43:99:aa:68:86:0d:1c:64:a2:76:
70:99:97:ef:60:f1:53:b9:34:b8:d5:d6:21:43:35:b2:f2:5b:
d5:b6:a2:8e:91:61:56:69:07:06:30:3f:65:9f:76:98:e0:06:
1e:bc:2a:16
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgISAZQnSBiT/BDFTm0CDrZIkXudMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZDMyMTZjY2NjODYzZWNhMGMzZGQxODk5NDFiMWI5ZWEz
N2NhY2QwHhcNMjUwMTAyMTM1MDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjYxZDhhNGEyMmY3NDZhMmQxZmI5OGE3MjY0Mzk0NDAxYjc4NmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOpbo3JkF0+qr6NeWDHPmI1fm1do
haJBl5nNFZQvjDbDRzHgUVFnEQF0C/u+/KiWZYtEIqGHkMpV3wbJ/AAQjqoq06db
VDp4wg8SlQlmW0VYYomHzG+Jt4ElzSKaG9uEN1EMX9teyoQPFkyOmbGRZtJnqt4t
4c6y3GlEufSYHhiTkOHKecdXL/NQ2TRBbQtZntl9kN5FZMf2Dx8JZvJbRDUQwLg9
viTd7ubRluzzS3MvBrDhtNC85tvy7OUbjGcCaEkdAgbjL2SVBbQ+Lqs0gZxgUyoG
AFGT8POpA4fAITiCp8N+6P6f2n08naDLC3UQKDZbPdmebNrI5GjmFA0C3wIDAQAB
o4ICyzCCAscwHQYDVR0OBBYEFIth2KSiL3RqLR+5inJkOUQBt4bmMB8GA1UdIwQY
MBaAFKDTIWzMyGPsoMPdGJlBsbnqN8rNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0Mzgt
MGQ0NGMwNGE4NDQ4LzEvaTJIWXBLSXZkR290SDdtS2NtUTVSQUczaHVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0MzgtMGQ0NGMwNGE4NDQ4
LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHgBggrBgEFBQcBBwEB/wSB0DCBzTCBhAQCAAEwfgMEAx/P
IAMEA04Y+AMEAE6KLQMEAE6KOgMEAFPlEwMEAFvHswMEAFvYawMEAVvqwgMEArSV
xAMEAbligAMEALligwMEArliiAMEALmHhAMEALnudAMEAsCiRAMEAMElkQMEAMHL
7wMEAMJ+wQMEAcNuIgMEAtWchAMEANX/wzBEBAIAAjA+MBADBQUqAH7gAwcAKgB+
4AACAwcBKgB+4AAIAwcEKgB+4ABAAwcAKgB+4CAAAwcAKgB+4DAAAwYEKgB+4EAw
DQYJKoZIhvcNAQELBQADggEBABYSH0/Ramc9rYOVRSjr1Mo+nxHjaztuwEnxZ5it
oXA8Js5ELBVFo61VkMx1BgULOjWdxWrLuvNVXcngxCzX7gRZUcQH6RsutIjCSqd0
ubyOmTYdFkXTJkiZLYr8hrX5CRj1d6FKucCYCk2DJEQRXhmF8WnHPS+4R2HSDt5a
49Y/Ji2oaUqPayB+fYhN1T93Sz2WmlohIw5rji3B1xqWBUmc0g/XeBBNKFsqVGjk
ZaX50gWLCx5x97cqpgF9XEzZWVwpLI95orYH1ig6vIdvQ5mqaIYNHGSidnCZl+9g
8VO5NLjV1iFDNbLyW9W2oo6RYVZpBwYwP2WfdpjgBh68KhY=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:45 2025 by rpki-client