Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/00df29-5022-405e-895d-77ca89cf436a/1/8n66jbpw-c2Aqy4SU3OEjHIQ8Ng.roa
File: 8n66jbpw-c2Aqy4SU3OEjHIQ8Ng.roa (raw, json)
Hash identifier: 5aUols723XY3S6GAB1kKE/l7w8plVtAbUtwN3H30tYU=
Subject key identifier: F2:7E:BA:8D:BA:70:F9:CD:80:AB:2E:12:53:73:84:8C:72:10:F0:D8
Certificate issuer: /CN=bab5e5e601cbf5d19d10d4db476a923b3b36f827
Certificate serial: 019424B2695E3AF0D0C28A79571D15F66C77
Authority key identifier: BA:B5:E5:E6:01:CB:F5:D1:9D:10:D4:DB:47:6A:92:3B:3B:36:F8:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/urXl5gHL9dGdENTbR2qSOzs2-Cc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/00df29-5022-405e-895d-77ca89cf436a/1/8n66jbpw-c2Aqy4SU3OEjHIQ8Ng.roa
Signing time: Thu 02 Jan 2025 01:47:39 +0000
ROA not before: Thu 02 Jan 2025 01:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24904
IP address blocks: 2.59.236.0/22 maxlen: 24
45.15.60.0/22 maxlen: 24
45.83.228.0/22 maxlen: 24
81.28.192.0/20 maxlen: 24
83.243.124.0/22 maxlen: 24
92.118.96.0/22 maxlen: 24
171.22.0.0/22 maxlen: 24
178.250.208.0/21 maxlen: 24
178.250.208.64/27 maxlen: 27
178.250.208.128/28 maxlen: 28
185.4.76.0/22 maxlen: 24
185.45.32.0/22 maxlen: 24
185.66.100.0/22 maxlen: 24
185.73.232.0/22 maxlen: 24
185.109.200.0/22 maxlen: 24
185.144.44.0/22 maxlen: 24
185.164.232.0/22 maxlen: 24
185.172.232.0/22 maxlen: 22
185.172.233.0/24 maxlen: 24
185.172.234.0/24 maxlen: 24
185.200.200.0/22 maxlen: 24
185.202.60.0/22 maxlen: 24
185.207.80.0/22 maxlen: 24
185.215.12.0/22 maxlen: 24
185.216.240.0/22 maxlen: 24
185.219.204.0/22 maxlen: 24
185.229.160.0/22 maxlen: 24
185.238.4.0/22 maxlen: 24
185.251.160.0/22 maxlen: 24
194.26.150.0/23 maxlen: 24
194.29.74.0/23 maxlen: 24
194.38.32.0/22 maxlen: 24
194.147.0.0/22 maxlen: 24
2a03:4980::/32 maxlen: 32
2a03:4980::/40 maxlen: 40
2a03:4980:100::/40 maxlen: 40
2a03:4980:200::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:69:5e:3a:f0:d0:c2:8a:79:57:1d:15:f6:6c:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bab5e5e601cbf5d19d10d4db476a923b3b36f827
Validity
Not Before: Jan 2 01:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f27eba8dba70f9cd80ab2e125373848c7210f0d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:93:60:a0:4f:3c:0d:3b:cb:85:91:67:e5:04:
2c:0d:3d:2c:01:5f:fd:c2:ab:e1:91:3e:81:49:a6:
09:cc:e8:e3:99:7a:b5:0e:12:62:15:80:47:f8:78:
b7:00:aa:ae:00:e6:97:f4:b9:ce:27:cb:06:90:1f:
12:de:96:4c:2a:24:0e:cc:4a:61:fb:e1:a7:07:b6:
bc:cc:98:0a:2e:f0:89:03:6f:1c:a7:fc:9e:e3:c1:
43:83:1d:51:d9:3b:ae:8f:cc:20:1f:71:6b:2a:07:
c6:26:43:8d:39:5b:11:b3:85:4f:73:58:be:22:84:
e8:32:c8:d2:6a:48:68:cc:06:f7:c5:a8:71:63:d3:
c0:a5:e7:6e:ad:ce:0d:9d:4c:4a:88:00:f9:07:47:
11:f4:ec:53:84:46:a7:ed:de:9f:1f:13:41:53:1e:
a1:1b:84:45:e0:10:2a:10:17:24:99:00:5e:5e:b6:
91:f4:4e:78:d5:4a:89:fc:be:07:8a:96:1b:d6:03:
54:4f:83:05:46:4f:6d:43:dc:c0:2a:a1:1a:98:0c:
5b:e0:1a:95:f7:47:ad:3a:78:b5:9c:c0:93:02:a1:
9b:ab:9a:7b:c4:98:67:59:33:bd:99:3e:26:20:55:
da:b9:d2:f7:6b:c4:c8:fc:ca:ce:a1:b4:f5:0f:38:
14:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:7E:BA:8D:BA:70:F9:CD:80:AB:2E:12:53:73:84:8C:72:10:F0:D8
X509v3 Authority Key Identifier:
keyid:BA:B5:E5:E6:01:CB:F5:D1:9D:10:D4:DB:47:6A:92:3B:3B:36:F8:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/urXl5gHL9dGdENTbR2qSOzs2-Cc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/00df29-5022-405e-895d-77ca89cf436a/1/8n66jbpw-c2Aqy4SU3OEjHIQ8Ng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/00df29-5022-405e-895d-77ca89cf436a/1/urXl5gHL9dGdENTbR2qSOzs2-Cc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.236.0/22
45.15.60.0/22
45.83.228.0/22
81.28.192.0/20
83.243.124.0/22
92.118.96.0/22
171.22.0.0/22
178.250.208.0/21
185.4.76.0/22
185.45.32.0/22
185.66.100.0/22
185.73.232.0/22
185.109.200.0/22
185.144.44.0/22
185.164.232.0/22
185.172.232.0/22
185.200.200.0/22
185.202.60.0/22
185.207.80.0/22
185.215.12.0/22
185.216.240.0/22
185.219.204.0/22
185.229.160.0/22
185.238.4.0/22
185.251.160.0/22
194.26.150.0/23
194.29.74.0/23
194.38.32.0/22
194.147.0.0/22
IPv6:
2a03:4980::/32
Signature Algorithm: sha256WithRSAEncryption
7e:02:3d:af:f3:8e:67:1e:08:ab:01:fd:d3:95:19:7a:5b:34:
33:60:f7:c7:df:8a:c6:71:6f:d9:88:f4:47:d6:a5:9d:e1:4d:
f2:33:59:ca:db:ac:c8:99:32:08:39:13:3c:cb:a8:54:bd:09:
c3:e9:00:3c:bf:ef:35:b5:bc:ee:64:b2:d2:6b:7f:d9:ca:1e:
17:de:51:31:02:5b:15:25:13:87:af:b3:a6:61:22:8f:57:48:
c9:90:ff:98:0b:d5:6c:8b:1b:da:ab:e3:b6:ba:9a:df:61:22:
ec:99:de:d7:e3:39:23:a1:af:ca:1e:fe:37:f2:1c:de:c0:88:
e1:25:ee:1f:03:4a:7f:2f:23:16:ef:f2:eb:07:b1:77:47:eb:
9b:8e:a2:ad:8a:18:07:16:7e:5f:bc:59:93:5b:22:9a:af:7e:
cf:fd:97:a0:ac:0b:dc:2f:d4:25:27:75:40:54:f1:d8:6f:f9:
22:31:2c:a1:aa:06:4d:95:93:ea:a4:33:33:c3:2e:22:f2:83:
c7:25:d1:28:29:91:e6:98:8d:8a:35:35:ab:30:f7:cf:08:29:
18:6f:ee:90:1d:78:c1:b7:30:51:0e:cc:5c:26:2d:41:2e:25:
f9:fe:9a:f0:33:c3:db:ad:ad:32:5a:ae:9a:55:f9:a6:2a:76:
d1:65:ca:1d
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgISAZQksmleOvDQwop5Vx0V9mx3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYjVlNWU2MDFjYmY1ZDE5ZDEwZDRkYjQ3NmE5MjNiM2Iz
NmY4MjcwHhcNMjUwMTAyMDE0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjdlYmE4ZGJhNzBmOWNkODBhYjJlMTI1MzczODQ4YzcyMTBmMGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZNgoE88DTvLhZFn5QQsDT0sAV/9
wqvhkT6BSaYJzOjjmXq1DhJiFYBH+Hi3AKquAOaX9LnOJ8sGkB8S3pZMKiQOzEph
++GnB7a8zJgKLvCJA28cp/ye48FDgx1R2Tuuj8wgH3FrKgfGJkONOVsRs4VPc1i+
IoToMsjSakhozAb3xahxY9PApedurc4NnUxKiAD5B0cR9OxThEan7d6fHxNBUx6h
G4RF4BAqEBckmQBeXraR9E541UqJ/L4HipYb1gNUT4MFRk9tQ9zAKqEamAxb4BqV
90etOni1nMCTAqGbq5p7xJhnWTO9mT4mIFXaudL3a8TI/MrOobT1DzgUuQIDAQAB
o4ICxTCCAsEwHQYDVR0OBBYEFPJ+uo26cPnNgKsuElNzhIxyEPDYMB8GA1UdIwQY
MBaAFLq15eYBy/XRnRDU20dqkjs7NvgnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXJYbDVnSEw5ZEdkRU5UYlIycVNPenMyLUNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8wMGRmMjktNTAyMi00MDVlLTg5NWQt
NzdjYTg5Y2Y0MzZhLzEvOG42NmpicHctYzJBcXk0U1UzT0VqSElROE5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8wMGRmMjktNTAyMi00MDVlLTg5NWQtNzdjYTg5Y2Y0MzZh
LzEvdXJYbDVnSEw5ZEdkRU5UYlIycVNPenMyLUNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHaBggrBgEFBQcBBwEB/wSByjCBxzCBtQQCAAEwga4DBAIC
O+wDBAItDzwDBAItU+QDBARRHMADBAJT83wDBAJcdmADBAKrFgADBAOy+tADBAK5
BEwDBAK5LSADBAK5QmQDBAK5SegDBAK5bcgDBAK5kCwDBAK5pOgDBAK5rOgDBAK5
yMgDBAK5yjwDBAK5z1ADBAK51wwDBAK52PADBAK528wDBAK55aADBAK57gQDBAK5
+6ADBAHCGpYDBAHCHUoDBALCJiADBALCkwAwDQQCAAIwBwMFACoDSYAwDQYJKoZI
hvcNAQELBQADggEBAH4CPa/zjmceCKsB/dOVGXpbNDNg98ffisZxb9mI9EfWpZ3h
TfIzWcrbrMiZMgg5EzzLqFS9CcPpADy/7zW1vO5kstJrf9nKHhfeUTECWxUlE4ev
s6ZhIo9XSMmQ/5gL1WyLG9qr47a6mt9hIuyZ3tfjOSOhr8oe/jfyHN7AiOEl7h8D
Sn8vIxbv8usHsXdH65uOoq2KGAcWfl+8WZNbIpqvfs/9l6CsC9wv1CUndUBU8dhv
+SIxLKGqBk2Vk+qkMzPDLiLyg8cl0SgpkeaYjYo1Nasw988IKRhv7pAdeMG3MFEO
zFwmLUEuJfn+mvAzw9utrTJarppV+aYqdtFlyh0=
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:09:25 2025 by rpki-client