Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/6b9ee8-924b-4a31-a464-9f99c1477fbe/1/NUwDMl0uceCiZ1NG2N5fFGq-BY0.roa
File: NUwDMl0uceCiZ1NG2N5fFGq-BY0.roa (raw, json)
Hash identifier: W5ChUYN7fI8J46aNSrBpqKGe97TpyG1Z0u4eXPpkx48=
Subject key identifier: 35:4C:03:32:5D:2E:71:E0:A2:67:53:46:D8:DE:5F:14:6A:BE:05:8D
Certificate issuer: /CN=681ce4d99ba8ebb91a794abfcbdd15bde09c99f8
Certificate serial: 019427B57D7968A14679EE9AC6F275854140
Authority key identifier: 68:1C:E4:D9:9B:A8:EB:B9:1A:79:4A:BF:CB:DD:15:BD:E0:9C:99:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aBzk2Zuo67kaeUq_y90VveCcmfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/6b9ee8-924b-4a31-a464-9f99c1477fbe/1/NUwDMl0uceCiZ1NG2N5fFGq-BY0.roa
Signing time: Thu 02 Jan 2025 15:49:52 +0000
ROA not before: Thu 02 Jan 2025 15:49:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6752
IP address blocks: 46.172.224.0/19 maxlen: 19
46.172.232.0/22 maxlen: 22
46.175.156.0/22 maxlen: 22
46.175.156.0/24 maxlen: 24
46.175.157.0/24 maxlen: 24
46.175.158.0/24 maxlen: 24
46.175.159.0/24 maxlen: 24
80.80.84.0/22 maxlen: 22
80.80.84.0/24 maxlen: 24
80.80.85.0/24 maxlen: 24
80.80.92.0/22 maxlen: 22
85.94.160.0/19 maxlen: 19
85.94.160.0/22 maxlen: 22
85.94.164.0/22 maxlen: 22
85.94.168.0/22 maxlen: 22
85.94.172.0/22 maxlen: 22
85.94.176.0/22 maxlen: 22
85.94.180.0/22 maxlen: 22
85.94.184.0/22 maxlen: 22
85.94.188.0/22 maxlen: 22
89.150.2.0/23 maxlen: 23
89.150.4.0/22 maxlen: 22
89.150.8.0/22 maxlen: 22
89.150.12.0/22 maxlen: 22
91.187.64.0/19 maxlen: 19
91.187.64.0/22 maxlen: 22
91.187.68.0/22 maxlen: 22
91.187.72.0/22 maxlen: 22
91.187.76.0/22 maxlen: 22
91.187.80.0/22 maxlen: 22
91.187.83.0/24 maxlen: 24
91.187.84.0/22 maxlen: 22
91.187.88.0/22 maxlen: 22
91.187.92.0/22 maxlen: 22
91.187.93.0/24 maxlen: 24
94.125.138.0/23 maxlen: 23
94.125.140.0/23 maxlen: 23
109.111.96.0/19 maxlen: 19
109.111.96.0/22 maxlen: 22
109.111.96.0/24 maxlen: 24
109.111.100.0/22 maxlen: 22
109.111.104.0/22 maxlen: 22
109.111.108.0/22 maxlen: 22
109.111.111.0/24 maxlen: 24
109.111.112.0/22 maxlen: 22
109.111.116.0/22 maxlen: 22
109.111.120.0/22 maxlen: 22
109.111.124.0/22 maxlen: 22
185.4.52.0/22 maxlen: 22
185.33.0.0/22 maxlen: 22
185.87.36.0/22 maxlen: 22
185.87.40.0/22 maxlen: 22
185.87.44.0/22 maxlen: 22
185.87.46.0/23 maxlen: 23
185.132.200.0/22 maxlen: 22
185.194.56.0/22 maxlen: 22
185.194.59.0/24 maxlen: 24
185.247.24.0/22 maxlen: 22
188.241.26.0/23 maxlen: 23
194.158.64.0/19 maxlen: 19
194.158.64.0/22 maxlen: 22
194.158.64.0/24 maxlen: 24
194.158.68.0/22 maxlen: 22
194.158.72.0/22 maxlen: 22
194.158.72.0/23 maxlen: 23
194.158.76.0/22 maxlen: 22
194.158.78.0/24 maxlen: 24
194.158.80.0/22 maxlen: 22
194.158.84.0/22 maxlen: 22
194.158.84.0/24 maxlen: 24
194.158.85.0/24 maxlen: 24
194.158.88.0/22 maxlen: 22
194.158.92.0/22 maxlen: 22
194.158.95.0/24 maxlen: 24
2a02:8060::/31 maxlen: 31
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:7d:79:68:a1:46:79:ee:9a:c6:f2:75:85:41:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=681ce4d99ba8ebb91a794abfcbdd15bde09c99f8
Validity
Not Before: Jan 2 15:49:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=354c03325d2e71e0a2675346d8de5f146abe058d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ea:c6:e9:5d:6e:7a:89:5b:1d:32:6d:38:77:
97:fe:83:26:b1:fb:cc:ec:26:39:cc:d3:de:39:06:
30:bf:fe:9c:6d:6d:6a:6c:5a:2c:a3:34:db:0a:64:
f2:7b:97:ca:21:1b:9d:21:b0:13:98:52:ef:51:d4:
46:52:6a:bc:d2:bb:a7:a6:3b:6f:97:93:b3:b7:ad:
7c:fb:5c:55:11:c9:39:71:a3:ba:4d:cb:eb:75:95:
8e:c4:75:97:2c:0c:5a:f8:93:e7:53:af:4a:45:11:
79:f9:6f:e6:a6:13:ff:d0:ca:fb:e6:bc:13:05:e8:
71:83:ef:cf:3e:dd:28:8e:04:f6:d0:18:f8:64:dc:
e4:11:33:1c:3c:ca:e9:01:94:f1:34:7e:7f:46:cc:
4d:a3:3e:d7:b9:fe:4d:37:08:48:5a:45:49:1b:98:
9e:06:c3:d9:19:10:c9:bd:6a:ff:2c:2a:fe:dd:27:
53:77:17:ba:a4:ba:6e:2d:9c:16:c8:6f:1c:7c:23:
e0:21:98:b1:cb:65:8d:7f:e6:e6:02:16:72:73:03:
c8:e0:83:71:19:54:36:c7:93:04:0d:31:46:d4:67:
01:44:7e:c5:11:d2:45:34:ce:80:57:24:ae:67:eb:
18:ca:a0:2a:3b:f5:05:d2:8b:d9:6c:08:dc:41:58:
36:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:4C:03:32:5D:2E:71:E0:A2:67:53:46:D8:DE:5F:14:6A:BE:05:8D
X509v3 Authority Key Identifier:
keyid:68:1C:E4:D9:9B:A8:EB:B9:1A:79:4A:BF:CB:DD:15:BD:E0:9C:99:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aBzk2Zuo67kaeUq_y90VveCcmfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/6b9ee8-924b-4a31-a464-9f99c1477fbe/1/NUwDMl0uceCiZ1NG2N5fFGq-BY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/6b9ee8-924b-4a31-a464-9f99c1477fbe/1/aBzk2Zuo67kaeUq_y90VveCcmfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.172.224.0/19
46.175.156.0/22
80.80.84.0/22
80.80.92.0/22
85.94.160.0/19
89.150.2.0-89.150.15.255
91.187.64.0/19
94.125.138.0-94.125.141.255
109.111.96.0/19
185.4.52.0/22
185.33.0.0/22
185.87.36.0-185.87.47.255
185.132.200.0/22
185.194.56.0/22
185.247.24.0/22
188.241.26.0/23
194.158.64.0/19
IPv6:
2a02:8060::/31
Signature Algorithm: sha256WithRSAEncryption
18:94:c8:56:c0:7c:0a:0c:5f:d2:57:fc:7e:8d:7c:18:a9:90:
b1:c4:2d:b8:d0:fa:94:72:34:06:67:01:23:2f:f1:42:9f:2c:
97:92:20:31:8b:3b:18:f9:41:fe:c5:b4:2a:64:13:7e:17:80:
a8:07:c8:bf:2e:75:78:ca:aa:58:d1:51:36:5e:1a:9c:9c:2b:
17:2b:4c:e5:d6:27:cd:f6:65:38:9f:12:31:43:ad:46:cd:b5:
ed:78:6c:fb:f1:28:54:75:25:16:44:96:82:50:84:83:d3:bb:
28:15:89:f4:17:b9:40:f7:2c:87:53:3f:bf:7e:ac:27:4a:fd:
12:09:1a:cc:b8:97:e3:10:3e:64:60:77:ad:2b:c2:28:41:71:
b7:a2:78:94:bd:54:92:ba:3b:1e:e8:be:de:15:06:b1:ad:c2:
97:f8:45:38:e8:e3:3e:8d:c5:06:58:f2:81:49:ae:09:91:2d:
df:d6:90:3a:31:9d:38:09:75:92:f9:25:54:3a:7a:e1:43:5f:
3c:94:d3:97:57:20:bc:b0:38:29:f3:a4:2b:df:fe:28:4b:58:
ea:d0:e6:28:d6:b0:f7:d1:20:7d:4b:39:5e:2c:76:78:0e:1a:
77:58:9d:b9:2d:79:90:79:44:fa:cc:99:3a:8f:36:8e:4a:b2:
72:3e:ea:e3
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZQntX15aKFGee6axvJ1hUFAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MWNlNGQ5OWJhOGViYjkxYTc5NGFiZmNiZGQxNWJkZTA5
Yzk5ZjgwHhcNMjUwMTAyMTU0OTUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTRjMDMzMjVkMmU3MWUwYTI2NzUzNDZkOGRlNWYxNDZhYmUwNThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoerG6V1ueolbHTJtOHeX/oMmsfvM
7CY5zNPeOQYwv/6cbW1qbFosozTbCmTye5fKIRudIbATmFLvUdRGUmq80runpjtv
l5Ozt618+1xVEck5caO6TcvrdZWOxHWXLAxa+JPnU69KRRF5+W/mphP/0Mr75rwT
Behxg+/PPt0ojgT20Bj4ZNzkETMcPMrpAZTxNH5/RsxNoz7Xuf5NNwhIWkVJG5ie
BsPZGRDJvWr/LCr+3SdTdxe6pLpuLZwWyG8cfCPgIZixy2WNf+bmAhZycwPI4INx
GVQ2x5MEDTFG1GcBRH7FEdJFNM6AVySuZ+sYyqAqO/UF0ovZbAjcQVg2gQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFDVMAzJdLnHgomdTRtjeXxRqvgWNMB8GA1UdIwQY
MBaAFGgc5NmbqOu5GnlKv8vdFb3gnJn4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUJ6azJadW82N2thZVVxX3k5MFZ2ZUNjbWZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi82YjllZTgtOTI0Yi00YTMxLWE0NjQt
OWY5OWMxNDc3ZmJlLzEvTlV3RE1sMHVjZUNpWjFORzJONWZGR3EtQlkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi82YjllZTgtOTI0Yi00YTMxLWE0NjQtOWY5OWMxNDc3ZmJl
LzEvYUJ6azJadW82N2thZVVxX3k5MFZ2ZUNjbWZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBhAQCAAEwfgMEBS6s
4AMEAi6vnAMEAlBQVAMEAlBQXAMEBVVeoDAMAwQBWZYCAwQEWZYAAwQFW7tAMAwD
BAFefYoDBAFefYwDBAVtb2ADBAK5BDQDBAK5IQAwDAMEArlXJAMEBLlXIAMEArmE
yAMEArnCOAMEArn3GAMEAbzxGgMEBcKeQDANBAIAAjAHAwUBKgKAYDANBgkqhkiG
9w0BAQsFAAOCAQEAGJTIVsB8Cgxf0lf8fo18GKmQscQtuND6lHI0BmcBIy/xQp8s
l5IgMYs7GPlB/sW0KmQTfheAqAfIvy51eMqqWNFRNl4anJwrFytM5dYnzfZlOJ8S
MUOtRs217Xhs+/EoVHUlFkSWglCEg9O7KBWJ9Be5QPcsh1M/v36sJ0r9EgkazLiX
4xA+ZGB3rSvCKEFxt6J4lL1Ukro7Hui+3hUGsa3Cl/hFOOjjPo3FBljygUmuCZEt
39aQOjGdOAl1kvklVDp64UNfPJTTl1cgvLA4KfOkK9/+KEtY6tDmKNaw99EgfUs5
Xix2eA4ad1iduS15kHlE+syZOo82jkqycj7q4w==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:14 2025 by rpki-client