Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/JdgLX_rDpFXbn3g6ck-3xVrnTaU.roa
File: JdgLX_rDpFXbn3g6ck-3xVrnTaU.roa (raw, json)
Hash identifier: TOSlGfMktZDLi6DZuPyngZmNUQUQKAMWa3FBKS2yrIU=
Subject key identifier: 25:D8:0B:5F:FA:C3:A4:55:DB:9F:78:3A:72:4F:B7:C5:5A:E7:4D:A5
Certificate issuer: /CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Certificate serial: 0195700AA1C25AED1707B9B521CAD2B6FA53
Authority key identifier: 65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/JdgLX_rDpFXbn3g6ck-3xVrnTaU.roa
Signing time: Fri 07 Mar 2025 09:58:19 +0000
ROA not before: Fri 07 Mar 2025 09:58:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50304
IP address blocks: 31.169.48.0/21 maxlen: 32
37.202.56.0/21 maxlen: 24
45.152.48.0/22 maxlen: 22
45.152.48.0/23 maxlen: 23
91.90.40.0/21 maxlen: 24
91.199.193.0/24 maxlen: 24
91.205.184.0/22 maxlen: 22
91.227.248.0/22 maxlen: 24
94.124.74.0/24 maxlen: 24
134.90.144.0/21 maxlen: 32
134.90.148.0/24 maxlen: 24
176.125.232.0/22 maxlen: 22
178.255.144.0/21 maxlen: 32
185.12.56.0/22 maxlen: 24
185.35.200.0/22 maxlen: 24
185.35.200.0/24 maxlen: 24
185.41.240.0/22 maxlen: 24
185.152.32.0/22 maxlen: 24
185.152.32.0/23 maxlen: 23
193.27.45.0/24 maxlen: 24
193.28.1.0/24 maxlen: 24
193.28.4.0/24 maxlen: 24
193.28.7.0/24 maxlen: 24
193.138.6.0/23 maxlen: 24
194.35.228.0/22 maxlen: 24
194.99.40.0/22 maxlen: 24
194.127.198.0/23 maxlen: 23
194.127.199.0/24 maxlen: 24
195.64.118.0/24 maxlen: 24
213.163.240.0/23 maxlen: 23
217.197.164.0/22 maxlen: 24
217.197.164.0/24 maxlen: 24
2a02:20c8::/32 maxlen: 48
2a02:ed00::/29 maxlen: 32
2a02:ed00::/32 maxlen: 32
2a02:ed01::/32 maxlen: 32
2a02:ed03::/32 maxlen: 32
2a02:ed04:100::/44 maxlen: 44
2a02:ed04:3400::/44 maxlen: 44
2a02:ed04:3580::/44 maxlen: 44
2a02:ed04:4400::/44 maxlen: 44
2a02:ed04:4500::/44 maxlen: 44
2a02:ed04:4600::/44 maxlen: 44
2a02:ed04:4700::/44 maxlen: 44
2a02:ed05::/32 maxlen: 32
2a02:ed06::/32 maxlen: 32
2a04:8d40::/29 maxlen: 32
2a07:7d80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:70:0a:a1:c2:5a:ed:17:07:b9:b5:21:ca:d2:b6:fa:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Validity
Not Before: Mar 7 09:58:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25d80b5ffac3a455db9f783a724fb7c55ae74da5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:1c:0a:ce:50:ef:cc:c1:6c:af:44:a4:ae:86:
af:cb:cc:fb:62:49:96:9c:8d:37:78:b6:4f:85:51:
d1:49:e9:03:a2:56:94:47:59:7f:b6:59:23:3c:f3:
59:54:1f:44:ee:e9:f6:2e:03:67:83:b0:39:11:b1:
4e:a7:41:5f:40:99:50:8e:f5:a1:f2:43:4b:2b:93:
0b:54:b2:ce:11:da:fc:50:83:63:aa:0f:89:0b:48:
b8:c1:30:bd:88:03:a3:18:e9:bd:7d:ab:c7:19:fb:
44:2c:79:64:4d:8a:d8:4b:88:c6:31:41:bc:bf:72:
3e:08:af:10:a4:11:3c:18:2f:06:a5:07:1c:5a:d4:
ce:b5:71:5d:0c:98:15:37:7c:25:fe:3c:16:4a:1e:
f7:d4:c8:ba:a5:9d:d2:5e:a3:5f:a0:7b:31:66:de:
40:54:be:37:a1:c4:18:bb:65:f7:55:49:ba:84:39:
4d:35:13:57:e4:ea:5a:d1:b8:cd:19:0b:d8:c3:3c:
eb:01:30:34:e2:36:a7:35:8c:54:d5:c5:d9:39:10:
e8:65:5b:d4:ab:07:6a:d4:af:8f:9e:a3:b1:97:04:
df:88:d0:50:4b:3e:3c:b1:41:ef:d0:8f:5d:9b:e3:
d6:f5:32:2b:18:1a:f3:6f:2e:36:24:a2:6c:c2:f2:
65:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:D8:0B:5F:FA:C3:A4:55:DB:9F:78:3A:72:4F:B7:C5:5A:E7:4D:A5
X509v3 Authority Key Identifier:
keyid:65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/JdgLX_rDpFXbn3g6ck-3xVrnTaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/Zb3P93vwYNXaEt5F4gcuHP9FYKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.48.0/21
37.202.56.0/21
45.152.48.0/22
91.90.40.0/21
91.199.193.0/24
91.205.184.0/22
91.227.248.0/22
94.124.74.0/24
134.90.144.0/21
176.125.232.0/22
178.255.144.0/21
185.12.56.0/22
185.35.200.0/22
185.41.240.0/22
185.152.32.0/22
193.27.45.0/24
193.28.1.0/24
193.28.4.0/24
193.28.7.0/24
193.138.6.0/23
194.35.228.0/22
194.99.40.0/22
194.127.198.0/23
195.64.118.0/24
213.163.240.0/23
217.197.164.0/22
IPv6:
2a02:20c8::/32
2a02:ed00::/29
2a04:8d40::/29
2a07:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
88:ab:86:61:c5:08:9c:30:ff:92:4c:1a:cc:54:7d:b8:0e:6c:
0a:00:7b:57:c6:7a:d1:26:df:e0:1e:a7:9f:84:cf:c0:ad:4a:
36:e3:b4:8d:f8:27:2b:4a:6c:59:b5:48:38:79:a5:d3:98:28:
3d:2c:72:76:2c:2c:4b:4f:65:d5:ff:a1:4c:d7:5a:e0:1c:6e:
58:19:40:86:52:4a:ad:31:3e:44:b7:bd:45:9f:e3:c2:c9:8b:
91:35:5d:f6:7c:3b:d1:c0:cc:ec:33:15:9c:1e:80:37:fc:bf:
01:b7:6b:4a:6e:ac:b0:11:a2:e2:6f:14:21:29:f0:7a:19:2d:
0e:8e:e1:69:8e:96:80:53:6b:82:b9:ef:01:ce:65:18:37:72:
56:5c:3e:91:87:4c:a0:fe:5f:e0:3e:9e:ba:02:43:f2:d5:33:
be:e2:5f:49:3e:a6:fd:ef:c7:7f:ed:5c:52:5a:5e:46:f0:10:
23:04:98:92:f8:11:b7:0f:a0:c6:ec:a2:6a:b0:3c:0e:5a:d3:
b4:a5:e5:3d:2a:9c:79:0d:f6:be:54:34:0e:60:ea:18:b8:34:
eb:92:25:4a:4d:25:12:d5:e7:9c:3a:92:e5:e2:c6:d4:c4:24:
ab:f2:7e:70:c7:10:09:97:39:fd:aa:86:28:52:99:2b:86:34:
41:a2:ab:ef
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAZVwCqHCWu0XB7m1IcrStvpTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YmRjZmY3N2JmMDYwZDVkYTEyZGU0NWUyMDcyZTFjZmY0
NTYwYTcwHhcNMjUwMzA3MDk1ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWQ4MGI1ZmZhYzNhNDU1ZGI5Zjc4M2E3MjRmYjdjNTVhZTc0ZGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxwKzlDvzMFsr0Skroavy8z7YkmW
nI03eLZPhVHRSekDolaUR1l/tlkjPPNZVB9E7un2LgNng7A5EbFOp0FfQJlQjvWh
8kNLK5MLVLLOEdr8UINjqg+JC0i4wTC9iAOjGOm9favHGftELHlkTYrYS4jGMUG8
v3I+CK8QpBE8GC8GpQccWtTOtXFdDJgVN3wl/jwWSh731Mi6pZ3SXqNfoHsxZt5A
VL43ocQYu2X3VUm6hDlNNRNX5Opa0bjNGQvYwzzrATA04janNYxU1cXZORDoZVvU
qwdq1K+PnqOxlwTfiNBQSz48sUHv0I9dm+PW9TIrGBrzby42JKJswvJlDwIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFCXYC1/6w6RV2594OnJPt8Va502lMB8GA1UdIwQY
MBaAFGW9z/d78GDV2hLeReIHLhz/RWCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYt
ZDcwY2Q5N2Y0ODU3LzEvSmRnTFhfckRwRlhibjNnNmNrLTN4VnJuVGFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYtZDcwY2Q5N2Y0ODU3
LzEvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBowQCAAEwgZwDBAMf
qTADBAMlyjgDBAItmDADBANbWigDBABbx8EDBAJbzbgDBAJb4/gDBABefEoDBAOG
WpADBAKwfegDBAOy/5ADBAK5DDgDBAK5I8gDBAK5KfADBAK5mCADBADBGy0DBADB
HAEDBADBHAQDBADBHAcDBAHBigYDBALCI+QDBALCYygDBAHCf8YDBADDQHYDBAHV
o/ADBALZxaQwIgQCAAIwHAMFACoCIMgDBQMqAu0AAwUDKgSNQAMFAyoHfYAwDQYJ
KoZIhvcNAQELBQADggEBAIirhmHFCJww/5JMGsxUfbgObAoAe1fGetEm3+Aep5+E
z8CtSjbjtI34JytKbFm1SDh5pdOYKD0scnYsLEtPZdX/oUzXWuAcblgZQIZSSq0x
PkS3vUWf48LJi5E1XfZ8O9HAzOwzFZwegDf8vwG3a0purLARouJvFCEp8HoZLQ6O
4WmOloBTa4K57wHOZRg3clZcPpGHTKD+X+A+nroCQ/LVM77iX0k+pv3vx3/tXFJa
XkbwECMEmJL4EbcPoMbsomqwPA5a07Sl5T0qnHkN9r5UNA5g6hi4NOuSJUpNJRLV
55w6kuXixtTEJKvyfnDHEAmXOf2qhihSmSuGNEGiq+8=
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:11:27 2025 by rpki-client