Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/pJqKHxxM79sKVc4Oj-Y6SjvHiPs.roa
File: pJqKHxxM79sKVc4Oj-Y6SjvHiPs.roa (raw, json)
Hash identifier: P0DmWqdou0O2gAm2pxdA80BLq+DacnWOC8eW5gpogPE=
Subject key identifier: A4:9A:8A:1F:1C:4C:EF:DB:0A:55:CE:0E:8F:E6:3A:4A:3B:C7:88:FB
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019447ABF461E8A41FBD6536E464F2C4D322
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/pJqKHxxM79sKVc4Oj-Y6SjvHiPs.roa
Signing time: Wed 08 Jan 2025 20:47:19 +0000
ROA not before: Wed 08 Jan 2025 20:47:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 45.89.66.0/24 maxlen: 24
45.89.67.0/24 maxlen: 24
45.128.176.0/22 maxlen: 22
45.128.176.0/24 maxlen: 24
45.128.177.0/24 maxlen: 24
45.128.178.0/24 maxlen: 24
45.128.179.0/24 maxlen: 24
45.132.252.0/24 maxlen: 24
45.133.247.0/24 maxlen: 24
91.217.80.0/24 maxlen: 24
94.142.136.0/21 maxlen: 21
94.142.139.0/24 maxlen: 24
94.142.140.0/24 maxlen: 24
94.142.141.0/24 maxlen: 24
94.142.142.0/24 maxlen: 24
103.82.103.0/24 maxlen: 24
185.5.248.0/22 maxlen: 22
185.5.248.0/23 maxlen: 23
185.5.250.0/23 maxlen: 23
185.5.250.0/24 maxlen: 24
185.58.204.0/22 maxlen: 22
185.58.207.0/24 maxlen: 24
185.87.48.0/22 maxlen: 22
185.87.48.0/24 maxlen: 24
185.87.49.0/24 maxlen: 24
185.87.50.0/24 maxlen: 24
185.87.51.0/24 maxlen: 24
185.105.116.0/24 maxlen: 24
185.105.117.0/24 maxlen: 24
185.117.152.0/22 maxlen: 22
185.125.216.0/22 maxlen: 22
185.125.218.0/23 maxlen: 23
185.125.229.0/24 maxlen: 24
185.125.231.0/24 maxlen: 24
185.200.188.0/24 maxlen: 24
193.109.85.0/24 maxlen: 24
193.124.176.0/20 maxlen: 20
193.124.176.0/21 maxlen: 21
193.124.176.0/22 maxlen: 22
193.124.176.0/24 maxlen: 24
193.124.177.0/24 maxlen: 24
193.124.178.0/24 maxlen: 24
193.124.179.0/24 maxlen: 24
193.124.180.0/24 maxlen: 24
193.124.181.0/24 maxlen: 24
193.124.182.0/24 maxlen: 24
193.124.183.0/24 maxlen: 24
193.124.184.0/21 maxlen: 21
193.124.184.0/24 maxlen: 24
193.124.189.0/24 maxlen: 24
193.124.191.0/24 maxlen: 24
193.168.224.0/24 maxlen: 24
194.67.192.0/19 maxlen: 19
194.67.194.0/23 maxlen: 23
194.67.196.0/22 maxlen: 22
194.67.200.0/21 maxlen: 21
194.67.202.0/24 maxlen: 24
194.67.203.0/24 maxlen: 24
194.67.204.0/22 maxlen: 22
194.67.208.0/20 maxlen: 20
195.47.250.0/24 maxlen: 24
2a0a:9300::/48 maxlen: 48
2a0a:9300:2::/48 maxlen: 48
2a0a:9300:d0::/48 maxlen: 48
2a0a:9300:d1::/48 maxlen: 48
2a0a:9300:d2::/48 maxlen: 48
2a0a:9301::/48 maxlen: 48
2a0a:9301:1::/48 maxlen: 48
2a0a:9301:2::/48 maxlen: 48
2a0a:9302::/32 maxlen: 32
2a0a:9302:1::/48 maxlen: 48
2a0b:7780::/29 maxlen: 29
2a0c:77c0::/32 maxlen: 32
2a0d:3880::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:47:ab:f4:61:e8:a4:1f:bd:65:36:e4:64:f2:c4:d3:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 8 20:47:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a49a8a1f1c4cefdb0a55ce0e8fe63a4a3bc788fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:52:6f:d0:be:c4:92:e4:f8:6c:e1:0a:24:a3:
ec:29:48:02:84:78:60:05:14:3f:c8:76:ad:dd:d2:
77:12:7d:15:dc:cd:8b:c1:d6:f9:1a:6f:7d:82:34:
11:83:fd:9c:c8:48:59:1c:84:53:e9:ac:68:d8:70:
4e:72:e6:66:c5:1e:2e:d9:4c:42:d0:d2:6f:3c:3a:
23:9d:09:3d:f6:c0:dc:83:ad:f4:a5:be:6d:88:c4:
35:28:2a:06:d3:60:56:14:00:8a:4c:4f:42:58:62:
ba:5c:a8:62:67:92:e3:03:d6:40:9e:a1:d4:c9:04:
b1:85:b0:56:e0:df:ba:d4:7f:a4:cf:8f:2d:fb:b8:
ec:c8:f3:ba:7f:54:e6:5f:c5:68:b8:5d:cf:9e:d8:
19:be:7f:5d:38:28:61:67:0a:61:2d:79:94:2c:69:
10:0e:7d:2f:a3:3a:93:16:73:63:17:77:63:87:1f:
a7:b6:15:52:59:3d:0f:08:38:87:03:03:41:e0:06:
16:50:e5:7d:4a:7b:42:83:93:92:21:67:88:d1:3b:
a6:45:4f:a4:28:c2:8e:32:48:30:19:bd:b0:4d:b7:
f0:f6:cc:5e:50:df:40:cf:d8:c5:9f:c4:25:07:b8:
ff:02:d9:1b:cb:89:cd:c1:f8:67:8f:34:1f:7f:aa:
92:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:9A:8A:1F:1C:4C:EF:DB:0A:55:CE:0E:8F:E6:3A:4A:3B:C7:88:FB
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/pJqKHxxM79sKVc4Oj-Y6SjvHiPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.66.0/23
45.128.176.0/22
45.132.252.0/24
45.133.247.0/24
91.217.80.0/24
94.142.136.0/21
103.82.103.0/24
185.5.248.0/22
185.58.204.0/22
185.87.48.0/22
185.105.116.0/23
185.117.152.0/22
185.125.216.0/22
185.125.229.0/24
185.125.231.0/24
185.200.188.0/24
193.109.85.0/24
193.124.176.0/20
193.168.224.0/24
194.67.192.0/19
195.47.250.0/24
IPv6:
2a0a:9300::/48
2a0a:9300:2::/48
2a0a:9300:d0::-2a0a:9300:d2:ffff:ffff:ffff:ffff:ffff
2a0a:9301::-2a0a:9301:2:ffff:ffff:ffff:ffff:ffff
2a0a:9302::/32
2a0b:7780::/29
2a0c:77c0::/32
2a0d:3880::/29
Signature Algorithm: sha256WithRSAEncryption
12:86:82:9e:be:51:ab:0d:a0:78:c2:46:0b:a9:04:da:1c:9b:
92:81:6c:d4:c8:69:1d:c4:98:f7:b3:cf:e3:04:4d:12:59:16:
87:91:91:81:bb:f8:50:eb:12:8a:cd:d0:c9:c8:a7:37:62:c1:
6d:cd:28:dd:35:01:cf:31:3a:c6:1c:c2:2c:8e:73:a3:39:cc:
8d:c5:e3:74:7f:65:45:db:41:7c:27:5c:6f:c0:f2:50:96:30:
55:36:0c:90:5a:e1:01:dc:f3:c2:5d:65:b0:d3:62:4a:27:17:
cd:3f:9a:73:3a:0d:dc:26:d6:0e:cd:80:da:ef:74:4d:12:b4:
cf:c7:f8:17:42:fc:72:93:8a:e0:88:f5:26:1f:9f:07:d6:ef:
c3:5e:41:c5:d5:13:5f:12:56:aa:9e:b6:7a:14:12:2c:3d:40:
a6:57:64:67:a6:ac:93:a5:8e:aa:8a:4c:2a:13:b0:80:38:ce:
13:9e:1a:c6:35:f1:71:0f:1e:1f:36:4f:57:0b:3b:df:80:03:
fd:68:b0:3c:a8:07:55:08:c5:95:b4:da:2e:0c:3e:f2:b4:e7:
d0:55:dd:8b:fc:ab:24:87:36:eb:17:f1:4d:17:6a:24:3b:de:
8d:b5:69:1b:74:12:41:af:46:7f:d3:d1:1e:8d:b9:ac:3a:99:
d4:0f:c0:ee
-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgISAZRHq/Rh6KQfvWU25GTyxNMiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwMTA4MjA0NzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDlhOGExZjFjNGNlZmRiMGE1NWNlMGU4ZmU2M2E0YTNiYzc4OGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVJv0L7EkuT4bOEKJKPsKUgChHhg
BRQ/yHat3dJ3En0V3M2Lwdb5Gm99gjQRg/2cyEhZHIRT6axo2HBOcuZmxR4u2UxC
0NJvPDojnQk99sDcg630pb5tiMQ1KCoG02BWFACKTE9CWGK6XKhiZ5LjA9ZAnqHU
yQSxhbBW4N+61H+kz48t+7jsyPO6f1TmX8VouF3PntgZvn9dOChhZwphLXmULGkQ
Dn0vozqTFnNjF3djhx+nthVSWT0PCDiHAwNB4AYWUOV9SntCg5OSIWeI0TumRU+k
KMKOMkgwGb2wTbfw9sxeUN9Az9jFn8QlB7j/Atkby4nNwfhnjzQff6qSwwIDAQAB
o4IC4TCCAt0wHQYDVR0OBBYEFKSaih8cTO/bClXODo/mOko7x4j7MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvcEpxS0h4eE03OXNLVmM0T2otWTZTanZIaVBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH2BggrBgEFBQcBBwEB/wSB5jCB4zCBhAQCAAEwfgMEAS1Z
QgMEAi2AsAMEAC2E/AMEAC2F9wMEAFvZUAMEA16OiAMEAGdSZwMEArkF+AMEArk6
zAMEArlXMAMEAblpdAMEArl1mAMEArl92AMEALl95QMEALl95wMEALnIvAMEAMFt
VQMEBMF8sAMEAMGo4AMEBcJDwAMEAMMv+jBaBAIAAjBUAwcAKgqTAAAAAwcAKgqT
AAACMBIDBwQqCpMAANADBwAqCpMAANIwEAMFACoKkwEDBwAqCpMBAAIDBQAqCpMC
AwUDKgt3gAMFACoMd8ADBQMqDTiAMA0GCSqGSIb3DQEBCwUAA4IBAQAShoKevlGr
DaB4wkYLqQTaHJuSgWzUyGkdxJj3s8/jBE0SWRaHkZGBu/hQ6xKKzdDJyKc3YsFt
zSjdNQHPMTrGHMIsjnOjOcyNxeN0f2VF20F8J1xvwPJQljBVNgyQWuEB3PPCXWWw
02JKJxfNP5pzOg3cJtYOzYDa73RNErTPx/gXQvxyk4rgiPUmH58H1u/DXkHF1RNf
ElaqnrZ6FBIsPUCmV2RnpqyTpY6qikwqE7CAOM4TnhrGNfFxDx4fNk9XCzvfgAP9
aLA8qAdVCMWVtNouDD7ytOfQVd2L/KskhzbrF/FNF2okO96NtWkbdBJBr0Z/09Ee
jbmsOpnUD8Du
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:47:55 2025 by rpki-client