Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/rH0dUkpvttXveHbynJlonrKFvpA.roa
File: rH0dUkpvttXveHbynJlonrKFvpA.roa (raw, json)
Hash identifier: 9YeS4QGpXwnHcJOT1MIVhH+zR95BwcwRrqGe2FuHdU8=
Subject key identifier: AC:7D:1D:52:4A:6F:B6:D5:EF:78:76:F2:9C:99:68:9E:B2:85:BE:90
Certificate issuer: /CN=c755702467770ed69b367b77bbe640bc6db4153e
Certificate serial: 01B096CE
Authority key identifier: C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/rH0dUkpvttXveHbynJlonrKFvpA.roa
Signing time: Fri 25 Mar 2022 16:25:46 +0000
ROA not before: Fri 25 Mar 2022 16:25:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29286
IP address blocks: 5.61.192.0/21 maxlen: 21
5.61.197.0/24 maxlen: 24
5.61.193.0/24 maxlen: 24
5.61.195.0/24 maxlen: 24
95.210.0.0/22 maxlen: 22
95.210.0.0/16 maxlen: 16
95.210.94.0/24 maxlen: 24
95.210.105.0/24 maxlen: 24
88.202.0.0/17 maxlen: 17
95.210.110.0/24 maxlen: 24
95.210.36.0/24 maxlen: 24
95.210.34.0/24 maxlen: 24
95.210.68.0/24 maxlen: 24
84.254.133.0/24 maxlen: 24
95.210.192.0/20 maxlen: 20
84.254.138.0/24 maxlen: 24
84.254.143.0/24 maxlen: 24
84.254.141.0/24 maxlen: 24
84.254.150.0/24 maxlen: 24
84.254.149.0/24 maxlen: 24
84.254.151.0/24 maxlen: 24
84.254.148.0/24 maxlen: 24
84.254.152.0/24 maxlen: 24
84.254.153.0/24 maxlen: 24
88.202.121.0/24 maxlen: 24
95.210.142.0/24 maxlen: 24
5.175.64.0/20 maxlen: 20
5.175.77.0/24 maxlen: 24
176.227.128.0/20 maxlen: 20
5.175.76.0/24 maxlen: 24
88.202.66.0/24 maxlen: 24
84.254.129.0/24 maxlen: 24
84.254.128.0/24 maxlen: 24
84.254.131.0/24 maxlen: 24
84.254.128.0/18 maxlen: 18
213.209.160.0/19 maxlen: 19
2a00:ca0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28350158 (0x1b096ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c755702467770ed69b367b77bbe640bc6db4153e
Validity
Not Before: Mar 25 16:25:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ac7d1d524a6fb6d5ef7876f29c99689eb285be90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a3:f6:35:86:77:75:db:14:3e:6b:22:c0:1e:
d6:bf:9f:f0:e5:e1:5c:89:a8:6d:d5:29:98:85:ed:
d5:25:86:d4:1a:b0:8c:36:24:50:03:23:65:d3:36:
dd:a3:02:1f:a3:54:cd:56:67:89:c5:cb:0a:bf:14:
08:a3:5c:06:ca:37:35:82:d4:9f:c5:fe:ce:d5:96:
e3:ed:d7:40:e9:12:89:82:2f:96:be:bf:64:d1:97:
82:12:02:6b:d3:34:cd:8e:e9:7c:29:b6:6d:e4:b9:
0c:9f:e1:7c:c7:5a:d9:db:84:ab:4d:a5:1a:d2:34:
b2:5e:cc:86:0d:47:0a:b4:c8:21:d0:fe:4a:9d:a9:
12:57:ca:34:82:ab:02:1f:3d:c7:67:fa:a7:8a:94:
fe:92:32:f5:2c:61:13:b5:90:7e:c6:8f:ec:6f:0a:
fb:f5:ea:11:13:1e:81:60:04:05:9d:53:69:06:1a:
c4:96:05:a6:fc:4b:83:4d:13:06:cf:82:5d:48:18:
0f:73:dc:cf:c5:19:f5:c8:46:4f:4c:bc:fa:d2:4f:
db:e7:10:2a:d6:1e:07:0e:b9:c7:3a:51:84:1a:9a:
27:14:b9:93:63:36:d3:85:1d:81:0c:21:53:dc:bf:
6b:29:38:9a:ec:cd:f2:b7:b9:0c:c3:94:f7:2e:23:
6c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:7D:1D:52:4A:6F:B6:D5:EF:78:76:F2:9C:99:68:9E:B2:85:BE:90
X509v3 Authority Key Identifier:
keyid:C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/rH0dUkpvttXveHbynJlonrKFvpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/x1VwJGd3DtabNnt3u-ZAvG20FT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.192.0/21
5.175.64.0/20
84.254.128.0/18
88.202.0.0/17
95.210.0.0/16
176.227.128.0/20
213.209.160.0/19
IPv6:
2a00:ca0::/32
Signature Algorithm: sha256WithRSAEncryption
06:01:17:89:61:43:d1:c1:99:1a:87:40:ae:37:bf:c3:a3:73:
e4:66:7a:b3:54:5a:a4:58:e1:e2:5b:79:62:82:fb:49:aa:cb:
d0:42:60:1e:0d:29:28:26:67:77:0f:04:0b:81:3f:a8:18:40:
52:ad:90:20:dc:e7:45:70:ef:7b:07:57:01:c6:b9:66:fd:7d:
f3:05:18:08:b6:af:22:a4:12:9a:29:9f:75:7d:58:f0:e2:08:
fe:e4:55:84:eb:c0:91:ee:5a:b4:26:cc:06:68:a0:2e:9f:5e:
c4:ec:4a:ca:d6:2f:36:60:a4:0a:b1:9c:c1:b1:79:c3:54:e0:
8d:c2:78:99:ba:a8:13:ae:8c:86:14:3f:2e:4f:33:ba:d4:77:
21:d1:5c:15:bf:1c:00:31:8e:bb:87:53:cf:fa:b0:d2:55:35:
f0:aa:9c:ef:44:7b:b2:b3:b9:7a:58:8e:7c:9d:19:aa:02:f5:
a7:01:e8:01:8c:f3:cb:e8:02:ea:e8:15:33:d4:1d:f4:c6:6c:
3d:41:99:f7:c1:77:91:10:f4:af:9c:95:c0:a1:2a:03:35:b3:
d3:6e:40:45:56:55:e4:1b:c5:b5:8c:e0:9c:18:ec:98:42:71:
1d:dc:25:e5:ad:8a:d0:37:47:56:3b:41:90:96:96:90:2b:dd:
e3:5d:6a:81
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIEAbCWzjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NzU1NzAyNDY3NzcwZWQ2OWIzNjdiNzdiYmU2NDBiYzZkYjQxNTNlMB4XDTIyMDMy
NTE2MjU0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWM3ZDFkNTI0YTZm
YjZkNWVmNzg3NmYyOWM5OTY4OWViMjg1YmU5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALej9jWGd3XbFD5rIsAe1r+f8OXhXImobdUpmIXt1SWG1Bqw
jDYkUAMjZdM23aMCH6NUzVZnicXLCr8UCKNcBso3NYLUn8X+ztWW4+3XQOkSiYIv
lr6/ZNGXghICa9M0zY7pfCm2beS5DJ/hfMda2duEq02lGtI0sl7Mhg1HCrTIIdD+
Sp2pElfKNIKrAh89x2f6p4qU/pIy9SxhE7WQfsaP7G8K+/XqERMegWAEBZ1TaQYa
xJYFpvxLg00TBs+CXUgYD3Pcz8UZ9chGT0y8+tJP2+cQKtYeBw65xzpRhBqaJxS5
k2M204UdgQwhU9y/ayk4muzN8re5DMOU9y4jbEkCAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBSsfR1SSm+21e94dvKcmWiesoW+kDAfBgNVHSMEGDAWgBTHVXAkZ3cO1ps2
e3e75kC8bbQVPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3gxVndKR2QzRHRhYk5udDN1LVpBdkcyMEZUNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvMjQzZjkxLTg3NDctNDk4MS05Y2JmLTFkMzczNDk5OTI0ZS8x
L3JIMGRVa3B2dHRYdmVIYnluSmxvbnJLRnZwQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
MjQzZjkxLTg3NDctNDk4MS05Y2JmLTFkMzczNDk5OTI0ZS8xL3gxVndKR2QzRHRh
Yk5udDN1LVpBdkcyMEZUNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwLwQCAAEwKQMEAwU9wAMEBAWvQAMEBlT+gAMEB1jK
AAMDAF/SAwQEsOOAAwQF1dGgMA0EAgACMAcDBQAqAAygMA0GCSqGSIb3DQEBCwUA
A4IBAQAGAReJYUPRwZkah0CuN7/Do3PkZnqzVFqkWOHiW3ligvtJqsvQQmAeDSko
Jmd3DwQLgT+oGEBSrZAg3OdFcO97B1cBxrlm/X3zBRgItq8ipBKaKZ91fVjw4gj+
5FWE68CR7lq0JswGaKAun17E7ErK1i82YKQKsZzBsXnDVOCNwniZuqgTroyGFD8u
TzO61Hch0VwVvxwAMY67h1PP+rDSVTXwqpzvRHuys7l6WI58nRmqAvWnAegBjPPL
6ALq6BUz1B30xmw9QZn3wXeREPSvnJXAoSoDNbPTbkBFVlXkG8W1jOCcGOyYQnEd
3CXlrYrQN0dWO0GQlpaQK93jXWqB
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:46:22 2025 by rpki-client