Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/1-OKaEnxDymRs-R9RAGqFbW6404Q.roa
File: 1-OKaEnxDymRs-R9RAGqFbW6404Q.roa (raw, json)
Hash identifier: zKA1XFcgcE0i4UtaNgeYRJ57sqRQC88NGoxxDPdnsHA=
Subject key identifier: F8:E2:9A:12:7C:43:CA:64:6C:F9:1F:51:00:6A:85:6D:6E:B8:D3:84
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018476334D8BC8BBCD74D3629568509312BC
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/1-OKaEnxDymRs-R9RAGqFbW6404Q.roa
Signing time: Mon 14 Nov 2022 12:53:04 +0000
ROA not before: Mon 14 Nov 2022 12:53:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6854
IP address blocks: 109.188.0.0/16 maxlen: 24
46.29.192.0/21 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
77.233.160.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
85.26.128.0/17 maxlen: 24
79.171.8.0/21 maxlen: 24
81.24.128.0/20 maxlen: 24
78.41.100.0/22 maxlen: 24
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
83.169.192.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
93.153.128.0/17 maxlen: 24
94.25.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.94.168.0/21 maxlen: 24
188.162.0.0/16 maxlen: 24
109.74.112.0/20 maxlen: 24
46.232.200.0/21 maxlen: 24
80.253.0.0/20 maxlen: 20
62.64.0.0/19 maxlen: 24
78.25.64.0/18 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
80.247.176.0/20 maxlen: 24
91.193.212.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.222.192.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
46.229.128.0/20 maxlen: 24
128.204.64.0/18 maxlen: 24
95.137.0.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:76:33:4d:8b:c8:bb:cd:74:d3:62:95:68:50:93:12:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Nov 14 12:53:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f8e29a127c43ca646cf91f51006a856d6eb8d384
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a2:25:dc:00:7b:98:18:17:38:4c:c7:6f:72:
3c:b6:05:c8:a0:9e:1e:19:d1:39:1d:98:b9:94:8e:
24:71:63:63:28:14:c7:f9:e5:92:da:32:d8:c1:88:
b8:da:53:a1:03:36:3e:2d:43:6e:c7:0d:e6:49:ea:
3c:ae:f3:a6:31:1e:69:64:1a:b6:0a:67:7b:9a:c5:
1d:52:b7:bd:12:53:99:09:53:ea:9f:3d:05:a3:ca:
a5:3d:1e:b0:81:61:68:10:62:d3:6f:8a:26:18:58:
fc:0c:6e:98:77:20:8f:fb:a6:f5:6a:87:e9:c8:0a:
b7:a3:f1:8b:b0:2f:7d:67:0d:db:5d:1f:db:23:91:
ac:a7:41:90:44:5a:08:cd:65:2d:59:19:f4:9c:64:
ae:c4:00:c1:e7:06:b3:ab:e0:f4:e4:d8:da:da:cc:
15:c6:ca:bc:4f:5b:ac:c1:fb:7c:62:25:b4:df:3c:
53:dd:21:52:ed:6f:5f:7c:09:d7:4e:0f:ca:4c:22:
58:f2:8d:c0:ae:69:33:e8:79:2c:2b:86:d3:55:42:
c2:d9:34:4e:7a:f2:fe:43:16:cd:4d:61:12:f7:5f:
53:b2:59:94:7b:f3:41:0a:58:12:07:9e:a7:61:72:
0f:45:a9:52:60:1b:f1:db:74:13:f2:3a:30:74:f8:
b0:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:E2:9A:12:7C:43:CA:64:6C:F9:1F:51:00:6A:85:6D:6E:B8:D3:84
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/1-OKaEnxDymRs-R9RAGqFbW6404Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.192.0/21
46.229.128.0/20
46.232.200.0/21
62.64.0.0/19
77.233.160.0/19
78.25.64.0/18
78.41.100.0/22
79.171.8.0/21
80.247.176.0/20
80.253.0.0/20
81.24.128.0/20
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
98:74:9c:d3:81:db:8d:43:36:ce:55:54:e6:b6:d6:4a:93:0f:
0b:df:02:b2:17:64:88:68:2a:f5:11:00:93:c1:f5:6d:e5:59:
cf:6f:b6:c1:66:87:1b:63:49:06:a2:95:fb:f1:4f:ce:78:34:
d3:55:52:62:ae:16:99:7f:48:85:b8:80:e6:fc:1e:44:c6:70:
4a:85:48:65:90:3e:4a:53:4b:19:52:b0:c6:fb:a2:be:7f:6c:
5b:42:36:1a:5c:06:7d:5f:46:9c:ca:e1:eb:1b:62:b6:ca:f8:
07:2a:6c:70:93:70:02:72:9b:bb:6e:de:20:18:c8:a4:cf:7a:
39:62:a8:a4:d6:a6:99:12:7d:f2:43:4d:c5:ac:4e:ea:32:59:
bd:0d:20:77:71:e7:d6:86:e4:e2:82:9a:6e:ba:9b:c5:7c:6e:
78:11:e2:a3:7f:28:4b:3e:57:31:a9:af:96:71:48:3a:39:ed:
92:2c:0f:8d:84:b2:76:36:81:e7:44:3c:1a:26:89:03:bd:98:
af:af:76:bc:fc:10:a9:1d:13:e2:2c:cf:b0:37:18:9a:0a:31:
f0:2f:c5:5f:da:70:15:6e:08:94:fb:58:94:ba:cb:72:4e:02:
a2:26:ef:d8:2d:3f:62:df:41:c4:86:be:9d:3b:0c:e1:72:3d:
22:78:59:d9
-----BEGIN CERTIFICATE-----
MIIGAjCCBOqgAwIBAgISAYR2M02LyLvNdNNilWhQkxK8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMTE0MTI1MzA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGUyOWExMjdjNDNjYTY0NmNmOTFmNTEwMDZhODU2ZDZlYjhkMzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKIl3AB7mBgXOEzHb3I8tgXIoJ4e
GdE5HZi5lI4kcWNjKBTH+eWS2jLYwYi42lOhAzY+LUNuxw3mSeo8rvOmMR5pZBq2
Cmd7msUdUre9ElOZCVPqnz0Fo8qlPR6wgWFoEGLTb4omGFj8DG6YdyCP+6b1aofp
yAq3o/GLsC99Zw3bXR/bI5Gsp0GQRFoIzWUtWRn0nGSuxADB5wazq+D05Nja2swV
xsq8T1uswft8YiW03zxT3SFS7W9ffAnXTg/KTCJY8o3Armkz6HksK4bTVULC2TRO
evL+QxbNTWES919TslmUe/NBClgSB56nYXIPRalSYBvx23QT8jowdPiwYQIDAQAB
o4IDDjCCAwowHQYDVR0OBBYEFPjimhJ8Q8pkbPkfUQBqhW1uuNOEMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvMS1PS2FFbnhEeW1Scy1SOVJBR3FGYlc2NDA0US5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzcvOWNmZjdjLWYwNWEtNGUwMi1iZWE3LTg5ZTU2YzgwZDFk
MC8xL2t0ZkNvUWN0YzFCNjJfWlFmZWFLcXNBWGhjQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCASEGCCsGAQUFBwEHAQH/BIIBEDCCAQwwggEIBAIAATCC
AQADBAMuHcADBAQu5YADBAMu6MgDBAU+QAADBAVN6aADBAZOGUADBAJOKWQDBANP
qwgDBARQ97ADBARQ/QADBARRGIADBAZTqcADBAVT3sADBAdT5YADBAdVGoADBAVW
bcADBAJbwdQDBAddmYADBAdeGYADBAdfiQADBARtSnADBAZtfEADAwBtvAMEBoDM
QAMEA7IXkAMEArkDIAMEArnSjAMEA7xeqAMDALyiAwQCwcnkAwQFwwWAAwQFwxBg
AwQBw050AwQAw5VvAwQFw+ZAAwQF1A6gAwQF1CxAAwQF1EVgAwQF1HegAwQF1Zqg
AwQF1aggAwQG1fNAAwQE2XNQMA0GCSqGSIb3DQEBCwUAA4IBAQCYdJzTgduNQzbO
VVTmttZKkw8L3wKyF2SIaCr1EQCTwfVt5VnPb7bBZocbY0kGopX78U/OeDTTVVJi
rhaZf0iFuIDm/B5ExnBKhUhlkD5KU0sZUrDG+6K+f2xbQjYaXAZ9X0acyuHrG2K2
yvgHKmxwk3ACcpu7bt4gGMikz3o5Yqik1qaZEn3yQ03FrE7qMlm9DSB3cefWhuTi
gppuupvFfG54EeKjfyhLPlcxqa+WcUg6Oe2SLA+NhLJ2NoHnRDwaJokDvZivr3a8
/BCpHRPiLM+wNxiaCjHwL8Vf2nAVbgiU+1iUustyTgKiJu/YLT9i30HEhr6dOwzh
cj0ieFnZ
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:28:22 2025 by rpki-client