Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/3WJeg6aODZ4jKBFMwCs7HPu_5w0.roa
File: 3WJeg6aODZ4jKBFMwCs7HPu_5w0.roa (raw, json)
Hash identifier: +Y+PkSo1s2xsOscMpO/zBNz4rBs1zYLsMj3ECLxypUs=
Subject key identifier: DD:62:5E:83:A6:8E:0D:9E:23:28:11:4C:C0:2B:3B:1C:FB:BF:E7:0D
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018506171B802EAA8A89E37851480332D1AA
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/3WJeg6aODZ4jKBFMwCs7HPu_5w0.roa
Signing time: Mon 12 Dec 2022 11:27:35 +0000
ROA not before: Mon 12 Dec 2022 11:27:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31213
IP address blocks: 85.26.128.0/20 maxlen: 20
85.26.208.0/22 maxlen: 22
85.26.212.0/22 maxlen: 22
109.188.128.0/17 maxlen: 17
85.26.216.0/22 maxlen: 22
85.26.220.0/22 maxlen: 22
188.170.80.0/21 maxlen: 21
78.25.120.0/22 maxlen: 22
188.170.92.0/22 maxlen: 22
37.28.160.0/21 maxlen: 21
85.26.248.0/22 maxlen: 22
85.26.252.0/22 maxlen: 22
37.28.168.0/21 maxlen: 21
78.25.96.0/21 maxlen: 21
78.25.104.0/22 maxlen: 22
188.170.68.0/24 maxlen: 24
188.170.65.0/24 maxlen: 24
188.170.66.0/24 maxlen: 24
188.170.67.0/24 maxlen: 24
78.25.108.0/22 maxlen: 22
188.170.72.0/21 maxlen: 21
94.25.228.0/23 maxlen: 23
94.25.232.0/21 maxlen: 21
37.29.71.0/24 maxlen: 24
37.29.68.0/23 maxlen: 23
37.29.70.0/24 maxlen: 24
83.149.0.0/21 maxlen: 21
128.204.74.0/24 maxlen: 24
128.204.75.0/24 maxlen: 24
94.25.208.0/22 maxlen: 22
37.29.48.0/21 maxlen: 21
188.162.64.0/23 maxlen: 23
37.29.56.0/21 maxlen: 21
94.25.216.0/21 maxlen: 21
94.25.224.0/21 maxlen: 21
37.29.64.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:06:17:1b:80:2e:aa:8a:89:e3:78:51:48:03:32:d1:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 11:27:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd625e83a68e0d9e2328114cc02b3b1cfbbfe70d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:61:0f:59:40:5b:69:b3:ba:06:43:d5:b6:80:
f7:a3:da:95:7a:5a:01:10:c5:f6:f4:ae:99:a6:21:
7c:ac:62:0c:44:11:1b:f0:c9:3f:62:b0:91:3a:01:
9c:fc:f8:e4:f7:13:18:69:af:ab:1b:a7:b3:7f:d1:
05:0a:f9:e5:9a:25:7b:c8:e5:54:2d:36:99:55:02:
4c:7f:da:d8:c7:30:a3:19:fc:19:f6:ac:b6:82:b4:
e3:0f:8e:3c:84:83:60:3c:2c:a7:85:33:b3:ce:43:
f8:94:6a:1b:bf:61:f6:7c:f4:f0:be:80:b3:53:1b:
13:24:ac:03:d5:09:f7:90:69:b9:93:5e:0e:54:a8:
dc:43:3d:a0:2c:05:96:dd:64:6e:79:d0:6a:1d:91:
87:12:8e:c1:14:38:f1:ba:fd:7c:b3:3a:f3:c0:a9:
4c:28:58:1d:18:82:de:d5:de:72:14:c7:2f:d5:e5:
4e:e9:be:bf:fa:24:c5:4a:ae:93:96:48:35:70:5b:
41:8a:86:a9:2b:7b:a0:a1:42:3b:a8:b0:11:11:5d:
3a:1a:01:08:7b:ac:43:08:77:b0:0e:83:4f:95:84:
e4:d8:28:9e:d1:45:59:b6:67:2e:c7:32:17:a8:17:
97:71:19:29:02:06:fe:d1:92:3b:6e:73:f0:11:e5:
0d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:62:5E:83:A6:8E:0D:9E:23:28:11:4C:C0:2B:3B:1C:FB:BF:E7:0D
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/3WJeg6aODZ4jKBFMwCs7HPu_5w0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.28.160.0/20
37.29.48.0-37.29.71.255
78.25.96.0/20
78.25.120.0/22
83.149.0.0/21
85.26.128.0/20
85.26.208.0/20
85.26.248.0/21
94.25.208.0/22
94.25.216.0-94.25.239.255
109.188.128.0/17
128.204.74.0/23
188.162.64.0/23
188.170.65.0-188.170.68.255
188.170.72.0-188.170.87.255
188.170.92.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:e6:8d:8e:58:5e:14:1e:e2:82:e0:2e:a1:51:45:8e:11:32:
cd:77:a5:4b:bb:89:3f:5e:f0:22:01:78:22:1a:f9:7a:18:fe:
84:a4:5a:a0:79:46:cd:09:cd:4a:bf:1d:97:f9:4a:1d:8a:b9:
03:a4:9e:11:2f:32:40:df:e0:8a:57:81:e7:09:79:28:e2:54:
b4:02:3a:87:fd:1e:e4:fb:dc:3a:e4:d8:2e:71:24:99:61:f2:
cb:ea:be:71:9b:8b:62:8c:77:28:8c:b7:39:85:a5:38:20:c0:
bb:10:31:87:8c:6a:6c:1f:94:4c:22:ab:cf:b2:bd:d5:b8:fe:
21:57:4b:49:92:cf:9a:ec:f8:1c:4c:42:a3:b2:11:c1:c8:6a:
95:a3:6e:c2:d3:3d:79:c2:1a:17:54:e1:b5:95:f3:de:cb:bd:
c5:b9:ae:50:d3:6a:7c:bb:06:a3:8b:8a:c3:58:ea:e5:19:73:
ef:83:17:62:db:cd:66:77:56:4b:a4:f4:ca:7b:ef:33:71:c6:
5f:a2:7b:e3:04:ff:76:d0:9e:71:3d:26:99:5f:1c:6e:b6:47:
fc:f7:2a:17:80:7a:07:01:5f:aa:c7:d7:8f:9a:2a:de:6a:4e:
24:e0:5e:a5:d6:c6:29:22:48:18:28:9f:fa:a1:df:3f:80:67:
4e:11:d7:55
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYUGFxuALqqKieN4UUgDMtGqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMTEyNzM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDYyNWU4M2E2OGUwZDllMjMyODExNGNjMDJiM2IxY2ZiYmZlNzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWEPWUBbabO6BkPVtoD3o9qVeloB
EMX29K6ZpiF8rGIMRBEb8Mk/YrCROgGc/Pjk9xMYaa+rG6ezf9EFCvnlmiV7yOVU
LTaZVQJMf9rYxzCjGfwZ9qy2grTjD448hINgPCynhTOzzkP4lGobv2H2fPTwvoCz
UxsTJKwD1Qn3kGm5k14OVKjcQz2gLAWW3WRuedBqHZGHEo7BFDjxuv18szrzwKlM
KFgdGILe1d5yFMcv1eVO6b6/+iTFSq6Tlkg1cFtBioapK3ugoUI7qLAREV06GgEI
e6xDCHewDoNPlYTk2Cie0UVZtmcuxzIXqBeXcRkpAgb+0ZI7bnPwEeUNWwIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFN1iXoOmjg2eIygRTMArOxz7v+cNMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvM1dKZWc2YU9EWjRqS0JGTXdDczdIUHVfNXcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBAQl
HKAwDAMEBCUdMAMEAyUdQAMEBE4ZYAMEAk4ZeAMEA1OVAAMEBFUagAMEBFUa0AME
A1Ua+AMEAl4Z0DAMAwQDXhnYAwQEXhngAwQHbbyAAwQBgMxKAwQBvKJAMAwDBAC8
qkEDBAC8qkQwDAMEA7yqSAMEA7yqUAMEAryqXDANBgkqhkiG9w0BAQsFAAOCAQEA
L+aNjlheFB7iguAuoVFFjhEyzXelS7uJP17wIgF4Ihr5ehj+hKRaoHlGzQnNSr8d
l/lKHYq5A6SeES8yQN/gileB5wl5KOJUtAI6h/0e5PvcOuTYLnEkmWHyy+q+cZuL
Yox3KIy3OYWlOCDAuxAxh4xqbB+UTCKrz7K91bj+IVdLSZLPmuz4HExCo7IRwchq
laNuwtM9ecIaF1ThtZXz3su9xbmuUNNqfLsGo4uKw1jq5Rlz74MXYtvNZndWS6T0
ynvvM3HGX6J74wT/dtCecT0mmV8cbrZH/PcqF4B6BwFfqsfXj5oq3mpOJOBepdbG
KSJIGCif+qHfP4BnThHXVQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:23:35 2025 by rpki-client