Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/Dgq2MQmcdeBW7E3yejOTKfeDi2c.roa
File: Dgq2MQmcdeBW7E3yejOTKfeDi2c.roa (raw, json)
Hash identifier: 8sLXvddhB/A+0GQF+f91KB6vxQxzf10aiH1R3PIq/8I=
Subject key identifier: 0E:0A:B6:31:09:9C:75:E0:56:EC:4D:F2:7A:33:93:29:F7:83:8B:67
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01847633506F2377354B5693282A0DF0B1B5
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/Dgq2MQmcdeBW7E3yejOTKfeDi2c.roa
Signing time: Mon 14 Nov 2022 12:53:05 +0000
ROA not before: Mon 14 Nov 2022 12:53:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24767
IP address blocks: 109.188.0.0/16 maxlen: 24
46.29.192.0/21 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
77.233.160.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
85.26.128.0/17 maxlen: 24
79.171.8.0/21 maxlen: 24
81.24.128.0/20 maxlen: 24
195.78.116.0/23 maxlen: 24
78.41.100.0/22 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
83.169.192.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
94.25.128.0/17 maxlen: 24
93.153.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.162.0.0/16 maxlen: 24
188.94.168.0/21 maxlen: 24
109.74.112.0/20 maxlen: 24
46.232.200.0/21 maxlen: 24
62.64.0.0/19 maxlen: 24
78.25.64.0/18 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
80.247.176.0/20 maxlen: 24
91.193.212.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.222.192.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
46.229.128.0/20 maxlen: 24
128.204.64.0/18 maxlen: 24
95.137.0.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:76:33:50:6f:23:77:35:4b:56:93:28:2a:0d:f0:b1:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Nov 14 12:53:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0e0ab631099c75e056ec4df27a339329f7838b67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:d0:ec:42:5d:1c:8b:fa:32:84:26:c9:fb:c2:
c3:c1:2b:47:67:a2:23:95:c5:b6:b8:95:03:2a:64:
78:93:63:54:02:a3:1e:18:1f:57:2c:72:12:31:48:
98:79:5a:e6:d9:f2:9f:e3:93:21:cf:93:6e:df:38:
04:16:f7:88:2a:4e:f9:dc:b8:c9:57:b5:11:10:92:
0e:c6:12:6c:46:d3:11:f0:e0:7b:b5:8b:b7:f7:30:
1e:cb:fd:3d:f7:0b:7d:d0:02:f0:db:c5:6c:5d:ac:
be:50:cf:72:30:76:26:a7:1d:85:87:02:a9:b0:36:
b8:1d:84:8a:d6:d0:47:f4:bd:25:23:4a:b9:a2:36:
04:e6:e6:23:73:c1:df:7c:2b:1b:84:c4:e0:c6:c7:
04:3e:b4:92:ee:65:22:7f:32:17:53:aa:aa:84:c7:
c5:bb:7f:45:8d:f8:f8:41:e4:36:9b:af:17:18:03:
e0:fd:d1:0b:32:f3:e1:e8:c5:24:06:49:36:6a:26:
a4:9a:64:4a:f4:a1:5d:92:05:e6:49:b7:90:f1:82:
fa:c1:5f:b1:6e:69:cb:7a:dd:33:0a:a0:6b:4e:25:
c6:e4:38:6e:13:f5:ee:25:7b:3b:7f:41:ad:3c:cd:
6f:0b:c9:34:ac:26:0a:d3:c1:35:e9:39:4b:b0:4b:
c1:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:0A:B6:31:09:9C:75:E0:56:EC:4D:F2:7A:33:93:29:F7:83:8B:67
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/Dgq2MQmcdeBW7E3yejOTKfeDi2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.192.0/21
46.229.128.0/20
46.232.200.0/21
62.64.0.0/19
77.233.160.0/19
78.25.64.0/18
78.41.100.0/22
79.171.8.0/21
80.247.176.0/20
81.24.128.0/20
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
24:5f:b6:92:5d:07:b3:90:7d:9f:c7:d0:48:53:6b:93:e9:fa:
b1:cb:ff:f2:54:a3:63:81:03:43:90:e0:e9:d9:4a:8c:42:7e:
19:a5:95:b4:69:91:08:0f:7d:97:79:87:e7:5d:81:34:ba:05:
9f:03:ba:10:02:a7:56:fc:a6:f2:aa:bd:bb:b2:23:3a:1b:ca:
c2:79:85:a5:98:77:63:94:03:9b:65:a8:da:b4:18:ac:38:2f:
36:39:7d:9d:28:b8:82:d8:25:c6:bd:8e:69:b8:a4:21:af:24:
f9:28:7d:a4:78:49:d9:d2:03:8f:16:6a:5f:fe:f1:e7:bf:1c:
2f:ad:1d:2c:24:3c:4a:2e:5e:f1:14:2b:bc:5f:99:df:da:c3:
c9:d5:4c:33:8b:be:36:ce:b7:c6:4d:1a:75:4f:e7:ba:48:d6:
b6:3f:5b:ae:c0:c8:f3:05:b7:f1:96:d6:44:75:70:c6:a8:c6:
d9:05:9e:d9:ae:ec:e7:59:00:c6:26:ad:c0:bd:46:be:f1:7a:
db:bf:1d:e3:c3:c3:e9:72:7c:29:b7:71:42:9c:4d:1a:2e:f7:
94:95:47:b7:a3:1a:32:20:45:a9:1f:4d:a2:a2:c2:b6:ab:e4:
32:27:9a:22:23:00:33:83:ac:12:8d:8a:e4:81:6b:bd:b3:43:
13:ed:28:84
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgISAYR2M1BvI3c1S1aTKCoN8LG1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMTE0MTI1MzA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTBhYjYzMTA5OWM3NWUwNTZlYzRkZjI3YTMzOTMyOWY3ODM4YjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2tDsQl0ci/oyhCbJ+8LDwStHZ6Ij
lcW2uJUDKmR4k2NUAqMeGB9XLHISMUiYeVrm2fKf45Mhz5Nu3zgEFveIKk753LjJ
V7UREJIOxhJsRtMR8OB7tYu39zAey/099wt90ALw28VsXay+UM9yMHYmpx2FhwKp
sDa4HYSK1tBH9L0lI0q5ojYE5uYjc8HffCsbhMTgxscEPrSS7mUifzIXU6qqhMfF
u39Fjfj4QeQ2m68XGAPg/dELMvPh6MUkBkk2aiakmmRK9KFdkgXmSbeQ8YL6wV+x
bmnLet0zCqBrTiXG5DhuE/XuJXs7f0GtPM1vC8k0rCYK08E16TlLsEvBNQIDAQAB
o4IDBjCCAwIwHQYDVR0OBBYEFA4KtjEJnHXgVuxN8nozkyn3g4tnMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvRGdxMk1RbWNkZUJXN0UzeWVqT1RLZmVEaTJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGgYIKwYBBQUHAQcBAf8EggEJMIIBBTCCAQEEAgABMIH6
AwQDLh3AAwQELuWAAwQDLujIAwQFPkAAAwQFTemgAwQGThlAAwQCTilkAwQDT6sI
AwQEUPewAwQEURiAAwQGU6nAAwQFU97AAwQHU+WAAwQHVRqAAwQFVm3AAwQCW8HU
AwQHXZmAAwQHXhmAAwQHX4kAAwQEbUpwAwQGbXxAAwMAbbwDBAaAzEADBAOyF5AD
BAK5AyADBAK50owDBAO8XqgDAwC8ogMEAsHJ5AMEBcMFgAMEBcMQYAMEAcNOdAME
AMOVbwMEBcPmQAMEBdQOoAMEBdQsQAMEBdRFYAMEBdR3oAMEBdWaoAMEBdWoIAME
BtXzQAMEBNlzUDANBgkqhkiG9w0BAQsFAAOCAQEAJF+2kl0Hs5B9n8fQSFNrk+n6
scv/8lSjY4EDQ5Dg6dlKjEJ+GaWVtGmRCA99l3mH512BNLoFnwO6EAKnVvym8qq9
u7IjOhvKwnmFpZh3Y5QDm2Wo2rQYrDgvNjl9nSi4gtglxr2OabikIa8k+Sh9pHhJ
2dIDjxZqX/7x578cL60dLCQ8Si5e8RQrvF+Z39rDydVMM4u+Ns63xk0adU/nukjW
tj9brsDI8wW38ZbWRHVwxqjG2QWe2a7s51kAxiatwL1GvvF6278d48PD6XJ8Kbdx
QpxNGi73lJVHt6MaMiBFqR9NoqLCtqvkMieaIiMAM4OsEo2K5IFrvbNDE+0ohA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:26:02 2025 by rpki-client