Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/XY0zrm1xYuwIY7Dk2u1XlfXZOAo.roa
File: XY0zrm1xYuwIY7Dk2u1XlfXZOAo.roa (raw, json)
Hash identifier: EKyjB1RD2DJBXE4AYTFu8RkecpVYRk2qtnqzXXG8yWE=
Subject key identifier: 5D:8D:33:AE:6D:71:62:EC:08:63:B0:E4:DA:ED:57:95:F5:D9:38:0A
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184C3EFCE18D4FFAB62ED0CFF7739A75C3E
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/XY0zrm1xYuwIY7Dk2u1XlfXZOAo.roa
Signing time: Tue 29 Nov 2022 15:09:43 +0000
ROA not before: Tue 29 Nov 2022 15:09:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35298
IP address blocks: 109.188.0.0/16 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.16.96.0/19 maxlen: 24
77.233.160.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
85.26.128.0/17 maxlen: 24
81.24.128.0/20 maxlen: 24
79.171.8.0/21 maxlen: 24
195.78.116.0/23 maxlen: 24
78.41.100.0/22 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
83.169.192.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
178.176.154.0/23 maxlen: 23
31.173.176.0/20 maxlen: 20
93.153.128.0/17 maxlen: 24
94.25.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
109.74.112.0/20 maxlen: 24
188.94.168.0/21 maxlen: 24
188.162.0.0/16 maxlen: 24
78.25.64.0/18 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
80.247.176.0/20 maxlen: 24
91.193.212.0/22 maxlen: 24
37.29.76.0/22 maxlen: 22
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.222.192.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
128.204.64.0/18 maxlen: 24
95.137.0.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c3:ef:ce:18:d4:ff:ab:62:ed:0c:ff:77:39:a7:5c:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Nov 29 15:09:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d8d33ae6d7162ec0863b0e4daed5795f5d9380a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ea:9c:4c:2c:1d:62:7a:aa:4c:19:41:30:fc:
6c:24:d4:eb:03:ab:ca:a7:8b:d1:30:71:88:c9:f0:
27:25:ec:e1:31:df:6f:a1:6f:c6:4a:d2:b7:aa:2d:
82:a2:4b:b2:75:3b:09:d5:b2:66:88:bf:8a:c8:1a:
4b:88:95:94:14:bc:91:ac:90:02:a8:09:4a:60:aa:
b6:f1:31:9a:9f:1e:6a:48:79:cd:7e:ef:2b:77:5f:
71:10:79:5d:c4:b5:b7:2e:81:b2:a4:16:bd:a3:1c:
27:9c:c1:c7:16:0b:79:0e:5f:7b:af:fc:9a:83:84:
30:8d:b7:76:51:5d:32:4f:8c:53:89:de:3f:2f:15:
50:37:2a:6e:93:d9:61:67:bd:cf:cb:56:ce:4c:70:
9e:b8:83:f6:27:c9:63:a7:e5:bf:39:1a:b7:2b:b9:
c4:8f:74:c1:70:8c:10:47:f7:01:89:e8:22:9c:19:
2a:c2:db:0b:33:68:f2:fa:2b:bf:0b:b5:c3:de:62:
13:72:1e:6e:0c:8d:64:a0:d1:19:de:8e:8a:d4:bc:
ff:2c:0c:b1:b9:df:1c:ec:8d:e9:eb:a3:55:c8:65:
ee:a3:c1:df:22:ad:3b:e3:86:d8:37:27:69:64:c6:
37:91:2c:0a:49:3b:96:08:a0:4e:fd:28:0c:ad:78:
3b:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:8D:33:AE:6D:71:62:EC:08:63:B0:E4:DA:ED:57:95:F5:D9:38:0A
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/XY0zrm1xYuwIY7Dk2u1XlfXZOAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.176.0/20
37.29.76.0/22
77.233.160.0/19
78.25.64.0/18
78.41.100.0/22
79.171.8.0/21
80.247.176.0/20
81.24.128.0/20
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
178.176.154.0/23
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
71:b6:0c:98:c2:14:54:69:43:61:ee:0e:eb:4a:21:18:0a:a9:
9e:da:08:44:36:0c:bd:9e:29:0e:57:eb:b4:e3:21:08:a0:5f:
8f:83:5a:1c:0f:a8:6f:e3:c6:44:77:7b:42:64:72:80:ef:0e:
63:18:c9:e2:4a:88:7f:a9:4f:ed:12:b0:92:d2:5b:86:27:3f:
8e:c9:cf:68:53:b3:c8:62:e9:c7:ca:61:9e:05:f6:07:0c:e5:
33:9b:5b:98:75:f5:06:f4:1a:98:76:fa:a1:f1:61:d3:97:11:
30:fa:17:0e:b8:12:fc:d2:7e:bb:98:a0:13:dc:df:67:67:05:
f7:26:3f:ab:e8:55:16:c1:b0:fd:0d:9d:00:60:82:41:99:28:
31:b2:63:47:bf:6a:29:d5:f8:c8:1f:5a:3c:45:1f:a7:39:a9:
b3:46:00:4e:02:d7:52:16:fb:a7:04:b5:db:4d:0a:6d:d7:d8:
99:49:57:2b:5d:80:97:52:91:16:7b:91:f2:d2:9a:98:f1:77:
b6:60:86:1d:a2:ee:a7:fe:c6:83:e7:8f:a5:88:99:18:05:53:
cc:37:0f:85:0c:0a:9e:4e:86:b1:b6:64:9e:5a:b0:40:83:96:
be:e3:1a:87:7a:57:5d:a5:85:de:19:a8:a5:e8:c6:82:87:b3:
e8:e9:41:56
-----BEGIN CERTIFICATE-----
MIIF8jCCBNqgAwIBAgISAYTD784Y1P+rYu0M/3c5p1w+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMTI5MTUwOTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDhkMzNhZTZkNzE2MmVjMDg2M2IwZTRkYWVkNTc5NWY1ZDkzODBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOqcTCwdYnqqTBlBMPxsJNTrA6vK
p4vRMHGIyfAnJezhMd9voW/GStK3qi2CokuydTsJ1bJmiL+KyBpLiJWUFLyRrJAC
qAlKYKq28TGanx5qSHnNfu8rd19xEHldxLW3LoGypBa9oxwnnMHHFgt5Dl97r/ya
g4Qwjbd2UV0yT4xTid4/LxVQNypuk9lhZ73Py1bOTHCeuIP2J8ljp+W/ORq3K7nE
j3TBcIwQR/cBieginBkqwtsLM2jy+iu/C7XD3mITch5uDI1koNEZ3o6K1Lz/LAyx
ud8c7I3p66NVyGXuo8HfIq0744bYNydpZMY3kSwKSTuWCKBO/SgMrXg7CwIDAQAB
o4IC/jCCAvowHQYDVR0OBBYEFF2NM65tcWLsCGOw5NrtV5X12TgKMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvWFkwenJtMXhZdXdJWTdEazJ1MVhsZlhaT0FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBEgYIKwYBBQUHAQcBAf8EggEBMIH+MIH7BAIAATCB9AME
BB+tsAMEAiUdTAMEBU3poAMEBk4ZQAMEAk4pZAMEA0+rCAMEBFD3sAMEBFEYgAME
BlOpwAMEBVPewAMEB1PlgAMEB1UagAMEBVZtwAMEAlvB1AMEB12ZgAMEB14ZgAME
B1+JAAMEBG1KcAMEBm18QAMDAG28AwQGgMxAAwQDsheQAwQBsrCaAwQCuQMgAwQC
udKMAwQDvF6oAwMAvKIDBALByeQDBAXDBYADBAXDEGADBAHDTnQDBADDlW8DBAXD
5kADBAXUDqADBAXULEADBAXURWADBAXUd6ADBAXVmqADBAXVqCADBAbV80ADBATZ
c1AwDQYJKoZIhvcNAQELBQADggEBAHG2DJjCFFRpQ2HuDutKIRgKqZ7aCEQ2DL2e
KQ5X67TjIQigX4+DWhwPqG/jxkR3e0JkcoDvDmMYyeJKiH+pT+0SsJLSW4YnP47J
z2hTs8hi6cfKYZ4F9gcM5TObW5h19Qb0Gph2+qHxYdOXETD6Fw64EvzSfruYoBPc
32dnBfcmP6voVRbBsP0NnQBggkGZKDGyY0e/ainV+MgfWjxFH6c5qbNGAE4C11IW
+6cEtdtNCm3X2JlJVytdgJdSkRZ7kfLSmpjxd7Zghh2i7qf+xoPnj6WImRgFU8w3
D4UMCp5OhrG2ZJ5asECDlr7jGod6V12lhd4ZqKXoxoKHs+jpQVY=
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:31:22 2025 by rpki-client