Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/YOn0VVu3fJ0BWbfCXLnr7vroqDQ.roa
File: YOn0VVu3fJ0BWbfCXLnr7vroqDQ.roa (raw, json)
Hash identifier: 8m5mVOyLOPNLN3J4V9E209MysMkT3j5KoVj7a4QJDhM=
Subject key identifier: 60:E9:F4:55:5B:B7:7C:9D:01:59:B7:C2:5C:B9:EB:EE:FA:E8:A8:34
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018505615A2CD27C4EF1DC1527C0295124BC
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/YOn0VVu3fJ0BWbfCXLnr7vroqDQ.roa
Signing time: Mon 12 Dec 2022 08:09:04 +0000
ROA not before: Mon 12 Dec 2022 08:09:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50928
IP address blocks: 46.29.192.0/21 maxlen: 21
46.29.199.0/24 maxlen: 24
46.29.194.0/24 maxlen: 24
46.29.196.0/24 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.16.96.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
188.170.244.0/23 maxlen: 23
188.170.244.0/24 maxlen: 24
188.170.245.0/24 maxlen: 24
188.170.250.0/24 maxlen: 24
188.170.251.0/24 maxlen: 24
188.170.252.0/24 maxlen: 24
188.170.248.0/24 maxlen: 24
188.170.249.0/24 maxlen: 24
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 21
213.154.160.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.162.0.0/16 maxlen: 24
178.23.149.0/24 maxlen: 24
178.23.148.0/24 maxlen: 24
178.23.151.0/24 maxlen: 24
178.23.150.0/24 maxlen: 24
212.119.160.0/19 maxlen: 24
178.176.250.0/24 maxlen: 24
178.176.251.0/24 maxlen: 24
178.176.252.0/24 maxlen: 24
178.176.248.0/24 maxlen: 24
178.176.253.0/24 maxlen: 24
178.176.249.0/24 maxlen: 24
37.29.81.0/24 maxlen: 24
37.29.80.0/24 maxlen: 24
37.29.83.0/24 maxlen: 24
37.29.80.0/22 maxlen: 22
37.29.82.0/24 maxlen: 24
195.5.128.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
31.173.248.0/21 maxlen: 21
31.173.248.0/24 maxlen: 24
31.173.252.0/24 maxlen: 24
31.173.253.0/24 maxlen: 24
31.173.249.0/24 maxlen: 24
31.173.250.0/24 maxlen: 24
31.173.251.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:61:5a:2c:d2:7c:4e:f1:dc:15:27:c0:29:51:24:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 08:09:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=60e9f4555bb77c9d0159b7c25cb9ebeefae8a834
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:95:06:c9:5d:20:9d:e6:37:cd:1b:24:af:f3:
c5:ac:cb:9d:7e:1d:23:9d:46:27:18:67:70:82:a9:
58:17:c2:64:17:8f:25:a0:73:42:4d:9f:12:a1:26:
5f:ad:0e:55:2a:7a:5e:3b:fe:2d:ce:fe:18:f8:73:
76:eb:37:3d:de:5c:d1:65:69:90:c3:e8:b5:bc:ff:
2a:3a:be:db:d9:9e:3b:9e:05:e6:d6:62:53:a1:ee:
37:d0:a2:76:99:a6:07:bf:13:ea:0f:4c:47:b0:86:
12:b8:2a:bb:79:da:d4:68:d3:02:50:3e:4a:49:0e:
c0:6e:d8:0d:85:28:51:8b:46:65:d4:9b:cb:89:fa:
3c:a5:95:6c:30:3f:a3:c7:85:00:6f:38:5c:13:a1:
05:84:e7:1f:6e:fe:b2:b5:63:f1:c1:ee:9b:17:c0:
b8:43:c1:04:74:a2:eb:9f:9e:04:d5:a2:40:57:14:
a9:2e:d4:7e:30:6b:76:76:c1:00:31:bd:4a:94:6f:
68:9a:04:33:7e:0b:dd:c1:05:0f:54:f9:d6:b5:9c:
f3:92:3c:82:05:ed:5c:5d:05:b9:ae:3d:4e:ec:d9:
9d:6a:8b:c1:c3:c8:4c:9f:66:c4:d7:fc:c2:5c:05:
aa:a0:cf:4b:5f:ab:e4:2e:96:06:b1:92:6e:f4:4e:
2c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:E9:F4:55:5B:B7:7C:9D:01:59:B7:C2:5C:B9:EB:EE:FA:E8:A8:34
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/YOn0VVu3fJ0BWbfCXLnr7vroqDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.248.0/21
37.29.80.0/22
46.29.192.0/21
178.23.144.0/21
178.176.248.0-178.176.253.255
188.162.0.0/16
188.170.244.0/23
188.170.248.0-188.170.252.255
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
Signature Algorithm: sha256WithRSAEncryption
55:e5:13:b3:cf:82:36:2b:fe:19:93:5c:7e:6a:e2:c9:81:c9:
62:86:08:b3:dc:d0:dd:a8:76:9d:88:a2:ac:68:ef:dd:78:cf:
1d:59:de:1e:88:18:08:b8:57:59:2b:35:d4:73:8d:7e:f1:d4:
3b:0b:14:22:ec:72:51:26:44:ae:eb:19:c1:52:16:60:fd:87:
df:79:bc:a0:c0:83:78:53:64:03:ad:72:a5:56:4b:d8:47:e6:
ac:5e:0e:f3:19:02:de:63:22:f0:c4:fe:7a:73:4a:84:1f:62:
c7:4e:fd:c5:64:aa:3c:c4:91:05:f8:e0:61:a3:f4:c3:ba:a0:
b4:de:87:d0:d0:d1:01:ef:5a:eb:78:33:bd:75:ac:61:78:8c:
17:ad:c1:d6:cf:4c:be:5d:23:bc:da:bc:87:e6:98:cf:2e:0e:
b8:3e:a3:59:81:d9:96:48:a1:51:16:b3:02:a3:38:ed:69:05:
3d:a9:80:c2:1e:f0:0e:0e:c9:29:0c:b5:0b:0e:e3:ba:c0:97:
27:bd:96:50:61:85:23:98:19:60:e3:8d:87:aa:0b:1f:7b:cd:
92:db:5c:d5:df:88:c4:5d:9b:ca:8d:2f:8b:9d:1c:0e:f8:0e:
55:bd:57:40:b4:0f:21:3d:3f:77:af:ec:9a:c0:be:3d:8a:3a:
50:d8:02:f0
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAYUFYVos0nxO8dwVJ8ApUSS8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMDgwOTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGU5ZjQ1NTViYjc3YzlkMDE1OWI3YzI1Y2I5ZWJlZWZhZThhODM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZUGyV0gneY3zRskr/PFrMudfh0j
nUYnGGdwgqlYF8JkF48loHNCTZ8SoSZfrQ5VKnpeO/4tzv4Y+HN26zc93lzRZWmQ
w+i1vP8qOr7b2Z47ngXm1mJToe430KJ2maYHvxPqD0xHsIYSuCq7edrUaNMCUD5K
SQ7AbtgNhShRi0Zl1JvLifo8pZVsMD+jx4UAbzhcE6EFhOcfbv6ytWPxwe6bF8C4
Q8EEdKLrn54E1aJAVxSpLtR+MGt2dsEAMb1KlG9omgQzfgvdwQUPVPnWtZzzkjyC
Be1cXQW5rj1O7NmdaovBw8hMn2bE1/zCXAWqoM9LX6vkLpYGsZJu9E4suQIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFGDp9FVbt3ydAVm3wly56+766Kg0MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvWU9uMFZWdTNmSjBCV2JmQ1hMbnI3dnJvcURRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizCBiAQCAAEwgYEDBAMf
rfgDBAIlHVADBAMuHcADBAOyF5AwDAMEA7Kw+AMEAbKw/AMDALyiAwQBvKr0MAwD
BAO8qvgDBAC8qvwDBALByeQDBAXDBYADBAXDEGADBAHDTnQDBADDlW8DBAXD5kAD
BAXUDqADBAXULEADBAXURWADBAXUd6ADBAXVmqAwDQYJKoZIhvcNAQELBQADggEB
AFXlE7PPgjYr/hmTXH5q4smByWKGCLPc0N2odp2Ioqxo7914zx1Z3h6IGAi4V1kr
NdRzjX7x1DsLFCLsclEmRK7rGcFSFmD9h995vKDAg3hTZAOtcqVWS9hH5qxeDvMZ
At5jIvDE/npzSoQfYsdO/cVkqjzEkQX44GGj9MO6oLTeh9DQ0QHvWut4M711rGF4
jBetwdbPTL5dI7zavIfmmM8uDrg+o1mB2ZZIoVEWswKjOO1pBT2pgMIe8A4OySkM
tQsO47rAlye9llBhhSOYGWDjjYeqCx97zZLbXNXfiMRdm8qNL4udHA74DlW9V0C0
DyE9P3ev7JrAvj2KOlDYAvA=
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:31:29 2025 by rpki-client