Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/dLwHI_cjRfy6fVyrIMyXbaIWYwk.roa
File: dLwHI_cjRfy6fVyrIMyXbaIWYwk.roa (raw, json)
Hash identifier: 8MmE5y5r5gL9+EgCTnfD46CJIBwxFyHx+Hsw+cQW6yI=
Subject key identifier: 74:BC:07:23:F7:23:45:FC:BA:7D:5C:AB:20:CC:97:6D:A2:16:63:09
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01840EC6AE00708927B9921B4268CF7D46BF
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/dLwHI_cjRfy6fVyrIMyXbaIWYwk.roa
Signing time: Tue 25 Oct 2022 10:53:32 +0000
ROA not before: Tue 25 Oct 2022 10:53:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35298
IP address blocks: 109.188.0.0/16 maxlen: 24
46.29.192.0/21 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
77.233.160.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
85.26.128.0/17 maxlen: 24
81.24.128.0/20 maxlen: 24
79.171.8.0/21 maxlen: 24
195.78.116.0/23 maxlen: 24
78.41.100.0/22 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
83.169.192.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
31.173.176.0/20 maxlen: 20
93.153.128.0/17 maxlen: 24
94.25.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.94.168.0/21 maxlen: 24
188.162.0.0/16 maxlen: 24
109.74.112.0/20 maxlen: 24
46.232.200.0/21 maxlen: 24
37.29.0.0/17 maxlen: 24
37.28.160.0/19 maxlen: 24
62.64.0.0/19 maxlen: 24
78.25.64.0/18 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
80.247.176.0/20 maxlen: 24
91.193.212.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.222.192.0/19 maxlen: 24
46.229.128.0/20 maxlen: 24
212.44.64.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
128.204.64.0/18 maxlen: 24
95.137.0.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0e:c6:ae:00:70:89:27:b9:92:1b:42:68:cf:7d:46:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Oct 25 10:53:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=74bc0723f72345fcba7d5cab20cc976da2166309
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ee:1f:23:6e:63:8a:ba:9c:74:e6:2a:95:41:
4c:c0:aa:22:35:ad:2c:32:ad:dd:31:5b:b0:4c:01:
09:eb:34:c3:bb:dc:a4:0c:b0:d8:a7:b8:00:f8:84:
a5:82:28:9a:6f:0c:3f:ab:45:1b:41:83:51:19:f3:
33:81:13:1b:4c:e0:5a:6e:84:a6:f6:4a:1d:dc:f4:
f9:97:9e:89:65:32:fb:84:4e:8f:ca:fa:ea:66:75:
f1:1a:ab:ad:94:9f:57:73:61:34:ad:a0:3f:3a:2f:
1d:9a:bb:4d:ca:36:3f:1c:30:a5:fd:93:0f:38:03:
ed:ad:cc:4d:59:b0:6d:2b:52:f1:8a:4f:2a:f0:26:
10:dd:c5:74:b7:41:89:14:d3:3e:ce:06:2c:41:6a:
2e:3d:b2:05:4a:3b:21:31:13:c7:18:f9:a1:ae:fd:
2b:7b:af:36:36:ef:24:6a:9f:1a:41:15:88:13:ee:
5f:3b:ef:e1:79:e9:a4:60:cc:ea:6b:ae:cf:64:6c:
2a:c8:eb:de:ed:9f:f9:20:27:3d:d4:a1:87:b0:8b:
c7:a4:6b:dd:67:6c:6a:11:75:bb:e1:66:e8:c8:5e:
b7:42:d8:c6:9c:1e:69:84:87:2e:38:6e:0a:28:8e:
eb:a8:7d:bb:11:14:d3:08:25:31:a6:00:27:fb:d5:
e7:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:BC:07:23:F7:23:45:FC:BA:7D:5C:AB:20:CC:97:6D:A2:16:63:09
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/dLwHI_cjRfy6fVyrIMyXbaIWYwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.176.0/20
37.28.160.0/19
37.29.0.0/17
46.29.192.0/21
46.229.128.0/20
46.232.200.0/21
62.64.0.0/19
77.233.160.0/19
78.25.64.0/18
78.41.100.0/22
79.171.8.0/21
80.247.176.0/20
81.24.128.0/20
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
4a:6c:47:07:67:d7:2d:ae:2d:c7:54:bd:93:67:a7:7e:4a:35:
b1:41:d9:49:cf:db:84:1e:f2:49:b1:4e:83:b4:a4:0f:39:ba:
11:f7:8e:7d:c0:f0:46:14:0f:1e:05:9a:65:f4:80:a0:4e:f4:
6f:bf:d6:2f:f1:cc:62:c6:3b:20:7c:de:69:9a:88:17:fa:55:
20:4d:4b:4f:9a:16:9b:5d:a9:ca:b7:9c:41:58:d1:ea:e4:79:
48:e5:33:bd:52:22:4c:d8:94:67:ba:2d:3f:3f:e5:a4:fc:25:
2a:fa:55:17:09:c0:44:d1:48:d0:cd:85:40:30:64:d2:b5:e3:
38:15:fa:76:99:e7:97:73:c9:dc:29:16:37:45:2d:b3:f0:b5:
87:1f:61:f4:9d:08:58:4c:0b:7b:c2:e4:a4:58:52:7d:b6:b7:
c4:07:96:43:46:70:2e:f0:83:5f:d0:40:b9:88:b3:6e:b8:1a:
c3:a8:ea:02:19:b6:bc:dd:14:dc:5b:82:ed:23:14:93:7f:ad:
32:7a:92:62:b3:8b:8e:eb:3f:3d:77:74:41:e1:7c:4e:1d:b9:
64:68:d8:26:51:c7:50:db:fd:38:cc:e7:1d:83:51:a3:cf:27:
47:45:36:49:60:ab:27:90:66:6a:ff:b3:69:4b:b9:19:ab:9e:
7d:b4:83:3f
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgISAYQOxq4AcIknuZIbQmjPfUa/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMDI1MTA1MzMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGJjMDcyM2Y3MjM0NWZjYmE3ZDVjYWIyMGNjOTc2ZGEyMTY2MzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAie4fI25jirqcdOYqlUFMwKoiNa0s
Mq3dMVuwTAEJ6zTDu9ykDLDYp7gA+ISlgiiabww/q0UbQYNRGfMzgRMbTOBaboSm
9kod3PT5l56JZTL7hE6PyvrqZnXxGqutlJ9Xc2E0raA/Oi8dmrtNyjY/HDCl/ZMP
OAPtrcxNWbBtK1Lxik8q8CYQ3cV0t0GJFNM+zgYsQWouPbIFSjshMRPHGPmhrv0r
e682Nu8kap8aQRWIE+5fO+/heemkYMzqa67PZGwqyOve7Z/5ICc91KGHsIvHpGvd
Z2xqEXW74WboyF63QtjGnB5phIcuOG4KKI7rqH27ERTTCCUxpgAn+9Xn1wIDAQAB
o4IDGTCCAxUwHQYDVR0OBBYEFHS8ByP3I0X8un1cqyDMl22iFmMJMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvZEx3SElfY2pSZnk2ZlZ5cklNeVhiYUlXWXdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLQYIKwYBBQUHAQcBAf8EggEcMIIBGDCCARQEAgABMIIB
DAMEBB+tsAMEBSUcoAMEByUdAAMEAy4dwAMEBC7lgAMEAy7oyAMEBT5AAAMEBU3p
oAMEBk4ZQAMEAk4pZAMEA0+rCAMEBFD3sAMEBFEYgAMEBlOpwAMEBVPewAMEB1Pl
gAMEB1UagAMEBVZtwAMEAlvB1AMEB12ZgAMEB14ZgAMEB1+JAAMEBG1KcAMEBm18
QAMDAG28AwQGgMxAAwQDsheQAwQCuQMgAwQCudKMAwQDvF6oAwMAvKIDBALByeQD
BAXDBYADBAXDEGADBAHDTnQDBADDlW8DBAXD5kADBAXUDqADBAXULEADBAXURWAD
BAXUd6ADBAXVmqADBAXVqCADBAbV80ADBATZc1AwDQYJKoZIhvcNAQELBQADggEB
AEpsRwdn1y2uLcdUvZNnp35KNbFB2UnP24Qe8kmxToO0pA85uhH3jn3A8EYUDx4F
mmX0gKBO9G+/1i/xzGLGOyB83mmaiBf6VSBNS0+aFptdqcq3nEFY0erkeUjlM71S
IkzYlGe6LT8/5aT8JSr6VRcJwETRSNDNhUAwZNK14zgV+naZ55dzydwpFjdFLbPw
tYcfYfSdCFhMC3vC5KRYUn22t8QHlkNGcC7wg1/QQLmIs264GsOo6gIZtrzdFNxb
gu0jFJN/rTJ6kmKzi47rPz13dEHhfE4duWRo2CZRx1Db/TjM5x2DUaPPJ0dFNklg
qyeQZmr/s2lLuRmrnn20gz8=
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:38:33 2025 by rpki-client