Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/gTMT1ECYc4udJRg1SLAUewU1iYQ.roa
File: gTMT1ECYc4udJRg1SLAUewU1iYQ.roa (raw, json)
Hash identifier: 33lHfJK/qwtYNha8pRm1KzsAwKvJDpu5946Kr3zrFIw=
Subject key identifier: 81:33:13:D4:40:98:73:8B:9D:25:18:35:48:B0:14:7B:05:35:89:84
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018E13EAD8026EA29F22977B8AEFFE2FB114
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/gTMT1ECYc4udJRg1SLAUewU1iYQ.roa
Signing time: Wed 06 Mar 2024 13:19:01 +0000
ROA not before: Wed 06 Mar 2024 13:19:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31213
IP address blocks: 37.28.160.0/21 maxlen: 21
37.28.168.0/21 maxlen: 21
37.29.48.0/21 maxlen: 21
37.29.56.0/21 maxlen: 21
37.29.64.0/22 maxlen: 22
37.29.68.0/23 maxlen: 23
37.29.70.0/24 maxlen: 24
37.29.71.0/24 maxlen: 24
78.25.96.0/21 maxlen: 21
78.25.104.0/22 maxlen: 22
78.25.108.0/22 maxlen: 22
78.25.120.0/22 maxlen: 22
83.149.0.0/21 maxlen: 21
85.26.128.0/20 maxlen: 20
85.26.208.0/22 maxlen: 22
85.26.212.0/22 maxlen: 22
85.26.216.0/22 maxlen: 22
85.26.220.0/22 maxlen: 22
85.26.248.0/22 maxlen: 22
85.26.252.0/22 maxlen: 22
94.25.208.0/22 maxlen: 22
94.25.216.0/21 maxlen: 21
94.25.224.0/21 maxlen: 21
94.25.228.0/23 maxlen: 23
94.25.232.0/21 maxlen: 21
109.188.128.0/17 maxlen: 17
128.204.74.0/24 maxlen: 24
128.204.75.0/24 maxlen: 24
176.106.130.0/24 maxlen: 24
176.106.131.0/24 maxlen: 24
178.178.224.0/24 maxlen: 24
178.178.225.0/24 maxlen: 24
178.178.226.0/24 maxlen: 24
178.178.227.0/24 maxlen: 24
188.162.64.0/23 maxlen: 23
188.170.65.0/24 maxlen: 24
188.170.66.0/24 maxlen: 24
188.170.67.0/24 maxlen: 24
188.170.68.0/24 maxlen: 24
188.170.72.0/21 maxlen: 21
188.170.80.0/21 maxlen: 21
188.170.92.0/22 maxlen: 22
2a03:d000::/40 maxlen: 40
2a03:d000:70::/45 maxlen: 45
2a03:d000:f8::/46 maxlen: 46
2a03:d000:100::/40 maxlen: 40
2a03:d000:170::/46 maxlen: 46
2a03:d000:1f8::/46 maxlen: 46
2a03:d000:270::/45 maxlen: 45
2a03:d000:2f8::/46 maxlen: 46
2a03:d000:301::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:13:ea:d8:02:6e:a2:9f:22:97:7b:8a:ef:fe:2f:b1:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Mar 6 13:19:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=813313d44098738b9d25183548b0147b05358984
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:f8:b5:8d:56:76:da:a5:15:96:3c:45:7f:01:
c2:e0:61:d4:25:69:75:42:bb:39:c7:a2:27:d7:06:
6f:74:6d:ca:bf:21:bc:9b:96:0b:16:67:25:1d:55:
61:b5:e6:b5:e3:1d:c2:64:fe:24:4d:fb:35:27:75:
a8:d6:0e:c0:ba:e7:89:38:d6:c7:27:07:69:de:3a:
26:36:16:ef:05:7f:70:17:90:ab:87:5a:b8:e0:79:
85:e2:31:85:1a:d0:a7:b2:f1:7a:71:03:87:ed:29:
67:45:f5:50:cc:bc:ee:5c:9f:df:a6:66:fb:6d:af:
d7:37:34:33:e9:ba:b4:89:21:f8:fc:0f:f9:6d:02:
70:71:29:14:15:00:f4:c3:7f:f5:1c:06:a2:78:ec:
01:86:e8:a2:8e:5e:65:31:31:bc:00:c9:2b:a6:43:
d5:56:30:10:a9:a3:a6:15:c2:20:ab:98:6f:7a:18:
de:f5:3b:61:d0:8b:5b:0a:8c:c0:e6:c8:53:17:ee:
ca:cb:95:54:1d:1d:e7:f2:af:ef:d4:f1:68:28:12:
fb:04:98:3b:19:57:33:f4:ae:67:e3:f4:68:8d:41:
0a:c9:cc:0b:88:9d:2e:82:8a:bc:6e:86:3b:50:d6:
bd:4b:8e:a5:75:6d:99:8e:67:e3:09:c3:75:8f:e1:
d1:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:33:13:D4:40:98:73:8B:9D:25:18:35:48:B0:14:7B:05:35:89:84
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/gTMT1ECYc4udJRg1SLAUewU1iYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.28.160.0/20
37.29.48.0-37.29.71.255
78.25.96.0/20
78.25.120.0/22
83.149.0.0/21
85.26.128.0/20
85.26.208.0/20
85.26.248.0/21
94.25.208.0/22
94.25.216.0-94.25.239.255
109.188.128.0/17
128.204.74.0/23
176.106.130.0/23
178.178.224.0/22
188.162.64.0/23
188.170.65.0-188.170.68.255
188.170.72.0-188.170.87.255
188.170.92.0/22
IPv6:
2a03:d000::/39
2a03:d000:270::/45
2a03:d000:2f8::/46
2a03:d000:301::/48
Signature Algorithm: sha256WithRSAEncryption
2a:5d:4e:6e:14:7a:22:54:3e:d9:fb:92:cf:5b:86:0d:34:be:
83:b5:e2:d5:cb:f6:38:c7:77:1d:cd:56:a9:01:aa:c1:ee:07:
fe:d2:e5:1e:68:f0:d7:73:24:2a:02:23:31:ec:12:b7:9e:36:
5b:a4:e8:c9:ed:31:6f:8e:a0:e9:9a:c8:2c:d3:f7:ff:63:06:
ba:8b:da:97:7c:45:5a:80:8e:c5:be:6e:34:1a:d2:55:be:f1:
29:f1:f0:3a:48:bf:8d:c9:dc:bc:a7:5b:a9:64:14:38:ef:3a:
63:b4:2b:81:5e:03:94:db:14:fa:97:6b:74:4d:cd:61:98:32:
ed:04:71:b8:47:e8:69:a0:6a:63:e7:28:f0:36:8f:cb:b1:d8:
fb:be:47:08:5a:e9:63:25:67:ba:a7:ac:f1:cb:e7:ba:be:28:
b5:ba:32:d1:68:52:c1:3c:17:15:0e:a8:d6:4e:a9:3f:51:5a:
2c:08:7f:49:e9:5f:d5:6a:6f:fe:09:e5:05:1f:7c:4c:a9:32:
af:03:20:7c:f6:f6:28:14:04:c6:80:d8:c9:e8:ca:de:3d:29:
42:0c:ef:3e:76:c0:fa:1b:be:37:71:39:71:b2:42:f8:74:61:
fd:bc:56:b4:67:0d:e4:c6:67:52:37:19:0b:1e:6a:f8:90:38:
82:56:6f:77
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAY4T6tgCbqKfIpd7iu/+L7EUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjQwMzA2MTMxOTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTMzMTNkNDQwOTg3MzhiOWQyNTE4MzU0OGIwMTQ3YjA1MzU4OTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfi1jVZ22qUVljxFfwHC4GHUJWl1
Qrs5x6In1wZvdG3KvyG8m5YLFmclHVVhtea14x3CZP4kTfs1J3Wo1g7AuueJONbH
Jwdp3jomNhbvBX9wF5Crh1q44HmF4jGFGtCnsvF6cQOH7SlnRfVQzLzuXJ/fpmb7
ba/XNzQz6bq0iSH4/A/5bQJwcSkUFQD0w3/1HAaieOwBhuiijl5lMTG8AMkrpkPV
VjAQqaOmFcIgq5hvehje9Tth0ItbCozA5shTF+7Ky5VUHR3n8q/v1PFoKBL7BJg7
GVcz9K5n4/RojUEKycwLiJ0ugoq8boY7UNa9S46ldW2ZjmfjCcN1j+HR5wIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFIEzE9RAmHOLnSUYNUiwFHsFNYmEMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvZ1RNVDFFQ1ljNHVkSlJnMVNMQVVld1UxaVlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBkwQCAAEwgYwDBAQl
HKAwDAMEBCUdMAMEAyUdQAMEBE4ZYAMEAk4ZeAMEA1OVAAMEBFUagAMEBFUa0AME
A1Ua+AMEAl4Z0DAMAwQDXhnYAwQEXhngAwQHbbyAAwQBgMxKAwQBsGqCAwQCsrLg
AwQBvKJAMAwDBAC8qkEDBAC8qkQwDAMEA7yqSAMEA7yqUAMEAryqXDApBAIAAjAj
AwYBKgPQAAADBwMqA9AAAnADBwIqA9AAAvgDBwAqA9AAAwEwDQYJKoZIhvcNAQEL
BQADggEBACpdTm4UeiJUPtn7ks9bhg00voO14tXL9jjHdx3NVqkBqsHuB/7S5R5o
8NdzJCoCIzHsEreeNluk6MntMW+OoOmayCzT9/9jBrqL2pd8RVqAjsW+bjQa0lW+
8Snx8DpIv43J3LynW6lkFDjvOmO0K4FeA5TbFPqXa3RNzWGYMu0EcbhH6GmgamPn
KPA2j8ux2Pu+Rwha6WMlZ7qnrPHL57q+KLW6MtFoUsE8FxUOqNZOqT9RWiwIf0np
X9Vqb/4J5QUffEypMq8DIHz29igUBMaA2Mnoyt49KUIM7z52wPobvjdxOXGyQvh0
Yf28VrRnDeTGZ1I3GQseaviQOIJWb3c=
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:46:05 2025 by rpki-client