Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/qodfWh4EXwdNDW5cyadydSLAcPU.roa
File: qodfWh4EXwdNDW5cyadydSLAcPU.roa (raw, json)
Hash identifier: yocMVHP193RoFaYARfBNYlVNIqVvj+RBh9DWojk03EQ=
Subject key identifier: AA:87:5F:5A:1E:04:5F:07:4D:0D:6E:5C:C9:A7:72:75:22:C0:70:F5
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184F146445CF0315CA5AA3D90FAE8324CE8
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/qodfWh4EXwdNDW5cyadydSLAcPU.roa
Signing time: Thu 08 Dec 2022 10:27:04 +0000
ROA not before: Thu 08 Dec 2022 10:27:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50928
IP address blocks: 109.188.0.0/16 maxlen: 24
46.29.192.0/21 maxlen: 21
46.29.199.0/24 maxlen: 24
46.29.194.0/24 maxlen: 24
46.29.196.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
188.170.244.0/23 maxlen: 23
188.170.244.0/24 maxlen: 24
188.170.245.0/24 maxlen: 24
188.170.250.0/24 maxlen: 24
188.170.251.0/24 maxlen: 24
188.170.248.0/24 maxlen: 24
188.170.249.0/24 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
212.69.96.0/19 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
178.176.250.0/24 maxlen: 24
178.176.251.0/24 maxlen: 24
178.176.252.0/24 maxlen: 24
178.176.248.0/24 maxlen: 24
178.176.253.0/24 maxlen: 24
178.176.249.0/24 maxlen: 24
37.29.81.0/24 maxlen: 24
37.29.80.0/24 maxlen: 24
37.29.83.0/24 maxlen: 24
37.29.80.0/22 maxlen: 22
37.29.82.0/24 maxlen: 24
195.5.128.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
31.173.248.0/21 maxlen: 21
31.173.248.0/24 maxlen: 24
31.173.252.0/24 maxlen: 24
31.173.253.0/24 maxlen: 24
31.173.249.0/24 maxlen: 24
31.173.250.0/24 maxlen: 24
31.173.251.0/24 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.78.116.0/23 maxlen: 24
109.74.112.0/20 maxlen: 24
188.162.0.0/16 maxlen: 24
188.94.168.0/21 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
212.44.64.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f1:46:44:5c:f0:31:5c:a5:aa:3d:90:fa:e8:32:4c:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 8 10:27:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa875f5a1e045f074d0d6e5cc9a7727522c070f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9d:f1:e9:c0:b7:fc:e2:e6:a5:21:a7:85:a6:
c2:0d:e8:69:ab:20:30:bb:b6:ab:3f:fd:cd:88:54:
80:a1:8b:f9:83:50:98:40:25:f8:d5:c9:bc:eb:73:
0b:cc:d0:6a:53:64:99:1a:8f:e9:08:2f:78:fa:c7:
5e:49:85:01:1c:e9:01:cc:18:7b:4b:2f:46:12:82:
d2:31:f0:f5:37:dc:e4:e6:88:70:c1:d3:52:41:87:
d3:ec:a9:50:0b:36:8e:a1:98:5f:f1:f0:5c:8d:cb:
85:53:f5:09:47:59:cc:bf:8b:99:bf:3e:fb:14:7c:
3e:6e:18:6b:ee:17:d2:73:1a:14:dc:1c:50:54:a0:
94:f3:f5:9d:b5:7e:49:29:cb:a2:0e:f5:cf:a7:c8:
a3:c1:7f:be:49:ce:9f:b7:56:b2:22:c3:60:5b:80:
24:f4:3e:40:d0:5e:60:8c:ae:2d:cb:89:53:cf:5a:
7f:05:84:98:60:8e:2a:b8:a0:35:23:0a:4f:5d:c7:
12:59:38:11:fd:ca:85:db:40:f6:09:80:5c:68:48:
b3:bd:35:d0:c1:45:79:73:b7:25:1b:44:16:c7:92:
cb:2b:66:cb:27:3e:d4:f4:ca:58:9f:d3:c9:1b:0b:
7d:61:d4:c7:28:9d:c1:19:80:0e:4d:85:57:a3:0c:
7f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:87:5F:5A:1E:04:5F:07:4D:0D:6E:5C:C9:A7:72:75:22:C0:70:F5
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/qodfWh4EXwdNDW5cyadydSLAcPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.248.0/21
37.29.80.0/22
46.29.192.0/21
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
178.176.248.0-178.176.253.255
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
188.170.244.0/23
188.170.248.0/22
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
a6:7d:ce:68:da:90:80:71:11:29:0f:a4:7f:43:e5:79:7a:52:
59:e2:10:ff:fb:49:29:d8:f9:6b:3d:19:48:49:d2:08:6c:e6:
03:51:ce:73:b5:03:e2:11:a2:4e:c4:be:0b:20:61:e6:0f:ea:
c4:20:f9:f0:b5:44:74:9b:04:4f:94:20:27:64:6f:dc:f7:f0:
30:65:cc:cd:27:72:42:7a:53:66:44:fb:0e:17:7d:ac:3f:3d:
53:d5:a1:00:0e:2c:85:35:38:f7:01:2f:72:f6:bd:6c:94:4b:
ea:98:52:b2:31:3b:08:11:28:0e:2a:0c:c5:a9:25:33:b3:e8:
cf:79:ed:52:aa:a3:56:27:77:dc:95:63:de:bb:8c:23:f9:dd:
65:53:b7:fb:a5:52:7c:b0:87:5b:66:5d:21:44:d4:d6:c9:71:
b0:4a:14:c2:5d:12:5d:8c:1f:0a:85:6f:70:7f:77:13:7f:f6:
86:4b:c8:3a:db:f5:fe:2d:5b:b3:eb:8b:23:e5:f4:62:4c:55:
2e:c4:39:38:19:56:b7:3c:76:ca:d1:26:69:58:4e:28:6d:d6:
2a:63:c0:44:a4:6f:85:f3:4e:79:40:ee:2d:db:0b:15:26:8f:
3d:ee:ec:28:f6:4b:dc:72:1a:8e:0b:83:d3:22:f9:19:16:c7:
da:89:0b:2e
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAYTxRkRc8DFcpao9kProMkzoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA4MTAyNzA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTg3NWY1YTFlMDQ1ZjA3NGQwZDZlNWNjOWE3NzI3NTIyYzA3MGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZ3x6cC3/OLmpSGnhabCDehpqyAw
u7arP/3NiFSAoYv5g1CYQCX41cm863MLzNBqU2SZGo/pCC94+sdeSYUBHOkBzBh7
Sy9GEoLSMfD1N9zk5ohwwdNSQYfT7KlQCzaOoZhf8fBcjcuFU/UJR1nMv4uZvz77
FHw+bhhr7hfScxoU3BxQVKCU8/WdtX5JKcuiDvXPp8ijwX++Sc6ft1ayIsNgW4Ak
9D5A0F5gjK4ty4lTz1p/BYSYYI4quKA1IwpPXccSWTgR/cqF20D2CYBcaEizvTXQ
wUV5c7clG0QWx5LLK2bLJz7U9MpYn9PJGwt9YdTHKJ3BGYAOTYVXowx/WQIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFKqHX1oeBF8HTQ1uXMmncnUiwHD1MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvcW9kZldoNEVYd2RORFc1Y3lhZHlkU0xBY1BVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBuwQCAAEwgbQDBAMf
rfgDBAIlHVADBAMuHcADBARtSnADBAZtfEADAwBtvAMEBoDMQAMEA7IXkDAMAwQD
srD4AwQBsrD8AwQCuQMgAwQCudKMAwQDvF6oAwMAvKIDBAG8qvQDBAK8qvgDBALB
yeQDBAXDBYADBAXDEGADBAHDTnQDBADDlW8DBAXD5kADBAXUDqADBAXULEADBAXU
RWADBAXUd6ADBAXVmqADBAXVqCADBAbV80ADBATZc1AwDQYJKoZIhvcNAQELBQAD
ggEBAKZ9zmjakIBxESkPpH9D5Xl6UlniEP/7SSnY+Ws9GUhJ0ghs5gNRznO1A+IR
ok7EvgsgYeYP6sQg+fC1RHSbBE+UICdkb9z38DBlzM0nckJ6U2ZE+w4Xfaw/PVPV
oQAOLIU1OPcBL3L2vWyUS+qYUrIxOwgRKA4qDMWpJTOz6M957VKqo1Ynd9yVY967
jCP53WVTt/ulUnywh1tmXSFE1NbJcbBKFMJdEl2MHwqFb3B/dxN/9oZLyDrb9f4t
W7PriyPl9GJMVS7EOTgZVrc8dsrRJmlYTiht1ipjwESkb4XzTnlA7i3bCxUmjz3u
7Cj2S9xyGo4Lg9Mi+RkWx9qJCy4=
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:25:53 2025 by rpki-client