Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/xTaPRUcaWzKyRS01zEWulqco4Lc.roa
File: xTaPRUcaWzKyRS01zEWulqco4Lc.roa (raw, json)
Hash identifier: rq/K3VfYjRUUM37s70PW4gQfag+sljBpKkVRql3j9Nw=
Subject key identifier: C5:36:8F:45:47:1A:5B:32:B2:45:2D:35:CC:45:AE:96:A7:28:E0:B7
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018CC56DE35CB38FAC5A32230084EDC0F6BE
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/xTaPRUcaWzKyRS01zEWulqco4Lc.roa
Signing time: Mon 01 Jan 2024 14:29:22 +0000
ROA not before: Mon 01 Jan 2024 14:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31205
IP address blocks: 188.170.247.0/24 maxlen: 24
85.26.226.0/24 maxlen: 24
85.26.224.0/24 maxlen: 24
85.26.229.0/24 maxlen: 24
85.26.227.0/24 maxlen: 24
85.26.230.0/24 maxlen: 24
85.26.228.0/24 maxlen: 24
85.26.231.0/24 maxlen: 24
185.210.142.0/23 maxlen: 23
185.210.140.0/23 maxlen: 23
178.176.240.0/22 maxlen: 22
78.25.92.0/23 maxlen: 23
78.25.94.0/23 maxlen: 23
178.176.244.0/22 maxlen: 22
37.29.86.0/23 maxlen: 23
188.170.240.0/22 maxlen: 22
31.173.240.0/23 maxlen: 23
128.204.66.0/24 maxlen: 24
31.173.242.0/23 maxlen: 23
128.204.67.0/24 maxlen: 24
31.173.244.0/22 maxlen: 22
83.149.50.0/24 maxlen: 24
83.149.48.0/24 maxlen: 24
83.149.51.0/24 maxlen: 24
83.149.49.0/24 maxlen: 24
178.176.48.0/24 maxlen: 24
83.169.252.0/22 maxlen: 22
83.169.248.0/22 maxlen: 22
188.162.1.0/24 maxlen: 24
188.162.0.0/24 maxlen: 24
188.162.4.0/22 maxlen: 22
188.162.2.0/23 maxlen: 23
188.162.8.0/23 maxlen: 23
188.162.10.0/23 maxlen: 23
46.232.202.0/23 maxlen: 23
188.162.12.0/23 maxlen: 23
188.162.14.0/23 maxlen: 23
46.232.200.0/24 maxlen: 24
188.162.81.0/24 maxlen: 24
188.162.79.0/24 maxlen: 24
188.162.84.0/24 maxlen: 24
188.162.85.0/24 maxlen: 24
188.162.82.0/24 maxlen: 24
188.162.83.0/24 maxlen: 24
188.162.80.0/24 maxlen: 24
188.162.89.0/24 maxlen: 24
188.162.86.0/24 maxlen: 24
188.162.87.0/24 maxlen: 24
188.162.90.0/23 maxlen: 23
188.162.88.0/24 maxlen: 24
188.162.92.0/22 maxlen: 22
188.162.78.0/24 maxlen: 24
188.162.72.0/22 maxlen: 22
188.162.76.0/23 maxlen: 23
2a03:d000:67fe::/48 maxlen: 48
2a03:d000:6400::/40 maxlen: 40
2a03:d000:6500::/40 maxlen: 40
2a03:d000:67ff::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:e3:5c:b3:8f:ac:5a:32:23:00:84:ed:c0:f6:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 14:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5368f45471a5b32b2452d35cc45ae96a728e0b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:77:20:c3:22:ff:1b:37:e6:9c:a5:cf:9f:bb:
a3:dd:97:de:7c:01:d5:69:be:c3:67:fd:d6:7a:a8:
db:b3:d3:d4:07:e6:86:df:5d:e8:39:11:50:3e:e4:
f9:51:e2:15:23:60:b8:4b:95:e7:96:50:5e:d6:d2:
49:2a:34:88:c7:12:2f:e5:55:d2:7a:9f:0c:99:2d:
d2:a9:01:df:cb:76:11:c3:de:12:b3:8a:f9:e0:cb:
dd:a7:f3:83:57:56:f6:b4:c5:7e:9f:06:02:7e:7c:
b7:dc:b1:f0:8e:e5:c7:fc:bb:56:0a:98:aa:e0:0e:
be:41:98:0c:00:eb:28:f7:c1:e7:aa:7c:cc:c5:80:
84:51:1c:bb:8f:75:f0:fa:6f:4c:9f:2f:59:bf:98:
2a:a7:35:86:c6:2c:74:8e:38:b0:79:ff:b3:20:85:
e5:40:d5:fb:3b:20:a5:4e:42:2a:97:8e:70:f2:1b:
5a:9d:57:15:d6:fb:41:a5:7f:8e:10:86:90:e9:1f:
e0:57:95:c9:f9:3e:9a:4f:1d:63:9c:75:26:3b:eb:
59:ac:11:d9:8f:17:07:74:cd:af:36:bd:68:9c:ea:
e7:88:26:fd:78:93:46:77:49:6e:3c:b0:2b:73:13:
9c:c4:a8:04:7d:25:41:56:5d:95:64:0b:dd:e6:c1:
dd:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:36:8F:45:47:1A:5B:32:B2:45:2D:35:CC:45:AE:96:A7:28:E0:B7
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/xTaPRUcaWzKyRS01zEWulqco4Lc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.240.0/21
37.29.86.0/23
46.232.200.0/24
46.232.202.0/23
78.25.92.0/22
83.149.48.0/22
83.169.248.0/21
85.26.224.0/24
85.26.226.0-85.26.231.255
128.204.66.0/23
178.176.48.0/24
178.176.240.0/21
185.210.140.0/22
188.162.0.0/20
188.162.72.0-188.162.95.255
188.170.240.0/22
188.170.247.0/24
IPv6:
2a03:d000:6400::/39
2a03:d000:67fe::/47
Signature Algorithm: sha256WithRSAEncryption
91:e7:14:93:c1:33:02:b2:ba:17:27:99:e2:8f:78:8e:6e:83:
15:ce:29:62:a9:10:ef:80:50:9d:08:5a:df:7b:39:08:bf:88:
d9:9a:63:e9:ee:ff:42:73:f5:a1:c1:a0:23:6f:06:c3:a2:fc:
f8:43:4b:cd:1f:f4:8c:25:35:f3:04:b7:37:c1:81:1b:8f:d7:
26:6a:10:af:0e:1f:99:c2:49:83:a1:9c:1f:74:d8:28:91:2d:
89:b4:01:21:8b:cf:4b:42:8e:18:ef:ad:2c:2d:b7:a2:dd:b4:
a6:50:0f:b7:a0:26:b7:f4:6a:eb:dc:87:d6:b5:9a:28:89:8e:
03:69:4c:52:81:d9:d4:4f:27:a6:25:ac:1c:be:34:ea:b4:a4:
aa:05:6c:ed:6b:f8:fd:5b:11:29:7e:1e:4a:2d:fe:7b:35:7b:
06:af:ef:bd:1d:07:8c:36:2d:c6:7f:16:d5:6a:2f:78:25:7d:
af:24:6d:8b:3b:b2:f1:16:12:e6:dd:25:8c:31:7b:9e:06:b5:
c7:ed:e5:df:6b:93:cc:b0:64:f5:2f:e6:da:11:e1:c6:93:06:
c7:eb:12:ff:8e:3e:98:b9:8f:a9:95:c3:77:4e:79:1d:33:4d:
00:d9:f5:57:d3:fe:26:46:9a:3f:04:9e:76:5c:26:02:9d:be:
ae:2e:e6:e6
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgISAYzFbeNcs4+sWjIjAITtwPa+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjQwMTAxMTQyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTM2OGY0NTQ3MWE1YjMyYjI0NTJkMzVjYzQ1YWU5NmE3MjhlMGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHcgwyL/GzfmnKXPn7uj3ZfefAHV
ab7DZ/3Weqjbs9PUB+aG313oORFQPuT5UeIVI2C4S5XnllBe1tJJKjSIxxIv5VXS
ep8MmS3SqQHfy3YRw94Ss4r54Mvdp/ODV1b2tMV+nwYCfny33LHwjuXH/LtWCpiq
4A6+QZgMAOso98HnqnzMxYCEURy7j3Xw+m9Mny9Zv5gqpzWGxix0jjiwef+zIIXl
QNX7OyClTkIql45w8htanVcV1vtBpX+OEIaQ6R/gV5XJ+T6aTx1jnHUmO+tZrBHZ
jxcHdM2vNr1onOrniCb9eJNGd0luPLArcxOcxKgEfSVBVl2VZAvd5sHdbQIDAQAB
o4IClTCCApEwHQYDVR0OBBYEFMU2j0VHGlsyskUtNcxFrpanKOC3MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEveFRhUFJVY2FXekt5UlMwMXpFV3VscWNvNExjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGqBggrBgEFBQcBBwEB/wSBmjCBlzB8BAIAATB2AwQDH63w
AwQBJR1WAwQALujIAwQBLujKAwQCThlcAwQCU5UwAwQDU6n4AwQAVRrgMAwDBAFV
GuIDBANVGuADBAGAzEIDBACysDADBAOysPADBAK50owDBAS8ogAwDAMEA7yiSAME
BbyiQAMEAryq8AMEALyq9zAXBAIAAjARAwYBKgPQAGQDBwEqA9AAZ/4wDQYJKoZI
hvcNAQELBQADggEBAJHnFJPBMwKyuhcnmeKPeI5ugxXOKWKpEO+AUJ0IWt97OQi/
iNmaY+nu/0Jz9aHBoCNvBsOi/PhDS80f9IwlNfMEtzfBgRuP1yZqEK8OH5nCSYOh
nB902CiRLYm0ASGLz0tCjhjvrSwtt6LdtKZQD7egJrf0auvch9a1miiJjgNpTFKB
2dRPJ6YlrBy+NOq0pKoFbO1r+P1bESl+Hkot/ns1ewav770dB4w2LcZ/FtVqL3gl
fa8kbYs7svEWEubdJYwxe54Gtcft5d9rk8ywZPUv5toR4caTBsfrEv+OPpi5j6mV
w3dOeR0zTQDZ9VfT/iZGmj8EnnZcJgKdvq4u5uY=
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:28:23 2025 by rpki-client