Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/xyRfdXyELc09zWGaHIz0qSEGD20.roa
File: xyRfdXyELc09zWGaHIz0qSEGD20.roa (raw, json)
Hash identifier: La5Io1igTFLclESO9C2GZZHB+rYRYhDdntDv7ndQPyU=
Subject key identifier: C7:24:5F:75:7C:84:2D:CD:3D:CD:61:9A:1C:8C:F4:A9:21:06:0F:6D
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184E2661769A0AD5216221CA77C7164BC26
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/xyRfdXyELc09zWGaHIz0qSEGD20.roa
Signing time: Mon 05 Dec 2022 13:07:32 +0000
ROA not before: Mon 05 Dec 2022 13:07:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47395
IP address blocks: 109.188.0.0/16 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
85.26.128.0/17 maxlen: 24
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
93.153.128.0/17 maxlen: 24
94.25.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.94.168.0/21 maxlen: 24
188.162.0.0/16 maxlen: 24
109.74.112.0/20 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
91.193.212.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
212.44.64.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
95.137.0.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e2:66:17:69:a0:ad:52:16:22:1c:a7:7c:71:64:bc:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 5 13:07:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c7245f757c842dcd3dcd619a1c8cf4a921060f6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:db:50:fa:38:73:6a:d2:56:98:e5:98:e0:9a:
50:f1:90:a9:8b:f8:d3:c3:8d:b2:2c:a9:f7:9b:1a:
b3:fe:c5:35:c8:93:b4:e6:8e:27:6c:fb:c7:ee:dc:
f2:f6:0f:6b:26:6c:5d:f2:2e:dd:32:8a:28:56:05:
75:9d:32:99:bb:0a:42:1c:a4:c4:a2:3f:86:7e:40:
b0:ab:b7:fa:d0:cb:1d:74:c0:e5:fc:6b:bd:d9:29:
e7:79:cf:19:a6:db:8d:99:2e:78:52:d7:b1:51:9e:
26:13:36:f6:f8:9e:ba:fe:ac:77:f3:e2:04:79:75:
79:f5:1a:73:b1:42:78:ba:65:5e:3a:65:1b:3e:5d:
20:7a:a2:2a:8a:e1:ea:ee:7a:5e:50:cd:83:7b:e6:
a8:a9:0e:eb:90:95:47:b0:3a:23:10:9f:c4:ef:65:
8a:39:36:94:ca:2d:1e:f2:53:9d:52:a7:4d:40:4e:
58:d1:cc:3b:8b:11:c3:b8:fe:d7:f0:a9:fb:26:33:
02:6f:48:b9:8c:66:d9:ae:33:39:d7:67:1b:b2:e0:
a3:54:b3:c7:a8:83:46:fb:fe:34:f6:61:3b:ca:0d:
59:e0:70:5e:a1:df:a1:45:69:bd:32:69:1d:67:8e:
8e:ab:c7:6d:2e:3c:89:b9:5b:35:09:84:b1:84:7b:
52:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:24:5F:75:7C:84:2D:CD:3D:CD:61:9A:1C:8C:F4:A9:21:06:0F:6D
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/xyRfdXyELc09zWGaHIz0qSEGD20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
67:06:f7:01:d4:87:8a:16:61:85:78:85:ac:5b:c9:d6:1e:20:
f9:8f:24:4d:5b:1a:e9:33:dd:ce:e4:b1:e3:fd:cc:9d:9b:64:
ba:5d:00:4f:26:c6:fd:80:2d:9f:b6:da:7f:1c:49:79:b7:a8:
1c:ef:f8:df:1e:c2:0f:80:57:01:2c:d2:41:a6:f2:b4:d2:51:
e3:5d:dd:66:e9:fb:58:ca:e4:ca:8c:ad:d9:67:1b:55:f3:41:
a6:ca:da:08:a9:9b:83:a2:76:b7:70:65:cf:d6:6e:d0:ee:d6:
85:42:1e:c7:01:38:c7:27:47:13:28:77:cc:28:9e:b2:92:56:
34:17:b9:d2:d1:e4:cc:cc:9f:f8:f1:84:2a:12:06:d2:76:62:
2c:01:57:73:59:d4:d3:f0:ca:03:55:c2:af:9c:ab:3e:e8:7d:
b4:48:75:ba:41:1f:5e:cf:60:3e:43:5b:65:aa:4a:07:fd:f9:
7f:7a:d4:4b:45:3f:0c:cb:ed:93:e6:c3:97:aa:f5:d6:78:86:
f2:0c:b2:4a:65:a5:12:38:5c:4b:60:0b:b6:11:35:29:9c:a4:
c7:58:29:8d:e6:a0:10:e0:5f:f3:62:ec:ca:3a:db:e3:4f:69:
d0:7b:67:32:3a:8c:b8:6d:c3:8a:1f:3f:ed:44:10:67:3e:55:
b4:6d:29:a8
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAYTiZhdpoK1SFiIcp3xxZLwmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA1MTMwNzMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzI0NWY3NTdjODQyZGNkM2RjZDYxOWExYzhjZjRhOTIxMDYwZjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9tQ+jhzatJWmOWY4JpQ8ZCpi/jT
w42yLKn3mxqz/sU1yJO05o4nbPvH7tzy9g9rJmxd8i7dMoooVgV1nTKZuwpCHKTE
oj+GfkCwq7f60MsddMDl/Gu92Snnec8ZptuNmS54UtexUZ4mEzb2+J66/qx38+IE
eXV59RpzsUJ4umVeOmUbPl0geqIqiuHq7npeUM2De+aoqQ7rkJVHsDojEJ/E72WK
OTaUyi0e8lOdUqdNQE5Y0cw7ixHDuP7X8Kn7JjMCb0i5jGbZrjM512cbsuCjVLPH
qING+/409mE7yg1Z4HBeod+hRWm9MmkdZ46Oq8dtLjyJuVs1CYSxhHtSoQIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFMckX3V8hC3NPc1hmhyM9KkhBg9tMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEveHlSZmRYeUVMYzA5eldHYUhJejBxU0VHRDIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBswQCAAEwgawDBAdV
GoADBAVWbcADBAJbwdQDBAddmYADBAdeGYADBAdfiQADBARtSnADBAZtfEADAwBt
vAMEBoDMQAMEA7IXkAMEArkDIAMEArnSjAMEA7xeqAMDALyiAwQCwcnkAwQFwwWA
AwQFwxBgAwQBw050AwQAw5VvAwQFw+ZAAwQF1A6gAwQF1CxAAwQF1EVgAwQF1Heg
AwQF1ZqgAwQF1aggAwQG1fNAAwQE2XNQMA0GCSqGSIb3DQEBCwUAA4IBAQBnBvcB
1IeKFmGFeIWsW8nWHiD5jyRNWxrpM93O5LHj/cydm2S6XQBPJsb9gC2fttp/HEl5
t6gc7/jfHsIPgFcBLNJBpvK00lHjXd1m6ftYyuTKjK3ZZxtV80GmytoIqZuDona3
cGXP1m7Q7taFQh7HATjHJ0cTKHfMKJ6yklY0F7nS0eTMzJ/48YQqEgbSdmIsAVdz
WdTT8MoDVcKvnKs+6H20SHW6QR9ez2A+Q1tlqkoH/fl/etRLRT8My+2T5sOXqvXW
eIbyDLJKZaUSOFxLYAu2ETUpnKTHWCmN5qAQ4F/zYuzKOtvjT2nQe2cyOoy4bcOK
Hz/tRBBnPlW0bSmo
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:33:49 2025 by rpki-client