Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/1-_mCNfP9_HNiBcEsvWHOFnGkC9I.roa
File: 1-_mCNfP9_HNiBcEsvWHOFnGkC9I.roa (raw, json)
Hash identifier: JsQNy89vRBMXhfgHBZLMyPK1KVQmDn747eH7PkqTbv4=
Subject key identifier: FB:F9:82:35:F3:FD:FC:73:62:05:C1:2C:BD:61:CE:16:71:A4:0B:D2
Certificate issuer: /CN=aebf394e2f1b251c88d988a87161084580786ef5
Certificate serial: 019423D6A809F94D52CA49F70F3449824A87
Authority key identifier: AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/1-_mCNfP9_HNiBcEsvWHOFnGkC9I.roa
Signing time: Wed 01 Jan 2025 21:47:37 +0000
ROA not before: Wed 01 Jan 2025 21:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1299
IP address blocks: 5.182.252.0/22 maxlen: 24
37.18.160.0/20 maxlen: 24
37.58.128.0/17 maxlen: 24
45.145.124.0/22 maxlen: 24
46.20.160.0/20 maxlen: 24
62.102.224.0/19 maxlen: 24
79.98.96.0/21 maxlen: 24
81.22.216.0/21 maxlen: 24
91.103.232.0/21 maxlen: 24
91.206.156.0/23 maxlen: 24
91.217.94.0/23 maxlen: 24
91.229.230.0/23 maxlen: 24
92.61.72.0/21 maxlen: 24
94.127.8.0/21 maxlen: 24
103.77.32.0/22 maxlen: 24
103.229.36.0/23 maxlen: 24
103.232.172.0/22 maxlen: 24
109.69.192.0/21 maxlen: 24
109.237.240.0/20 maxlen: 24
128.127.128.0/20 maxlen: 24
146.247.88.0/21 maxlen: 24
149.255.136.0/21 maxlen: 24
178.249.160.0/21 maxlen: 24
185.15.128.0/22 maxlen: 24
185.42.132.0/22 maxlen: 24
185.49.120.0/23 maxlen: 24
185.65.224.0/22 maxlen: 24
185.67.88.0/22 maxlen: 24
185.79.148.0/22 maxlen: 24
185.90.96.0/22 maxlen: 24
185.95.120.0/22 maxlen: 24
185.149.8.0/22 maxlen: 24
185.172.16.0/22 maxlen: 24
185.196.248.0/22 maxlen: 24
185.204.140.0/22 maxlen: 24
185.208.248.0/22 maxlen: 24
188.66.56.0/22 maxlen: 24
194.177.32.0/19 maxlen: 24
195.214.240.0/21 maxlen: 24
212.51.160.0/19 maxlen: 24
213.108.64.0/21 maxlen: 24
213.151.168.0/23 maxlen: 24
213.151.172.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:a8:09:f9:4d:52:ca:49:f7:0f:34:49:82:4a:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aebf394e2f1b251c88d988a87161084580786ef5
Validity
Not Before: Jan 1 21:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fbf98235f3fdfc736205c12cbd61ce1671a40bd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ae:97:32:9a:ee:af:08:c9:75:9e:ef:2f:4f:
cc:cd:c0:76:69:89:f8:76:4d:41:8f:98:05:62:de:
0d:6d:4d:ee:78:63:a7:6b:f6:79:3f:97:71:c3:1c:
41:62:57:0b:a0:1c:ae:a4:ce:7b:e4:9d:d2:44:b5:
4b:44:d4:07:74:54:f5:96:f7:42:56:c9:e2:4e:2a:
89:45:7b:4a:ab:bc:e8:b9:fe:cf:9f:2d:72:d8:db:
51:8a:69:db:68:84:63:91:a0:35:fb:6f:47:f7:e5:
74:07:8f:cd:16:8f:d2:6d:e9:b7:32:91:03:26:d4:
d8:9e:9e:56:d8:f1:e5:6b:98:de:68:1e:ab:85:fe:
e1:65:63:b0:d5:9b:6a:0e:47:a7:0e:12:bf:2b:1f:
80:39:b6:4c:c3:88:ee:8f:db:1e:e4:a6:21:e1:eb:
75:d8:03:0c:c9:db:f6:d6:4f:70:c4:34:3e:d9:b1:
51:fc:e8:1d:4b:1d:ad:21:db:5b:68:09:51:02:9b:
86:b1:1c:f5:fa:3d:06:84:c5:20:df:47:23:05:33:
da:04:ee:fb:e3:f4:3f:08:e7:8e:a6:4a:b4:15:f9:
4b:e1:d1:b0:88:5b:83:3b:5e:fe:91:ba:62:b1:98:
51:ba:d4:80:f5:49:3d:94:b8:c9:cb:4e:c6:26:25:
6b:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:F9:82:35:F3:FD:FC:73:62:05:C1:2C:BD:61:CE:16:71:A4:0B:D2
X509v3 Authority Key Identifier:
keyid:AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/1-_mCNfP9_HNiBcEsvWHOFnGkC9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.252.0/22
37.18.160.0/20
37.58.128.0/17
45.145.124.0/22
46.20.160.0/20
62.102.224.0/19
79.98.96.0/21
81.22.216.0/21
91.103.232.0/21
91.206.156.0/23
91.217.94.0/23
91.229.230.0/23
92.61.72.0/21
94.127.8.0/21
103.77.32.0/22
103.229.36.0/23
103.232.172.0/22
109.69.192.0/21
109.237.240.0/20
128.127.128.0/20
146.247.88.0/21
149.255.136.0/21
178.249.160.0/21
185.15.128.0/22
185.42.132.0/22
185.49.120.0/23
185.65.224.0/22
185.67.88.0/22
185.79.148.0/22
185.90.96.0/22
185.95.120.0/22
185.149.8.0/22
185.172.16.0/22
185.196.248.0/22
185.204.140.0/22
185.208.248.0/22
188.66.56.0/22
194.177.32.0/19
195.214.240.0/21
212.51.160.0/19
213.108.64.0/21
213.151.168.0/23
213.151.172.0/23
Signature Algorithm: sha256WithRSAEncryption
29:8f:6d:24:db:98:1a:62:45:ca:ed:37:fd:be:2a:0e:db:d1:
44:f4:75:ac:9c:b6:01:51:42:09:8a:fe:a2:02:a7:3f:97:58:
ab:94:e2:89:cb:e1:1a:ac:d3:17:8d:62:e2:d0:b1:63:1f:c6:
e5:5f:af:34:2e:ec:9d:7f:be:72:89:92:cd:c7:ad:c8:42:6f:
16:1b:70:16:af:1e:68:48:17:54:45:47:5e:f7:91:57:e7:f0:
c0:a7:84:ac:b5:f4:15:51:20:25:42:4e:87:b4:53:ca:a3:22:
3c:57:07:fc:52:a6:49:48:b6:9b:81:3e:f3:82:84:e9:33:02:
1a:0d:49:47:90:a6:47:44:5b:fa:24:63:a3:35:89:23:8f:52:
38:2c:e7:a6:75:a4:d6:96:5c:0d:67:c6:0e:8f:76:79:54:b3:
66:71:43:2b:0c:7c:73:c4:84:a3:b6:a2:7a:79:e9:3f:13:07:
40:4c:7c:54:8e:77:77:94:08:a8:ca:64:fa:9a:e4:b8:87:eb:
31:f7:fc:ae:0c:1e:e3:80:22:a4:fa:dc:2a:03:57:73:1e:07:
48:5e:e5:f5:dc:15:3f:a7:79:43:0e:6b:30:75:a4:a3:ba:d4:
ac:06:36:09:43:0e:ed:e8:b3:d1:28:9d:0b:74:9d:6d:65:7c:
ea:66:54:6f
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgISAZQj1qgJ+U1Sykn3DzRJgkqHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYmYzOTRlMmYxYjI1MWM4OGQ5ODhhODcxNjEwODQ1ODA3
ODZlZjUwHhcNMjUwMTAxMjE0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmY5ODIzNWYzZmRmYzczNjIwNWMxMmNiZDYxY2UxNjcxYTQwYmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq66XMprurwjJdZ7vL0/MzcB2aYn4
dk1Bj5gFYt4NbU3ueGOna/Z5P5dxwxxBYlcLoByupM575J3SRLVLRNQHdFT1lvdC
VsniTiqJRXtKq7zouf7Pny1y2NtRimnbaIRjkaA1+29H9+V0B4/NFo/Sbem3MpED
JtTYnp5W2PHla5jeaB6rhf7hZWOw1ZtqDkenDhK/Kx+AObZMw4juj9se5KYh4et1
2AMMydv21k9wxDQ+2bFR/OgdSx2tIdtbaAlRApuGsRz1+j0GhMUg30cjBTPaBO77
4/Q/COeOpkq0FflL4dGwiFuDO17+kbpisZhRutSA9Uk9lLjJy07GJiVrgQIDAQAB
o4IDEDCCAwwwHQYDVR0OBBYEFPv5gjXz/fxzYgXBLL1hzhZxpAvSMB8GA1UdIwQY
MBaAFK6/OU4vGyUciNmIqHFhCEWAeG71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2It
NjFlN2Y0MGQ1ZGQ2LzEvMS1fbUNOZlA5X0hOaUJjRXN2V0hPRm5Ha0M5SS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzkvNDA0OThlLWQxYzAtNDg0Yy1hYmNiLTYxZTdmNDBkNWRk
Ni8xL3JyODVUaThiSlJ5STJZaW9jV0VJUllCNGJ2VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCASMGCCsGAQUFBwEHAQH/BIIBEjCCAQ4wggEKBAIAATCC
AQIDBAIFtvwDBAQlEqADBAclOoADBAItkXwDBAQuFKADBAU+ZuADBANPYmADBANR
FtgDBANbZ+gDBAFbzpwDBAFb2V4DBAFb5eYDBANcPUgDBANefwgDBAJnTSADBAFn
5SQDBAJn6KwDBANtRcADBARt7fADBASAf4ADBAOS91gDBAOV/4gDBAOy+aADBAK5
D4ADBAK5KoQDBAG5MXgDBAK5QeADBAK5Q1gDBAK5T5QDBAK5WmADBAK5X3gDBAK5
lQgDBAK5rBADBAK5xPgDBAK5zIwDBAK50PgDBAK8QjgDBAXCsSADBAPD1vADBAXU
M6ADBAPVbEADBAHVl6gDBAHVl6wwDQYJKoZIhvcNAQELBQADggEBACmPbSTbmBpi
RcrtN/2+Kg7b0UT0dayctgFRQgmK/qICpz+XWKuU4onL4Rqs0xeNYuLQsWMfxuVf
rzQu7J1/vnKJks3HrchCbxYbcBavHmhIF1RFR173kVfn8MCnhKy19BVRICVCToe0
U8qjIjxXB/xSpklItpuBPvOChOkzAhoNSUeQpkdEW/okY6M1iSOPUjgs56Z1pNaW
XA1nxg6PdnlUs2ZxQysMfHPEhKO2onp56T8TB0BMfFSOd3eUCKjKZPqa5LiH6zH3
/K4MHuOAIqT63CoDV3MeB0he5fXcFT+neUMOazB1pKO61KwGNglDDu3os9EonQt0
nW1lfOpmVG8=
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:35:12 2025 by rpki-client