Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/1-FVNiQvWEXUQsyhSP2mXL7ZeFhI.roa
File: 1-FVNiQvWEXUQsyhSP2mXL7ZeFhI.roa (raw, json)
Hash identifier: h2VWp4VUz/KwikufobsIYuUTWP+PbubtA5kM1+IYNJ4=
Subject key identifier: F8:55:4D:89:0B:D6:11:75:10:B3:28:52:3F:69:97:2F:B6:5E:16:12
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 01946926173E5BFC3C6AA78B715D16D594CE
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/1-FVNiQvWEXUQsyhSP2mXL7ZeFhI.roa
Signing time: Wed 15 Jan 2025 08:48:11 +0000
ROA not before: Wed 15 Jan 2025 08:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1136
IP address blocks: 37.251.0.0/17 maxlen: 17
62.131.0.0/16 maxlen: 16
62.251.0.0/17 maxlen: 17
77.160.0.0/13 maxlen: 13
77.168.0.0/14 maxlen: 14
77.172.0.0/16 maxlen: 16
77.173.0.0/16 maxlen: 16
77.174.0.0/16 maxlen: 16
77.175.0.0/16 maxlen: 16
77.175.0.0/17 maxlen: 17
77.175.128.0/17 maxlen: 17
80.60.0.0/15 maxlen: 15
81.204.0.0/14 maxlen: 14
82.136.192.0/18 maxlen: 18
82.168.0.0/15 maxlen: 15
82.170.0.0/16 maxlen: 16
84.39.0.0/19 maxlen: 19
84.80.0.0/16 maxlen: 16
84.82.0.0/15 maxlen: 15
84.84.0.0/14 maxlen: 14
85.113.224.0/19 maxlen: 19
86.80.0.0/13 maxlen: 13
86.88.0.0/15 maxlen: 15
86.90.0.0/16 maxlen: 16
86.92.0.0/14 maxlen: 14
88.159.0.0/16 maxlen: 16
188.142.0.0/17 maxlen: 17
195.240.0.0/16 maxlen: 16
195.240.0.0/17 maxlen: 17
195.240.128.0/18 maxlen: 18
195.240.192.0/18 maxlen: 18
195.241.0.0/16 maxlen: 16
212.123.128.0/18 maxlen: 18
212.182.128.0/18 maxlen: 18
212.238.0.0/16 maxlen: 16
213.10.0.0/16 maxlen: 16
213.84.0.0/16 maxlen: 16
213.148.224.0/19 maxlen: 19
213.197.0.0/18 maxlen: 18
2a02:a400::/25 maxlen: 25
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:69:26:17:3e:5b:fc:3c:6a:a7:8b:71:5d:16:d5:94:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Jan 15 08:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f8554d890bd6117510b328523f69972fb65e1612
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:6e:9f:a8:07:ff:ef:80:c0:7d:17:74:60:e6:
a1:31:b2:33:63:51:19:a7:2b:c7:15:79:50:24:f7:
a7:20:57:62:9e:14:53:ce:d7:99:ea:48:11:36:22:
ad:d4:93:bd:42:b0:07:8a:b9:27:9c:c4:b5:ce:fe:
4f:d7:2a:db:fe:3f:bd:80:f3:c9:99:18:af:85:28:
f1:b7:0b:a0:e9:da:cb:08:b5:87:d7:f8:5b:62:07:
a2:d2:c2:18:28:06:5c:a1:ab:f1:9e:e4:8d:4d:82:
5c:b5:f4:88:16:2a:4c:55:19:22:0e:16:88:e9:aa:
96:7d:f3:aa:31:62:0b:66:92:b7:df:0e:b7:0d:26:
ee:a1:5a:b2:06:95:a8:0b:4b:c4:c5:66:23:85:51:
ea:c3:8f:a6:2b:26:c5:72:50:bd:74:f8:57:84:8b:
63:9a:b5:0f:56:9b:5a:ba:0b:f4:1b:a6:dd:5a:02:
7d:20:f5:70:dc:88:5c:f7:96:d2:0e:64:a7:e8:2e:
7d:d1:87:82:8a:ae:69:96:9a:12:d9:57:2f:41:e3:
0c:3e:e4:51:bb:31:89:56:a8:3e:9f:b5:3f:d6:f1:
8e:92:bc:51:c5:88:bf:fc:21:54:f8:42:30:cc:df:
30:3e:25:12:0a:fd:dc:78:bb:91:60:96:79:cf:f9:
5e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:55:4D:89:0B:D6:11:75:10:B3:28:52:3F:69:97:2F:B6:5E:16:12
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/1-FVNiQvWEXUQsyhSP2mXL7ZeFhI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.251.0.0/17
62.131.0.0/16
62.251.0.0/17
77.160.0.0/12
80.60.0.0/15
81.204.0.0/14
82.136.192.0/18
82.168.0.0-82.170.255.255
84.39.0.0/19
84.80.0.0/16
84.82.0.0-84.87.255.255
85.113.224.0/19
86.80.0.0-86.90.255.255
86.92.0.0/14
88.159.0.0/16
188.142.0.0/17
195.240.0.0/15
212.123.128.0/18
212.182.128.0/18
212.238.0.0/16
213.10.0.0/16
213.84.0.0/16
213.148.224.0/19
213.197.0.0/18
IPv6:
2a02:a400::/25
Signature Algorithm: sha256WithRSAEncryption
08:2e:ab:c8:38:60:87:d3:14:20:80:f6:3a:46:16:b6:ae:9c:
ec:05:13:9e:21:3e:8a:bc:1a:0e:c6:b3:a1:fc:18:f2:b4:8b:
08:67:91:d9:31:5e:e4:97:37:da:82:26:5d:f8:29:7d:f2:e3:
41:c4:ce:1b:73:aa:68:5e:c8:eb:a1:d1:04:4a:ac:99:a0:b5:
04:43:36:84:3f:da:39:dc:9d:7a:18:2a:1a:a5:34:68:9e:2d:
e3:a3:bf:a1:89:0b:54:ab:49:2f:f0:20:30:77:b8:f6:65:3c:
f5:be:30:b1:db:33:86:e0:10:63:0d:a3:cf:81:df:8b:52:18:
a0:be:25:6c:79:72:02:1e:13:a3:df:85:1b:aa:d2:ad:91:d2:
16:d2:a3:64:99:4a:b2:02:9d:96:6f:31:21:01:36:fc:7e:5d:
2a:89:e7:7e:e6:17:45:fb:9e:cb:35:56:aa:ee:d5:d3:9b:76:
27:18:ca:20:57:00:34:c9:33:cb:73:e9:68:52:74:83:29:35:
e5:e9:36:ce:b9:66:bd:41:6d:cc:e5:5b:2f:36:61:bb:9e:b8:
d8:74:e8:03:0d:75:00:c2:58:84:03:38:16:a9:79:a5:e3:19:
bd:04:ac:e6:2c:2b:14:c8:e5:26:9b:d2:c6:84:10:1e:7c:91:
c1:32:3d:f3
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZRpJhc+W/w8aqeLcV0W1ZTOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk
Y2UyMDUwHhcNMjUwMTE1MDg0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODU1NGQ4OTBiZDYxMTc1MTBiMzI4NTIzZjY5OTcyZmI2NWUxNjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0W6fqAf/74DAfRd0YOahMbIzY1EZ
pyvHFXlQJPenIFdinhRTzteZ6kgRNiKt1JO9QrAHirknnMS1zv5P1yrb/j+9gPPJ
mRivhSjxtwug6drLCLWH1/hbYgei0sIYKAZcoavxnuSNTYJctfSIFipMVRkiDhaI
6aqWffOqMWILZpK33w63DSbuoVqyBpWoC0vExWYjhVHqw4+mKybFclC9dPhXhItj
mrUPVptaugv0G6bdWgJ9IPVw3Ihc95bSDmSn6C590YeCiq5plpoS2VcvQeMMPuRR
uzGJVqg+n7U/1vGOkrxRxYi//CFU+EIwzN8wPiUSCv3ceLuRYJZ5z/leaQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFPhVTYkL1hF1ELMoUj9ply+2XhYSMB8GA1UdIwQY
MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et
ODcyYjM3MTBjMmExLzEvMS1GVk5pUXZXRVhVUXN5aFNQMm1YTDdaZUZoSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2EvNGE5Y2M0LTJiOWEtNGVmMi1hMzNhLTg3MmIzNzEwYzJh
MS8xL2dlN1VDUk9EMmUxQVZ0bjA3X2ZTWWkzYzRnVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBwwYIKwYBBQUHAQcBAf8EgbMwgbAwgZ4EAgABMIGXAwQH
JfsAAwMAPoMDBAc++wADAwRNoAMDAVA8AwMCUcwDBAZSiMAwCgMDA1KoAwMAUqoD
BAVUJwADAwBUUDAKAwMBVFIDAwNUUAMEBVVx4DAKAwMEVlADAwBWWgMDAlZcAwMA
WJ8DBAe8jgADAwHD8AMEBtR7gAMEBtS2gAMDANTuAwMA1QoDAwDVVAMEBdWU4AME
BtXFADANBAIAAjAHAwUHKgKkADANBgkqhkiG9w0BAQsFAAOCAQEACC6ryDhgh9MU
IID2OkYWtq6c7AUTniE+irwaDsazofwY8rSLCGeR2TFe5Jc32oImXfgpffLjQcTO
G3OqaF7I66HRBEqsmaC1BEM2hD/aOdydehgqGqU0aJ4t46O/oYkLVKtJL/AgMHe4
9mU89b4wsdszhuAQYw2jz4Hfi1IYoL4lbHlyAh4To9+FG6rSrZHSFtKjZJlKsgKd
lm8xIQE2/H5dKonnfuYXRfueyzVWqu7V05t2JxjKIFcANMkzy3PpaFJ0gyk15ek2
zrlmvUFtzOVbLzZhu5642HToAw11AMJYhAM4Fql5peMZvQSs5iwrFMjlJpvSxoQQ
HnyRwTI98w==
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:45:02 2025 by rpki-client