Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/FEdMbCbzJgH4I201iITFsY5tQkY.roa
File: FEdMbCbzJgH4I201iITFsY5tQkY.roa (raw, json)
Hash identifier: yUyH8MEoNnWUXoPsKPA+PXI+yDyq7XJC03dhzicpvkw=
Subject key identifier: 14:47:4C:6C:26:F3:26:01:F8:23:6D:35:88:84:C5:B1:8E:6D:42:46
Certificate issuer: /CN=19ffff289f2dad0fc08456b0bad54d7ba449a492
Certificate serial: 0195D2CC75D67EC5A31C2F0B420A9B0C02D9
Authority key identifier: 19:FF:FF:28:9F:2D:AD:0F:C0:84:56:B0:BA:D5:4D:7B:A4:49:A4:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/FEdMbCbzJgH4I201iITFsY5tQkY.roa
Signing time: Wed 26 Mar 2025 14:12:49 +0000
ROA not before: Wed 26 Mar 2025 14:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13213
IP address blocks: 31.24.224.0/21 maxlen: 24
37.123.112.0/21 maxlen: 24
37.123.112.0/24 maxlen: 24
46.23.64.0/21 maxlen: 21
46.23.72.0/22 maxlen: 22
46.23.76.0/22 maxlen: 24
77.92.64.0/21 maxlen: 21
77.92.72.0/22 maxlen: 22
77.92.76.0/23 maxlen: 23
77.92.78.0/23 maxlen: 23
77.92.80.0/20 maxlen: 20
82.163.72.0/21 maxlen: 24
83.170.64.0/18 maxlen: 24
88.202.176.0/20 maxlen: 24
88.202.224.0/21 maxlen: 24
91.109.240.0/21 maxlen: 24
109.123.64.0/18 maxlen: 24
176.67.160.0/21 maxlen: 21
176.67.169.0/24 maxlen: 24
176.67.171.0/24 maxlen: 24
176.67.172.0/22 maxlen: 24
185.7.224.0/22 maxlen: 24
2a02:2498::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d2:cc:75:d6:7e:c5:a3:1c:2f:0b:42:0a:9b:0c:02:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ffff289f2dad0fc08456b0bad54d7ba449a492
Validity
Not Before: Mar 26 14:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=14474c6c26f32601f8236d358884c5b18e6d4246
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:5c:d2:80:d2:dc:88:0f:c1:71:0d:fb:ff:50:
ec:d9:20:0a:b6:5e:84:99:12:85:42:fd:a4:c2:1d:
cb:06:bc:13:b1:98:28:a9:0b:03:b9:a2:db:63:92:
1e:4c:7b:60:db:8e:d8:2d:c0:da:bc:df:6a:30:ed:
5e:a2:99:02:33:51:e4:02:9d:03:8d:6a:40:24:f0:
d1:25:00:03:07:ec:70:e1:a4:a0:fe:cd:94:0d:6a:
28:c8:0a:d7:44:58:21:28:a6:a3:5b:c1:83:b5:df:
2a:b8:78:88:8e:ee:aa:26:5f:f8:40:be:4a:e8:91:
3d:0b:fc:da:7d:1a:89:b7:48:67:d5:d9:02:06:d4:
7d:51:43:9f:1f:10:ad:6a:ad:75:42:db:e1:f1:af:
1f:ba:0d:1d:64:bb:d0:0c:0d:63:54:b8:1f:6c:2e:
ab:59:8e:64:dc:8f:09:38:e3:51:db:64:ae:7b:b1:
35:ef:ec:71:b4:a7:33:d7:6d:10:fc:8d:0f:23:a9:
b3:f0:86:58:63:07:88:7e:d3:d8:80:86:ff:39:de:
12:5a:17:37:e5:d6:f6:d0:40:0a:b5:8a:f2:50:ec:
5a:f7:d9:88:f6:8d:47:ad:95:db:5e:7c:a3:a1:58:
25:0c:1e:ed:e2:3c:1b:36:2f:32:a1:e3:8f:17:23:
85:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:47:4C:6C:26:F3:26:01:F8:23:6D:35:88:84:C5:B1:8E:6D:42:46
X509v3 Authority Key Identifier:
keyid:19:FF:FF:28:9F:2D:AD:0F:C0:84:56:B0:BA:D5:4D:7B:A4:49:A4:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/FEdMbCbzJgH4I201iITFsY5tQkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Gf__KJ8trQ_AhFawutVNe6RJpJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.224.0/21
37.123.112.0/21
46.23.64.0/20
77.92.64.0/19
82.163.72.0/21
83.170.64.0/18
88.202.176.0/20
88.202.224.0/21
91.109.240.0/21
109.123.64.0/18
176.67.160.0/21
176.67.169.0/24
176.67.171.0-176.67.175.255
185.7.224.0/22
IPv6:
2a02:2498::/32
Signature Algorithm: sha256WithRSAEncryption
66:34:8f:4a:6f:5c:e1:5d:1a:d8:c7:f9:ea:92:4d:70:e3:f0:
35:f4:55:48:2b:5d:2f:77:a9:ec:85:79:72:60:1d:5a:e3:2b:
86:33:0b:07:1e:cc:53:56:dc:e0:e1:b8:22:a5:4f:62:6b:84:
d1:42:ff:5b:4a:f7:37:aa:e4:c6:00:69:b9:cd:54:0b:27:83:
fd:7c:57:07:44:76:d1:6b:1b:c6:63:cc:66:2f:ac:f0:19:00:
69:b7:55:17:2c:54:21:50:2a:74:60:52:6b:a2:0f:8f:1a:7c:
be:be:79:70:ce:59:7c:e3:41:c9:4e:2d:cb:69:31:cd:98:28:
80:4a:0f:16:fd:dd:a5:08:ee:2f:fb:e4:ca:e1:78:6e:35:db:
ea:b6:3b:ca:7e:de:0b:2c:36:1d:e8:86:d0:89:be:9f:df:9d:
30:9d:98:4a:2a:ab:e9:a9:f9:4e:02:15:83:29:62:e1:9b:0c:
b3:c1:05:f7:ae:49:cd:29:3f:4b:fe:55:17:69:8d:b8:6c:69:
2c:ef:9f:8c:80:98:47:37:74:af:7b:85:4a:84:13:d3:ff:47:
9b:2d:17:a1:61:15:57:79:f5:36:63:c6:c6:bf:fd:cc:a5:29:
62:ad:83:41:a3:94:47:80:7a:43:64:a4:02:8a:78:d8:96:50:
85:5f:52:51
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAZXSzHXWfsWjHC8LQgqbDALZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZmZmZjI4OWYyZGFkMGZjMDg0NTZiMGJhZDU0ZDdiYTQ0
OWE0OTIwHhcNMjUwMzI2MTQxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDQ3NGM2YzI2ZjMyNjAxZjgyMzZkMzU4ODg0YzViMThlNmQ0MjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1zSgNLciA/BcQ37/1Ds2SAKtl6E
mRKFQv2kwh3LBrwTsZgoqQsDuaLbY5IeTHtg247YLcDavN9qMO1eopkCM1HkAp0D
jWpAJPDRJQADB+xw4aSg/s2UDWooyArXRFghKKajW8GDtd8quHiIju6qJl/4QL5K
6JE9C/zafRqJt0hn1dkCBtR9UUOfHxCtaq11Qtvh8a8fug0dZLvQDA1jVLgfbC6r
WY5k3I8JOONR22Sue7E17+xxtKcz120Q/I0PI6mz8IZYYweIftPYgIb/Od4SWhc3
5db20EAKtYryUOxa99mI9o1HrZXbXnyjoVglDB7t4jwbNi8yoeOPFyOFYwIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFBRHTGwm8yYB+CNtNYiExbGObUJGMB8GA1UdIwQY
MBaAFBn//yifLa0PwIRWsLrVTXukSaSSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2ZfX0tKOHRyUV9BaEZhd3V0Vk5lNlJKcEpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jMTFjODctZWZiYi00NWU4LTliMDMt
ZDUyNTcxOGFhNDRhLzEvRkVkTWJDYnpKZ0g0STIwMWlJVEZzWTV0UWtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jMTFjODctZWZiYi00NWU4LTliMDMtZDUyNTcxOGFhNDRh
LzEvR2ZfX0tKOHRyUV9BaEZhd3V0Vk5lNlJKcEpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwYgQCAAEwXAMEAx8Y4AME
AyV7cAMEBC4XQAMEBU1cQAMEA1KjSAMEBlOqQAMEBFjKsAMEA1jK4AMEA1tt8AME
Bm17QAMEA7BDoAMEALBDqTAMAwQAsEOrAwQEsEOgAwQCuQfgMA0EAgACMAcDBQAq
AiSYMA0GCSqGSIb3DQEBCwUAA4IBAQBmNI9Kb1zhXRrYx/nqkk1w4/A19FVIK10v
d6nshXlyYB1a4yuGMwsHHsxTVtzg4bgipU9ia4TRQv9bSvc3quTGAGm5zVQLJ4P9
fFcHRHbRaxvGY8xmL6zwGQBpt1UXLFQhUCp0YFJrog+PGny+vnlwzll840HJTi3L
aTHNmCiASg8W/d2lCO4v++TK4XhuNdvqtjvKft4LLDYd6IbQib6f350wnZhKKqvp
qflOAhWDKWLhmwyzwQX3rknNKT9L/lUXaY24bGks75+MgJhHN3Sve4VKhBPT/0eb
LRehYRVXefU2Y8bGv/3MpSlirYNBo5RHgHpDZKQCinjYllCFX1JR
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:51:32 2025 by rpki-client