Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/m7iDzlCGf343P9LUMQ7CzCNMpq8.roa
File: m7iDzlCGf343P9LUMQ7CzCNMpq8.roa (raw, json)
Hash identifier: 25V4vL1hxRuT+EiKGjaMOxdCAH/Rao4IMyItMWn6Kn4=
Subject key identifier: 9B:B8:83:CE:50:86:7F:7E:37:3F:D2:D4:31:0E:C2:CC:23:4C:A6:AF
Certificate issuer: /CN=d9d63156c1836f16c3b430effbb72ac69932ea9b
Certificate serial: 01942067FA875A6B60BAA51D80C6824F6589
Authority key identifier: D9:D6:31:56:C1:83:6F:16:C3:B4:30:EF:FB:B7:2A:C6:99:32:EA:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2dYxVsGDbxbDtDDv-7cqxpky6ps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/m7iDzlCGf343P9LUMQ7CzCNMpq8.roa
Signing time: Wed 01 Jan 2025 05:47:52 +0000
ROA not before: Wed 01 Jan 2025 05:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207990
IP address blocks: 31.40.228.0/22 maxlen: 32
78.138.8.0/24 maxlen: 32
78.138.41.0/24 maxlen: 32
78.138.53.0/24 maxlen: 32
78.138.54.0/23 maxlen: 32
78.138.63.0/24 maxlen: 32
80.240.98.0/23 maxlen: 32
83.229.0.0/23 maxlen: 32
83.229.7.0/24 maxlen: 32
83.229.12.0/23 maxlen: 32
83.229.27.0/24 maxlen: 32
83.229.30.0/24 maxlen: 32
83.229.36.0/23 maxlen: 32
83.229.58.0/23 maxlen: 32
83.229.60.0/24 maxlen: 32
83.229.66.0/24 maxlen: 32
83.229.92.0/24 maxlen: 32
83.229.110.0/24 maxlen: 32
83.229.114.0/24 maxlen: 32
83.229.116.0/22 maxlen: 32
91.196.180.0/22 maxlen: 32
185.4.226.0/24 maxlen: 32
188.190.104.0/22 maxlen: 32
188.190.120.0/22 maxlen: 32
193.31.56.0/22 maxlen: 32
193.42.56.0/22 maxlen: 32
194.31.176.0/22 maxlen: 32
194.41.120.0/22 maxlen: 32
194.187.36.0/22 maxlen: 32
195.3.136.0/22 maxlen: 32
212.107.0.0/22 maxlen: 32
213.255.193.0/24 maxlen: 32
213.255.194.0/24 maxlen: 32
213.255.196.0/24 maxlen: 32
213.255.199.0/24 maxlen: 32
213.255.204.0/24 maxlen: 32
213.255.207.0/24 maxlen: 32
217.194.130.0/23 maxlen: 32
217.194.136.0/23 maxlen: 32
217.194.139.0/24 maxlen: 32
217.194.144.0/24 maxlen: 32
217.194.151.0/24 maxlen: 32
217.194.152.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:fa:87:5a:6b:60:ba:a5:1d:80:c6:82:4f:65:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9d63156c1836f16c3b430effbb72ac69932ea9b
Validity
Not Before: Jan 1 05:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9bb883ce50867f7e373fd2d4310ec2cc234ca6af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:9a:1a:a0:1d:c0:10:64:4f:a2:48:d4:9f:17:
8d:3b:61:21:b3:40:cf:e9:f6:f6:41:c4:3f:04:8c:
21:05:a4:6a:d3:c9:c5:f9:db:d1:98:3a:c5:23:ca:
fd:7f:7b:9a:07:42:68:b4:84:98:d5:ac:35:7c:73:
46:a6:89:0c:e7:41:08:dc:e3:7e:0b:6e:e1:d1:6a:
a7:41:74:30:5b:04:2f:01:62:72:d6:e9:32:ab:6d:
8c:6b:9d:0a:66:a3:8a:d6:a1:1a:d8:6f:7e:7e:da:
c0:14:a6:d5:93:9f:c2:09:f0:71:28:e0:35:7a:d7:
6d:a3:a0:52:d8:d4:09:bf:66:8a:64:c0:1f:51:29:
82:24:ea:98:e1:23:e5:a4:38:a9:76:80:da:da:fd:
4a:b4:b0:e5:10:e2:ba:55:8e:07:da:2c:1e:71:82:
6e:e6:20:94:ff:18:3f:92:89:d9:b2:0a:35:c8:e3:
54:ea:e8:b3:8d:f8:d7:71:23:c4:15:a8:b7:51:73:
0f:7a:f7:40:0a:38:20:9e:80:43:83:f9:3e:c2:b4:
3b:d9:58:ca:55:e5:97:ee:f1:2e:a4:a1:21:a2:81:
79:a0:f5:61:70:25:e5:41:b5:6e:4f:82:ce:7c:15:
98:12:36:07:62:fa:7f:b8:7f:5e:84:37:b1:cb:32:
e6:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:B8:83:CE:50:86:7F:7E:37:3F:D2:D4:31:0E:C2:CC:23:4C:A6:AF
X509v3 Authority Key Identifier:
keyid:D9:D6:31:56:C1:83:6F:16:C3:B4:30:EF:FB:B7:2A:C6:99:32:EA:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dYxVsGDbxbDtDDv-7cqxpky6ps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/m7iDzlCGf343P9LUMQ7CzCNMpq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/2dYxVsGDbxbDtDDv-7cqxpky6ps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.228.0/22
78.138.8.0/24
78.138.41.0/24
78.138.53.0-78.138.55.255
78.138.63.0/24
80.240.98.0/23
83.229.0.0/23
83.229.7.0/24
83.229.12.0/23
83.229.27.0/24
83.229.30.0/24
83.229.36.0/23
83.229.58.0-83.229.60.255
83.229.66.0/24
83.229.92.0/24
83.229.110.0/24
83.229.114.0/24
83.229.116.0/22
91.196.180.0/22
185.4.226.0/24
188.190.104.0/22
188.190.120.0/22
193.31.56.0/22
193.42.56.0/22
194.31.176.0/22
194.41.120.0/22
194.187.36.0/22
195.3.136.0/22
212.107.0.0/22
213.255.193.0-213.255.194.255
213.255.196.0/24
213.255.199.0/24
213.255.204.0/24
213.255.207.0/24
217.194.130.0/23
217.194.136.0/23
217.194.139.0/24
217.194.144.0/24
217.194.151.0-217.194.152.255
Signature Algorithm: sha256WithRSAEncryption
93:65:79:96:7b:f6:97:2c:6e:f9:52:90:3d:ca:2e:06:b7:d2:
57:b7:81:26:e5:95:a0:f1:fb:9d:43:83:2e:21:4e:b9:ee:cc:
6e:5c:2b:3c:e6:2c:72:30:96:bd:fb:50:5d:50:9b:04:ff:1d:
39:d1:1e:cf:5c:0b:96:4b:ca:29:ee:e5:94:6c:d3:62:07:50:
66:f5:af:d5:36:ac:24:7f:4c:ea:be:5e:9b:16:c8:86:36:e8:
67:e8:60:ca:eb:75:3d:e8:94:8d:b0:e4:cb:b8:79:e3:b4:e3:
ea:24:8a:61:b1:ee:63:5f:fc:0b:27:a8:20:77:30:86:de:1a:
a9:ce:fb:d4:b0:03:e7:af:41:ee:71:29:e8:f0:96:da:5f:13:
ea:eb:06:12:b5:55:e4:59:a0:07:72:3d:7b:9d:dc:65:2b:99:
27:27:f1:89:ad:48:42:dd:6b:0c:d6:c5:ac:db:b5:5a:db:c6:
82:de:7b:b7:ad:25:08:0e:df:8e:16:90:ca:c7:70:59:9f:76:
c0:d3:1c:50:86:39:cc:d1:dd:29:aa:4a:9c:da:15:e8:4c:26:
0e:8e:5e:d7:af:15:76:0e:c5:55:7d:64:b1:bd:21:9a:57:dc:
08:f6:37:4a:ad:ae:ad:8c:25:8c:2b:3a:88:2c:f5:1d:09:d8:
b7:f0:fc:af
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgISAZQgZ/qHWmtguqUdgMaCT2WJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZDYzMTU2YzE4MzZmMTZjM2I0MzBlZmZiYjcyYWM2OTkz
MmVhOWIwHhcNMjUwMTAxMDU0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmI4ODNjZTUwODY3ZjdlMzczZmQyZDQzMTBlYzJjYzIzNGNhNmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3JoaoB3AEGRPokjUnxeNO2Ehs0DP
6fb2QcQ/BIwhBaRq08nF+dvRmDrFI8r9f3uaB0JotISY1aw1fHNGpokM50EI3ON+
C27h0WqnQXQwWwQvAWJy1ukyq22Ma50KZqOK1qEa2G9+ftrAFKbVk5/CCfBxKOA1
etdto6BS2NQJv2aKZMAfUSmCJOqY4SPlpDipdoDa2v1KtLDlEOK6VY4H2iwecYJu
5iCU/xg/konZsgo1yONU6uizjfjXcSPEFai3UXMPevdACjggnoBDg/k+wrQ72VjK
VeWX7vEupKEhooF5oPVhcCXlQbVuT4LOfBWYEjYHYvp/uH9ehDexyzLmzwIDAQAB
o4IDFzCCAxMwHQYDVR0OBBYEFJu4g85Qhn9+Nz/S1DEOwswjTKavMB8GA1UdIwQY
MBaAFNnWMVbBg28Ww7Qw7/u3KsaZMuqbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmRZeFZzR0RieGJEdEREdi03Y3F4cGt5NnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy84ZjQ2YmUtMDI4Yi00ZDAzLWE5NzMt
ZmRhMDExZTVjOTcyLzEvbTdpRHpsQ0dmMzQzUDlMVU1RN0N6Q05NcHE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy84ZjQ2YmUtMDI4Yi00ZDAzLWE5NzMtZmRhMDExZTVjOTcy
LzEvMmRZeFZzR0RieGJEdEREdi03Y3F4cGt5NnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKwYIKwYBBQUHAQcBAf8EggEaMIIBFjCCARIEAgABMIIB
CgMEAh8o5AMEAE6KCAMEAE6KKTAMAwQAToo1AwQDToowAwQAToo/AwQBUPBiAwQB
U+UAAwQAU+UHAwQBU+UMAwQAU+UbAwQAU+UeAwQBU+UkMAwDBAFT5ToDBABT5TwD
BABT5UIDBABT5VwDBABT5W4DBABT5XIDBAJT5XQDBAJbxLQDBAC5BOIDBAK8vmgD
BAK8vngDBALBHzgDBALBKjgDBALCH7ADBALCKXgDBALCuyQDBALDA4gDBALUawAw
DAMEANX/wQMEANX/wgMEANX/xAMEANX/xwMEANX/zAMEANX/zwMEAdnCggMEAdnC
iAMEANnCiwMEANnCkDAMAwQA2cKXAwQA2cKYMA0GCSqGSIb3DQEBCwUAA4IBAQCT
ZXmWe/aXLG75UpA9yi4Gt9JXt4Em5ZWg8fudQ4MuIU657sxuXCs85ixyMJa9+1Bd
UJsE/x050R7PXAuWS8op7uWUbNNiB1Bm9a/VNqwkf0zqvl6bFsiGNuhn6GDK63U9
6JSNsOTLuHnjtOPqJIphse5jX/wLJ6ggdzCG3hqpzvvUsAPnr0HucSno8JbaXxPq
6wYStVXkWaAHcj17ndxlK5knJ/GJrUhC3WsM1sWs27Va28aC3nu3rSUIDt+OFpDK
x3BZn3bA0xxQhjnM0d0pqkqc2hXoTCYOjl7XrxV2DsVVfWSxvSGaV9wI9jdKra6t
jCWMKzqILPUdCdi38Pyv
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:12:38 2025 by rpki-client