Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/11a864-d1cb-4000-b2bc-19ee3d8b577e/1/IJhPQVRGmqp2pjIIawE6kNe1OmA.roa
File: IJhPQVRGmqp2pjIIawE6kNe1OmA.roa (raw, json)
Hash identifier: CLam7RT5Mlb2eTTNUeyHDRKz53rH3cHg09btZTqWmkw=
Subject key identifier: 20:98:4F:41:54:46:9A:AA:76:A6:32:08:6B:01:3A:90:D7:B5:3A:60
Certificate issuer: /CN=eee573084100b41d7cc1e447295ba71d019d5192
Certificate serial: 01941FFA0E6A0105C071090C7AC0B2A2B0FF
Authority key identifier: EE:E5:73:08:41:00:B4:1D:7C:C1:E4:47:29:5B:A7:1D:01:9D:51:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7uVzCEEAtB18weRHKVunHQGdUZI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/11a864-d1cb-4000-b2bc-19ee3d8b577e/1/IJhPQVRGmqp2pjIIawE6kNe1OmA.roa
Signing time: Wed 01 Jan 2025 03:47:48 +0000
ROA not before: Wed 01 Jan 2025 03:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12637
IP address blocks: 5.144.160.0/20 maxlen: 24
37.9.224.0/20 maxlen: 24
37.9.239.0/24 maxlen: 24
46.16.168.0/21 maxlen: 24
85.94.192.0/19 maxlen: 24
85.94.208.0/20 maxlen: 24
95.174.0.0/19 maxlen: 24
185.24.104.0/22 maxlen: 24
185.47.108.0/22 maxlen: 24
185.220.244.0/22 maxlen: 24
185.222.68.0/22 maxlen: 24
212.25.160.0/19 maxlen: 24
212.35.192.0/19 maxlen: 24
212.66.224.0/19 maxlen: 24
213.171.160.0/19 maxlen: 24
217.64.192.0/20 maxlen: 24
217.168.224.0/20 maxlen: 24
217.194.0.0/20 maxlen: 24
2001:4b78::/29 maxlen: 48
2001:4b78::/32 maxlen: 48
2a04:2700::/29 maxlen: 48
2a05:b6c0::/29 maxlen: 48
2a0b:fd40::/29 maxlen: 48
2a0d:b000::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:0e:6a:01:05:c0:71:09:0c:7a:c0:b2:a2:b0:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eee573084100b41d7cc1e447295ba71d019d5192
Validity
Not Before: Jan 1 03:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20984f4154469aaa76a632086b013a90d7b53a60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d4:7f:ab:d7:8a:17:0f:ec:d3:26:7a:f4:6c:
4b:8f:2c:fb:b6:f0:4d:0b:14:35:c3:2f:55:a4:4b:
bb:24:be:e4:50:89:bb:e4:3e:c8:b8:37:a3:3e:83:
a5:2c:01:7e:e7:e6:b0:72:6a:da:20:ad:98:44:92:
dc:c6:22:63:6a:da:6d:9a:09:82:75:7f:d2:fa:8b:
78:1a:ce:ee:06:18:fb:49:1a:5f:9c:ed:ee:00:c8:
de:61:97:0c:2b:9e:0c:e8:c5:8c:53:c9:68:31:f0:
25:89:4a:f6:51:bd:06:49:31:53:0e:82:01:a3:d1:
1c:b4:5c:42:be:62:e6:b6:fc:32:b4:9b:4a:7e:9b:
f7:b7:45:15:25:7c:ef:c0:15:18:bd:94:77:b2:4c:
e2:32:65:a5:54:59:db:7d:76:70:f0:f1:4d:87:f8:
d0:68:f2:c0:d5:52:ac:95:ec:7c:a2:4c:fb:2f:0e:
63:8c:47:b1:8f:ef:cd:96:a2:dc:9c:e3:a2:4c:a6:
81:7a:90:94:b7:b5:cd:a5:89:b2:67:f7:ff:ed:e7:
c9:07:8a:92:90:02:2e:61:f5:23:a9:67:4e:74:43:
56:4a:ac:25:7a:28:65:82:9a:58:19:2b:fc:e3:41:
03:c7:d6:ab:99:65:89:2e:8f:15:e5:79:56:dc:2d:
cc:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:98:4F:41:54:46:9A:AA:76:A6:32:08:6B:01:3A:90:D7:B5:3A:60
X509v3 Authority Key Identifier:
keyid:EE:E5:73:08:41:00:B4:1D:7C:C1:E4:47:29:5B:A7:1D:01:9D:51:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7uVzCEEAtB18weRHKVunHQGdUZI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/11a864-d1cb-4000-b2bc-19ee3d8b577e/1/IJhPQVRGmqp2pjIIawE6kNe1OmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/11a864-d1cb-4000-b2bc-19ee3d8b577e/1/7uVzCEEAtB18weRHKVunHQGdUZI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.160.0/20
37.9.224.0/20
46.16.168.0/21
85.94.192.0/19
95.174.0.0/19
185.24.104.0/22
185.47.108.0/22
185.220.244.0/22
185.222.68.0/22
212.25.160.0/19
212.35.192.0/19
212.66.224.0/19
213.171.160.0/19
217.64.192.0/20
217.168.224.0/20
217.194.0.0/20
IPv6:
2001:4b78::/29
2a04:2700::/29
2a05:b6c0::/29
2a0b:fd40::/29
2a0d:b000::/29
Signature Algorithm: sha256WithRSAEncryption
83:8c:ed:d5:fb:f8:8c:e9:a9:55:16:e1:5b:c1:cc:eb:81:88:
b1:21:13:bd:25:5f:9b:43:3a:53:6b:96:60:c2:9f:48:bc:2d:
9b:30:62:f1:96:7f:63:06:94:33:3d:a8:0d:06:9c:83:ff:f8:
fc:f5:a7:ac:e5:3b:ca:3c:27:0a:c2:45:28:da:c5:3e:b0:f0:
95:5d:ff:b1:28:43:43:72:a5:0f:fe:bc:9d:d0:3b:d1:85:e2:
f4:b8:24:0d:7b:bc:2e:e1:3e:49:c1:75:c8:59:ff:36:cd:95:
87:f9:2a:5c:12:4e:a0:65:c6:c0:44:d0:d1:82:a0:d0:90:76:
cf:67:21:08:8a:91:dd:60:09:93:29:d9:d7:8a:ba:f1:d4:54:
3f:e5:ff:4e:84:77:fa:c5:fc:05:e2:95:ff:9e:f7:1b:28:b3:
b7:3f:c4:7e:c4:fd:c0:fd:e9:2b:43:dd:6b:fd:fc:aa:7c:4a:
a8:4c:d0:00:d9:c2:10:08:c5:65:f1:6c:fb:9f:00:17:30:8a:
f9:2f:05:18:d0:0e:e0:fd:11:4a:e4:6c:a5:f5:90:27:4e:c0:
e4:1d:ba:f8:7c:5b:b8:b2:9a:4c:77:c8:9b:38:9f:12:36:f8:
a0:fd:22:64:5f:73:05:f6:65:98:10:97:1d:6f:92:56:96:48:
65:05:eb:a7
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgISAZQf+g5qAQXAcQkMesCyorD/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlZTU3MzA4NDEwMGI0MWQ3Y2MxZTQ0NzI5NWJhNzFkMDE5
ZDUxOTIwHhcNMjUwMTAxMDM0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDk4NGY0MTU0NDY5YWFhNzZhNjMyMDg2YjAxM2E5MGQ3YjUzYTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9R/q9eKFw/s0yZ69GxLjyz7tvBN
CxQ1wy9VpEu7JL7kUIm75D7IuDejPoOlLAF+5+awcmraIK2YRJLcxiJjatptmgmC
dX/S+ot4Gs7uBhj7SRpfnO3uAMjeYZcMK54M6MWMU8loMfAliUr2Ub0GSTFTDoIB
o9EctFxCvmLmtvwytJtKfpv3t0UVJXzvwBUYvZR3skziMmWlVFnbfXZw8PFNh/jQ
aPLA1VKslex8okz7Lw5jjEexj+/NlqLcnOOiTKaBepCUt7XNpYmyZ/f/7efJB4qS
kAIuYfUjqWdOdENWSqwleihlgppYGSv840EDx9armWWJLo8V5XlW3C3MtwIDAQAB
o4ICkTCCAo0wHQYDVR0OBBYEFCCYT0FURpqqdqYyCGsBOpDXtTpgMB8GA1UdIwQY
MBaAFO7lcwhBALQdfMHkRylbpx0BnVGSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3VWekNFRUF0QjE4d2VSSEtWdW5IUUdkVVpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8xMWE4NjQtZDFjYi00MDAwLWIyYmMt
MTllZTNkOGI1NzdlLzEvSUpoUFFWUkdtcXAycGpJSWF3RTZrTmUxT21BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8xMWE4NjQtZDFjYi00MDAwLWIyYmMtMTllZTNkOGI1Nzdl
LzEvN3VWekNFRUF0QjE4d2VSSEtWdW5IUUdkVVpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGmBggrBgEFBQcBBwEB/wSBljCBkzBmBAIAATBgAwQEBZCg
AwQEJQngAwQDLhCoAwQFVV7AAwQFX64AAwQCuRhoAwQCuS9sAwQCudz0AwQCud5E
AwQF1BmgAwQF1CPAAwQF1ELgAwQF1augAwQE2UDAAwQE2ajgAwQE2cIAMCkEAgAC
MCMDBQMgAUt4AwUDKgQnAAMFAyoFtsADBQMqC/1AAwUDKg2wADANBgkqhkiG9w0B
AQsFAAOCAQEAg4zt1fv4jOmpVRbhW8HM64GIsSETvSVfm0M6U2uWYMKfSLwtmzBi
8ZZ/YwaUMz2oDQacg//4/PWnrOU7yjwnCsJFKNrFPrDwlV3/sShDQ3KlD/68ndA7
0YXi9LgkDXu8LuE+ScF1yFn/Ns2Vh/kqXBJOoGXGwETQ0YKg0JB2z2chCIqR3WAJ
kynZ14q68dRUP+X/ToR3+sX8BeKV/573Gyiztz/EfsT9wP3pK0Pda/38qnxKqEzQ
ANnCEAjFZfFs+58AFzCK+S8FGNAO4P0RSuRspfWQJ07A5B26+HxbuLKaTHfImzif
Ejb4oP0iZF9zBfZlmBCXHW+SVpZIZQXrpw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 17:43:13 2025 by rpki-client