Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/3334f8-dace-497f-a5a3-814e80904be4/1/NtGaIcsQXzdhIv7N5Hgj4JTWViY.roa
File: NtGaIcsQXzdhIv7N5Hgj4JTWViY.roa (raw, json)
Hash identifier: 0I5CJlRyw+Qne7GP5zecYS+NQyZptZ+kYmo5/65tCWc=
Subject key identifier: 36:D1:9A:21:CB:10:5F:37:61:22:FE:CD:E4:78:23:E0:94:D6:56:26
Certificate issuer: /CN=5bea2b884c7067f58fff040a1f06e0df1e80ab3e
Certificate serial: 018FDEA8AEDAD6AA9A6B073FA661F386A106
Authority key identifier: 5B:EA:2B:88:4C:70:67:F5:8F:FF:04:0A:1F:06:E0:DF:1E:80:AB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W-oriExwZ_WP_wQKHwbg3x6Aqz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/3334f8-dace-497f-a5a3-814e80904be4/1/NtGaIcsQXzdhIv7N5Hgj4JTWViY.roa
Signing time: Mon 03 Jun 2024 15:12:27 +0000
ROA not before: Mon 03 Jun 2024 15:12:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9050
IP address blocks: 84.243.64.0/18 maxlen: 18
86.34.0.0/15 maxlen: 15
86.34.0.0/16 maxlen: 16
86.35.0.0/16 maxlen: 16
86.35.0.0/21 maxlen: 21
86.35.9.0/24 maxlen: 24
86.35.10.0/24 maxlen: 24
86.35.12.0/24 maxlen: 24
86.35.13.0/24 maxlen: 24
86.35.14.0/24 maxlen: 24
86.35.15.0/24 maxlen: 24
86.35.16.0/20 maxlen: 20
86.35.32.0/19 maxlen: 19
86.35.64.0/18 maxlen: 18
86.35.128.0/17 maxlen: 17
89.120.0.0/16 maxlen: 16
89.121.0.0/16 maxlen: 16
89.121.0.0/18 maxlen: 18
89.121.64.0/18 maxlen: 18
89.121.128.0/17 maxlen: 17
89.122.0.0/16 maxlen: 16
89.123.0.0/16 maxlen: 16
89.123.0.0/17 maxlen: 17
89.123.128.0/17 maxlen: 17
92.80.0.0/16 maxlen: 16
92.81.0.0/16 maxlen: 16
92.81.128.0/17 maxlen: 17
92.82.0.0/16 maxlen: 16
92.82.0.0/18 maxlen: 18
92.83.0.0/16 maxlen: 16
92.83.0.0/19 maxlen: 19
92.84.0.0/16 maxlen: 16
92.85.0.0/16 maxlen: 16
92.86.0.0/16 maxlen: 16
92.86.36.0/24 maxlen: 24
92.86.38.0/24 maxlen: 24
92.86.48.0/24 maxlen: 24
92.86.50.0/24 maxlen: 24
92.86.90.0/24 maxlen: 24
92.87.0.0/16 maxlen: 16
92.87.11.0/24 maxlen: 24
92.87.54.0/24 maxlen: 24
92.87.118.0/24 maxlen: 24
92.87.128.0/23 maxlen: 23
92.87.133.0/24 maxlen: 24
92.87.170.0/24 maxlen: 24
92.87.173.0/24 maxlen: 24
92.87.174.0/24 maxlen: 24
92.87.175.0/24 maxlen: 24
92.87.214.0/23 maxlen: 23
92.87.232.0/24 maxlen: 24
92.87.244.0/24 maxlen: 24
92.87.245.0/24 maxlen: 24
109.96.0.0/16 maxlen: 16
109.97.0.0/16 maxlen: 16
109.98.0.0/16 maxlen: 16
109.98.113.0/24 maxlen: 24
109.98.115.0/24 maxlen: 24
109.98.117.0/24 maxlen: 24
109.98.119.0/24 maxlen: 24
109.98.121.0/24 maxlen: 24
109.98.123.0/24 maxlen: 24
109.98.126.0/24 maxlen: 24
109.98.192.0/23 maxlen: 23
109.98.192.0/24 maxlen: 24
109.98.193.0/24 maxlen: 24
109.99.0.0/16 maxlen: 16
109.99.158.0/24 maxlen: 24
109.99.184.0/24 maxlen: 24
109.99.185.0/24 maxlen: 24
109.99.189.0/24 maxlen: 24
109.99.192.0/24 maxlen: 24
109.99.214.0/24 maxlen: 24
109.99.216.0/24 maxlen: 24
109.100.0.0/16 maxlen: 16
109.101.0.0/16 maxlen: 16
109.102.0.0/16 maxlen: 16
109.102.161.0/24 maxlen: 24
109.102.163.0/24 maxlen: 24
109.103.0.0/16 maxlen: 16
185.133.64.0/22 maxlen: 22
185.133.64.0/24 maxlen: 24
217.115.208.0/20 maxlen: 20
2a02:d10::/32 maxlen: 64
2a02:d10:800:1::/64 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:de:a8:ae:da:d6:aa:9a:6b:07:3f:a6:61:f3:86:a1:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bea2b884c7067f58fff040a1f06e0df1e80ab3e
Validity
Not Before: Jun 3 15:12:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36d19a21cb105f376122fecde47823e094d65626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:4f:78:61:df:b6:e8:9b:9e:8b:24:44:a5:93:
2c:1c:b7:29:9b:b8:3b:8e:ac:d8:a8:18:f1:f9:ab:
e4:14:15:d9:dc:6a:2b:b8:06:f9:6a:5c:54:ea:58:
76:73:7b:8e:b6:bb:f7:ea:c9:be:07:45:2a:5f:1d:
69:13:f0:bd:a5:c8:22:d0:71:13:9f:91:83:06:9a:
83:3c:b1:10:61:d0:43:5a:df:05:50:68:f0:27:8c:
c3:cc:5e:77:49:51:1f:57:d9:a3:4f:8b:4a:e8:29:
ee:ef:bd:ad:bf:86:3f:f7:dc:92:66:17:8a:63:76:
f4:06:b7:13:a6:2e:f4:aa:7c:4e:f8:a8:82:2d:14:
f4:70:bd:63:60:ad:8f:6e:37:f8:ee:1b:d2:e3:27:
de:d2:8c:9e:13:5a:40:2b:d4:a3:38:07:6c:7b:ea:
e7:d7:5b:47:69:ba:85:e5:cf:e9:d7:37:36:85:37:
25:44:a4:50:91:9d:0e:03:ed:23:fd:4e:dc:f6:7c:
5c:75:0d:f8:de:9e:18:14:e1:18:75:8d:08:68:84:
ac:8f:38:b5:d2:2d:08:0d:36:eb:41:ec:4c:f1:cc:
90:eb:ee:a6:67:7e:8b:8b:d7:04:2f:da:73:f0:44:
76:93:0e:b1:9a:fe:24:df:e6:36:63:c7:d5:5f:88:
c8:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D1:9A:21:CB:10:5F:37:61:22:FE:CD:E4:78:23:E0:94:D6:56:26
X509v3 Authority Key Identifier:
keyid:5B:EA:2B:88:4C:70:67:F5:8F:FF:04:0A:1F:06:E0:DF:1E:80:AB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W-oriExwZ_WP_wQKHwbg3x6Aqz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/3334f8-dace-497f-a5a3-814e80904be4/1/NtGaIcsQXzdhIv7N5Hgj4JTWViY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/3334f8-dace-497f-a5a3-814e80904be4/1/W-oriExwZ_WP_wQKHwbg3x6Aqz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.243.64.0/18
86.34.0.0/15
89.120.0.0/14
92.80.0.0/13
109.96.0.0/13
185.133.64.0/22
217.115.208.0/20
IPv6:
2a02:d10::/32
Signature Algorithm: sha256WithRSAEncryption
ae:c1:4e:32:a5:81:ad:ec:82:fd:01:ef:c5:0c:7b:6a:a7:94:
74:d7:fe:6d:d7:7b:91:4c:09:dc:5f:31:a8:7e:be:ec:60:60:
dc:82:57:25:8e:ea:4c:23:8d:fd:ac:0c:74:b1:d1:c1:c3:19:
69:f4:f3:ec:8e:e1:df:44:c9:bc:95:bc:b4:26:7a:62:1d:4f:
ce:3e:76:03:06:76:de:13:b7:8e:9d:16:cc:60:d0:ba:76:d5:
14:78:56:6e:ae:cd:f8:d9:4f:8b:5a:14:91:ea:20:3e:20:d0:
8d:39:63:71:a8:51:60:aa:b9:92:df:94:52:7d:dc:de:8c:0b:
c4:10:fe:da:94:0e:c7:3b:2b:cd:14:42:f4:cf:4a:78:e5:9b:
4c:93:c5:a4:8f:96:3d:7c:15:50:63:5b:78:5e:ef:70:25:4b:
1f:75:50:68:ea:55:8f:20:5a:68:ee:78:0c:cc:12:27:6a:46:
bd:16:68:7f:8b:ec:5c:2a:9a:fd:be:8f:cd:6a:67:c1:de:79:
d7:93:80:47:d9:ac:8d:a1:9b:24:36:09:a9:81:1d:9f:39:0c:
b8:e2:96:96:d3:27:d3:89:08:84:ad:d6:0a:37:21:a4:d6:b9:
d2:ec:58:88:95:63:ec:bf:37:a3:7b:94:bb:d6:ac:04:e9:d8:
fe:5d:50:ca
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAY/eqK7a1qqaawc/pmHzhqEGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZWEyYjg4NGM3MDY3ZjU4ZmZmMDQwYTFmMDZlMGRmMWU4
MGFiM2UwHhcNMjQwNjAzMTUxMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmQxOWEyMWNiMTA1ZjM3NjEyMmZlY2RlNDc4MjNlMDk0ZDY1NjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr094Yd+26JueiyREpZMsHLcpm7g7
jqzYqBjx+avkFBXZ3GoruAb5alxU6lh2c3uOtrv36sm+B0UqXx1pE/C9pcgi0HET
n5GDBpqDPLEQYdBDWt8FUGjwJ4zDzF53SVEfV9mjT4tK6Cnu772tv4Y/99ySZheK
Y3b0BrcTpi70qnxO+KiCLRT0cL1jYK2Pbjf47hvS4yfe0oyeE1pAK9SjOAdse+rn
11tHabqF5c/p1zc2hTclRKRQkZ0OA+0j/U7c9nxcdQ343p4YFOEYdY0IaISsjzi1
0i0IDTbrQexM8cyQ6+6mZ36Li9cEL9pz8ER2kw6xmv4k3+Y2Y8fVX4jImQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFDbRmiHLEF83YSL+zeR4I+CU1lYmMB8GA1UdIwQY
MBaAFFvqK4hMcGf1j/8ECh8G4N8egKs+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVy1vcmlFeHdaX1dQX3dRS0h3YmczeDZBcXo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zMzM0ZjgtZGFjZS00OTdmLWE1YTMt
ODE0ZTgwOTA0YmU0LzEvTnRHYUljc1FYemRoSXY3TjVIZ2o0SlRXVmlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zMzM0ZjgtZGFjZS00OTdmLWE1YTMtODE0ZTgwOTA0YmU0
LzEvVy1vcmlFeHdaX1dQX3dRS0h3YmczeDZBcXo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQGVPNAAwMB
ViIDAwJZeAMDA1xQAwMDbWADBAK5hUADBATZc9AwDQQCAAIwBwMFACoCDRAwDQYJ
KoZIhvcNAQELBQADggEBAK7BTjKlga3sgv0B78UMe2qnlHTX/m3Xe5FMCdxfMah+
vuxgYNyCVyWO6kwjjf2sDHSx0cHDGWn08+yO4d9EybyVvLQmemIdT84+dgMGdt4T
t46dFsxg0Lp21RR4Vm6uzfjZT4taFJHqID4g0I05Y3GoUWCquZLflFJ93N6MC8QQ
/tqUDsc7K80UQvTPSnjlm0yTxaSPlj18FVBjW3he73AlSx91UGjqVY8gWmjueAzM
EidqRr0WaH+L7Fwqmv2+j81qZ8HeedeTgEfZrI2hmyQ2CamBHZ85DLjilpbTJ9OJ
CISt1go3IaTWudLsWIiVY+y/N6N7lLvWrATp2P5dUMo=
-----END CERTIFICATE-----
Generated at Wed Jun 26 15:27:03 2024 by rpki-client on console-fra.rpki-client.org