Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SzI-Gg5IEzIDXszpvlzNEF5hluU.roa
File: SzI-Gg5IEzIDXszpvlzNEF5hluU.roa (raw, json)
Hash identifier: peLjrhv5NbO3HAi+Kij7vugI5VYizvdjUVfMdi1rSsY=
Subject key identifier: 4B:32:3E:1A:0E:48:13:32:03:5E:CC:E9:BE:5C:CD:10:5E:61:96:E5
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01942824E5C7040F5877586EF0AFEBE668BB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SzI-Gg5IEzIDXszpvlzNEF5hluU.roa
Signing time: Thu 02 Jan 2025 17:51:34 +0000
ROA not before: Thu 02 Jan 2025 17:51:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9123
IP address blocks: 62.76.233.0/24 maxlen: 24
193.108.115.0/24 maxlen: 24
193.124.35.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
194.58.57.0/24 maxlen: 24
194.87.26.0/24 maxlen: 24
194.87.27.0/24 maxlen: 24
194.87.43.0/24 maxlen: 24
194.87.44.0/24 maxlen: 24
194.87.49.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.84.0/24 maxlen: 24
194.87.86.0/24 maxlen: 24
194.87.115.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
194.87.133.0/24 maxlen: 24
194.87.134.0/24 maxlen: 24
194.87.138.0/24 maxlen: 24
194.87.140.0/24 maxlen: 24
194.87.143.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.201.0/24 maxlen: 24
194.87.202.0/24 maxlen: 24
194.87.208.0/24 maxlen: 24
194.87.215.0/24 maxlen: 24
194.87.220.0/24 maxlen: 24
194.87.221.0/24 maxlen: 24
194.87.222.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.243.0/24 maxlen: 24
194.87.250.0/24 maxlen: 24
194.135.36.0/24 maxlen: 24
194.135.38.0/24 maxlen: 24
194.135.105.0/24 maxlen: 24
195.58.34.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
195.58.37.0/24 maxlen: 24
195.58.61.0/24 maxlen: 24
195.133.14.0/24 maxlen: 24
195.133.15.0/24 maxlen: 24
195.133.20.0/24 maxlen: 24
195.133.21.0/24 maxlen: 24
195.133.24.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.40.0/24 maxlen: 24
195.133.41.0/24 maxlen: 24
195.133.50.0/24 maxlen: 24
195.133.63.0/24 maxlen: 24
195.133.66.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.76.0/24 maxlen: 24
195.133.77.0/24 maxlen: 24
195.133.81.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
212.192.217.0/24 maxlen: 24
212.192.220.0/24 maxlen: 24
212.193.24.0/24 maxlen: 24
212.193.26.0/24 maxlen: 24
212.193.27.0/24 maxlen: 24
212.193.30.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:e5:c7:04:0f:58:77:58:6e:f0:af:eb:e6:68:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 17:51:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b323e1a0e481332035ecce9be5ccd105e6196e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:26:72:fd:ef:8c:15:20:69:8b:e3:9b:67:20:
3f:a0:dd:e9:3d:9f:5e:26:8e:d6:8a:ea:24:06:94:
4f:a8:08:41:1e:66:6f:3e:27:03:94:6d:5b:78:a2:
2e:3f:26:0b:e7:71:12:e9:03:2d:d5:1e:ec:cf:49:
55:ba:66:b3:2b:19:8c:1f:60:c8:34:fe:c7:ee:e7:
23:fd:65:15:ba:50:32:c7:11:a1:aa:f3:4a:ce:65:
55:6c:8a:1e:2a:4e:16:59:51:25:9e:c0:73:e6:24:
3f:59:26:38:b1:ee:05:13:ff:7a:cc:d4:8a:83:a2:
95:c8:00:d0:6b:58:03:bb:df:78:71:1c:de:51:74:
f6:cd:47:8a:03:f4:88:c6:46:c0:a7:91:5a:2d:f3:
ab:df:3d:33:23:96:84:3d:25:b3:7c:cb:69:9c:54:
8d:2f:fc:98:a9:31:4b:12:dd:53:e6:4f:c6:e1:98:
01:8e:a4:00:1b:33:63:b1:c9:d7:fc:5e:ff:cf:3b:
c5:b8:ec:1f:1e:d4:6d:50:23:cf:c9:b2:61:5c:9e:
0d:d5:ec:6d:24:77:02:db:69:8c:20:8a:f1:a3:6e:
24:b6:ac:db:b1:0e:92:4d:9e:15:c0:e1:c6:f3:1a:
cc:ae:c9:19:be:c7:d7:51:d3:33:f1:93:b9:c4:21:
4c:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:32:3E:1A:0E:48:13:32:03:5E:CC:E9:BE:5C:CD:10:5E:61:96:E5
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SzI-Gg5IEzIDXszpvlzNEF5hluU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.233.0/24
193.108.115.0/24
193.124.35.0/24
193.124.47.0/24
194.58.57.0/24
194.87.26.0/23
194.87.43.0-194.87.44.255
194.87.49.0/24
194.87.56.0/24
194.87.76.0/24
194.87.83.0-194.87.84.255
194.87.86.0/24
194.87.115.0/24
194.87.118.0/24
194.87.130.0/23
194.87.133.0-194.87.134.255
194.87.138.0/24
194.87.140.0/24
194.87.143.0/24
194.87.151.0/24
194.87.161.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0-194.87.202.255
194.87.208.0/24
194.87.215.0/24
194.87.220.0-194.87.222.255
194.87.226.0/24
194.87.243.0/24
194.87.250.0/24
194.135.36.0/24
194.135.38.0/24
194.135.105.0/24
195.58.34.0/24
195.58.36.0/23
195.58.61.0/24
195.133.14.0/23
195.133.20.0/23
195.133.24.0/23
195.133.27.0/24
195.133.30.0/24
195.133.40.0/23
195.133.50.0/24
195.133.63.0/24
195.133.66.0/24
195.133.73.0/24
195.133.76.0/23
195.133.81.0/24
195.133.194.0/24
212.192.217.0/24
212.192.220.0/24
212.193.24.0/24
212.193.26.0/23
212.193.30.0/24
Signature Algorithm: sha256WithRSAEncryption
04:03:bd:73:a5:14:da:55:10:b6:f6:1e:0e:fa:1a:ae:84:dc:
2c:4c:1d:02:5b:bd:46:e0:7a:a1:b7:19:35:35:a4:2d:d5:2f:
bd:44:d1:1b:90:08:7c:b9:bc:02:dd:7a:38:64:86:7d:71:fe:
0d:1d:4f:a0:6e:a6:ae:4e:1b:89:54:b2:9c:89:41:da:1f:e8:
49:b9:0e:9a:4d:11:d2:76:95:f1:e7:56:29:29:41:47:6f:e4:
06:f3:3a:b2:54:00:92:b6:2f:d1:63:99:77:f1:ae:69:3c:71:
aa:7f:4c:16:57:00:89:20:0d:80:98:55:e0:9e:f1:9a:ca:5b:
2d:a5:04:13:dd:f1:5a:ae:c8:63:3b:5e:43:3b:0a:4d:e9:f2:
6c:66:31:66:9b:16:68:bf:6e:29:ca:9f:85:66:d6:37:6f:05:
42:bc:16:fc:49:13:00:bb:f7:2b:06:75:a0:4d:da:df:0f:8b:
65:c1:a0:4c:ad:fc:94:a8:ba:21:35:d2:d1:7c:b9:e7:7f:4d:
6c:fc:80:12:1a:f8:39:1f:53:de:4b:83:1c:0e:b7:de:1a:f6:
88:59:ba:0b:21:01:79:05:19:50:98:ed:1a:0d:f9:fe:63:0b:
c7:ff:8a:4c:aa:b7:c7:df:a7:a6:bc:07:53:76:ea:2a:5b:76:
2d:a4:88:c2
-----BEGIN CERTIFICATE-----
MIIGbTCCBVWgAwIBAgISAZQoJOXHBA9Yd1hu8K/r5mi7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMTAyMTc1MTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjMyM2UxYTBlNDgxMzMyMDM1ZWNjZTliZTVjY2QxMDVlNjE5NmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4CZy/e+MFSBpi+ObZyA/oN3pPZ9e
Jo7WiuokBpRPqAhBHmZvPicDlG1beKIuPyYL53ES6QMt1R7sz0lVumazKxmMH2DI
NP7H7ucj/WUVulAyxxGhqvNKzmVVbIoeKk4WWVElnsBz5iQ/WSY4se4FE/96zNSK
g6KVyADQa1gDu994cRzeUXT2zUeKA/SIxkbAp5FaLfOr3z0zI5aEPSWzfMtpnFSN
L/yYqTFLEt1T5k/G4ZgBjqQAGzNjscnX/F7/zzvFuOwfHtRtUCPPybJhXJ4N1ext
JHcC22mMIIrxo24ktqzbsQ6STZ4VwOHG8xrMrskZvsfXUdMz8ZO5xCFM0QIDAQAB
o4IDeTCCA3UwHQYDVR0OBBYEFEsyPhoOSBMyA17M6b5czRBeYZblMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvU3pJLUdnNUlFeklEWHN6cHZsek5FRjVobHVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBjQYIKwYBBQUHAQcBAf8EggF8MIIBeDCCAXQEAgABMIIB
bAMEAD5M6QMEAMFscwMEAMF8IwMEAMF8LwMEAMI6OQMEAcJXGjAMAwQAwlcrAwQA
wlcsAwQAwlcxAwQAwlc4AwQAwldMMAwDBADCV1MDBADCV1QDBADCV1YDBADCV3MD
BADCV3YDBAHCV4IwDAMEAMJXhQMEAMJXhgMEAMJXigMEAMJXjAMEAMJXjwMEAMJX
lwMEAMJXoQMEAMJXuwMEAMJXvjAMAwQDwlfIAwQAwlfKAwQAwlfQAwQAwlfXMAwD
BALCV9wDBADCV94DBADCV+IDBADCV/MDBADCV/oDBADChyQDBADChyYDBADCh2kD
BADDOiIDBAHDOiQDBADDOj0DBAHDhQ4DBAHDhRQDBAHDhRgDBADDhRsDBADDhR4D
BAHDhSgDBADDhTIDBADDhT8DBADDhUIDBADDhUkDBAHDhUwDBADDhVEDBADDhcID
BADUwNkDBADUwNwDBADUwRgDBAHUwRoDBADUwR4wDQYJKoZIhvcNAQELBQADggEB
AAQDvXOlFNpVELb2Hg76Gq6E3CxMHQJbvUbgeqG3GTU1pC3VL71E0RuQCHy5vALd
ejhkhn1x/g0dT6Bupq5OG4lUspyJQdof6Em5DppNEdJ2lfHnVikpQUdv5AbzOrJU
AJK2L9FjmXfxrmk8cap/TBZXAIkgDYCYVeCe8ZrKWy2lBBPd8VquyGM7XkM7Ck3p
8mxmMWabFmi/binKn4Vm1jdvBUK8FvxJEwC79ysGdaBN2t8Pi2XBoEyt/JSouiE1
0tF8ued/TWz8gBIa+DkfU95LgxwOt94a9ohZugshAXkFGVCY7RoN+f5jC8f/ikyq
t8ffp6a8B1N26ipbdi2kiMI=
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:33:15 2025 by rpki-client