Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/jgA5-5m0UyuVWgnFyZNbLCOK9IQ.roa
File: jgA5-5m0UyuVWgnFyZNbLCOK9IQ.roa (raw, json)
Hash identifier: t5mhCTyUTy/bCRhrh8vt6CByWx1LXqZrxP4nWUFmAaA=
Subject key identifier: 8E:00:39:FB:99:B4:53:2B:95:5A:09:C5:C9:93:5B:2C:23:8A:F4:84
Certificate issuer: /CN=56a4987bf8c6b4cdd657bbc2d0a5e13e9b626cb9
Certificate serial: 019425FDB57A3B1D279DA69060360F0C54F9
Authority key identifier: 56:A4:98:7B:F8:C6:B4:CD:D6:57:BB:C2:D0:A5:E1:3E:9B:62:6C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VqSYe_jGtM3WV7vC0KXhPptibLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/jgA5-5m0UyuVWgnFyZNbLCOK9IQ.roa
Signing time: Thu 02 Jan 2025 07:49:31 +0000
ROA not before: Thu 02 Jan 2025 07:49:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25133
IP address blocks: 37.139.160.0/19 maxlen: 19
37.139.160.0/22 maxlen: 22
37.139.164.0/22 maxlen: 22
37.139.168.0/24 maxlen: 24
37.139.169.0/24 maxlen: 24
37.139.170.0/24 maxlen: 24
37.139.171.0/24 maxlen: 24
37.139.172.0/24 maxlen: 24
37.139.173.0/24 maxlen: 24
37.139.174.0/24 maxlen: 24
37.139.175.0/24 maxlen: 24
37.139.176.0/24 maxlen: 24
37.139.177.0/24 maxlen: 24
37.139.178.0/24 maxlen: 24
37.139.179.0/24 maxlen: 24
37.139.180.0/22 maxlen: 22
37.139.184.0/22 maxlen: 22
37.139.188.0/22 maxlen: 22
45.95.164.0/22 maxlen: 22
45.143.48.0/22 maxlen: 22
45.153.208.0/22 maxlen: 22
45.158.48.0/22 maxlen: 22
46.255.32.0/22 maxlen: 22
46.255.36.0/22 maxlen: 22
78.137.0.0/18 maxlen: 18
78.137.0.0/19 maxlen: 19
78.137.32.0/24 maxlen: 24
78.137.33.0/24 maxlen: 24
78.137.34.0/24 maxlen: 24
78.137.35.0/24 maxlen: 24
78.137.36.0/22 maxlen: 22
78.137.40.0/21 maxlen: 21
78.137.48.0/20 maxlen: 20
83.142.48.0/22 maxlen: 22
89.200.232.0/21 maxlen: 21
91.105.207.0/24 maxlen: 24
91.211.136.0/22 maxlen: 22
91.217.144.0/24 maxlen: 24
91.244.0.0/18 maxlen: 18
92.43.80.0/22 maxlen: 22
92.118.220.0/22 maxlen: 22
103.35.160.0/22 maxlen: 22
103.237.44.0/22 maxlen: 22
109.227.64.0/18 maxlen: 18
109.227.64.0/19 maxlen: 19
109.227.96.0/19 maxlen: 19
152.89.20.0/22 maxlen: 22
176.67.0.0/19 maxlen: 19
178.216.16.0/21 maxlen: 21
185.3.148.0/22 maxlen: 22
185.3.148.0/24 maxlen: 24
185.3.149.0/24 maxlen: 24
185.3.150.0/24 maxlen: 24
185.3.151.0/24 maxlen: 24
185.41.192.0/22 maxlen: 22
185.41.192.0/23 maxlen: 23
185.41.194.0/23 maxlen: 23
185.62.96.0/22 maxlen: 22
185.96.28.0/22 maxlen: 22
185.103.40.0/22 maxlen: 22
185.103.40.0/23 maxlen: 23
185.103.42.0/23 maxlen: 23
185.128.92.0/22 maxlen: 22
185.176.108.0/22 maxlen: 22
185.176.112.0/22 maxlen: 22
185.203.244.0/22 maxlen: 22
185.208.112.0/22 maxlen: 22
185.220.94.0/23 maxlen: 23
185.228.100.0/22 maxlen: 22
193.106.80.0/22 maxlen: 22
194.1.220.0/23 maxlen: 23
212.55.64.0/19 maxlen: 19
212.55.64.0/22 maxlen: 22
212.55.68.0/22 maxlen: 22
212.55.72.0/23 maxlen: 23
212.55.74.0/23 maxlen: 23
212.55.76.0/22 maxlen: 22
212.55.80.0/22 maxlen: 22
212.55.84.0/23 maxlen: 23
212.55.86.0/23 maxlen: 23
212.55.88.0/22 maxlen: 22
212.55.92.0/22 maxlen: 22
213.108.52.0/22 maxlen: 22
217.115.96.0/21 maxlen: 21
217.115.104.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:b5:7a:3b:1d:27:9d:a6:90:60:36:0f:0c:54:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56a4987bf8c6b4cdd657bbc2d0a5e13e9b626cb9
Validity
Not Before: Jan 2 07:49:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e0039fb99b4532b955a09c5c9935b2c238af484
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:b3:01:76:57:c6:f6:f8:da:b3:76:a9:ce:0d:
50:af:e7:1e:15:13:9e:c6:ec:9d:0d:3b:c5:51:e5:
d9:e5:0b:8c:9b:8a:80:67:83:78:d3:a9:fa:02:9d:
0d:71:8e:52:0f:4d:62:70:b8:6e:11:91:06:99:79:
88:2d:c6:43:a6:9a:8a:41:d8:b0:ac:a3:fe:72:2c:
e9:25:b0:61:2d:6a:27:35:77:25:86:8b:50:16:12:
28:be:c2:d0:58:a8:48:39:70:78:1c:8f:94:51:a2:
e0:a8:0d:c0:31:b3:ed:06:e2:e7:8a:95:7b:62:f4:
2c:1a:1c:91:6e:1a:e2:ce:3f:2d:a1:94:2b:2b:7c:
6d:07:97:d1:6e:a8:a1:a3:65:a7:ae:4f:28:a4:96:
e8:f9:bf:85:a7:ea:60:2d:68:e2:4f:37:5c:d0:59:
7e:d6:76:aa:76:42:37:b0:78:d2:d7:e6:56:d6:48:
08:db:85:e9:c6:b5:b3:7b:ea:42:df:15:21:01:f6:
52:09:7a:05:b9:c3:7c:3d:c0:d3:27:a4:41:b1:ab:
b0:38:ae:d7:13:68:de:fd:6e:69:8f:6f:69:2a:26:
78:f8:ac:24:da:4d:c3:3b:5b:78:c1:f0:30:84:ef:
3b:6b:ff:29:0d:d9:42:0a:b6:b1:62:f8:8b:ba:b4:
75:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:00:39:FB:99:B4:53:2B:95:5A:09:C5:C9:93:5B:2C:23:8A:F4:84
X509v3 Authority Key Identifier:
keyid:56:A4:98:7B:F8:C6:B4:CD:D6:57:BB:C2:D0:A5:E1:3E:9B:62:6C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VqSYe_jGtM3WV7vC0KXhPptibLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/jgA5-5m0UyuVWgnFyZNbLCOK9IQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/VqSYe_jGtM3WV7vC0KXhPptibLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.160.0/19
45.95.164.0/22
45.143.48.0/22
45.153.208.0/22
45.158.48.0/22
46.255.32.0/21
78.137.0.0/18
83.142.48.0/22
89.200.232.0/21
91.105.207.0/24
91.211.136.0/22
91.217.144.0/24
91.244.0.0/18
92.43.80.0/22
92.118.220.0/22
103.35.160.0/22
103.237.44.0/22
109.227.64.0/18
152.89.20.0/22
176.67.0.0/19
178.216.16.0/21
185.3.148.0/22
185.41.192.0/22
185.62.96.0/22
185.96.28.0/22
185.103.40.0/22
185.128.92.0/22
185.176.108.0-185.176.115.255
185.203.244.0/22
185.208.112.0/22
185.220.94.0/23
185.228.100.0/22
193.106.80.0/22
194.1.220.0/23
212.55.64.0/19
213.108.52.0/22
217.115.96.0/20
Signature Algorithm: sha256WithRSAEncryption
27:fd:39:30:20:6c:43:1b:36:e7:47:76:23:27:b3:0c:86:10:
ac:ca:95:a5:45:03:5f:9c:c3:af:0b:94:bb:69:1b:51:66:4c:
09:4f:bf:35:89:08:15:86:b6:e3:79:9d:85:59:92:d1:64:88:
d9:0c:fe:8f:2d:48:67:62:b2:f8:50:a6:86:1b:c7:69:c8:a6:
46:ec:ea:8b:50:64:12:cf:5b:1b:89:7c:c7:ae:9f:dc:e2:b1:
33:47:18:36:0f:41:b8:80:7d:90:7f:dc:fe:b7:3d:3c:fe:1e:
7b:29:78:fe:df:7f:8f:c8:f5:83:1a:12:d3:0a:f2:21:f5:63:
00:e9:ba:02:de:eb:b0:7a:f3:1b:65:15:03:e9:a7:16:1a:f3:
49:d0:2d:6d:28:0b:c4:63:75:7f:4b:a4:7c:06:2b:8e:e7:51:
58:bf:bd:a1:da:28:e8:4e:df:06:62:3e:43:c0:8c:a8:2b:15:
27:ff:34:a4:6d:6f:ff:3a:4b:6e:af:6d:74:1a:02:4e:27:7d:
2f:af:1a:21:0a:71:fd:3b:da:ab:7b:8d:b3:70:17:ff:60:28:
ca:4b:6a:03:10:9b:7f:ae:3c:89:66:97:d4:e8:d2:e0:79:b1:
3e:b0:d2:e7:7b:80:42:65:33:61:08:d1:cb:b8:83:16:9b:5a:
a3:5e:a2:a3
-----BEGIN CERTIFICATE-----
MIIF4zCCBMugAwIBAgISAZQl/bV6Ox0nnaaQYDYPDFT5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YTQ5ODdiZjhjNmI0Y2RkNjU3YmJjMmQwYTVlMTNlOWI2
MjZjYjkwHhcNMjUwMTAyMDc0OTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTAwMzlmYjk5YjQ1MzJiOTU1YTA5YzVjOTkzNWIyYzIzOGFmNDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2rMBdlfG9vjas3apzg1Qr+ceFROe
xuydDTvFUeXZ5QuMm4qAZ4N406n6Ap0NcY5SD01icLhuEZEGmXmILcZDppqKQdiw
rKP+cizpJbBhLWonNXclhotQFhIovsLQWKhIOXB4HI+UUaLgqA3AMbPtBuLnipV7
YvQsGhyRbhrizj8toZQrK3xtB5fRbqiho2Wnrk8opJbo+b+Fp+pgLWjiTzdc0Fl+
1naqdkI3sHjS1+ZW1kgI24XpxrWze+pC3xUhAfZSCXoFucN8PcDTJ6RBsauwOK7X
E2je/W5pj29pKiZ4+Kwk2k3DO1t4wfAwhO87a/8pDdlCCraxYviLurR1CQIDAQAB
o4IC7zCCAuswHQYDVR0OBBYEFI4AOfuZtFMrlVoJxcmTWywjivSEMB8GA1UdIwQY
MBaAFFakmHv4xrTN1le7wtCl4T6bYmy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnFTWWVfakd0TTNXVjd2QzBLWGhQcHRpYkxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi84ODA5ZGQtNjY3YS00MDQ3LTgxMDQt
ZGU1ODY5OGI2NDcwLzEvamdBNS01bTBVeXVWV2duRnlaTmJMQ09LOUlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi84ODA5ZGQtNjY3YS00MDQ3LTgxMDQtZGU1ODY5OGI2NDcw
LzEvVnFTWWVfakd0TTNXVjd2QzBLWGhQcHRpYkxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAwYIKwYBBQUHAQcBAf8EgfMwgfAwge0EAgABMIHmAwQF
JYugAwQCLV+kAwQCLY8wAwQCLZnQAwQCLZ4wAwQDLv8gAwQGTokAAwQCU44wAwQD
WcjoAwQAW2nPAwQCW9OIAwQAW9mQAwQGW/QAAwQCXCtQAwQCXHbcAwQCZyOgAwQC
Z+0sAwQGbeNAAwQCmFkUAwQFsEMAAwQDstgQAwQCuQOUAwQCuSnAAwQCuT5gAwQC
uWAcAwQCuWcoAwQCuYBcMAwDBAK5sGwDBAK5sHADBAK5y/QDBAK50HADBAG53F4D
BAK55GQDBALBalADBAHCAdwDBAXUN0ADBALVbDQDBATZc2AwDQYJKoZIhvcNAQEL
BQADggEBACf9OTAgbEMbNudHdiMnswyGEKzKlaVFA1+cw68LlLtpG1FmTAlPvzWJ
CBWGtuN5nYVZktFkiNkM/o8tSGdisvhQpoYbx2nIpkbs6otQZBLPWxuJfMeun9zi
sTNHGDYPQbiAfZB/3P63PTz+HnspeP7ff4/I9YMaEtMK8iH1YwDpugLe67B68xtl
FQPppxYa80nQLW0oC8RjdX9LpHwGK47nUVi/vaHaKOhO3wZiPkPAjKgrFSf/NKRt
b/86S26vbXQaAk4nfS+vGiEKcf072qt7jbNwF/9gKMpLagMQm3+uPIlml9To0uB5
sT6w0ud7gEJlM2EI0cu4gxabWqNeoqM=
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:33:03 2025 by rpki-client