Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/OFI0UEZhtEqKoRKhHHAKxJ4Lmb0.roa
File: OFI0UEZhtEqKoRKhHHAKxJ4Lmb0.roa (raw, json)
Hash identifier: 4jOW+y7A2wCWiox9Qh214Ugf1kJYMyn0RFL7nC6Wq3E=
Subject key identifier: 38:52:34:50:46:61:B4:4A:8A:A1:12:A1:1C:70:0A:C4:9E:0B:99:BD
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 019425FDD3FB8AB655D1B106DF9FC0A2B502
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/OFI0UEZhtEqKoRKhHHAKxJ4Lmb0.roa
Signing time: Thu 02 Jan 2025 07:49:39 +0000
ROA not before: Thu 02 Jan 2025 07:49:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203
IP address blocks: 5.159.208.0/21 maxlen: 24
5.181.72.0/22 maxlen: 24
31.192.96.0/21 maxlen: 24
45.8.100.0/22 maxlen: 24
45.132.108.0/22 maxlen: 24
45.137.44.0/22 maxlen: 24
80.74.240.0/21 maxlen: 24
80.74.248.0/21 maxlen: 24
83.150.252.0/22 maxlen: 24
85.95.96.0/19 maxlen: 24
92.42.120.0/21 maxlen: 24
95.129.64.0/21 maxlen: 24
176.58.0.0/21 maxlen: 24
185.79.184.0/22 maxlen: 24
185.90.0.0/22 maxlen: 24
185.94.204.0/22 maxlen: 24
185.99.76.0/22 maxlen: 24
185.145.88.0/22 maxlen: 24
185.178.216.0/22 maxlen: 24
185.182.200.0/23 maxlen: 24
185.204.212.0/22 maxlen: 24
185.229.4.0/22 maxlen: 24
185.246.132.0/22 maxlen: 24
185.247.200.0/22 maxlen: 24
185.248.252.0/24 maxlen: 24
185.248.253.0/24 maxlen: 24
185.248.254.0/24 maxlen: 24
185.248.255.0/24 maxlen: 24
188.94.16.0/21 maxlen: 24
193.24.3.0/24 maxlen: 24
193.24.6.0/24 maxlen: 24
193.24.13.0/24 maxlen: 24
193.24.31.0/24 maxlen: 24
195.26.32.0/19 maxlen: 24
195.88.8.0/23 maxlen: 24
212.11.68.0/22 maxlen: 24
212.11.72.0/22 maxlen: 24
217.145.128.0/20 maxlen: 24
2a00:f1c0::/32 maxlen: 32
2a04:e9c0::/29 maxlen: 29
2a0a:f480::/29 maxlen: 29
2a0d:7680::/29 maxlen: 29
2a0d:bf80::/29 maxlen: 29
2a0e:a1c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:d3:fb:8a:b6:55:d1:b1:06:df:9f:c0:a2:b5:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Jan 2 07:49:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=385234504661b44a8aa112a11c700ac49e0b99bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ea:a0:82:7f:38:06:3c:0a:c9:d3:42:ed:af:
f2:4c:d9:73:9b:c6:38:33:00:0f:86:3c:e2:17:09:
c5:ae:3b:51:9d:7a:ee:48:f0:ee:b1:ce:39:c4:2f:
65:93:84:4d:09:8e:14:25:8b:06:e5:8d:53:23:d0:
77:95:70:70:b3:20:22:58:b3:48:4d:59:14:39:40:
7e:a2:5d:91:74:5e:0c:f7:e9:54:a7:ba:c7:40:bc:
a9:99:4c:57:03:69:79:2c:2b:98:a9:a8:1f:4f:f1:
26:f0:43:db:39:6c:21:15:5f:86:03:8e:9c:ec:da:
e5:aa:11:42:17:6e:36:22:c9:9d:bb:ea:f8:7b:4c:
58:7e:7e:aa:8a:bf:13:41:0c:8d:31:c3:f0:e0:66:
cb:aa:35:5d:fa:06:3b:55:1c:09:9e:04:be:aa:c7:
65:ef:1b:b5:8b:49:f3:ab:53:02:10:74:9a:ca:64:
5c:28:98:61:eb:b4:85:34:5a:5c:2e:c6:cd:fa:48:
7a:9e:a0:63:3b:87:9c:b0:23:54:79:0c:50:e2:29:
49:67:bb:8d:9f:97:e4:35:71:f6:06:e0:c0:1a:e5:
00:b4:4f:83:d4:e8:31:cc:c3:36:dd:0d:ef:6a:89:
a4:97:9b:5d:5c:c9:3f:14:8b:aa:16:69:28:68:c2:
cc:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:52:34:50:46:61:B4:4A:8A:A1:12:A1:1C:70:0A:C4:9E:0B:99:BD
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/OFI0UEZhtEqKoRKhHHAKxJ4Lmb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.208.0/21
5.181.72.0/22
31.192.96.0/21
45.8.100.0/22
45.132.108.0/22
45.137.44.0/22
80.74.240.0/20
83.150.252.0/22
85.95.96.0/19
92.42.120.0/21
95.129.64.0/21
176.58.0.0/21
185.79.184.0/22
185.90.0.0/22
185.94.204.0/22
185.99.76.0/22
185.145.88.0/22
185.178.216.0/22
185.182.200.0/23
185.204.212.0/22
185.229.4.0/22
185.246.132.0/22
185.247.200.0/22
185.248.252.0/22
188.94.16.0/21
193.24.3.0/24
193.24.6.0/24
193.24.13.0/24
193.24.31.0/24
195.26.32.0/19
195.88.8.0/23
212.11.68.0-212.11.75.255
217.145.128.0/20
IPv6:
2a00:f1c0::/32
2a04:e9c0::/29
2a0a:f480::/29
2a0d:7680::/29
2a0d:bf80::/29
2a0e:a1c0::/29
Signature Algorithm: sha256WithRSAEncryption
55:13:65:a8:31:87:a1:fb:e0:29:57:d9:eb:e5:29:19:c4:94:
cc:a8:5b:fb:e7:da:29:1e:a9:34:d3:63:90:8b:76:7b:60:54:
fa:19:68:a5:ef:e9:1b:b1:0d:6a:75:aa:72:7b:9f:06:f8:fb:
24:5d:12:00:e5:79:a6:9a:eb:71:f6:0b:c8:5b:fd:55:2c:2e:
42:52:19:cf:26:7b:6f:8c:83:c4:ac:f0:86:83:09:69:91:49:
84:0e:75:6c:9e:7e:b6:46:c3:f0:6e:32:e3:32:2d:cb:41:18:
24:6c:8a:4e:1d:74:1e:fe:18:92:ef:d5:59:cf:ef:c8:86:9b:
55:91:68:52:88:b7:05:1c:57:50:76:4b:2f:35:d5:8f:3a:d0:
5a:eb:25:01:8e:75:67:a3:10:6e:1b:33:85:62:79:0a:10:15:
d7:29:70:0f:72:ae:3b:41:94:49:41:50:fc:56:6b:79:6c:93:
92:83:f7:a6:b1:c8:db:be:26:21:ae:d2:48:d2:e1:e2:4a:c4:
82:ff:17:cf:06:58:b3:04:7e:d3:48:17:6e:34:a4:97:19:66:
49:cd:5b:52:d5:30:e6:e3:49:1b:f4:fe:d3:d7:b4:f3:73:3f:
d3:d9:36:0b:d8:ed:ac:17:27:b7:ef:d4:d1:8f:27:27:45:27:
ed:36:9a:74
-----BEGIN CERTIFICATE-----
MIIF/zCCBOegAwIBAgISAZQl/dP7irZV0bEG35/AorUCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjUwMTAyMDc0OTM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODUyMzQ1MDQ2NjFiNDRhOGFhMTEyYTExYzcwMGFjNDllMGI5OWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOqggn84BjwKydNC7a/yTNlzm8Y4
MwAPhjziFwnFrjtRnXruSPDusc45xC9lk4RNCY4UJYsG5Y1TI9B3lXBwsyAiWLNI
TVkUOUB+ol2RdF4M9+lUp7rHQLypmUxXA2l5LCuYqagfT/Em8EPbOWwhFV+GA46c
7NrlqhFCF242Ismdu+r4e0xYfn6qir8TQQyNMcPw4GbLqjVd+gY7VRwJngS+qsdl
7xu1i0nzq1MCEHSaymRcKJhh67SFNFpcLsbN+kh6nqBjO4ecsCNUeQxQ4ilJZ7uN
n5fkNXH2BuDAGuUAtE+D1OgxzMM23Q3vaomkl5tdXMk/FIuqFmkoaMLMgwIDAQAB
o4IDCzCCAwcwHQYDVR0OBBYEFDhSNFBGYbRKiqESoRxwCsSeC5m9MB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvT0ZJMFVFWmh0RXFLb1JLaEhIQUt4SjRMbWIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHwYIKwYBBQUHAQcBAf8EggEOMIIBCjCB1QQCAAEwgc4D
BAMFn9ADBAIFtUgDBAMfwGADBAItCGQDBAIthGwDBAItiSwDBARQSvADBAJTlvwD
BAVVX2ADBANcKngDBANfgUADBAOwOgADBAK5T7gDBAK5WgADBAK5XswDBAK5Y0wD
BAK5kVgDBAK5stgDBAG5tsgDBAK5zNQDBAK55QQDBAK59oQDBAK598gDBAK5+PwD
BAO8XhADBADBGAMDBADBGAYDBADBGA0DBADBGB8DBAXDGiADBAHDWAgwDAMEAtQL
RAMEAtQLSAMEBNmRgDAwBAIAAjAqAwUAKgDxwAMFAyoE6cADBQMqCvSAAwUDKg12
gAMFAyoNv4ADBQMqDqHAMA0GCSqGSIb3DQEBCwUAA4IBAQBVE2WoMYeh++ApV9nr
5SkZxJTMqFv759opHqk002OQi3Z7YFT6GWil7+kbsQ1qdapye58G+PskXRIA5Xmm
mutx9gvIW/1VLC5CUhnPJntvjIPErPCGgwlpkUmEDnVsnn62RsPwbjLjMi3LQRgk
bIpOHXQe/hiS79VZz+/IhptVkWhSiLcFHFdQdksvNdWPOtBa6yUBjnVnoxBuGzOF
YnkKEBXXKXAPcq47QZRJQVD8Vmt5bJOSg/emscjbviYhrtJI0uHiSsSC/xfPBliz
BH7TSBduNKSXGWZJzVtS1TDm40kb9P7T17Tzcz/T2TYL2O2sFye379TRjycnRSft
Npp0
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:24:31 2025 by rpki-client