Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/dExCP4GtQsJRqQ_J_WS0x2c34z0.roa
File: dExCP4GtQsJRqQ_J_WS0x2c34z0.roa (raw, json)
Hash identifier: Pc4BDTHSf8ZZSzkRa+wVzeIW3UsRnkIKgkxk7/RgmqI=
Subject key identifier: 74:4C:42:3F:81:AD:42:C2:51:A9:0F:C9:FD:64:B4:C7:67:37:E3:3D
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 019425FDD3D560BE29F37DB3E1B5962EC780
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/dExCP4GtQsJRqQ_J_WS0x2c34z0.roa
Signing time: Thu 02 Jan 2025 07:49:39 +0000
ROA not before: Thu 02 Jan 2025 07:49:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202
IP address blocks: 5.159.208.0/21 maxlen: 24
5.181.72.0/22 maxlen: 24
31.192.96.0/21 maxlen: 24
45.8.100.0/22 maxlen: 24
45.132.108.0/22 maxlen: 24
45.137.44.0/22 maxlen: 24
80.74.240.0/21 maxlen: 24
80.74.248.0/21 maxlen: 24
83.150.252.0/22 maxlen: 24
85.95.96.0/19 maxlen: 24
92.42.120.0/21 maxlen: 24
95.129.64.0/21 maxlen: 24
176.58.0.0/21 maxlen: 24
185.79.184.0/22 maxlen: 24
185.90.0.0/22 maxlen: 24
185.94.204.0/22 maxlen: 24
185.99.76.0/22 maxlen: 24
185.145.88.0/22 maxlen: 24
185.178.216.0/22 maxlen: 24
185.182.200.0/23 maxlen: 24
185.204.212.0/22 maxlen: 24
185.229.4.0/22 maxlen: 24
185.246.132.0/22 maxlen: 24
185.247.200.0/22 maxlen: 24
185.248.252.0/24 maxlen: 24
185.248.253.0/24 maxlen: 24
185.248.254.0/24 maxlen: 24
185.248.255.0/24 maxlen: 24
188.94.16.0/21 maxlen: 24
193.24.3.0/24 maxlen: 24
193.24.6.0/24 maxlen: 24
193.24.13.0/24 maxlen: 24
193.24.31.0/24 maxlen: 24
195.26.32.0/19 maxlen: 24
195.88.8.0/23 maxlen: 24
212.11.68.0/22 maxlen: 24
212.11.72.0/22 maxlen: 24
217.145.128.0/20 maxlen: 24
2a00:f1c0::/32 maxlen: 32
2a04:e9c0::/29 maxlen: 29
2a0a:f480::/29 maxlen: 29
2a0d:7680::/29 maxlen: 29
2a0d:bf80::/29 maxlen: 29
2a0e:a1c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:d3:d5:60:be:29:f3:7d:b3:e1:b5:96:2e:c7:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Jan 2 07:49:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=744c423f81ad42c251a90fc9fd64b4c76737e33d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:46:29:5c:d4:cb:c5:7a:0c:96:e3:e5:ea:f0:
94:dc:71:54:22:97:7c:ed:c9:3a:b9:a7:ff:82:87:
5f:07:00:0c:b1:bc:f5:5a:f0:40:47:1f:3b:57:bc:
91:29:e3:ac:b6:46:5a:c5:e2:c3:2d:a1:0d:71:11:
76:d1:64:e7:44:6b:c3:1b:0c:7c:88:92:f4:df:4f:
76:8a:96:c5:a9:6b:f2:09:c2:12:bf:4c:6d:e1:7c:
dc:1d:a6:71:40:9e:e8:4b:0d:d4:74:f1:58:41:44:
e6:12:f7:05:5f:ec:29:3c:b3:c4:72:bc:a1:73:ea:
61:f1:83:d6:0a:df:17:71:9d:ff:7d:10:bd:fc:6e:
f2:a1:a6:7d:da:0c:9f:3f:40:a9:f5:0c:63:c7:8a:
52:29:0e:c0:d0:18:54:a7:95:e9:7f:35:1f:42:01:
78:53:d6:18:01:ea:fe:fc:91:ed:a3:e0:05:6f:97:
f6:c0:36:e2:7a:5a:e8:78:d3:47:f9:7e:11:ad:b4:
eb:b9:1a:93:aa:cf:58:3f:18:e4:2b:57:7f:35:1c:
a6:a3:92:49:78:0c:d9:ae:13:0d:ce:34:0b:72:91:
89:10:f3:dc:fa:50:77:1d:81:85:8e:8b:f7:59:ab:
4a:41:9b:dc:4e:22:24:f2:ff:be:d6:f2:30:6a:c4:
44:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:4C:42:3F:81:AD:42:C2:51:A9:0F:C9:FD:64:B4:C7:67:37:E3:3D
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/dExCP4GtQsJRqQ_J_WS0x2c34z0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.208.0/21
5.181.72.0/22
31.192.96.0/21
45.8.100.0/22
45.132.108.0/22
45.137.44.0/22
80.74.240.0/20
83.150.252.0/22
85.95.96.0/19
92.42.120.0/21
95.129.64.0/21
176.58.0.0/21
185.79.184.0/22
185.90.0.0/22
185.94.204.0/22
185.99.76.0/22
185.145.88.0/22
185.178.216.0/22
185.182.200.0/23
185.204.212.0/22
185.229.4.0/22
185.246.132.0/22
185.247.200.0/22
185.248.252.0/22
188.94.16.0/21
193.24.3.0/24
193.24.6.0/24
193.24.13.0/24
193.24.31.0/24
195.26.32.0/19
195.88.8.0/23
212.11.68.0-212.11.75.255
217.145.128.0/20
IPv6:
2a00:f1c0::/32
2a04:e9c0::/29
2a0a:f480::/29
2a0d:7680::/29
2a0d:bf80::/29
2a0e:a1c0::/29
Signature Algorithm: sha256WithRSAEncryption
98:40:44:40:3f:88:d6:79:da:b2:27:ff:c5:be:d5:6d:50:73:
6b:1b:e2:74:69:85:90:e4:9b:5a:68:f6:ed:4c:e6:09:56:05:
86:14:a4:cf:8b:ef:47:9a:f1:21:f4:ea:f2:78:13:a6:1e:c6:
b4:e2:91:69:d9:0a:9a:39:da:eb:16:f9:8a:19:f8:9f:fd:c5:
08:d4:c6:32:e0:93:37:a1:cb:52:a6:05:66:f3:de:6c:02:f2:
03:07:4d:92:55:f1:1e:2a:8d:37:70:4f:b7:0e:43:87:96:02:
e3:9b:11:94:0c:2c:83:1c:b8:4a:ad:f4:e8:f4:92:3e:f4:07:
98:81:c7:98:9d:a0:b8:26:4f:28:60:f4:b2:27:ca:7d:0f:89:
54:73:2d:f0:1e:8d:f7:c5:51:64:46:8d:a9:92:06:30:85:c7:
3a:d6:6b:62:19:5e:0c:0c:d0:e5:5c:7f:55:6c:3b:e2:c6:64:
28:0b:dd:ac:b5:c9:ba:93:8e:74:85:32:90:b4:ad:6d:08:26:
c3:b0:8f:7a:31:6d:9f:4e:5e:0e:56:73:cd:5a:bf:05:b4:ce:
7a:d7:fc:9b:cb:63:32:4e:c5:1b:b5:b7:d4:e5:43:13:35:60:
47:e0:02:a1:dd:de:69:3c:f6:e4:af:76:5d:d1:6d:8f:60:65:
e3:9d:fe:b3
-----BEGIN CERTIFICATE-----
MIIF/zCCBOegAwIBAgISAZQl/dPVYL4p832z4bWWLseAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjUwMTAyMDc0OTM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDRjNDIzZjgxYWQ0MmMyNTFhOTBmYzlmZDY0YjRjNzY3MzdlMzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0YpXNTLxXoMluPl6vCU3HFUIpd8
7ck6uaf/godfBwAMsbz1WvBARx87V7yRKeOstkZaxeLDLaENcRF20WTnRGvDGwx8
iJL03092ipbFqWvyCcISv0xt4XzcHaZxQJ7oSw3UdPFYQUTmEvcFX+wpPLPEcryh
c+ph8YPWCt8XcZ3/fRC9/G7yoaZ92gyfP0Cp9Qxjx4pSKQ7A0BhUp5XpfzUfQgF4
U9YYAer+/JHto+AFb5f2wDbielroeNNH+X4RrbTruRqTqs9YPxjkK1d/NRymo5JJ
eAzZrhMNzjQLcpGJEPPc+lB3HYGFjov3WatKQZvcTiIk8v++1vIwasREmQIDAQAB
o4IDCzCCAwcwHQYDVR0OBBYEFHRMQj+BrULCUakPyf1ktMdnN+M9MB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvZEV4Q1A0R3RRc0pScVFfSl9XUzB4MmMzNHowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHwYIKwYBBQUHAQcBAf8EggEOMIIBCjCB1QQCAAEwgc4D
BAMFn9ADBAIFtUgDBAMfwGADBAItCGQDBAIthGwDBAItiSwDBARQSvADBAJTlvwD
BAVVX2ADBANcKngDBANfgUADBAOwOgADBAK5T7gDBAK5WgADBAK5XswDBAK5Y0wD
BAK5kVgDBAK5stgDBAG5tsgDBAK5zNQDBAK55QQDBAK59oQDBAK598gDBAK5+PwD
BAO8XhADBADBGAMDBADBGAYDBADBGA0DBADBGB8DBAXDGiADBAHDWAgwDAMEAtQL
RAMEAtQLSAMEBNmRgDAwBAIAAjAqAwUAKgDxwAMFAyoE6cADBQMqCvSAAwUDKg12
gAMFAyoNv4ADBQMqDqHAMA0GCSqGSIb3DQEBCwUAA4IBAQCYQERAP4jWedqyJ//F
vtVtUHNrG+J0aYWQ5JtaaPbtTOYJVgWGFKTPi+9HmvEh9OryeBOmHsa04pFp2Qqa
OdrrFvmKGfif/cUI1MYy4JM3octSpgVm895sAvIDB02SVfEeKo03cE+3DkOHlgLj
mxGUDCyDHLhKrfTo9JI+9AeYgceYnaC4Jk8oYPSyJ8p9D4lUcy3wHo33xVFkRo2p
kgYwhcc61mtiGV4MDNDlXH9VbDvixmQoC92stcm6k450hTKQtK1tCCbDsI96MW2f
Tl4OVnPNWr8FtM561/yby2MyTsUbtbfU5UMTNWBH4AKh3d5pPPbkr3Zd0W2PYGXj
nf6z
-----END CERTIFICATE-----
Generated at Fri Apr 25 19:11:32 2025 by rpki-client