Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/cd2146-7fbe-4e5d-93ba-3ea2ebfe8707/1/IaXnlnHxVgoEX1UTLs1DE8GtJn0.roa
File: IaXnlnHxVgoEX1UTLs1DE8GtJn0.roa (raw, json)
Hash identifier: vQAYnVro3YqKas8+EITAndDR2jmhTfit27limCUGo58=
Subject key identifier: 21:A5:E7:96:71:F1:56:0A:04:5F:55:13:2E:CD:43:13:C1:AD:26:7D
Certificate issuer: /CN=cff374657f57078f3ca2c71109d35927c2248681
Certificate serial: 019424B3FCE55C1DFBF28D9298D30F4F29FF
Authority key identifier: CF:F3:74:65:7F:57:07:8F:3C:A2:C7:11:09:D3:59:27:C2:24:86:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z_N0ZX9XB488oscRCdNZJ8IkhoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/cd2146-7fbe-4e5d-93ba-3ea2ebfe8707/1/IaXnlnHxVgoEX1UTLs1DE8GtJn0.roa
Signing time: Thu 02 Jan 2025 01:49:22 +0000
ROA not before: Thu 02 Jan 2025 01:49:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12963
IP address blocks: 94.232.208.0/21 maxlen: 21
94.232.208.0/24 maxlen: 24
94.232.209.0/24 maxlen: 24
94.232.210.0/24 maxlen: 24
94.232.211.0/24 maxlen: 24
94.232.212.0/24 maxlen: 24
94.232.213.0/24 maxlen: 24
94.232.214.0/24 maxlen: 24
94.232.215.0/24 maxlen: 24
176.100.0.0/24 maxlen: 24
176.100.1.0/24 maxlen: 24
176.100.2.0/23 maxlen: 24
176.100.4.0/24 maxlen: 24
176.100.5.0/24 maxlen: 24
176.100.6.0/24 maxlen: 24
176.100.8.0/24 maxlen: 24
176.100.9.0/24 maxlen: 24
176.100.10.0/23 maxlen: 24
176.100.12.0/24 maxlen: 24
176.100.13.0/24 maxlen: 24
176.100.14.0/24 maxlen: 24
176.100.15.0/24 maxlen: 24
176.100.16.0/20 maxlen: 20
176.100.16.0/24 maxlen: 24
176.100.17.0/24 maxlen: 24
176.100.18.0/24 maxlen: 24
176.100.19.0/24 maxlen: 24
176.100.20.0/24 maxlen: 24
176.100.21.0/24 maxlen: 24
176.100.22.0/24 maxlen: 24
176.100.23.0/24 maxlen: 24
176.100.24.0/24 maxlen: 24
176.100.25.0/24 maxlen: 24
176.100.26.0/24 maxlen: 24
176.100.27.0/24 maxlen: 24
176.100.28.0/24 maxlen: 24
176.100.29.0/24 maxlen: 24
176.100.30.0/24 maxlen: 24
176.100.31.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:fc:e5:5c:1d:fb:f2:8d:92:98:d3:0f:4f:29:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cff374657f57078f3ca2c71109d35927c2248681
Validity
Not Before: Jan 2 01:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=21a5e79671f1560a045f55132ecd4313c1ad267d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f6:c7:e6:33:7b:aa:f2:24:b9:61:96:db:c7:
de:fd:32:7a:d1:a4:0e:6e:aa:7b:66:b6:a4:6f:41:
a2:91:c7:3e:0b:22:f0:35:e3:e4:59:f9:ec:22:45:
5d:1d:a6:a9:44:f9:31:2a:5d:fc:bb:de:9f:7b:86:
e9:0d:bb:b2:57:07:dc:7a:4c:70:18:e1:f5:0a:e6:
8b:a0:46:a2:b4:26:3b:fa:19:d0:94:21:32:dc:e9:
28:2f:52:1f:86:78:7a:d4:fa:20:d1:09:15:c7:1f:
04:fb:27:03:43:f1:ff:cc:bb:48:88:09:31:ae:cd:
63:df:1d:3e:80:66:3b:43:2c:de:ea:1c:cd:68:34:
37:d2:44:5b:13:40:c1:58:81:13:ab:84:3f:83:2f:
a4:6c:ce:5b:8b:22:91:3e:0a:25:db:41:81:b0:98:
5e:30:3f:fe:d1:42:37:f4:2a:bb:45:08:97:3a:9b:
2f:2d:be:a8:46:08:d4:4d:3a:dd:79:66:c5:61:af:
03:65:91:9f:f5:df:f0:10:51:18:10:85:1d:81:b5:
8c:0a:ad:7d:d6:af:54:08:70:ad:33:d0:43:d3:68:
56:f2:6e:37:cc:96:e6:f5:4c:bc:16:a0:0c:03:3c:
9f:f2:6f:04:f8:74:fc:bc:ca:a2:a4:83:79:a0:24:
06:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:A5:E7:96:71:F1:56:0A:04:5F:55:13:2E:CD:43:13:C1:AD:26:7D
X509v3 Authority Key Identifier:
keyid:CF:F3:74:65:7F:57:07:8F:3C:A2:C7:11:09:D3:59:27:C2:24:86:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z_N0ZX9XB488oscRCdNZJ8IkhoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cd2146-7fbe-4e5d-93ba-3ea2ebfe8707/1/IaXnlnHxVgoEX1UTLs1DE8GtJn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cd2146-7fbe-4e5d-93ba-3ea2ebfe8707/1/z_N0ZX9XB488oscRCdNZJ8IkhoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.232.208.0/21
176.100.0.0-176.100.6.255
176.100.8.0-176.100.31.255
Signature Algorithm: sha256WithRSAEncryption
55:40:35:be:3d:d3:f0:da:3e:e9:bd:a9:6b:43:2a:14:b2:2f:
bd:38:67:19:d0:be:2b:78:82:79:23:18:c4:fa:69:dc:af:bd:
5d:dc:a6:43:ff:8b:ef:be:6e:94:68:64:84:c1:7f:c5:41:65:
81:50:20:cf:7a:3f:0e:2e:79:d8:52:0e:89:ac:af:1a:7d:38:
de:a3:3a:fb:93:09:66:06:57:8f:df:25:a1:28:a5:2c:02:ba:
f3:50:ca:46:51:01:06:8b:d1:62:0c:38:e9:6d:e2:d2:c5:60:
b4:01:4a:34:d5:72:a9:2d:04:ff:b5:23:00:63:0c:b4:22:cd:
d2:6c:fb:f5:94:57:53:84:44:25:68:09:66:06:b1:1f:fa:c4:
2b:d0:4d:c8:1b:07:d0:4e:a1:1b:aa:eb:3d:c6:a6:a9:76:d1:
b3:e7:8f:aa:69:c7:76:c2:19:36:17:92:07:9a:9f:ca:aa:dd:
22:e7:10:3b:5f:3c:da:8d:56:31:41:c0:e8:40:6d:e9:3f:1c:
14:25:f5:06:f8:3d:d0:92:53:d0:60:f9:4c:63:76:20:60:4b:
53:ff:37:8f:1e:59:92:21:dc:1c:74:ad:24:8c:0d:44:ae:b1:
9f:08:24:70:95:ad:2d:09:22:f9:43:be:fa:b4:df:e2:63:01:
c0:75:84:65
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQks/zlXB378o2SmNMPTyn/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZjM3NDY1N2Y1NzA3OGYzY2EyYzcxMTA5ZDM1OTI3YzIy
NDg2ODEwHhcNMjUwMTAyMDE0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWE1ZTc5NjcxZjE1NjBhMDQ1ZjU1MTMyZWNkNDMxM2MxYWQyNjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovbH5jN7qvIkuWGW28fe/TJ60aQO
bqp7Zrakb0Gikcc+CyLwNePkWfnsIkVdHaapRPkxKl38u96fe4bpDbuyVwfcekxw
GOH1CuaLoEaitCY7+hnQlCEy3OkoL1Ifhnh61Pog0QkVxx8E+ycDQ/H/zLtIiAkx
rs1j3x0+gGY7Qyze6hzNaDQ30kRbE0DBWIETq4Q/gy+kbM5biyKRPgol20GBsJhe
MD/+0UI39Cq7RQiXOpsvLb6oRgjUTTrdeWbFYa8DZZGf9d/wEFEYEIUdgbWMCq19
1q9UCHCtM9BD02hW8m43zJbm9Uy8FqAMAzyf8m8E+HT8vMqipIN5oCQGPwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCGl55Zx8VYKBF9VEy7NQxPBrSZ9MB8GA1UdIwQY
MBaAFM/zdGV/VwePPKLHEQnTWSfCJIaBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvel9OMFpYOVhCNDg4b3NjUkNkTlpKOElraG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jZDIxNDYtN2ZiZS00ZTVkLTkzYmEt
M2VhMmViZmU4NzA3LzEvSWFYbmxuSHhWZ29FWDFVVExzMURFOEd0Sm4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jZDIxNDYtN2ZiZS00ZTVkLTkzYmEtM2VhMmViZmU4NzA3
LzEvel9OMFpYOVhCNDg4b3NjUkNkTlpKOElraG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAnBAIAATAhAwQDXujQMAsD
AwKwZAMEALBkBjAMAwQDsGQIAwQFsGQAMA0GCSqGSIb3DQEBCwUAA4IBAQBVQDW+
PdPw2j7pvalrQyoUsi+9OGcZ0L4reIJ5IxjE+mncr71d3KZD/4vvvm6UaGSEwX/F
QWWBUCDPej8OLnnYUg6JrK8afTjeozr7kwlmBleP3yWhKKUsArrzUMpGUQEGi9Fi
DDjpbeLSxWC0AUo01XKpLQT/tSMAYwy0Is3SbPv1lFdThEQlaAlmBrEf+sQr0E3I
GwfQTqEbqus9xqapdtGz54+qacd2whk2F5IHmp/Kqt0i5xA7XzzajVYxQcDoQG3p
PxwUJfUG+D3QklPQYPlMY3YgYEtT/zePHlmSIdwcdK0kjA1ErrGfCCRwla0tCSL5
Q776tN/iYwHAdYRl
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:07:32 2025 by rpki-client