Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/YmzUvHWp7j1dCDxS9I2ehnQIrZw.roa
File: YmzUvHWp7j1dCDxS9I2ehnQIrZw.roa (raw, json)
Hash identifier: 0siCZkDxZfwwZc19PumdYnR5bnqqXyjDWdMsYvm7sic=
Subject key identifier: 62:6C:D4:BC:75:A9:EE:3D:5D:08:3C:52:F4:8D:9E:86:74:08:AD:9C
Certificate issuer: /CN=85aaadc568f6c928fd764d421d42c71cf5791954
Certificate serial: 01944A8EC86490393A484F4F03EB9E04670C
Authority key identifier: 85:AA:AD:C5:68:F6:C9:28:FD:76:4D:42:1D:42:C7:1C:F5:79:19:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/haqtxWj2ySj9dk1CHULHHPV5GVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/YmzUvHWp7j1dCDxS9I2ehnQIrZw.roa
Signing time: Thu 09 Jan 2025 10:14:18 +0000
ROA not before: Thu 09 Jan 2025 10:14:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44092
IP address blocks: 45.145.200.0/22 maxlen: 22
45.145.200.0/24 maxlen: 24
45.145.201.0/24 maxlen: 24
45.145.202.0/24 maxlen: 24
45.145.203.0/24 maxlen: 24
77.242.128.0/20 maxlen: 24
77.242.128.0/24 maxlen: 24
77.242.129.0/24 maxlen: 24
77.242.130.0/24 maxlen: 24
77.242.131.0/24 maxlen: 24
77.242.132.0/24 maxlen: 24
77.242.133.0/24 maxlen: 24
77.242.134.0/24 maxlen: 24
77.242.135.0/24 maxlen: 24
77.242.136.0/24 maxlen: 24
77.242.137.0/24 maxlen: 24
77.242.138.0/24 maxlen: 24
77.242.139.0/24 maxlen: 24
77.242.140.0/24 maxlen: 24
77.242.141.0/24 maxlen: 24
77.242.142.0/24 maxlen: 24
77.242.143.0/24 maxlen: 24
85.208.200.0/22 maxlen: 22
85.208.200.0/24 maxlen: 24
85.208.201.0/24 maxlen: 24
85.208.202.0/24 maxlen: 24
85.208.203.0/24 maxlen: 24
89.37.70.0/23 maxlen: 24
89.37.70.0/24 maxlen: 24
89.37.71.0/24 maxlen: 24
178.23.8.0/21 maxlen: 24
185.56.156.0/22 maxlen: 24
185.71.244.0/22 maxlen: 24
185.171.232.0/22 maxlen: 22
185.171.232.0/24 maxlen: 24
185.171.233.0/24 maxlen: 24
185.171.234.0/24 maxlen: 24
185.171.235.0/24 maxlen: 24
185.178.252.0/22 maxlen: 24
185.191.104.0/22 maxlen: 22
185.191.104.0/24 maxlen: 24
185.191.105.0/24 maxlen: 24
185.191.106.0/24 maxlen: 24
185.191.107.0/24 maxlen: 24
185.215.144.0/22 maxlen: 22
185.215.144.0/24 maxlen: 24
185.215.145.0/24 maxlen: 24
185.215.146.0/24 maxlen: 24
185.215.147.0/24 maxlen: 24
185.219.116.0/22 maxlen: 22
185.219.116.0/24 maxlen: 24
185.219.117.0/24 maxlen: 24
185.219.118.0/24 maxlen: 24
185.219.119.0/24 maxlen: 24
185.248.227.0/24 maxlen: 24
185.255.29.0/24 maxlen: 24
188.191.56.0/22 maxlen: 24
188.191.56.0/24 maxlen: 24
188.191.57.0/24 maxlen: 24
188.191.58.0/24 maxlen: 24
188.191.59.0/24 maxlen: 24
217.28.64.0/22 maxlen: 22
217.28.64.0/24 maxlen: 24
217.28.65.0/24 maxlen: 24
217.28.66.0/24 maxlen: 24
217.28.67.0/24 maxlen: 24
2a02:53e0::/32 maxlen: 32
2a05:3680::/29 maxlen: 29
2a0b:7b80::/29 maxlen: 29
2a0f:de80::/29 maxlen: 29
2a13:56c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4a:8e:c8:64:90:39:3a:48:4f:4f:03:eb:9e:04:67:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85aaadc568f6c928fd764d421d42c71cf5791954
Validity
Not Before: Jan 9 10:14:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=626cd4bc75a9ee3d5d083c52f48d9e867408ad9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:7c:57:80:9f:5f:66:01:b1:44:ae:27:03:0c:
31:06:66:da:c3:7d:91:4b:6a:64:4e:e3:a6:f1:de:
93:53:92:57:34:45:23:e6:23:12:4e:63:9f:9f:9b:
15:5f:74:06:4e:af:be:7b:5b:85:d6:c0:20:2d:0f:
89:b5:cb:9f:d9:d6:b7:ad:4b:70:30:b0:f7:60:f3:
4f:e1:b2:01:8b:c0:31:4a:b7:b2:eb:12:a8:c5:fc:
96:29:4e:c2:cd:35:61:ef:c3:75:d4:61:8b:de:5d:
56:6b:3b:19:cc:95:66:97:c4:62:54:3c:cd:d8:8f:
54:cf:7c:21:9f:09:83:cb:22:06:14:45:69:3e:3c:
9b:6c:30:15:72:37:a1:fe:fc:82:85:e1:a7:e6:be:
a2:2a:73:5f:3c:56:32:bd:af:67:71:3f:9d:6b:c4:
96:cc:cd:33:81:6c:16:66:11:79:0f:c3:eb:51:51:
9f:7b:48:11:a5:a7:d5:9a:48:6a:8e:83:f7:a8:51:
0e:bf:7e:55:65:ce:e9:6b:d1:d3:60:66:b7:6d:48:
7f:45:cb:16:79:5b:65:8d:58:2f:70:54:27:46:54:
b0:28:b3:b4:6d:04:8f:83:11:0f:f1:c5:c2:e0:ad:
36:e3:69:17:5c:5e:59:19:cc:88:8a:f4:90:c0:9f:
64:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:6C:D4:BC:75:A9:EE:3D:5D:08:3C:52:F4:8D:9E:86:74:08:AD:9C
X509v3 Authority Key Identifier:
keyid:85:AA:AD:C5:68:F6:C9:28:FD:76:4D:42:1D:42:C7:1C:F5:79:19:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/haqtxWj2ySj9dk1CHULHHPV5GVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/YmzUvHWp7j1dCDxS9I2ehnQIrZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/haqtxWj2ySj9dk1CHULHHPV5GVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.200.0/22
77.242.128.0/20
85.208.200.0/22
89.37.70.0/23
178.23.8.0/21
185.56.156.0/22
185.71.244.0/22
185.171.232.0/22
185.178.252.0/22
185.191.104.0/22
185.215.144.0/22
185.219.116.0/22
185.248.227.0/24
185.255.29.0/24
188.191.56.0/22
217.28.64.0/22
IPv6:
2a02:53e0::/32
2a05:3680::/29
2a0b:7b80::/29
2a0f:de80::/29
2a13:56c0::/29
Signature Algorithm: sha256WithRSAEncryption
29:03:ea:27:f1:81:3f:af:5c:71:89:b7:e5:4c:82:a7:a6:33:
f9:8e:56:c8:29:49:b8:4c:0f:15:01:93:40:ae:aa:bd:dd:17:
37:0a:f9:78:b5:2b:c6:99:de:94:f1:4f:23:70:f4:f5:4d:93:
c7:7e:87:81:15:0e:2a:4c:08:15:95:00:f1:c4:17:b7:5e:60:
96:c9:48:55:a2:05:28:39:6c:7b:c3:82:f6:1a:e4:90:bd:8b:
12:c8:b6:bc:c7:4c:99:36:f4:ba:af:0e:10:39:16:b1:fd:8e:
a0:cd:dd:29:d7:23:ba:3b:00:88:86:db:7c:b6:84:32:60:c0:
52:5c:c6:1f:4c:78:6d:3e:36:9d:1d:58:ba:ed:aa:dd:c7:20:
dd:f6:dc:bd:f9:13:4a:19:e3:69:11:cb:e9:fd:14:eb:ff:9e:
38:2a:b8:04:60:66:e2:13:db:4d:07:57:cd:70:e0:73:47:21:
85:0e:eb:80:3c:21:85:2b:8d:39:30:bc:ab:e9:b3:13:68:f3:
6b:95:d2:05:c3:c4:a1:08:8c:40:25:4a:56:eb:15:93:ee:9e:
02:62:1e:26:cf:78:f8:5e:a2:c8:d0:55:03:5a:5a:ce:68:54:
16:c2:65:b4:fc:53:b4:02:5f:ed:be:dd:8b:f6:59:6f:e5:46:
7b:92:36:d9
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgISAZRKjshkkDk6SE9PA+ueBGcMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YWFhZGM1NjhmNmM5MjhmZDc2NGQ0MjFkNDJjNzFjZjU3
OTE5NTQwHhcNMjUwMTA5MTAxNDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjZjZDRiYzc1YTllZTNkNWQwODNjNTJmNDhkOWU4Njc0MDhhZDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXxXgJ9fZgGxRK4nAwwxBmbaw32R
S2pkTuOm8d6TU5JXNEUj5iMSTmOfn5sVX3QGTq++e1uF1sAgLQ+Jtcuf2da3rUtw
MLD3YPNP4bIBi8AxSrey6xKoxfyWKU7CzTVh78N11GGL3l1WazsZzJVml8RiVDzN
2I9Uz3whnwmDyyIGFEVpPjybbDAVcjeh/vyCheGn5r6iKnNfPFYyva9ncT+da8SW
zM0zgWwWZhF5D8PrUVGfe0gRpafVmkhqjoP3qFEOv35VZc7pa9HTYGa3bUh/RcsW
eVtljVgvcFQnRlSwKLO0bQSPgxEP8cXC4K0242kXXF5ZGcyIivSQwJ9k5QIDAQAB
o4ICkTCCAo0wHQYDVR0OBBYEFGJs1Lx1qe49XQg8UvSNnoZ0CK2cMB8GA1UdIwQY
MBaAFIWqrcVo9sko/XZNQh1Cxxz1eRlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGFxdHhXajJ5U2o5ZGsxQ0hVTEhIUFY1R1ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8wZWJkZDQtMjYxNy00ZDMxLWE4YzMt
NDVlYTM4ZGEyMjE4LzEvWW16VXZIV3A3ajFkQ0R4UzlJMmVoblFJclp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8wZWJkZDQtMjYxNy00ZDMxLWE4YzMtNDVlYTM4ZGEyMjE4
LzEvaGFxdHhXajJ5U2o5ZGsxQ0hVTEhIUFY1R1ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGmBggrBgEFBQcBBwEB/wSBljCBkzBmBAIAATBgAwQCLZHI
AwQETfKAAwQCVdDIAwQBWSVGAwQDshcIAwQCuTicAwQCuUf0AwQCuavoAwQCubL8
AwQCub9oAwQCudeQAwQCudt0AwQAufjjAwQAuf8dAwQCvL84AwQC2RxAMCkEAgAC
MCMDBQAqAlPgAwUDKgU2gAMFAyoLe4ADBQMqD96AAwUDKhNWwDANBgkqhkiG9w0B
AQsFAAOCAQEAKQPqJ/GBP69ccYm35UyCp6Yz+Y5WyClJuEwPFQGTQK6qvd0XNwr5
eLUrxpnelPFPI3D09U2Tx36HgRUOKkwIFZUA8cQXt15glslIVaIFKDlse8OC9hrk
kL2LEsi2vMdMmTb0uq8OEDkWsf2OoM3dKdcjujsAiIbbfLaEMmDAUlzGH0x4bT42
nR1Yuu2q3ccg3fbcvfkTShnjaRHL6f0U6/+eOCq4BGBm4hPbTQdXzXDgc0chhQ7r
gDwhhSuNOTC8q+mzE2jza5XSBcPEoQiMQCVKVusVk+6eAmIeJs94+F6iyNBVA1pa
zmhUFsJltPxTtAJf7b7di/ZZb+VGe5I22Q==
-----END CERTIFICATE-----
Generated at Mon Apr 28 01:04:55 2025 by rpki-client