Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/IosBMyCwhJpK9xWG1hvvXMqJa78.roa
File: IosBMyCwhJpK9xWG1hvvXMqJa78.roa (raw, json)
Hash identifier: IYmZiNnkFwPxUpuPBI4TiPPkO8hQgA4aXIJpQwDNzpw=
Subject key identifier: 22:8B:01:33:20:B0:84:9A:4A:F7:15:86:D6:1B:EF:5C:CA:89:6B:BF
Certificate issuer: /CN=d50697943676399ac5cac6a3e476545af0df49dd
Certificate serial: 0194214430200DD74A236213C6806B1D2582
Authority key identifier: D5:06:97:94:36:76:39:9A:C5:CA:C6:A3:E4:76:54:5A:F0:DF:49:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1QaXlDZ2OZrFysaj5HZUWvDfSd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/IosBMyCwhJpK9xWG1hvvXMqJa78.roa
Signing time: Wed 01 Jan 2025 09:48:24 +0000
ROA not before: Wed 01 Jan 2025 09:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 719
IP address blocks: 131.207.133.0/24 maxlen: 24
131.207.168.0/24 maxlen: 24
131.207.174.0/24 maxlen: 24
131.207.175.0/24 maxlen: 24
131.207.176.0/24 maxlen: 24
131.207.199.0/24 maxlen: 24
131.207.213.0/24 maxlen: 24
131.207.225.0/24 maxlen: 24
131.207.230.0/24 maxlen: 24
131.207.242.0/24 maxlen: 24
131.207.243.0/24 maxlen: 24
131.207.248.0/21 maxlen: 21
192.49.8.0/24 maxlen: 24
192.49.32.0/24 maxlen: 24
192.49.50.0/24 maxlen: 24
192.49.69.0/24 maxlen: 24
192.49.78.0/24 maxlen: 24
192.49.102.0/24 maxlen: 24
192.49.171.0/24 maxlen: 24
192.49.172.0/24 maxlen: 24
193.142.224.0/24 maxlen: 24
193.142.225.0/24 maxlen: 24
193.142.226.0/24 maxlen: 24
193.142.227.0/24 maxlen: 24
193.142.228.0/24 maxlen: 24
193.142.229.0/24 maxlen: 24
193.142.230.0/24 maxlen: 24
193.142.231.0/24 maxlen: 24
194.110.38.0/24 maxlen: 24
194.110.44.0/24 maxlen: 24
194.110.45.0/24 maxlen: 24
194.110.46.0/24 maxlen: 24
194.110.47.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:30:20:0d:d7:4a:23:62:13:c6:80:6b:1d:25:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d50697943676399ac5cac6a3e476545af0df49dd
Validity
Not Before: Jan 1 09:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=228b013320b0849a4af71586d61bef5cca896bbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f6:31:4b:eb:04:21:bb:4f:28:d3:ae:b8:23:
ae:ed:c4:74:c3:d7:92:a7:3e:f7:32:e8:34:0c:a5:
aa:a3:8a:6e:39:28:af:c9:a8:bb:f8:26:f0:e0:71:
7c:48:f4:69:10:dc:5a:9a:e8:50:00:f8:b4:1d:1b:
25:4c:5f:ef:6f:a8:65:68:43:95:29:f7:3f:ba:4f:
5c:af:8a:00:96:8a:87:20:2d:4a:90:a5:1b:75:d0:
82:39:ac:bc:c0:e3:bd:c3:34:a5:c7:54:74:34:99:
c1:87:a2:cc:85:39:af:a5:a4:dd:79:19:05:66:d0:
1d:c0:2f:7d:34:b7:f3:30:ee:e3:cd:3c:b5:25:b6:
b6:f8:89:42:74:3e:c2:07:fc:32:42:db:16:fc:6e:
18:b1:8e:19:a2:e6:29:4a:d1:eb:a7:23:f8:f2:32:
51:c1:d5:ee:a3:f9:5a:dc:58:cb:9f:84:fa:5a:d4:
60:f1:fe:bd:1b:84:d0:d7:d5:39:7d:61:d0:95:8f:
d0:83:0f:d1:d8:d7:52:3d:82:e7:60:30:d9:e8:d9:
31:1e:4f:0a:11:3e:ca:bc:8f:a3:d1:d5:21:98:71:
f8:e3:16:99:f5:3c:65:52:7d:dd:1a:52:2d:f1:05:
fd:95:71:d0:56:d6:cf:6a:ef:59:ff:0e:60:12:13:
a3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:8B:01:33:20:B0:84:9A:4A:F7:15:86:D6:1B:EF:5C:CA:89:6B:BF
X509v3 Authority Key Identifier:
keyid:D5:06:97:94:36:76:39:9A:C5:CA:C6:A3:E4:76:54:5A:F0:DF:49:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QaXlDZ2OZrFysaj5HZUWvDfSd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/IosBMyCwhJpK9xWG1hvvXMqJa78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/1QaXlDZ2OZrFysaj5HZUWvDfSd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.207.133.0/24
131.207.168.0/24
131.207.174.0-131.207.176.255
131.207.199.0/24
131.207.213.0/24
131.207.225.0/24
131.207.230.0/24
131.207.242.0/23
131.207.248.0/21
192.49.8.0/24
192.49.32.0/24
192.49.50.0/24
192.49.69.0/24
192.49.78.0/24
192.49.102.0/24
192.49.171.0-192.49.172.255
193.142.224.0/21
194.110.38.0/24
194.110.44.0/22
Signature Algorithm: sha256WithRSAEncryption
94:41:0a:88:af:d0:6c:8e:4d:98:12:c7:b7:75:2b:98:5f:fd:
a7:7f:0a:7f:5d:9a:43:2c:3f:2d:c8:d7:d8:99:da:87:0f:b5:
80:56:dc:ba:0a:45:82:52:9a:b8:3e:88:55:71:34:c6:de:9f:
75:16:93:cc:37:a1:61:49:09:af:d5:b6:58:cf:ad:38:10:12:
cc:31:0d:cf:28:d6:3a:91:e3:f6:a3:d5:02:fd:e0:7f:a7:cd:
e7:fd:d3:60:d9:c9:65:dd:d9:4e:c9:64:68:0d:c4:40:a5:4e:
52:82:2b:49:a2:48:f0:b6:ee:cd:3d:ae:02:79:24:2c:5d:48:
0b:04:87:48:9e:e8:b8:d5:f0:0d:c6:89:6c:6e:62:e2:4b:53:
62:44:8c:34:c6:5a:ec:9d:33:8d:25:4a:4a:84:3c:0a:fa:76:
d5:8d:5e:7c:b4:20:95:11:d3:7d:90:ec:5f:ec:ca:24:b8:ae:
4e:37:bc:b0:76:32:49:92:c7:53:ef:89:da:c4:32:0d:70:a1:
06:ad:95:59:12:6c:79:50:00:ef:4c:d1:af:8e:da:69:f8:d6:
8c:3f:59:53:81:e1:41:5b:f9:ba:c9:0d:62:37:43:47:c4:ac:
8e:68:8f:3b:37:d3:0a:fb:6c:07:71:d1:b9:42:71:1a:35:fa:
19:cc:42:9b
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAZQhRDAgDddKI2ITxoBrHSWCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MDY5Nzk0MzY3NjM5OWFjNWNhYzZhM2U0NzY1NDVhZjBk
ZjQ5ZGQwHhcNMjUwMTAxMDk0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjhiMDEzMzIwYjA4NDlhNGFmNzE1ODZkNjFiZWY1Y2NhODk2YmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfYxS+sEIbtPKNOuuCOu7cR0w9eS
pz73Mug0DKWqo4puOSivyai7+Cbw4HF8SPRpENxamuhQAPi0HRslTF/vb6hlaEOV
Kfc/uk9cr4oAloqHIC1KkKUbddCCOay8wOO9wzSlx1R0NJnBh6LMhTmvpaTdeRkF
ZtAdwC99NLfzMO7jzTy1Jba2+IlCdD7CB/wyQtsW/G4YsY4ZouYpStHrpyP48jJR
wdXuo/la3FjLn4T6WtRg8f69G4TQ19U5fWHQlY/Qgw/R2NdSPYLnYDDZ6NkxHk8K
ET7KvI+j0dUhmHH44xaZ9TxlUn3dGlIt8QX9lXHQVtbPau9Z/w5gEhOjEQIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFCKLATMgsISaSvcVhtYb71zKiWu/MB8GA1UdIwQY
MBaAFNUGl5Q2djmaxcrGo+R2VFrw30ndMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVFhWGxEWjJPWnJGeXNhajVIWlVXdkRmU2QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81ZjZhZmYtMTNiYi00ZGI4LTk1N2Yt
OGQyM2FjNWNiNTAyLzEvSW9zQk15Q3doSnBLOXhXRzFodnZYTXFKYTc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS81ZjZhZmYtMTNiYi00ZGI4LTk1N2YtOGQyM2FjNWNiNTAy
LzEvMVFhWGxEWjJPWnJGeXNhajVIWlVXdkRmU2QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBACD
z4UDBACDz6gwDAMEAYPPrgMEAIPPsAMEAIPPxwMEAIPP1QMEAIPP4QMEAIPP5gME
AYPP8gMEA4PP+AMEAMAxCAMEAMAxIAMEAMAxMgMEAMAxRQMEAMAxTgMEAMAxZjAM
AwQAwDGrAwQAwDGsAwQDwY7gAwQAwm4mAwQCwm4sMA0GCSqGSIb3DQEBCwUAA4IB
AQCUQQqIr9Bsjk2YEse3dSuYX/2nfwp/XZpDLD8tyNfYmdqHD7WAVty6CkWCUpq4
PohVcTTG3p91FpPMN6FhSQmv1bZYz604EBLMMQ3PKNY6keP2o9UC/eB/p83n/dNg
2cll3dlOyWRoDcRApU5SgitJokjwtu7NPa4CeSQsXUgLBIdInui41fANxolsbmLi
S1NiRIw0xlrsnTONJUpKhDwK+nbVjV58tCCVEdN9kOxf7MokuK5ON7ywdjJJksdT
74naxDINcKEGrZVZEmx5UADvTNGvjtpp+NaMP1lTgeFBW/m6yQ1iN0NHxKyOaI87
N9MK+2wHcdG5QnEaNfoZzEKb
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:48:08 2025 by rpki-client