Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/DKJ8DMlItMY75Xq9Y26angD9Qrc.roa
File: DKJ8DMlItMY75Xq9Y26angD9Qrc.roa (raw, json)
Hash identifier: d1JBE9X8OekA1Tt7Xtm/KoZAKlU3jhZeCH1lfyn8GZY=
Subject key identifier: 0C:A2:7C:0C:C9:48:B4:C6:3B:E5:7A:BD:63:6E:9A:9E:00:FD:42:B7
Certificate issuer: /CN=8f3818554a51808eefb829ec7465a3222f270123
Certificate serial: 0194BCB724148699EB005A27FC63183FA335
Authority key identifier: 8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/DKJ8DMlItMY75Xq9Y26angD9Qrc.roa
Signing time: Fri 31 Jan 2025 14:15:06 +0000
ROA not before: Fri 31 Jan 2025 14:15:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8641
IP address blocks: 77.73.24.0/21 maxlen: 21
77.94.160.0/19 maxlen: 19
77.94.175.0/24 maxlen: 24
81.26.144.0/21 maxlen: 21
81.26.144.0/24 maxlen: 24
81.26.152.0/22 maxlen: 22
81.26.154.0/24 maxlen: 24
81.26.155.0/24 maxlen: 24
84.47.128.0/23 maxlen: 23
84.47.131.0/24 maxlen: 24
84.47.134.0/23 maxlen: 23
84.47.135.0/24 maxlen: 24
84.47.136.0/24 maxlen: 24
84.47.140.0/22 maxlen: 22
84.47.143.0/24 maxlen: 24
84.47.144.0/23 maxlen: 23
84.47.147.0/24 maxlen: 24
84.47.150.0/23 maxlen: 32
84.47.152.0/23 maxlen: 23
84.47.156.0/22 maxlen: 22
84.47.160.0/24 maxlen: 24
84.47.161.0/24 maxlen: 24
84.47.162.0/24 maxlen: 24
84.47.163.0/24 maxlen: 24
84.47.164.0/23 maxlen: 23
84.47.164.0/24 maxlen: 24
84.47.168.0/22 maxlen: 22
84.47.172.0/24 maxlen: 24
84.47.174.0/23 maxlen: 23
84.47.176.0/23 maxlen: 23
84.47.176.0/24 maxlen: 24
84.47.177.0/24 maxlen: 24
84.47.178.0/24 maxlen: 24
84.47.181.0/24 maxlen: 24
84.47.182.0/23 maxlen: 23
84.47.186.0/23 maxlen: 23
84.47.190.0/23 maxlen: 23
85.91.96.0/21 maxlen: 21
85.91.112.0/22 maxlen: 22
85.91.118.0/23 maxlen: 23
85.91.120.0/23 maxlen: 23
85.91.122.0/24 maxlen: 24
185.106.107.0/24 maxlen: 24
213.135.64.0/23 maxlen: 23
213.135.67.0/24 maxlen: 24
213.135.69.0/24 maxlen: 24
213.135.70.0/24 maxlen: 24
213.135.72.0/23 maxlen: 23
213.135.77.0/24 maxlen: 24
213.135.82.0/23 maxlen: 23
213.135.84.0/22 maxlen: 22
213.135.88.0/22 maxlen: 22
213.208.160.0/21 maxlen: 21
213.208.168.0/23 maxlen: 23
213.208.170.0/24 maxlen: 24
213.208.172.0/23 maxlen: 23
213.208.174.0/23 maxlen: 23
213.208.176.0/21 maxlen: 21
213.208.184.0/24 maxlen: 24
213.208.188.0/22 maxlen: 22
2a02:bc8::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bc:b7:24:14:86:99:eb:00:5a:27:fc:63:18:3f:a3:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f3818554a51808eefb829ec7465a3222f270123
Validity
Not Before: Jan 31 14:15:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0ca27c0cc948b4c63be57abd636e9a9e00fd42b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:bd:76:ae:24:1c:19:d1:1d:7e:f0:32:d7:44:
08:c7:d7:4a:61:a7:a5:4f:8f:e2:d2:88:4e:2f:55:
b2:c2:06:ec:b7:d3:71:4f:70:b4:d3:ff:e9:dc:2e:
c1:89:63:49:6f:3d:31:b7:fc:4a:18:89:eb:f2:32:
70:c6:f5:5d:d5:8c:78:b6:ce:d7:41:21:ac:33:9b:
e8:f3:0c:c2:ad:06:3a:88:ba:f2:52:90:43:99:ab:
e8:ca:fd:16:6d:28:eb:e0:f2:5e:b7:4b:d8:46:b8:
98:b0:b3:55:2a:37:a6:be:fa:9b:d8:c7:74:12:31:
2f:8c:86:53:8f:81:41:4c:c9:e2:15:cf:88:ba:38:
6c:58:c2:2f:3d:5e:91:3d:7e:32:9b:2a:69:1e:ec:
9a:d9:ea:08:ff:e9:aa:83:ab:1f:ff:c5:01:af:ea:
de:4b:9b:80:19:93:8e:1d:fd:01:5a:84:e7:a4:66:
95:8c:a7:36:29:da:23:1b:17:3f:f2:2a:dc:0f:58:
ba:d0:a4:dd:c3:82:a4:8a:81:2b:8d:9c:c0:fd:08:
d2:23:e7:5c:da:bb:9e:d5:e5:fd:97:07:56:37:58:
57:db:85:87:7e:90:34:c0:61:88:45:cd:0b:0b:d4:
ae:e4:b8:d3:0f:15:43:f0:79:58:fb:36:d8:64:87:
55:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:A2:7C:0C:C9:48:B4:C6:3B:E5:7A:BD:63:6E:9A:9E:00:FD:42:B7
X509v3 Authority Key Identifier:
keyid:8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/DKJ8DMlItMY75Xq9Y26angD9Qrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/jzgYVUpRgI7vuCnsdGWjIi8nASM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.24.0/21
77.94.160.0/19
81.26.144.0-81.26.155.255
84.47.128.0/23
84.47.131.0/24
84.47.134.0-84.47.136.255
84.47.140.0-84.47.145.255
84.47.147.0/24
84.47.150.0-84.47.153.255
84.47.156.0-84.47.165.255
84.47.168.0-84.47.172.255
84.47.174.0-84.47.178.255
84.47.181.0-84.47.183.255
84.47.186.0/23
84.47.190.0/23
85.91.96.0/21
85.91.112.0/22
85.91.118.0-85.91.122.255
185.106.107.0/24
213.135.64.0/23
213.135.67.0/24
213.135.69.0-213.135.70.255
213.135.72.0/23
213.135.77.0/24
213.135.82.0-213.135.91.255
213.208.160.0-213.208.170.255
213.208.172.0-213.208.184.255
213.208.188.0/22
IPv6:
2a02:bc8::/29
Signature Algorithm: sha256WithRSAEncryption
8b:f2:84:74:ca:28:dd:8e:d6:27:ac:60:23:23:68:7a:f3:aa:
70:14:94:20:5c:1b:f7:e8:b5:e3:77:e1:52:19:c3:28:1e:e9:
7b:70:d9:4e:36:ea:04:42:90:ca:3f:b3:ba:02:58:71:e9:de:
45:35:11:0c:c2:86:11:cf:fe:d8:04:10:7a:61:0b:9f:a8:2a:
9b:ae:46:fa:ce:7c:9d:2a:cc:2c:d9:6c:d5:9a:1c:c1:75:93:
d5:33:52:a5:65:40:5a:67:77:55:0a:9e:ae:6b:37:54:f9:25:
21:0b:13:29:70:38:ed:1d:73:84:41:4d:0d:82:c2:b2:93:24:
d5:ec:f5:12:87:2d:43:84:bd:e6:c6:8b:f2:7d:63:98:76:62:
1d:32:76:1e:e6:a7:4e:b8:b5:df:8d:b0:28:aa:e8:0f:47:22:
63:41:07:a8:de:b9:39:a3:83:ca:23:0f:de:ca:4b:51:96:fc:
bf:42:d2:9e:fe:6a:ae:5a:37:5a:39:94:48:ea:22:af:bf:be:
f7:92:ec:79:0f:61:d0:c9:ca:df:21:88:2d:81:b1:7f:3a:f9:
af:de:39:a2:6a:d0:0f:40:ae:56:5e:c0:8b:d3:c5:95:8e:34:
3d:c1:ac:eb:ed:20:16:ea:8b:df:88:c4:4f:d3:d7:25:e1:49:
df:3b:e6:94
-----BEGIN CERTIFICATE-----
MIIGIDCCBQigAwIBAgISAZS8tyQUhpnrAFon/GMYP6M1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzgxODU1NGE1MTgwOGVlZmI4MjllYzc0NjVhMzIyMmYy
NzAxMjMwHhcNMjUwMTMxMTQxNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2EyN2MwY2M5NDhiNGM2M2JlNTdhYmQ2MzZlOWE5ZTAwZmQ0MmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtL12riQcGdEdfvAy10QIx9dKYael
T4/i0ohOL1Wywgbst9NxT3C00//p3C7BiWNJbz0xt/xKGInr8jJwxvVd1Yx4ts7X
QSGsM5vo8wzCrQY6iLryUpBDmavoyv0WbSjr4PJet0vYRriYsLNVKjemvvqb2Md0
EjEvjIZTj4FBTMniFc+IujhsWMIvPV6RPX4ymyppHuya2eoI/+mqg6sf/8UBr+re
S5uAGZOOHf0BWoTnpGaVjKc2KdojGxc/8ircD1i60KTdw4KkioErjZzA/QjSI+dc
2rue1eX9lwdWN1hX24WHfpA0wGGIRc0LC9Su5LjTDxVD8HlY+zbYZIdV1QIDAQAB
o4IDLDCCAygwHQYDVR0OBBYEFAyifAzJSLTGO+V6vWNump4A/UK3MB8GA1UdIwQY
MBaAFI84GFVKUYCO77gp7HRloyIvJwEjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgt
YmZiNGJhMzBlNDVhLzEvREtKOERNbEl0TVk3NVhxOVkyNmFuZ0Q5UXJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgtYmZiNGJhMzBlNDVh
LzEvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQAYIKwYBBQUHAQcBAf8EggEvMIIBKzCCARgEAgABMIIB
EAMEA01JGAMEBU1eoDAMAwQEURqQAwQCURqYAwQBVC+AAwQAVC+DMAwDBAFUL4YD
BABUL4gwDAMEAlQvjAMEAVQvkAMEAFQvkzAMAwQBVC+WAwQBVC+YMAwDBAJUL5wD
BAFUL6QwDAMEA1QvqAMEAFQvrDAMAwQBVC+uAwQAVC+yMAwDBABUL7UDBANUL7AD
BAFUL7oDBAFUL74DBANVW2ADBAJVW3AwDAMEAVVbdgMEAFVbegMEALlqawMEAdWH
QAMEANWHQzAMAwQA1YdFAwQA1YdGAwQB1YdIAwQA1YdNMAwDBAHVh1IDBALVh1gw
DAMEBdXQoAMEANXQqjAMAwQC1dCsAwQA1dC4AwQC1dC8MA0EAgACMAcDBQMqAgvI
MA0GCSqGSIb3DQEBCwUAA4IBAQCL8oR0yijdjtYnrGAjI2h686pwFJQgXBv36LXj
d+FSGcMoHul7cNlONuoEQpDKP7O6Alhx6d5FNREMwoYRz/7YBBB6YQufqCqbrkb6
znydKsws2WzVmhzBdZPVM1KlZUBaZ3dVCp6uazdU+SUhCxMpcDjtHXOEQU0NgsKy
kyTV7PUShy1DhL3mxovyfWOYdmIdMnYe5qdOuLXfjbAoqugPRyJjQQeo3rk5o4PK
Iw/eyktRlvy/QtKe/mquWjdaOZRI6iKvv773kux5D2HQycrfIYgtgbF/Ovmv3jmi
atAPQK5WXsCL08WVjjQ9wazr7SAW6ovfiMRP09cl4UnfO+aU
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:23:20 2025 by rpki-client