Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/2ac980-2259-46fd-a428-7b98c7462a7e/1/IDSoal-WPRQg2kggJnZlgyY7mtI.roa
File: IDSoal-WPRQg2kggJnZlgyY7mtI.roa (raw, json)
Hash identifier: juWvqJns3UfT6SO2SE3jBpIvpwCfu+sMyWgDyL3Cs3I=
Subject key identifier: 20:34:A8:6A:5F:96:3D:14:20:DA:48:20:26:76:65:83:26:3B:9A:D2
Certificate issuer: /CN=84f2ce71c6ffce87560d565ee5ccda31e01b9c15
Certificate serial: 0194206831DF7C8B5F5B46DDBA05530D61F4
Authority key identifier: 84:F2:CE:71:C6:FF:CE:87:56:0D:56:5E:E5:CC:DA:31:E0:1B:9C:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPLOccb_zodWDVZe5czaMeAbnBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/2ac980-2259-46fd-a428-7b98c7462a7e/1/IDSoal-WPRQg2kggJnZlgyY7mtI.roa
Signing time: Wed 01 Jan 2025 05:48:06 +0000
ROA not before: Wed 01 Jan 2025 05:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13036
IP address blocks: 37.48.0.0/18 maxlen: 18
46.13.0.0/16 maxlen: 16
62.77.64.0/18 maxlen: 18
62.84.128.0/19 maxlen: 19
62.141.0.0/19 maxlen: 19
62.168.0.0/18 maxlen: 18
62.209.192.0/18 maxlen: 18
78.80.0.0/16 maxlen: 16
89.24.0.0/16 maxlen: 16
91.139.0.0/17 maxlen: 17
193.85.0.0/16 maxlen: 16
193.86.0.0/16 maxlen: 16
193.179.0.0/16 maxlen: 16
194.108.0.0/16 maxlen: 16
194.149.96.0/19 maxlen: 19
194.212.0.0/16 maxlen: 16
194.213.32.0/19 maxlen: 19
194.213.192.0/19 maxlen: 19
195.22.32.0/19 maxlen: 19
195.39.0.0/17 maxlen: 17
195.47.0.0/17 maxlen: 17
195.70.128.0/19 maxlen: 19
195.144.96.0/19 maxlen: 19
212.47.0.0/19 maxlen: 19
212.65.192.0/18 maxlen: 18
213.29.0.0/16 maxlen: 16
213.210.128.0/18 maxlen: 18
2001:af0::/32 maxlen: 32
2001:1ae8::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:31:df:7c:8b:5f:5b:46:dd:ba:05:53:0d:61:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f2ce71c6ffce87560d565ee5ccda31e01b9c15
Validity
Not Before: Jan 1 05:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2034a86a5f963d1420da482026766583263b9ad2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:10:4c:35:db:8f:7f:bc:02:49:4e:c7:fa:f1:
8a:51:92:78:bd:8f:2c:70:d7:91:c2:47:05:a1:2c:
ae:7f:60:4c:f8:0a:3b:63:d5:cb:f6:6f:0f:f6:61:
3b:0c:ee:af:ea:d2:0a:74:37:cd:76:78:3b:f6:f8:
6f:65:69:61:07:71:ac:6e:b0:b6:21:5e:f5:64:84:
e8:18:b4:65:d0:18:de:5a:de:35:2c:5f:9c:89:82:
84:5f:a4:d9:52:68:6b:e9:2f:eb:3c:8f:dd:8e:91:
d4:04:92:9d:3c:67:6e:6a:a2:4a:31:ba:2c:d3:cf:
d3:2c:8a:12:12:56:d0:f3:c3:7b:41:10:db:be:80:
03:c6:29:50:43:81:9c:d7:a4:d6:1f:83:e7:0d:98:
20:73:dc:ca:b9:4f:91:9a:e3:42:ab:ca:76:66:b6:
54:9e:8e:a5:06:11:16:5f:41:ae:ff:23:f0:fb:1e:
9a:fd:b6:f8:35:b6:f2:52:11:24:ce:5c:51:63:6f:
0e:bb:61:7c:e3:a4:fc:6e:e2:53:27:b6:99:37:93:
b0:b1:2c:e8:b2:fd:1e:a5:0d:ab:73:e5:69:a3:ed:
d4:76:cb:58:63:12:c8:ca:52:31:3e:fe:ac:73:f1:
59:88:cc:c1:86:f9:ed:3a:d0:a7:63:36:ae:4f:ae:
f6:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:34:A8:6A:5F:96:3D:14:20:DA:48:20:26:76:65:83:26:3B:9A:D2
X509v3 Authority Key Identifier:
keyid:84:F2:CE:71:C6:FF:CE:87:56:0D:56:5E:E5:CC:DA:31:E0:1B:9C:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPLOccb_zodWDVZe5czaMeAbnBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/2ac980-2259-46fd-a428-7b98c7462a7e/1/IDSoal-WPRQg2kggJnZlgyY7mtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/2ac980-2259-46fd-a428-7b98c7462a7e/1/hPLOccb_zodWDVZe5czaMeAbnBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.48.0.0/18
46.13.0.0/16
62.77.64.0/18
62.84.128.0/19
62.141.0.0/19
62.168.0.0/18
62.209.192.0/18
78.80.0.0/16
89.24.0.0/16
91.139.0.0/17
193.85.0.0-193.86.255.255
193.179.0.0/16
194.108.0.0/16
194.149.96.0/19
194.212.0.0/16
194.213.32.0/19
194.213.192.0/19
195.22.32.0/19
195.39.0.0/17
195.47.0.0/17
195.70.128.0/19
195.144.96.0/19
212.47.0.0/19
212.65.192.0/18
213.29.0.0/16
213.210.128.0/18
IPv6:
2001:af0::/32
2001:1ae8::/29
Signature Algorithm: sha256WithRSAEncryption
5a:37:27:21:a1:fd:11:d3:92:f0:36:4d:ca:e1:d7:9f:cf:ae:
00:bd:cf:4b:20:11:06:6c:99:46:4b:21:51:da:83:5c:d3:5d:
32:a6:f2:ab:e6:dc:01:00:57:7c:68:f1:21:0d:67:bf:5c:b0:
7e:bf:15:d5:f4:aa:ad:78:13:56:15:c9:83:6a:17:2a:d2:54:
74:5c:19:3c:07:df:2b:2e:33:29:55:58:0b:f9:e7:e7:d8:a1:
f8:e5:58:5e:d5:05:9b:70:5a:37:98:68:d9:73:e7:e4:ff:96:
2a:59:48:06:96:59:98:09:c0:8f:cf:2b:83:55:5d:ae:76:08:
e5:e3:62:e4:1f:74:b4:26:9e:bc:85:4b:36:c9:af:cd:91:f9:
96:ad:cc:cd:41:ab:50:e6:d4:e8:c0:8f:7e:f9:53:e8:2e:2e:
60:01:07:61:89:50:39:f5:d3:05:8b:e3:d1:56:34:f2:5a:80:
91:22:5f:6b:45:6e:f1:41:8b:47:e9:5b:89:e4:0b:d5:a1:a8:
92:c4:7d:13:22:26:f1:5e:fe:e1:e1:57:f8:c6:4d:82:7b:e0:
74:a2:30:c0:e3:d1:e5:ef:e4:93:da:bd:01:b2:a6:ad:8c:a6:
30:9a:f7:1b:6e:02:1b:e5:f5:c1:94:96:d1:6e:47:04:22:de:
8e:58:0d:14
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAZQgaDHffItfW0bdugVTDWH0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjJjZTcxYzZmZmNlODc1NjBkNTY1ZWU1Y2NkYTMxZTAx
YjljMTUwHhcNMjUwMTAxMDU0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDM0YTg2YTVmOTYzZDE0MjBkYTQ4MjAyNjc2NjU4MzI2M2I5YWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxBMNduPf7wCSU7H+vGKUZJ4vY8s
cNeRwkcFoSyuf2BM+Ao7Y9XL9m8P9mE7DO6v6tIKdDfNdng79vhvZWlhB3GsbrC2
IV71ZIToGLRl0BjeWt41LF+ciYKEX6TZUmhr6S/rPI/djpHUBJKdPGduaqJKMbos
08/TLIoSElbQ88N7QRDbvoADxilQQ4Gc16TWH4PnDZggc9zKuU+RmuNCq8p2ZrZU
no6lBhEWX0Gu/yPw+x6a/bb4NbbyUhEkzlxRY28Ou2F846T8buJTJ7aZN5OwsSzo
sv0epQ2rc+Vpo+3UdstYYxLIylIxPv6sc/FZiMzBhvntOtCnYzauT672lQIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFCA0qGpflj0UINpIICZ2ZYMmO5rSMB8GA1UdIwQY
MBaAFITyznHG/86HVg1WXuXM2jHgG5wVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBMT2NjYl96b2RXRFZaZTVjemFNZUFibkJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny8yYWM5ODAtMjI1OS00NmZkLWE0Mjgt
N2I5OGM3NDYyYTdlLzEvSURTb2FsLVdQUlFnMmtnZ0puWmxneVk3bXRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny8yYWM5ODAtMjI1OS00NmZkLWE0MjgtN2I5OGM3NDYyYTdl
LzEvaFBMT2NjYl96b2RXRFZaZTVjemFNZUFibkJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBogQCAAEwgZsDBAYl
MAADAwAuDQMEBj5NQAMEBT5UgAMEBT6NAAMEBj6oAAMEBj7RwAMDAE5QAwMAWRgD
BAdbiwAwCgMDAMFVAwMAwVYDAwDBswMDAMJsAwQFwpVgAwMAwtQDBAXC1SADBAXC
1cADBAXDFiADBAfDJwADBAfDLwADBAXDRoADBAXDkGADBAXULwADBAbUQcADAwDV
HQMEBtXSgDAUBAIAAjAOAwUAIAEK8AMFAyABGugwDQYJKoZIhvcNAQELBQADggEB
AFo3JyGh/RHTkvA2Tcrh15/PrgC9z0sgEQZsmUZLIVHag1zTXTKm8qvm3AEAV3xo
8SENZ79csH6/FdX0qq14E1YVyYNqFyrSVHRcGTwH3ysuMylVWAv55+fYofjlWF7V
BZtwWjeYaNlz5+T/lipZSAaWWZgJwI/PK4NVXa52COXjYuQfdLQmnryFSzbJr82R
+ZatzM1Bq1Dm1OjAj375U+guLmABB2GJUDn10wWL49FWNPJagJEiX2tFbvFBi0fp
W4nkC9WhqJLEfRMiJvFe/uHhV/jGTYJ74HSiMMDj0eXv5JPavQGypq2MpjCa9xtu
Ahvl9cGUltFuRwQi3o5YDRQ=
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:35:27 2025 by rpki-client