Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/9K0UiUtwMeDGLO07jN4cphQ0NhA.roa
File: 9K0UiUtwMeDGLO07jN4cphQ0NhA.roa (raw, json)
Hash identifier: iD28nbSB8h3AMCMtfL1dVEifxVKaj30VOiCxNvUpdlc=
Subject key identifier: F4:AD:14:89:4B:70:31:E0:C6:2C:ED:3B:8C:DE:1C:A6:14:34:36:10
Certificate issuer: /CN=e801f23ce821c264d67727536ec183537594c5f2
Certificate serial: 0194228D7164581F4D15DEC4AD942B6FDF09
Authority key identifier: E8:01:F2:3C:E8:21:C2:64:D6:77:27:53:6E:C1:83:53:75:94:C5:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6AHyPOghwmTWdydTbsGDU3WUxfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/9K0UiUtwMeDGLO07jN4cphQ0NhA.roa
Signing time: Wed 01 Jan 2025 15:48:02 +0000
ROA not before: Wed 01 Jan 2025 15:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1653
IP address blocks: 37.156.192.0/20 maxlen: 26
77.238.32.0/19 maxlen: 19
86.104.48.0/20 maxlen: 20
86.104.152.0/21 maxlen: 21
86.104.200.0/21 maxlen: 21
86.105.112.0/21 maxlen: 21
86.106.160.0/21 maxlen: 21
89.32.32.0/21 maxlen: 21
89.32.72.0/21 maxlen: 21
89.33.136.0/21 maxlen: 23
89.34.184.0/21 maxlen: 21
89.34.240.0/21 maxlen: 21
89.37.176.0/21 maxlen: 21
89.41.160.0/21 maxlen: 21
89.43.232.0/21 maxlen: 21
89.44.0.0/21 maxlen: 24
89.44.248.0/21 maxlen: 22
89.45.232.0/21 maxlen: 21
89.45.236.0/22 maxlen: 22
89.46.16.0/21 maxlen: 21
89.46.16.0/24 maxlen: 24
89.46.17.0/24 maxlen: 24
89.46.18.0/24 maxlen: 24
89.46.20.0/22 maxlen: 22
89.47.184.0/21 maxlen: 21
91.250.192.0/19 maxlen: 19
93.115.160.0/21 maxlen: 21
94.176.224.0/21 maxlen: 25
188.211.240.0/21 maxlen: 21
188.240.144.0/20 maxlen: 24
188.241.160.0/20 maxlen: 20
193.10.0.0/16 maxlen: 24
193.11.0.0/16 maxlen: 24
194.47.0.0/16 maxlen: 16
212.25.128.0/19 maxlen: 19
2001:6b0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:71:64:58:1f:4d:15:de:c4:ad:94:2b:6f:df:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e801f23ce821c264d67727536ec183537594c5f2
Validity
Not Before: Jan 1 15:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4ad14894b7031e0c62ced3b8cde1ca614343610
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:4a:14:65:3d:fd:ad:ad:5e:d2:b0:6f:2a:74:
59:f2:70:9f:bf:23:a5:a0:3a:a2:bf:02:ef:1a:8a:
3d:fa:23:d5:f7:db:85:ab:45:59:79:76:9a:38:60:
83:7f:3c:2b:95:52:9a:01:15:7d:8c:11:d8:e2:d3:
c7:83:eb:cc:f7:9b:75:3e:11:c3:5f:75:46:f6:cc:
b4:26:30:27:c6:96:9c:6d:73:4b:1f:3d:14:dc:d2:
55:c6:29:f5:0b:5b:5d:65:38:e9:e5:07:1b:8e:7b:
90:ce:10:a2:8f:ca:c1:ed:bd:f4:c6:48:b9:d4:9c:
0d:41:1e:01:e9:9e:82:d4:7e:49:83:53:90:0b:21:
72:53:3a:cd:c7:8b:1f:c1:53:35:89:b5:21:bb:0e:
99:be:55:5b:5a:ab:f3:e1:74:ac:e3:62:d4:60:81:
e0:5f:df:37:29:a9:da:3c:77:06:2a:79:28:fd:49:
ae:41:e5:28:de:b4:1c:ba:e6:c4:cf:11:ce:54:9a:
1f:10:de:9b:bc:04:68:ee:e8:78:15:21:9e:e7:a4:
ff:d1:d4:fe:8b:f6:82:74:56:fe:53:92:6d:78:b4:
75:e1:c6:76:b0:f2:bf:59:12:07:e0:8f:53:1b:f4:
50:06:7a:e4:d0:87:26:5e:16:f9:a9:dd:d6:fb:4b:
da:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:AD:14:89:4B:70:31:E0:C6:2C:ED:3B:8C:DE:1C:A6:14:34:36:10
X509v3 Authority Key Identifier:
keyid:E8:01:F2:3C:E8:21:C2:64:D6:77:27:53:6E:C1:83:53:75:94:C5:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6AHyPOghwmTWdydTbsGDU3WUxfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/9K0UiUtwMeDGLO07jN4cphQ0NhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/6AHyPOghwmTWdydTbsGDU3WUxfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.192.0/20
77.238.32.0/19
86.104.48.0/20
86.104.152.0/21
86.104.200.0/21
86.105.112.0/21
86.106.160.0/21
89.32.32.0/21
89.32.72.0/21
89.33.136.0/21
89.34.184.0/21
89.34.240.0/21
89.37.176.0/21
89.41.160.0/21
89.43.232.0/21
89.44.0.0/21
89.44.248.0/21
89.45.232.0/21
89.46.16.0/21
89.47.184.0/21
91.250.192.0/19
93.115.160.0/21
94.176.224.0/21
188.211.240.0/21
188.240.144.0/20
188.241.160.0/20
193.10.0.0/15
194.47.0.0/16
212.25.128.0/19
IPv6:
2001:6b0::/32
Signature Algorithm: sha256WithRSAEncryption
12:ff:eb:99:d1:33:bf:9e:cb:fd:6e:f3:d5:b6:6b:d3:28:a5:
69:00:ea:04:f8:a7:c6:e4:46:c5:1d:ba:85:50:d4:64:44:94:
62:50:ab:41:9a:9a:48:25:7c:7a:cb:2c:99:da:3f:b4:b9:40:
b1:3b:e1:86:79:e0:e2:70:d9:f5:bc:6c:3d:6f:03:17:29:9b:
40:05:30:65:da:87:d1:73:13:be:59:d0:a5:b3:af:bb:9b:04:
66:79:fc:0f:e7:5d:f1:5c:ec:42:29:bb:4d:3e:5d:87:73:d6:
6e:74:26:17:aa:fe:43:75:0a:3c:c9:d4:ff:a1:a4:19:27:cc:
d0:2a:3f:cd:fd:af:47:ed:4e:58:3b:58:a3:d4:a9:97:75:a8:
3c:80:bb:84:4c:0b:d1:c5:8b:d7:84:d0:cb:02:a0:e7:31:96:
35:e5:34:ba:d3:5f:9a:5c:15:fa:40:d7:c6:d2:8a:10:bc:e6:
a0:08:89:94:06:3c:17:ee:cf:a9:10:b7:6c:0a:df:d9:66:3c:
5d:8d:04:92:bc:60:47:c8:67:fd:c5:8b:3b:54:fe:0a:8d:aa:
4f:82:b3:80:3f:fb:32:33:d2:d0:36:6a:b9:9c:cc:be:76:42:
39:64:2f:74:12:fa:52:1c:77:5d:1e:17:27:e4:74:c2:ff:b0:
46:97:12:57
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgISAZQijXFkWB9NFd7ErZQrb98JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4MDFmMjNjZTgyMWMyNjRkNjc3Mjc1MzZlYzE4MzUzNzU5
NGM1ZjIwHhcNMjUwMTAxMTU0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGFkMTQ4OTRiNzAzMWUwYzYyY2VkM2I4Y2RlMWNhNjE0MzQzNjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkoUZT39ra1e0rBvKnRZ8nCfvyOl
oDqivwLvGoo9+iPV99uFq0VZeXaaOGCDfzwrlVKaARV9jBHY4tPHg+vM95t1PhHD
X3VG9sy0JjAnxpacbXNLHz0U3NJVxin1C1tdZTjp5QcbjnuQzhCij8rB7b30xki5
1JwNQR4B6Z6C1H5Jg1OQCyFyUzrNx4sfwVM1ibUhuw6ZvlVbWqvz4XSs42LUYIHg
X983KanaPHcGKnko/UmuQeUo3rQcuubEzxHOVJofEN6bvARo7uh4FSGe56T/0dT+
i/aCdFb+U5JteLR14cZ2sPK/WRIH4I9TG/RQBnrk0IcmXhb5qd3W+0vaXQIDAQAB
o4ICwzCCAr8wHQYDVR0OBBYEFPStFIlLcDHgxiztO4zeHKYUNDYQMB8GA1UdIwQY
MBaAFOgB8jzoIcJk1ncnU27Bg1N1lMXyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkFIeVBPZ2h3bVRXZHlkVGJzR0RVM1dVeGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9lYWI0ZDgtNmFmZC00ZjgxLWFiMTAt
NDY0ZWIxODNiNTY4LzEvOUswVWlVdHdNZURHTE8wN2pONGNwaFEwTmhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9lYWI0ZDgtNmFmZC00ZjgxLWFiMTAtNDY0ZWIxODNiNTY4
LzEvNkFIeVBPZ2h3bVRXZHlkVGJzR0RVM1dVeGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHYBggrBgEFBQcBBwEB/wSByDCBxTCBswQCAAEwgawDBAQl
nMADBAVN7iADBARWaDADBANWaJgDBANWaMgDBANWaXADBANWaqADBANZICADBANZ
IEgDBANZIYgDBANZIrgDBANZIvADBANZJbADBANZKaADBANZK+gDBANZLAADBANZ
LPgDBANZLegDBANZLhADBANZL7gDBAVb+sADBANdc6ADBANesOADBAO80/ADBAS8
8JADBAS88aADAwHBCgMDAMIvAwQF1BmAMA0EAgACMAcDBQAgAQawMA0GCSqGSIb3
DQEBCwUAA4IBAQAS/+uZ0TO/nsv9bvPVtmvTKKVpAOoE+KfG5EbFHbqFUNRkRJRi
UKtBmppIJXx6yyyZ2j+0uUCxO+GGeeDicNn1vGw9bwMXKZtABTBl2ofRcxO+WdCl
s6+7mwRmefwP513xXOxCKbtNPl2Hc9ZudCYXqv5DdQo8ydT/oaQZJ8zQKj/N/a9H
7U5YO1ij1KmXdag8gLuETAvRxYvXhNDLAqDnMZY15TS601+aXBX6QNfG0ooQvOag
CImUBjwX7s+pELdsCt/ZZjxdjQSSvGBHyGf9xYs7VP4KjapPgrOAP/syM9LQNmq5
nMy+dkI5ZC90EvpSHHddHhcn5HTC/7BGlxJX
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:10:39 2025 by rpki-client