Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/RPNTJtsoGYjlctRP60MYXeunwR8.roa
File: RPNTJtsoGYjlctRP60MYXeunwR8.roa (raw, json)
Hash identifier: wpfWB2efN5cOWUrJA1g9XCHJIBwKV5Uey/Jj5a0ScLE=
Subject key identifier: 44:F3:53:26:DB:28:19:88:E5:72:D4:4F:EB:43:18:5D:EB:A7:C1:1F
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 0194AC0AF58A07FF9DFB54A9442CA4212466
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/RPNTJtsoGYjlctRP60MYXeunwR8.roa
Signing time: Tue 28 Jan 2025 08:33:06 +0000
ROA not before: Tue 28 Jan 2025 08:33:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137409
IP address blocks: 14.102.62.0/24 maxlen: 24
62.169.134.0/24 maxlen: 24
103.61.196.0/24 maxlen: 24
103.138.78.0/24 maxlen: 24
167.160.28.0/24 maxlen: 24
192.253.209.0/24 maxlen: 24
192.253.210.0/24 maxlen: 24
192.253.211.0/24 maxlen: 24
198.55.31.0/24 maxlen: 24
203.188.166.0/24 maxlen: 24
203.188.174.0/24 maxlen: 24
203.188.175.0/24 maxlen: 24
203.188.176.0/24 maxlen: 24
203.188.177.0/24 maxlen: 24
203.188.178.0/24 maxlen: 24
203.188.179.0/24 maxlen: 24
203.188.180.0/24 maxlen: 24
203.188.182.0/24 maxlen: 24
203.188.183.0/24 maxlen: 24
203.188.184.0/24 maxlen: 24
203.188.185.0/24 maxlen: 24
203.188.186.0/24 maxlen: 24
203.188.187.0/24 maxlen: 24
203.188.188.0/24 maxlen: 24
203.188.189.0/24 maxlen: 24
203.188.190.0/24 maxlen: 24
203.188.191.0/24 maxlen: 24
212.32.48.0/24 maxlen: 24
212.32.49.0/24 maxlen: 24
212.32.50.0/24 maxlen: 24
212.32.51.0/24 maxlen: 24
212.32.70.0/24 maxlen: 24
212.32.71.0/24 maxlen: 24
212.32.73.0/24 maxlen: 24
212.32.76.0/24 maxlen: 24
212.32.77.0/24 maxlen: 24
212.32.78.0/24 maxlen: 24
212.32.79.0/24 maxlen: 24
212.56.52.0/24 maxlen: 24
212.56.53.0/24 maxlen: 24
212.56.54.0/24 maxlen: 24
212.56.55.0/24 maxlen: 24
213.254.163.0/24 maxlen: 24
213.254.172.0/24 maxlen: 24
213.254.173.0/24 maxlen: 24
213.254.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ac:0a:f5:8a:07:ff:9d:fb:54:a9:44:2c:a4:21:24:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jan 28 08:33:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=44f35326db281988e572d44feb43185deba7c11f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:45:1f:f5:fd:5f:a0:0a:ed:cb:a8:b8:4f:1e:
ef:d4:09:f2:b2:3e:e2:62:48:bb:94:54:1b:65:b4:
cb:14:cc:aa:c0:a2:20:a1:38:07:56:78:7f:29:8f:
0f:89:a0:ae:e3:91:8a:58:e0:c4:f3:ab:2e:b3:2a:
85:85:c7:5b:05:12:90:f0:94:73:ba:e0:57:69:7f:
75:98:41:7e:f9:b2:35:54:58:84:e3:20:07:0e:1f:
02:de:42:cf:79:b6:ff:bc:28:77:91:dd:d1:b3:fa:
b8:26:e2:a3:25:b6:2d:7c:c0:8c:38:39:a8:85:3d:
2f:0f:b5:f2:1b:a2:0f:bf:35:a5:e1:21:ab:86:6a:
56:91:35:b5:8a:40:6f:9c:e6:76:e4:90:bb:f8:a2:
84:38:36:4a:97:71:8b:61:d6:45:0e:d8:13:86:39:
f3:44:e3:e9:41:11:f2:ad:7f:f2:25:3f:65:ab:65:
b0:02:87:fc:4f:71:0f:90:bb:b8:42:8b:4a:3b:8f:
03:c1:71:9d:fc:bf:06:2b:0f:59:5f:f8:2a:45:f7:
90:ab:7c:39:02:43:3e:e0:5e:d8:7c:4b:bd:e2:c4:
74:7d:7f:21:93:6b:5d:f7:04:15:19:f2:2a:71:b5:
3a:e0:d0:72:2c:40:9d:6c:00:7d:4f:7e:12:f1:53:
b4:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:F3:53:26:DB:28:19:88:E5:72:D4:4F:EB:43:18:5D:EB:A7:C1:1F
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/RPNTJtsoGYjlctRP60MYXeunwR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.62.0/24
62.169.134.0/24
103.61.196.0/24
103.138.78.0/24
167.160.28.0/24
192.253.209.0-192.253.211.255
198.55.31.0/24
203.188.166.0/24
203.188.174.0-203.188.180.255
203.188.182.0-203.188.191.255
212.32.48.0/22
212.32.70.0/23
212.32.73.0/24
212.32.76.0/22
212.56.52.0/22
213.254.163.0/24
213.254.172.0/23
213.254.175.0/24
Signature Algorithm: sha256WithRSAEncryption
36:25:91:c2:7c:be:e2:02:3d:7e:da:c5:7c:a4:57:07:20:1e:
dc:b0:86:f7:75:bf:a6:85:0d:e1:c0:b1:41:b3:20:1b:71:a2:
30:8d:a2:04:4b:3b:5f:2d:0a:12:64:74:84:03:95:5b:12:5a:
66:33:b1:e6:2e:e8:5f:f7:39:b7:45:5d:43:27:7b:f3:8f:33:
d8:d1:b1:a0:d4:42:cd:26:cf:d5:16:f5:f9:b2:47:e1:c1:98:
76:98:c9:c0:ee:2e:78:37:87:ac:4a:06:0a:aa:b9:c3:08:a9:
05:73:bb:78:73:f7:1e:3f:d5:e8:0c:02:c5:a0:42:13:bd:f7:
f9:69:14:d5:36:b9:73:57:cd:cb:27:b2:c4:14:7a:45:63:18:
b0:d1:6f:eb:7f:62:36:b5:1a:7a:f0:4b:e5:51:67:dd:f4:b2:
36:0a:1d:28:64:a1:67:25:40:cb:05:eb:7e:d7:97:57:78:6e:
a3:29:1c:f7:7e:3a:62:3d:f0:7e:4c:bc:3a:10:80:42:a0:c6:
f7:ab:9b:d2:f9:19:53:d0:65:d6:62:6a:df:30:fa:e2:4e:32:
46:08:3e:95:98:00:b4:95:e6:39:77:dd:04:ed:dd:2a:f6:4e:
c5:33:be:7a:75:76:6a:3e:1a:cd:91:5f:00:f4:e4:08:3e:2b:
43:ec:c8:d7
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZSsCvWKB/+d+1SpRCykISRmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwMTI4MDgzMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGYzNTMyNmRiMjgxOTg4ZTU3MmQ0NGZlYjQzMTg1ZGViYTdjMTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1EUf9f1foArty6i4Tx7v1Anysj7i
Yki7lFQbZbTLFMyqwKIgoTgHVnh/KY8PiaCu45GKWODE86susyqFhcdbBRKQ8JRz
uuBXaX91mEF++bI1VFiE4yAHDh8C3kLPebb/vCh3kd3Rs/q4JuKjJbYtfMCMODmo
hT0vD7XyG6IPvzWl4SGrhmpWkTW1ikBvnOZ25JC7+KKEODZKl3GLYdZFDtgThjnz
ROPpQRHyrX/yJT9lq2WwAof8T3EPkLu4QotKO48DwXGd/L8GKw9ZX/gqRfeQq3w5
AkM+4F7YfEu94sR0fX8hk2td9wQVGfIqcbU64NByLECdbAB9T34S8VO0+QIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFETzUybbKBmI5XLUT+tDGF3rp8EfMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvUlBOVEp0c29HWWpsY3RSUDYwTVlYZXVud1I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAAO
Zj4DBAA+qYYDBABnPcQDBABnik4DBACnoBwwDAMEAMD90QMEAsD90AMEAMY3HwME
AMu8pjAMAwQBy7yuAwQAy7y0MAwDBAHLvLYDBAbLvIADBALUIDADBAHUIEYDBADU
IEkDBALUIEwDBALUODQDBADV/qMDBAHV/qwDBADV/q8wDQYJKoZIhvcNAQELBQAD
ggEBADYlkcJ8vuICPX7axXykVwcgHtywhvd1v6aFDeHAsUGzIBtxojCNogRLO18t
ChJkdIQDlVsSWmYzseYu6F/3ObdFXUMne/OPM9jRsaDUQs0mz9UW9fmyR+HBmHaY
ycDuLng3h6xKBgqqucMIqQVzu3hz9x4/1egMAsWgQhO99/lpFNU2uXNXzcsnssQU
ekVjGLDRb+t/Yja1GnrwS+VRZ930sjYKHShkoWclQMsF637Xl1d4bqMpHPd+OmI9
8H5MvDoQgEKgxverm9L5GVPQZdZiat8w+uJOMkYIPpWYALSV5jl33QTt3Sr2TsUz
vnp1dmo+Gs2RXwD05Ag+K0PsyNc=
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:56:56 2025 by rpki-client