Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/9e2b1a-163b-4854-961a-ea75ddf47b4a/1/DHjHu0kvW9aDO9jDZZ4EQHc7D7I.roa
File: DHjHu0kvW9aDO9jDZZ4EQHc7D7I.roa (raw, json)
Hash identifier: la12cckTSrBNBcv/9mFKk31o5d6TpPQuh7CtHumZ2Uo=
Subject key identifier: 0C:78:C7:BB:49:2F:5B:D6:83:3B:D8:C3:65:9E:04:40:77:3B:0F:B2
Certificate issuer: /CN=f4c0aa7b3e3cbff88262add92b339e35051ce1a0
Certificate serial: 019426D974F75A49A95FC2101B60D78500C5
Authority key identifier: F4:C0:AA:7B:3E:3C:BF:F8:82:62:AD:D9:2B:33:9E:35:05:1C:E1:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9MCqez48v_iCYq3ZKzOeNQUc4aA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/9e2b1a-163b-4854-961a-ea75ddf47b4a/1/DHjHu0kvW9aDO9jDZZ4EQHc7D7I.roa
Signing time: Thu 02 Jan 2025 11:49:32 +0000
ROA not before: Thu 02 Jan 2025 11:49:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47956
IP address blocks: 5.102.192.0/18 maxlen: 24
31.210.176.0/20 maxlen: 24
37.46.32.0/20 maxlen: 24
91.205.152.0/22 maxlen: 24
94.230.80.0/20 maxlen: 24
141.226.0.0/19 maxlen: 24
141.226.0.0/21 maxlen: 21
141.226.0.0/22 maxlen: 22
141.226.4.0/22 maxlen: 22
141.226.8.0/21 maxlen: 21
141.226.8.0/22 maxlen: 22
141.226.12.0/22 maxlen: 22
141.226.32.0/20 maxlen: 24
141.226.48.0/22 maxlen: 24
141.226.52.0/23 maxlen: 24
141.226.54.0/24 maxlen: 24
141.226.56.0/21 maxlen: 24
141.226.64.0/22 maxlen: 24
141.226.68.0/23 maxlen: 24
141.226.70.0/24 maxlen: 24
141.226.72.0/21 maxlen: 24
141.226.144.0/20 maxlen: 24
141.226.144.0/21 maxlen: 21
141.226.152.0/21 maxlen: 21
141.226.160.0/20 maxlen: 24
141.226.160.0/21 maxlen: 21
141.226.160.0/22 maxlen: 22
141.226.168.0/21 maxlen: 21
141.226.176.0/21 maxlen: 24
188.120.128.0/19 maxlen: 24
2a02:ed0::/29 maxlen: 29
2a02:ed0::/32 maxlen: 48
2a02:ed1::/32 maxlen: 32
2a02:ed2::/32 maxlen: 32
2a02:ed2::/40 maxlen: 48
2a02:ed3::/32 maxlen: 48
2a02:ed5::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:74:f7:5a:49:a9:5f:c2:10:1b:60:d7:85:00:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4c0aa7b3e3cbff88262add92b339e35051ce1a0
Validity
Not Before: Jan 2 11:49:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c78c7bb492f5bd6833bd8c3659e0440773b0fb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:99:f8:48:65:b1:4a:7d:93:57:94:9a:51:b2:
45:9b:21:6a:6a:0d:2e:ab:38:e0:70:a2:84:70:87:
9b:cc:b3:59:7e:b0:af:98:43:6e:ae:74:56:c1:a9:
92:25:f8:5d:53:ea:97:fd:7b:6c:e1:95:42:ba:39:
ba:ab:da:5b:94:e5:b5:5f:65:65:a6:08:a4:c4:7c:
40:88:10:b4:57:a7:d0:dd:14:9b:27:a0:a1:80:8f:
3b:78:38:3b:2a:f1:d9:05:d3:6a:ec:e4:d4:49:0c:
e5:9a:e8:b3:3a:8d:a8:7c:c5:38:35:1e:53:cc:a3:
f7:99:2a:3b:40:ab:1e:16:de:d8:1d:f5:3c:66:8f:
20:a7:b7:bf:e6:3d:35:21:eb:a1:5c:80:d2:b9:13:
50:be:04:6a:96:04:c7:c6:96:12:9b:4b:0d:0e:16:
02:85:87:f6:e4:e4:51:20:01:e1:bd:6e:d5:4c:87:
60:7c:76:21:3c:63:7b:51:69:6c:a4:d3:61:78:dc:
44:0a:c0:37:4a:c9:43:a9:e4:5f:14:0a:b4:e6:40:
d8:fb:11:05:e4:50:26:55:82:2a:eb:d7:fe:e0:c5:
88:d9:a3:b6:47:3e:ae:36:77:1d:19:95:ab:b3:83:
d3:40:f1:85:28:2c:67:26:40:17:aa:35:8b:5b:c0:
38:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:78:C7:BB:49:2F:5B:D6:83:3B:D8:C3:65:9E:04:40:77:3B:0F:B2
X509v3 Authority Key Identifier:
keyid:F4:C0:AA:7B:3E:3C:BF:F8:82:62:AD:D9:2B:33:9E:35:05:1C:E1:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9MCqez48v_iCYq3ZKzOeNQUc4aA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/9e2b1a-163b-4854-961a-ea75ddf47b4a/1/DHjHu0kvW9aDO9jDZZ4EQHc7D7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/9e2b1a-163b-4854-961a-ea75ddf47b4a/1/9MCqez48v_iCYq3ZKzOeNQUc4aA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.192.0/18
31.210.176.0/20
37.46.32.0/20
91.205.152.0/22
94.230.80.0/20
141.226.0.0-141.226.54.255
141.226.56.0-141.226.70.255
141.226.72.0/21
141.226.144.0-141.226.183.255
188.120.128.0/19
IPv6:
2a02:ed0::/29
Signature Algorithm: sha256WithRSAEncryption
4c:18:6a:4c:50:22:3a:81:ed:3a:95:56:0c:b6:34:4a:9d:9b:
6e:90:12:f7:a7:2d:1d:d3:6a:d1:8e:53:5a:a9:15:4d:57:7c:
52:fe:d2:b6:41:0f:14:1c:9b:d3:df:55:f0:20:4f:23:09:0c:
6b:fa:8f:43:df:ca:e0:c4:74:d4:bb:94:36:1c:24:e8:c7:15:
33:ed:10:27:e4:e8:db:67:28:b1:38:66:e6:f0:19:af:2d:18:
2c:9f:33:d7:1c:a0:19:ca:fd:be:ab:cb:11:53:92:fe:dd:8c:
0d:bb:fd:98:77:c9:b7:e8:91:8b:bd:97:96:d3:91:bf:bf:94:
41:c2:b0:d5:27:5c:23:4a:53:a2:f2:eb:39:64:c4:23:e5:e9:
11:84:26:f5:38:c5:ae:e7:c2:b0:c9:05:a1:32:1d:8d:63:22:
06:fc:9e:a9:aa:57:ac:1e:c0:1b:6e:0a:90:4f:dd:e6:c6:f2:
8b:83:68:ad:02:7d:a6:8e:21:df:cf:23:5d:20:cf:aa:21:a1:
b3:61:d6:71:16:a0:98:72:8d:97:b6:13:3d:11:9f:fd:78:d5:
87:91:f6:fe:b4:2f:d6:b5:49:03:9d:21:3d:11:d0:7e:5d:4b:
24:0f:7c:d4:61:f2:74:7f:73:21:2f:3f:ba:e6:b5:bd:59:0d:
95:c8:43:e3
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZQm2XT3WkmpX8IQG2DXhQDFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YzBhYTdiM2UzY2JmZjg4MjYyYWRkOTJiMzM5ZTM1MDUx
Y2UxYTAwHhcNMjUwMTAyMTE0OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzc4YzdiYjQ5MmY1YmQ2ODMzYmQ4YzM2NTllMDQ0MDc3M2IwZmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpn4SGWxSn2TV5SaUbJFmyFqag0u
qzjgcKKEcIebzLNZfrCvmENurnRWwamSJfhdU+qX/Xts4ZVCujm6q9pblOW1X2Vl
pgikxHxAiBC0V6fQ3RSbJ6ChgI87eDg7KvHZBdNq7OTUSQzlmuizOo2ofMU4NR5T
zKP3mSo7QKseFt7YHfU8Zo8gp7e/5j01IeuhXIDSuRNQvgRqlgTHxpYSm0sNDhYC
hYf25ORRIAHhvW7VTIdgfHYhPGN7UWlspNNheNxECsA3SslDqeRfFAq05kDY+xEF
5FAmVYIq69f+4MWI2aO2Rz6uNncdGZWrs4PTQPGFKCxnJkAXqjWLW8A4XwIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFAx4x7tJL1vWgzvYw2WeBEB3Ow+yMB8GA1UdIwQY
MBaAFPTAqns+PL/4gmKt2SsznjUFHOGgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU1DcWV6NDh2X2lDWXEzWkt6T2VOUVVjNGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS85ZTJiMWEtMTYzYi00ODU0LTk2MWEt
ZWE3NWRkZjQ3YjRhLzEvREhqSHUwa3ZXOWFETzlqRFpaNEVRSGM3RDdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS85ZTJiMWEtMTYzYi00ODU0LTk2MWEtZWE3NWRkZjQ3YjRh
LzEvOU1DcWV6NDh2X2lDWXEzWkt6T2VOUVVjNGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBZBAIAATBTAwQGBWbAAwQE
H9KwAwQEJS4gAwQCW82YAwQEXuZQMAsDAwGN4gMEAI3iNjAMAwQDjeI4AwQAjeJG
AwQDjeJIMAwDBASN4pADBAON4rADBAW8eIAwDQQCAAIwBwMFAyoCDtAwDQYJKoZI
hvcNAQELBQADggEBAEwYakxQIjqB7TqVVgy2NEqdm26QEvenLR3TatGOU1qpFU1X
fFL+0rZBDxQcm9PfVfAgTyMJDGv6j0PfyuDEdNS7lDYcJOjHFTPtECfk6NtnKLE4
ZubwGa8tGCyfM9ccoBnK/b6ryxFTkv7djA27/Zh3ybfokYu9l5bTkb+/lEHCsNUn
XCNKU6Ly6zlkxCPl6RGEJvU4xa7nwrDJBaEyHY1jIgb8nqmqV6wewBtuCpBP3ebG
8ouDaK0CfaaOId/PI10gz6ohobNh1nEWoJhyjZe2Ez0Rn/141YeR9v60L9a1SQOd
IT0R0H5dSyQPfNRh8nR/cyEvP7rmtb1ZDZXIQ+M=
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:29:32 2025 by rpki-client