Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/ZobwuQJlyfTBHn_a7YG93r8zB-c.roa
File: ZobwuQJlyfTBHn_a7YG93r8zB-c.roa (raw, json)
Hash identifier: OuGiwc5e7Uh2SsaOmHGGMAe9pQSfXZsNsX2xOuLeEXY=
Subject key identifier: 66:86:F0:B9:02:65:C9:F4:C1:1E:7F:DA:ED:81:BD:DE:BF:33:07:E7
Certificate issuer: /CN=add353933674a5608f6d1ee2dab4f64c8bff8f39
Certificate serial: 0194282340F656AD040415C2435686553A1E
Authority key identifier: AD:D3:53:93:36:74:A5:60:8F:6D:1E:E2:DA:B4:F6:4C:8B:FF:8F:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/ZobwuQJlyfTBHn_a7YG93r8zB-c.roa
Signing time: Thu 02 Jan 2025 17:49:46 +0000
ROA not before: Thu 02 Jan 2025 17:49:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8851
IP address blocks: 91.84.0.0/18 maxlen: 18
91.84.128.0/17 maxlen: 17
91.85.32.0/19 maxlen: 19
91.85.64.0/18 maxlen: 18
91.85.128.0/19 maxlen: 19
91.85.192.0/18 maxlen: 18
194.46.36.0/24 maxlen: 24
194.46.37.0/24 maxlen: 24
194.46.39.0/24 maxlen: 24
194.46.40.0/24 maxlen: 24
194.46.41.0/24 maxlen: 24
194.46.43.0/24 maxlen: 24
194.46.44.0/24 maxlen: 24
194.46.45.0/24 maxlen: 24
194.46.46.0/24 maxlen: 24
194.46.48.0/21 maxlen: 21
194.46.56.0/24 maxlen: 24
194.46.61.0/24 maxlen: 24
194.46.64.0/22 maxlen: 22
194.46.68.0/23 maxlen: 23
194.46.72.0/22 maxlen: 22
194.46.76.0/23 maxlen: 23
194.46.78.0/24 maxlen: 24
194.46.80.0/23 maxlen: 23
194.46.81.0/24 maxlen: 24
194.46.82.0/24 maxlen: 24
212.104.129.0/24 maxlen: 24
212.104.130.0/24 maxlen: 24
212.104.132.0/24 maxlen: 24
212.104.136.0/24 maxlen: 24
212.104.143.0/24 maxlen: 24
212.104.149.0/24 maxlen: 24
212.104.150.0/24 maxlen: 24
212.104.152.0/24 maxlen: 24
212.104.155.0/24 maxlen: 24
212.104.156.0/24 maxlen: 24
212.104.159.0/24 maxlen: 24
212.108.80.0/23 maxlen: 23
212.108.84.0/24 maxlen: 24
212.108.88.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:40:f6:56:ad:04:04:15:c2:43:56:86:55:3a:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=add353933674a5608f6d1ee2dab4f64c8bff8f39
Validity
Not Before: Jan 2 17:49:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6686f0b90265c9f4c11e7fdaed81bddebf3307e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c0:74:31:b0:e3:6e:7b:97:69:46:ed:70:39:
4f:50:31:8d:d4:a0:51:d6:33:22:b5:c6:13:43:fb:
13:b3:40:10:e7:9d:21:ec:85:a5:a3:b6:35:d7:8c:
c8:04:02:0b:ad:09:7b:7b:02:b8:e8:38:8c:6a:69:
6d:02:fe:74:86:49:d1:0c:fc:92:36:ae:1c:f5:af:
b7:a1:36:94:5a:26:39:d1:f7:3b:ba:9b:4d:81:f8:
e9:a9:f6:e4:d5:02:97:58:7a:e5:bc:18:ef:26:e9:
51:b0:41:0e:13:f6:98:ad:eb:69:53:f4:98:bc:84:
c4:38:31:77:bc:2b:44:0f:97:ea:77:6c:77:9f:fa:
82:ef:17:48:98:77:99:78:98:1b:be:bc:8d:53:63:
0c:d3:99:f0:cb:48:09:7e:2a:47:32:af:5b:28:49:
af:76:11:8f:07:72:5f:d3:ec:b7:e3:61:a5:c3:74:
a5:9b:e7:67:1f:ee:4d:c8:05:c4:22:d5:ea:a5:5b:
92:ac:e8:88:e4:b7:ca:ad:60:32:f1:e5:e0:63:37:
33:70:70:46:25:c7:16:e1:74:60:9b:e5:96:ee:50:
50:20:e1:9a:92:ca:bd:8e:44:6e:e4:bd:59:04:08:
af:ef:1d:56:fd:98:ad:e6:ee:8b:5f:08:0e:61:a9:
34:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:86:F0:B9:02:65:C9:F4:C1:1E:7F:DA:ED:81:BD:DE:BF:33:07:E7
X509v3 Authority Key Identifier:
keyid:AD:D3:53:93:36:74:A5:60:8F:6D:1E:E2:DA:B4:F6:4C:8B:FF:8F:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/ZobwuQJlyfTBHn_a7YG93r8zB-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.84.0.0/18
91.84.128.0/17
91.85.32.0-91.85.159.255
91.85.192.0/18
194.46.36.0/23
194.46.39.0-194.46.41.255
194.46.43.0-194.46.46.255
194.46.48.0-194.46.56.255
194.46.61.0/24
194.46.64.0-194.46.69.255
194.46.72.0-194.46.78.255
194.46.80.0-194.46.82.255
212.104.129.0-212.104.130.255
212.104.132.0/24
212.104.136.0/24
212.104.143.0/24
212.104.149.0-212.104.150.255
212.104.152.0/24
212.104.155.0-212.104.156.255
212.104.159.0/24
212.108.80.0/23
212.108.84.0/24
212.108.88.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:a0:2d:bd:05:a5:97:d7:e6:84:c6:bb:9c:17:5f:b6:02:94:
4c:d7:6a:0a:d4:c2:5a:01:b4:06:f5:0c:73:80:fd:36:c2:30:
ab:36:e7:76:45:47:4a:2b:e2:a9:fd:96:62:69:21:df:51:29:
49:b7:37:a6:2d:3a:91:0e:c8:0b:af:f3:78:b9:9b:41:bc:3c:
c4:f8:dc:5a:f8:35:cb:2f:50:6e:8b:1c:06:45:af:ce:a3:c5:
e1:73:a1:d9:86:6a:94:c3:8e:be:f8:38:37:0c:63:8c:60:c3:
f5:43:c9:a5:b4:7b:4c:39:b7:51:39:7e:dc:e2:17:00:e5:83:
47:3b:89:6f:32:5e:79:6c:50:cd:62:2c:88:15:44:58:3e:4c:
9a:83:cb:6f:07:39:76:2b:dd:3e:71:7e:9a:6d:81:7e:65:c8:
74:95:79:b6:84:7e:53:a0:bd:6c:e8:e5:12:62:3e:41:59:cf:
ae:9a:bb:32:02:db:1e:7c:75:4a:f8:2d:ec:c2:9b:7f:06:33:
6f:1c:11:e1:3d:5d:56:2a:de:85:76:11:fa:6a:a4:f0:51:8b:
09:32:6e:80:99:6f:2e:cb:36:62:06:fb:c1:eb:83:59:fb:cb:
59:7a:f9:a7:8c:3c:08:34:10:7c:1d:25:5c:db:5e:a7:fc:72:
c0:08:7e:e4
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAZQoI0D2Vq0EBBXCQ1aGVToeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZDM1MzkzMzY3NGE1NjA4ZjZkMWVlMmRhYjRmNjRjOGJm
ZjhmMzkwHhcNMjUwMTAyMTc0OTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Njg2ZjBiOTAyNjVjOWY0YzExZTdmZGFlZDgxYmRkZWJmMzMwN2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8B0MbDjbnuXaUbtcDlPUDGN1KBR
1jMitcYTQ/sTs0AQ550h7IWlo7Y114zIBAILrQl7ewK46DiMamltAv50hknRDPyS
Nq4c9a+3oTaUWiY50fc7uptNgfjpqfbk1QKXWHrlvBjvJulRsEEOE/aYretpU/SY
vITEODF3vCtED5fqd2x3n/qC7xdImHeZeJgbvryNU2MM05nwy0gJfipHMq9bKEmv
dhGPB3Jf0+y342Glw3Slm+dnH+5NyAXEItXqpVuSrOiI5LfKrWAy8eXgYzczcHBG
JccW4XRgm+WW7lBQIOGaksq9jkRu5L1ZBAiv7x1W/Zit5u6LXwgOYak0kQIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFGaG8LkCZcn0wR5/2u2Bvd6/MwfnMB8GA1UdIwQY
MBaAFK3TU5M2dKVgj20e4tq09kyL/485MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmROVGt6WjBwV0NQYlI3aTJyVDJUSXZfanprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy80OGI0MDctNmQ5NC00OWFlLWEzZDgt
NzJjODMxMjg3NjFiLzEvWm9id3VRSmx5ZlRCSG5fYTdZRzkzcjh6Qi1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy80OGI0MDctNmQ5NC00OWFlLWEzZDgtNzJjODMxMjg3NjFi
LzEvcmROVGt6WjBwV0NQYlI3aTJyVDJUSXZfanprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH3BggrBgEFBQcBBwEB/wSB5zCB5DCB4QQCAAEwgdoDBAZb
VAADBAdbVIAwDAMEBVtVIAMEBVtVgAMEBltVwAMEAcIuJDAMAwQAwi4nAwQBwi4o
MAwDBADCLisDBADCLi4wDAMEBMIuMAMEAMIuOAMEAMIuPTAMAwQGwi5AAwQBwi5E
MAwDBAPCLkgDBADCLk4wDAMEBMIuUAMEAMIuUjAMAwQA1GiBAwQA1GiCAwQA1GiE
AwQA1GiIAwQA1GiPMAwDBADUaJUDBADUaJYDBADUaJgwDAMEANRomwMEANRonAME
ANRonwMEAdRsUAMEANRsVAMEAdRsWDANBgkqhkiG9w0BAQsFAAOCAQEAfKAtvQWl
l9fmhMa7nBdftgKUTNdqCtTCWgG0BvUMc4D9NsIwqzbndkVHSiviqf2WYmkh31Ep
Sbc3pi06kQ7IC6/zeLmbQbw8xPjcWvg1yy9QboscBkWvzqPF4XOh2YZqlMOOvvg4
NwxjjGDD9UPJpbR7TDm3UTl+3OIXAOWDRzuJbzJeeWxQzWIsiBVEWD5MmoPLbwc5
divdPnF+mm2BfmXIdJV5toR+U6C9bOjlEmI+QVnPrpq7MgLbHnx1Svgt7MKbfwYz
bxwR4T1dVirehXYR+mqk8FGLCTJugJlvLss2Ygb7weuDWfvLWXr5p4w8CDQQfB0l
XNtep/xywAh+5A==
-----END CERTIFICATE-----
Generated at Sat Apr 26 02:51:26 2025 by rpki-client