Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/GYkYwSyMjSff2hGRE7TeYNMjHAA.roa
File: GYkYwSyMjSff2hGRE7TeYNMjHAA.roa (raw, json)
Hash identifier: L63ZPeMKf3x9Sz6aPgJwaNunh2cW66rmUBDYxNx9F1E=
Subject key identifier: 19:89:18:C1:2C:8C:8D:27:DF:DA:11:91:13:B4:DE:60:D3:23:1C:00
Certificate issuer: /CN=408025c7de0400e0f3c88d4a122a317e32c5e21c
Certificate serial: 019428271F541A030B22B372789247A1EEFC
Authority key identifier: 40:80:25:C7:DE:04:00:E0:F3:C8:8D:4A:12:2A:31:7E:32:C5:E2:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIAlx94EAODzyI1KEioxfjLF4hw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/GYkYwSyMjSff2hGRE7TeYNMjHAA.roa
Signing time: Thu 02 Jan 2025 17:54:00 +0000
ROA not before: Thu 02 Jan 2025 17:54:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44515
IP address blocks: 82.221.0.0/17 maxlen: 17
82.221.0.0/21 maxlen: 21
82.221.22.0/24 maxlen: 24
82.221.28.0/24 maxlen: 24
82.221.46.0/23 maxlen: 23
82.221.64.0/22 maxlen: 22
82.221.68.0/22 maxlen: 22
82.221.80.0/21 maxlen: 21
82.221.80.0/24 maxlen: 24
82.221.81.0/24 maxlen: 24
82.221.84.0/24 maxlen: 24
82.221.88.0/22 maxlen: 22
82.221.92.0/22 maxlen: 22
82.221.161.0/24 maxlen: 24
82.221.162.0/24 maxlen: 24
82.221.165.0/24 maxlen: 24
82.221.166.0/24 maxlen: 24
212.30.224.0/19 maxlen: 19
212.30.229.0/24 maxlen: 24
212.30.242.0/24 maxlen: 24
2a02:f48::/40 maxlen: 40
2a02:f48:2100::/40 maxlen: 40
2a02:f48:2104::/48 maxlen: 48
2a02:f48:2105::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:1f:54:1a:03:0b:22:b3:72:78:92:47:a1:ee:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408025c7de0400e0f3c88d4a122a317e32c5e21c
Validity
Not Before: Jan 2 17:54:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=198918c12c8c8d27dfda119113b4de60d3231c00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b4:c8:00:1d:4a:10:b1:7c:e0:a1:5d:08:b3:
d2:fb:ba:69:8d:c3:87:d0:99:11:a0:15:8c:a7:47:
c8:70:90:56:77:25:f0:80:e3:8c:51:8a:4a:76:f0:
2f:be:09:2a:6f:33:e9:ed:02:00:bf:17:23:90:f6:
2d:54:7b:e9:ef:b6:7f:ec:80:de:0c:fe:fc:32:da:
23:c8:31:bf:37:ab:c5:92:64:1c:0e:e8:80:0a:3d:
32:88:80:1b:e5:22:f0:24:e1:07:a6:4b:f4:23:85:
0f:04:51:27:1a:ae:58:9b:07:f4:bb:71:78:ae:f9:
6e:27:89:b1:90:4e:d9:b5:ad:b3:c7:9c:7f:16:b7:
06:c9:15:d5:38:cc:c1:90:c4:62:4a:74:38:64:e0:
ed:d2:48:ab:31:3d:36:2d:dc:78:a8:15:ce:a3:28:
fb:f1:6f:1a:7b:26:85:56:ec:fa:41:55:0e:03:38:
68:63:c5:d9:86:2b:5c:ac:7e:8e:68:bf:11:59:56:
e2:5a:18:1b:09:4d:33:1d:bf:46:74:90:7c:6d:3c:
23:d3:0c:6f:4d:02:c8:86:e1:66:ca:57:5c:06:50:
7c:c5:8f:ff:2b:21:4e:b0:d2:df:17:1f:9b:3a:03:
81:6d:37:c8:76:2f:85:0d:2b:1d:71:70:43:f3:76:
b1:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:89:18:C1:2C:8C:8D:27:DF:DA:11:91:13:B4:DE:60:D3:23:1C:00
X509v3 Authority Key Identifier:
keyid:40:80:25:C7:DE:04:00:E0:F3:C8:8D:4A:12:2A:31:7E:32:C5:E2:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIAlx94EAODzyI1KEioxfjLF4hw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/GYkYwSyMjSff2hGRE7TeYNMjHAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/QIAlx94EAODzyI1KEioxfjLF4hw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.221.0.0/17
82.221.161.0-82.221.162.255
82.221.165.0-82.221.166.255
212.30.224.0/19
IPv6:
2a02:f48::/40
2a02:f48:2100::/40
Signature Algorithm: sha256WithRSAEncryption
9c:fd:ba:ef:d3:4b:04:d1:81:0e:0b:cf:96:ab:45:15:fc:27:
7b:ea:42:02:66:22:f5:a3:a7:56:4c:d9:ae:e4:03:0d:20:bf:
98:78:44:40:79:49:30:45:c7:f6:ea:fa:3a:e4:42:fd:69:77:
64:69:ec:f2:c8:bd:af:fb:2d:1e:0c:5d:b5:d0:43:45:54:78:
c2:34:9c:5d:d5:d0:6a:87:14:a4:ad:63:3b:aa:ed:e9:ba:10:
e0:42:f3:02:e6:40:b5:f5:fc:e8:51:05:ec:f5:65:c0:97:ba:
4a:13:80:dc:29:97:34:da:cf:53:f4:6d:ee:28:36:34:66:17:
65:d5:dd:b7:86:8f:a3:7b:39:03:7d:16:62:00:93:67:d6:4e:
4a:ce:e1:3c:2f:e3:d7:ef:30:06:93:eb:6c:d2:be:2d:89:1f:
ae:14:5a:c5:e8:ea:f1:30:db:e3:b6:07:7d:26:2d:c6:dc:ba:
07:f6:02:9d:23:df:b0:e8:c1:01:85:4a:68:fb:90:c8:a2:dc:
0a:2b:ac:23:97:cd:60:ce:be:8c:4c:76:d5:67:15:79:d9:0e:
c8:ca:57:06:42:36:b2:2d:c6:56:52:d2:5c:e6:e9:55:a7:6e:
70:16:62:9a:8f:41:c8:97:e5:27:d6:fa:d9:7d:2f:91:bf:c3:
c1:ad:34:f3
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZQoJx9UGgMLIrNyeJJHoe78MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwODAyNWM3ZGUwNDAwZTBmM2M4OGQ0YTEyMmEzMTdlMzJj
NWUyMWMwHhcNMjUwMTAyMTc1NDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTg5MThjMTJjOGM4ZDI3ZGZkYTExOTExM2I0ZGU2MGQzMjMxYzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbTIAB1KELF84KFdCLPS+7ppjcOH
0JkRoBWMp0fIcJBWdyXwgOOMUYpKdvAvvgkqbzPp7QIAvxcjkPYtVHvp77Z/7IDe
DP78MtojyDG/N6vFkmQcDuiACj0yiIAb5SLwJOEHpkv0I4UPBFEnGq5Ymwf0u3F4
rvluJ4mxkE7Zta2zx5x/FrcGyRXVOMzBkMRiSnQ4ZODt0kirMT02Ldx4qBXOoyj7
8W8aeyaFVuz6QVUOAzhoY8XZhitcrH6OaL8RWVbiWhgbCU0zHb9GdJB8bTwj0wxv
TQLIhuFmyldcBlB8xY//KyFOsNLfFx+bOgOBbTfIdi+FDSsdcXBD83axiQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFBmJGMEsjI0n39oRkRO03mDTIxwAMB8GA1UdIwQY
MBaAFECAJcfeBADg88iNShIqMX4yxeIcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlBbHg5NEVBT0R6eUkxS0Vpb3hmakxGNGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy81OTMwM2QtNzQ4YS00Nzk3LTgxMWUt
ZmVlMmU4ZDQwODRmLzEvR1lrWXdTeU1qU2ZmMmhHUkU3VGVZTk1qSEFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy81OTMwM2QtNzQ4YS00Nzk3LTgxMWUtZmVlMmU4ZDQwODRm
LzEvUUlBbHg5NEVBT0R6eUkxS0Vpb3hmakxGNGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAuBAIAATAoAwQHUt0AMAwD
BABS3aEDBABS3aIwDAMEAFLdpQMEAFLdpgMEBdQe4DAWBAIAAjAQAwYAKgIPSAAD
BgAqAg9IITANBgkqhkiG9w0BAQsFAAOCAQEAnP2679NLBNGBDgvPlqtFFfwne+pC
AmYi9aOnVkzZruQDDSC/mHhEQHlJMEXH9ur6OuRC/Wl3ZGns8si9r/stHgxdtdBD
RVR4wjScXdXQaocUpK1jO6rt6boQ4ELzAuZAtfX86FEF7PVlwJe6ShOA3CmXNNrP
U/Rt7ig2NGYXZdXdt4aPo3s5A30WYgCTZ9ZOSs7hPC/j1+8wBpPrbNK+LYkfrhRa
xejq8TDb47YHfSYtxty6B/YCnSPfsOjBAYVKaPuQyKLcCiusI5fNYM6+jEx21WcV
edkOyMpXBkI2si3GVlLSXObpVaducBZimo9ByJflJ9b62X0vkb/Dwa008w==
-----END CERTIFICATE-----
Generated at Sat Apr 26 00:59:28 2025 by rpki-client