Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/lNeJnJbO7-3zT_tcMKpIQqsSQHQ.roa
File: lNeJnJbO7-3zT_tcMKpIQqsSQHQ.roa (raw, json)
Hash identifier: MR8D7WJp8Yg1hGjMZC22/bNaunX/gz3a5HIEE7W4DL4=
Subject key identifier: 94:D7:89:9C:96:CE:EF:ED:F3:4F:FB:5C:30:AA:48:42:AB:12:40:74
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 01941FFA4BB37E904C5005DD1D3E5CC9E721
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/lNeJnJbO7-3zT_tcMKpIQqsSQHQ.roa
Signing time: Wed 01 Jan 2025 03:48:04 +0000
ROA not before: Wed 01 Jan 2025 03:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21341
IP address blocks: 62.220.96.0/21 maxlen: 24
62.220.104.0/21 maxlen: 24
62.220.120.0/22 maxlen: 22
62.220.124.0/23 maxlen: 23
81.12.8.0/22 maxlen: 22
81.12.12.0/22 maxlen: 22
81.12.16.0/21 maxlen: 21
81.12.48.0/22 maxlen: 24
81.12.58.0/24 maxlen: 24
81.12.59.0/24 maxlen: 24
87.107.0.0/21 maxlen: 24
87.107.24.0/22 maxlen: 22
87.107.34.0/23 maxlen: 23
87.107.40.0/24 maxlen: 24
87.107.41.0/24 maxlen: 24
87.107.42.0/23 maxlen: 23
87.107.50.0/23 maxlen: 24
87.107.51.0/24 maxlen: 24
87.107.52.0/23 maxlen: 23
87.107.68.0/22 maxlen: 24
87.107.88.0/22 maxlen: 22
87.107.96.0/22 maxlen: 24
87.107.106.0/23 maxlen: 24
87.107.112.0/22 maxlen: 24
87.107.116.0/23 maxlen: 23
87.107.120.0/21 maxlen: 24
87.107.128.0/22 maxlen: 22
87.107.132.0/22 maxlen: 23
87.107.132.0/23 maxlen: 24
87.107.168.0/22 maxlen: 24
87.107.173.0/24 maxlen: 24
87.107.232.0/24 maxlen: 24
185.60.136.0/24 maxlen: 24
185.60.137.0/24 maxlen: 24
185.60.138.0/24 maxlen: 24
185.60.139.0/24 maxlen: 24
2a00:1198::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:4b:b3:7e:90:4c:50:05:dd:1d:3e:5c:c9:e7:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jan 1 03:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94d7899c96ceefedf34ffb5c30aa4842ab124074
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:2e:0d:ab:93:06:70:3d:e9:d3:41:91:a9:41:
cf:45:1d:c7:00:76:f1:ed:e4:fa:7d:10:9c:3b:49:
2a:4c:36:9f:30:ce:4f:67:c7:9c:d3:7c:3a:b4:91:
be:a9:24:ec:ec:b9:9c:64:6a:52:6c:25:7f:30:cb:
ca:cb:c7:ad:66:d9:2d:b0:e6:32:bb:f0:6d:db:2a:
40:0e:e1:66:59:35:17:c2:3d:20:bc:46:98:42:09:
14:be:8b:3b:0d:35:b4:a5:cd:ae:79:1c:c1:11:92:
2c:0b:f1:0e:22:09:93:09:07:bb:87:bd:64:30:b4:
27:a1:f0:90:d2:02:32:df:d5:7b:ea:41:21:3d:71:
b7:63:6c:e9:3e:63:3c:a3:5d:2d:4c:50:83:90:5e:
6f:76:4c:1d:5f:ad:4c:78:e0:a7:c7:f1:cb:2e:d7:
43:80:1a:b7:79:82:fc:a3:cd:22:44:36:d9:ec:e7:
8b:60:ed:18:b2:42:0b:c7:dd:bc:6f:27:19:9c:9d:
be:07:9b:3d:2e:23:b2:6a:e9:11:63:3b:66:bc:0d:
49:ec:ab:6a:9e:a6:f5:b8:fe:4c:f5:4b:ff:05:e9:
a1:80:21:4d:fe:2a:e6:ec:d9:80:37:ed:80:81:3b:
d1:35:51:1f:19:9f:7c:81:8d:03:69:c8:4a:27:25:
24:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:D7:89:9C:96:CE:EF:ED:F3:4F:FB:5C:30:AA:48:42:AB:12:40:74
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/lNeJnJbO7-3zT_tcMKpIQqsSQHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.96.0/20
62.220.120.0-62.220.125.255
81.12.8.0-81.12.23.255
81.12.48.0/22
81.12.58.0/23
87.107.0.0/21
87.107.24.0/22
87.107.34.0/23
87.107.40.0/22
87.107.50.0-87.107.53.255
87.107.68.0/22
87.107.88.0/22
87.107.96.0/22
87.107.106.0/23
87.107.112.0-87.107.117.255
87.107.120.0-87.107.135.255
87.107.168.0/22
87.107.173.0/24
87.107.232.0/24
185.60.136.0/22
IPv6:
2a00:1198::/32
Signature Algorithm: sha256WithRSAEncryption
0c:a8:a4:b7:d6:33:d4:a7:24:2f:04:cd:bd:e8:96:13:21:70:
c7:e6:b6:12:a0:ff:7f:34:28:c8:b0:ed:ea:72:52:53:5d:34:
a0:45:45:ca:7d:7e:1d:6c:a6:73:e8:ff:3e:59:d7:3f:c5:bf:
94:63:27:66:68:e4:ed:08:1f:85:18:ec:99:9a:0d:9b:c4:4b:
a5:dd:b1:13:34:5b:09:a9:16:9a:7d:03:66:a3:80:c9:47:ea:
f8:1a:35:b5:08:ce:59:cf:0a:9f:75:ea:db:e0:10:4b:a9:38:
b8:40:e5:9a:0b:3c:1a:26:ae:f3:fb:71:25:88:b2:d6:11:76:
77:1d:fe:91:3a:ed:c9:df:90:cb:87:16:14:9c:df:51:c7:b9:
e4:b7:02:26:1d:06:cd:83:ec:88:e2:db:89:3a:52:d8:2c:1c:
af:5f:f1:3c:73:60:d3:be:31:84:e5:0b:5f:52:fd:23:24:51:
19:86:51:11:15:bb:92:c7:3f:c8:8a:b4:c4:5e:6e:92:f6:a5:
d9:9c:fb:a4:67:b5:80:b5:1d:64:de:b5:9e:12:40:ec:05:e0:
39:bb:04:53:84:f2:f6:f2:61:e9:b8:fa:d0:ce:25:d9:d9:1b:
3b:f8:a0:13:16:dd:bc:3d:34:f3:48:63:4c:bc:a6:59:93:d5:
4e:9c:d0:70
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgISAZQf+kuzfpBMUAXdHT5cyechMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjUwMTAxMDM0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGQ3ODk5Yzk2Y2VlZmVkZjM0ZmZiNWMzMGFhNDg0MmFiMTI0MDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2i4Nq5MGcD3p00GRqUHPRR3HAHbx
7eT6fRCcO0kqTDafMM5PZ8ec03w6tJG+qSTs7LmcZGpSbCV/MMvKy8etZtktsOYy
u/Bt2ypADuFmWTUXwj0gvEaYQgkUvos7DTW0pc2ueRzBEZIsC/EOIgmTCQe7h71k
MLQnofCQ0gIy39V76kEhPXG3Y2zpPmM8o10tTFCDkF5vdkwdX61MeOCnx/HLLtdD
gBq3eYL8o80iRDbZ7OeLYO0YskILx928bycZnJ2+B5s9LiOyaukRYztmvA1J7Ktq
nqb1uP5M9Uv/BemhgCFN/irm7NmAN+2AgTvRNVEfGZ98gY0DachKJyUkowIDAQAB
o4ICtzCCArMwHQYDVR0OBBYEFJTXiZyWzu/t80/7XDCqSEKrEkB0MB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvbE5lSm5KYk83LTN6VF90Y01LcElRcXNTUUhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHMBggrBgEFBQcBBwEB/wSBvDCBuTCBpwQCAAEwgaADBAQ+
3GAwDAMEAz7ceAMEAT7cfDAMAwQDUQwIAwQDUQwQAwQCUQwwAwQBUQw6AwQDV2sA
AwQCV2sYAwQBV2siAwQCV2soMAwDBAFXazIDBAFXazQDBAJXa0QDBAJXa1gDBAJX
a2ADBAFXa2owDAMEBFdrcAMEAVdrdDAMAwQDV2t4AwQDV2uAAwQCV2uoAwQAV2ut
AwQAV2voAwQCuTyIMA0EAgACMAcDBQAqABGYMA0GCSqGSIb3DQEBCwUAA4IBAQAM
qKS31jPUpyQvBM296JYTIXDH5rYSoP9/NCjIsO3qclJTXTSgRUXKfX4dbKZz6P8+
Wdc/xb+UYydmaOTtCB+FGOyZmg2bxEul3bETNFsJqRaafQNmo4DJR+r4GjW1CM5Z
zwqfderb4BBLqTi4QOWaCzwaJq7z+3EliLLWEXZ3Hf6ROu3J35DLhxYUnN9Rx7nk
twImHQbNg+yI4tuJOlLYLByvX/E8c2DTvjGE5QtfUv0jJFEZhlERFbuSxz/IirTE
Xm6S9qXZnPukZ7WAtR1k3rWeEkDsBeA5uwRThPL28mHpuPrQziXZ2Rs7+KATFt28
PTTzSGNMvKZZk9VOnNBw
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:34:38 2025 by rpki-client