Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/h323ydO3Sd9v2YsN-zcDQa1mrh8.roa
File: h323ydO3Sd9v2YsN-zcDQa1mrh8.roa (raw, json)
Hash identifier: QvKrOv+tpTvsWx2fk3xBAryJLHVIduNpWuaMDmpS6tY=
Subject key identifier: 87:7D:B7:C9:D3:B7:49:DF:6F:D9:8B:0D:FB:37:03:41:AD:66:AE:1F
Certificate issuer: /CN=ca1c7571596e444aa32371cbab724d46d3c3c52c
Certificate serial: 01945FD7E3D95D3DDD23ACEA4460F39384FE
Authority key identifier: CA:1C:75:71:59:6E:44:4A:A3:23:71:CB:AB:72:4D:46:D3:C3:C5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yhx1cVluREqjI3HLq3JNRtPDxSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/h323ydO3Sd9v2YsN-zcDQa1mrh8.roa
Signing time: Mon 13 Jan 2025 13:26:11 +0000
ROA not before: Mon 13 Jan 2025 13:26:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 79.137.184.0/24 maxlen: 24
79.137.194.0/23 maxlen: 23
79.137.196.0/22 maxlen: 22
79.137.202.0/23 maxlen: 23
79.137.204.0/23 maxlen: 23
79.137.206.0/24 maxlen: 24
79.137.207.0/24 maxlen: 24
79.137.248.0/24 maxlen: 24
85.192.24.0/24 maxlen: 24
85.192.25.0/24 maxlen: 24
85.192.26.0/24 maxlen: 24
85.192.27.0/24 maxlen: 24
85.192.28.0/24 maxlen: 24
85.192.29.0/24 maxlen: 24
85.192.31.0/24 maxlen: 24
85.192.37.0/24 maxlen: 24
85.192.38.0/24 maxlen: 24
85.192.40.0/23 maxlen: 23
85.192.42.0/24 maxlen: 24
85.192.56.0/24 maxlen: 24
85.192.60.0/24 maxlen: 24
85.192.61.0/24 maxlen: 24
85.192.63.0/24 maxlen: 24
89.208.96.0/24 maxlen: 24
89.208.97.0/24 maxlen: 24
89.208.103.0/24 maxlen: 24
89.208.104.0/22 maxlen: 22
89.208.113.0/24 maxlen: 24
95.163.152.0/24 maxlen: 24
95.163.153.0/24 maxlen: 24
95.163.176.0/24 maxlen: 24
185.125.100.0/24 maxlen: 24
185.125.101.0/24 maxlen: 24
185.125.102.0/24 maxlen: 24
185.125.103.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5f:d7:e3:d9:5d:3d:dd:23:ac:ea:44:60:f3:93:84:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca1c7571596e444aa32371cbab724d46d3c3c52c
Validity
Not Before: Jan 13 13:26:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=877db7c9d3b749df6fd98b0dfb370341ad66ae1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e1:11:5c:68:c3:eb:65:95:13:05:b6:9f:b3:
ee:2d:19:4b:9a:29:66:d1:0e:c4:ce:55:d9:4e:5d:
80:05:c7:80:d3:6c:77:3f:eb:95:71:c9:ca:94:b7:
44:6e:73:1a:46:00:20:fc:0d:d4:78:c7:66:4f:23:
ba:73:91:6e:58:ca:1a:aa:d3:f8:1e:7b:8c:b1:35:
d5:df:65:79:62:f4:8d:3c:a1:3a:a4:5b:59:9e:73:
af:87:8a:3e:87:ed:0a:d4:ff:df:84:38:15:1a:be:
4b:70:a7:95:d1:ed:a8:fc:d4:6c:a8:bb:8e:7c:06:
9b:a1:5d:80:26:f1:04:e9:86:6b:41:17:8e:ae:1d:
fa:7d:99:91:81:b3:cd:d9:32:ec:fa:b0:81:d9:1a:
05:2e:00:18:e6:4d:ce:b1:28:24:b3:93:d8:03:62:
63:93:9f:d8:f5:2f:c7:58:75:2d:8b:36:94:2c:0b:
6a:b1:3c:5f:cd:cb:d1:86:73:ef:02:03:7a:d9:58:
72:28:8a:08:c9:87:3d:84:b8:5b:c5:bc:27:8f:84:
ec:6f:24:7e:79:c8:70:cc:74:4d:97:04:7e:54:d6:
e0:59:be:c8:bf:69:ab:ba:b6:bf:de:73:12:27:87:
7e:9c:91:4d:20:6b:b4:47:10:98:4f:27:4a:41:18:
a4:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:7D:B7:C9:D3:B7:49:DF:6F:D9:8B:0D:FB:37:03:41:AD:66:AE:1F
X509v3 Authority Key Identifier:
keyid:CA:1C:75:71:59:6E:44:4A:A3:23:71:CB:AB:72:4D:46:D3:C3:C5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yhx1cVluREqjI3HLq3JNRtPDxSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/h323ydO3Sd9v2YsN-zcDQa1mrh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/yhx1cVluREqjI3HLq3JNRtPDxSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.137.184.0/24
79.137.194.0-79.137.199.255
79.137.202.0-79.137.207.255
79.137.248.0/24
85.192.24.0-85.192.29.255
85.192.31.0/24
85.192.37.0-85.192.38.255
85.192.40.0-85.192.42.255
85.192.56.0/24
85.192.60.0/23
85.192.63.0/24
89.208.96.0/23
89.208.103.0-89.208.107.255
89.208.113.0/24
95.163.152.0/23
95.163.176.0/24
185.125.100.0/22
Signature Algorithm: sha256WithRSAEncryption
09:9a:68:42:ce:87:de:ff:a1:17:ad:a7:a9:5c:a1:d8:1a:9f:
9a:c2:d8:98:5c:3a:80:f5:c9:91:e8:ce:40:59:38:d3:7d:fb:
65:c3:e0:82:31:a1:63:5d:a8:35:98:fd:0c:6c:79:a6:3d:d0:
d6:ef:03:a3:52:c9:b9:e2:d5:06:1e:a7:4c:0b:1c:6b:ee:6d:
27:9d:cc:42:13:4c:76:b8:d2:9d:63:3b:ac:50:92:bc:03:38:
fb:0b:ef:bd:fc:4b:a5:29:9d:96:d0:a3:b7:07:a9:11:6e:3e:
41:6c:e4:af:c9:d4:fc:9a:5b:48:8c:49:68:10:33:a0:2e:13:
ad:a6:81:82:63:2d:71:f8:68:cf:c5:bf:b2:56:00:41:d0:3c:
ab:1c:b3:cc:e4:f5:6f:17:04:2c:b6:e7:76:d8:a2:b7:49:dc:
5e:16:03:b0:c1:6b:71:f8:b2:93:e8:f6:9c:28:c2:35:f3:04:
b5:0b:b7:36:73:2e:95:c7:aa:90:ca:9f:fc:81:6f:a3:3a:fd:
92:b6:b7:28:aa:32:ca:9d:b9:cd:28:9b:b1:f3:31:40:be:cf:
b6:b3:c6:3f:c5:45:1a:23:aa:36:e9:0d:f2:7f:eb:21:fc:86:
54:96:cb:51:bf:21:5d:7c:eb:a8:ae:b5:01:42:81:08:15:09:
6c:43:c7:ee
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAZRf1+PZXT3dI6zqRGDzk4T+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWM3NTcxNTk2ZTQ0NGFhMzIzNzFjYmFiNzI0ZDQ2ZDNj
M2M1MmMwHhcNMjUwMTEzMTMyNjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzdkYjdjOWQzYjc0OWRmNmZkOThiMGRmYjM3MDM0MWFkNjZhZTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+ERXGjD62WVEwW2n7PuLRlLmilm
0Q7EzlXZTl2ABceA02x3P+uVccnKlLdEbnMaRgAg/A3UeMdmTyO6c5FuWMoaqtP4
HnuMsTXV32V5YvSNPKE6pFtZnnOvh4o+h+0K1P/fhDgVGr5LcKeV0e2o/NRsqLuO
fAaboV2AJvEE6YZrQReOrh36fZmRgbPN2TLs+rCB2RoFLgAY5k3OsSgks5PYA2Jj
k5/Y9S/HWHUtizaULAtqsTxfzcvRhnPvAgN62VhyKIoIyYc9hLhbxbwnj4TsbyR+
echwzHRNlwR+VNbgWb7Iv2mrura/3nMSJ4d+nJFNIGu0RxCYTydKQRikQwIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFId9t8nTt0nfb9mLDfs3A0GtZq4fMB8GA1UdIwQY
MBaAFMocdXFZbkRKoyNxy6tyTUbTw8UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWh4MWNWbHVSRXFqSTNITHEzSk5SdFBEeFN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zMzYyYzYtYTAzYS00ZjlmLWEwOTEt
Yjc2MmMwMTc1ZjI3LzEvaDMyM3lkTzNTZDl2MllzTi16Y0RRYTFtcmg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zMzYyYzYtYTAzYS00ZjlmLWEwOTEtYjc2MmMwMTc1ZjI3
LzEveWh4MWNWbHVSRXFqSTNITHEzSk5SdFBEeFN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYDBABP
ibgwDAMEAU+JwgMEA0+JwDAMAwQBT4nKAwQET4nAAwQAT4n4MAwDBANVwBgDBAFV
wBwDBABVwB8wDAMEAFXAJQMEAFXAJjAMAwQDVcAoAwQAVcAqAwQAVcA4AwQBVcA8
AwQAVcA/AwQBWdBgMAwDBABZ0GcDBAJZ0GgDBABZ0HEDBAFfo5gDBABfo7ADBAK5
fWQwDQYJKoZIhvcNAQELBQADggEBAAmaaELOh97/oRetp6lcodgan5rC2JhcOoD1
yZHozkBZONN9+2XD4IIxoWNdqDWY/QxseaY90NbvA6NSybni1QYep0wLHGvubSed
zEITTHa40p1jO6xQkrwDOPsL7738S6UpnZbQo7cHqRFuPkFs5K/J1PyaW0iMSWgQ
M6AuE62mgYJjLXH4aM/Fv7JWAEHQPKscs8zk9W8XBCy253bYordJ3F4WA7DBa3H4
spPo9pwowjXzBLULtzZzLpXHqpDKn/yBb6M6/ZK2tyiqMsqduc0om7HzMUC+z7az
xj/FRRojqjbpDfJ/6yH8hlSWy1G/IV1866iutQFCgQgVCWxDx+4=
-----END CERTIFICATE-----
Generated at Fri Apr 25 15:00:59 2025 by rpki-client