Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/63KLq4xWCCCiZXA-wVIdQJ4PdKc.roa
File: 63KLq4xWCCCiZXA-wVIdQJ4PdKc.roa (raw, json)
Hash identifier: WWbZVpPXaQ4lgKGhfzlX90xgl3LD+KyLy9eYy0r99WI=
Subject key identifier: EB:72:8B:AB:8C:56:08:20:A2:65:70:3E:C1:52:1D:40:9E:0F:74:A7
Certificate issuer: /CN=df8877f3c55b528e1a29db3d79920656f0c66aeb
Certificate serial: 0194221FAE3624F96DAAD9BFBF8C0024C624
Authority key identifier: DF:88:77:F3:C5:5B:52:8E:1A:29:DB:3D:79:92:06:56:F0:C6:6A:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/34h388VbUo4aKds9eZIGVvDGaus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/63KLq4xWCCCiZXA-wVIdQJ4PdKc.roa
Signing time: Wed 01 Jan 2025 13:48:09 +0000
ROA not before: Wed 01 Jan 2025 13:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21183
IP address blocks: 66.186.198.0/23 maxlen: 24
80.78.64.0/20 maxlen: 20
91.132.172.0/22 maxlen: 22
109.69.0.0/21 maxlen: 21
109.69.0.0/24 maxlen: 24
109.69.1.0/24 maxlen: 24
109.69.2.0/24 maxlen: 24
109.69.3.0/24 maxlen: 24
109.69.4.0/23 maxlen: 23
109.69.5.0/24 maxlen: 24
109.69.6.0/24 maxlen: 24
109.69.7.0/24 maxlen: 24
141.98.140.0/22 maxlen: 24
185.62.174.0/23 maxlen: 23
185.200.212.0/22 maxlen: 22
217.73.128.0/20 maxlen: 20
217.73.128.0/24 maxlen: 24
217.73.129.0/24 maxlen: 24
217.73.130.0/24 maxlen: 24
217.73.131.0/24 maxlen: 24
217.73.132.0/24 maxlen: 24
217.73.133.0/24 maxlen: 24
217.73.135.0/24 maxlen: 24
217.73.136.0/24 maxlen: 24
217.73.137.0/24 maxlen: 24
217.73.138.0/24 maxlen: 24
217.73.139.0/24 maxlen: 24
217.73.141.0/24 maxlen: 24
217.73.142.0/24 maxlen: 24
217.73.143.0/24 maxlen: 24
2a04:eb40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ae:36:24:f9:6d:aa:d9:bf:bf:8c:00:24:c6:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df8877f3c55b528e1a29db3d79920656f0c66aeb
Validity
Not Before: Jan 1 13:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb728bab8c560820a265703ec1521d409e0f74a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:54:94:e9:17:cb:2f:aa:68:97:52:79:8d:c8:
05:3a:ae:ee:16:3a:2f:c0:46:40:21:4c:d7:37:c7:
6d:23:ee:26:80:a7:4b:54:74:c9:97:4e:b9:6c:cf:
a4:0b:a7:ea:a7:30:ca:5a:7c:ef:5c:85:a6:b6:bf:
ca:1d:54:2f:13:80:fb:2b:21:2e:a7:d7:c2:59:7a:
bb:0a:b3:ad:6e:26:33:b7:90:a2:db:61:6c:4c:2d:
02:12:52:0a:d3:f8:3b:8e:9b:b2:31:07:ce:10:62:
9a:3a:43:6b:88:0c:9f:7a:1b:63:3b:78:a0:d0:2a:
92:bc:2d:c5:b9:8d:69:b7:c1:f0:42:82:87:71:5d:
19:ba:2a:db:6b:70:30:48:30:98:7a:fc:2d:97:95:
22:47:58:8b:7e:76:ca:7b:8d:45:db:3a:26:e9:5a:
52:17:4a:bc:9a:f2:c2:c6:0d:c0:08:7b:82:39:f5:
8f:0a:37:12:6c:48:77:3a:18:ec:77:8e:3f:f0:4f:
22:90:1e:32:9d:c5:a0:41:98:0e:31:11:76:c1:0e:
d4:3f:bd:60:0c:1f:e2:30:15:ed:cb:f2:0d:92:c6:
53:1a:19:53:f5:12:7a:74:c4:6f:d3:5f:2c:16:c3:
98:b6:67:2c:8b:e1:05:4f:2d:3b:7c:b5:2c:de:55:
8e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:72:8B:AB:8C:56:08:20:A2:65:70:3E:C1:52:1D:40:9E:0F:74:A7
X509v3 Authority Key Identifier:
keyid:DF:88:77:F3:C5:5B:52:8E:1A:29:DB:3D:79:92:06:56:F0:C6:6A:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/34h388VbUo4aKds9eZIGVvDGaus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/63KLq4xWCCCiZXA-wVIdQJ4PdKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/34h388VbUo4aKds9eZIGVvDGaus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.186.198.0/23
80.78.64.0/20
91.132.172.0/22
109.69.0.0/21
141.98.140.0/22
185.62.174.0/23
185.200.212.0/22
217.73.128.0/20
IPv6:
2a04:eb40::/29
Signature Algorithm: sha256WithRSAEncryption
42:e0:33:93:c1:fc:01:11:c7:18:90:55:fa:d9:5a:ed:e0:fa:
18:6c:d1:bb:e3:53:8e:40:de:a1:f6:08:ae:40:04:4e:49:e0:
d5:ad:be:64:02:11:ab:15:b9:be:0d:3d:37:fb:c6:10:cd:cc:
cb:51:8c:52:0d:8c:80:ee:a3:35:9b:da:bd:f6:ca:a3:34:2f:
39:c3:5f:b0:f6:1a:2c:9e:c7:42:8b:3f:b3:b0:40:0f:dd:8c:
d6:c7:98:21:50:71:a7:d7:7f:8f:6d:08:34:70:75:17:67:9f:
ed:c1:40:0a:fb:6c:ac:0e:bd:0e:6e:09:0c:af:16:60:2a:44:
aa:16:32:08:78:e8:bd:a0:18:e4:c6:90:ee:ef:05:f2:30:6d:
f1:25:76:b0:d5:3a:38:8a:72:ee:a2:d3:d9:ad:2d:c8:4f:e8:
72:2e:b0:dd:4f:a7:54:5b:c9:48:82:c2:78:4e:5f:c0:f3:2a:
58:80:72:fc:2c:aa:91:f1:65:56:81:ac:b0:20:ee:de:f6:9c:
61:3a:5d:12:c1:01:5d:0f:ce:f0:9f:58:fd:3c:57:99:52:8e:
ef:14:91:e5:5b:23:c5:8c:b8:58:f0:65:04:2a:11:a5:db:e5:
31:32:73:5f:90:40:07:66:77:7e:47:2d:23:4d:ab:88:a7:cd:
b9:0c:20:f6
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZQiH642JPltqtm/v4wAJMYkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmODg3N2YzYzU1YjUyOGUxYTI5ZGIzZDc5OTIwNjU2ZjBj
NjZhZWIwHhcNMjUwMTAxMTM0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjcyOGJhYjhjNTYwODIwYTI2NTcwM2VjMTUyMWQ0MDllMGY3NGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVSU6RfLL6pol1J5jcgFOq7uFjov
wEZAIUzXN8dtI+4mgKdLVHTJl065bM+kC6fqpzDKWnzvXIWmtr/KHVQvE4D7KyEu
p9fCWXq7CrOtbiYzt5Ci22FsTC0CElIK0/g7jpuyMQfOEGKaOkNriAyfehtjO3ig
0CqSvC3FuY1pt8HwQoKHcV0Zuirba3AwSDCYevwtl5UiR1iLfnbKe41F2zom6VpS
F0q8mvLCxg3ACHuCOfWPCjcSbEh3Ohjsd44/8E8ikB4yncWgQZgOMRF2wQ7UP71g
DB/iMBXty/INksZTGhlT9RJ6dMRv018sFsOYtmcsi+EFTy07fLUs3lWORQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFOtyi6uMVgggomVwPsFSHUCeD3SnMB8GA1UdIwQY
MBaAFN+Id/PFW1KOGinbPXmSBlbwxmrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzRoMzg4VmJVbzRhS2RzOWVaSUdWdkRHYXVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kMjFkNjAtMjEwZi00MGIzLTlkODkt
MjU0NTVhOGRkZDQ1LzEvNjNLTHE0eFdDQ0NpWlhBLXdWSWRRSjRQZEtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kMjFkNjAtMjEwZi00MGIzLTlkODktMjU0NTVhOGRkZDQ1
LzEvMzRoMzg4VmJVbzRhS2RzOWVaSUdWdkRHYXVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQBQrrGAwQE
UE5AAwQCW4SsAwQDbUUAAwQCjWKMAwQBuT6uAwQCucjUAwQE2UmAMA0EAgACMAcD
BQMqBOtAMA0GCSqGSIb3DQEBCwUAA4IBAQBC4DOTwfwBEccYkFX62Vrt4PoYbNG7
41OOQN6h9giuQAROSeDVrb5kAhGrFbm+DT03+8YQzczLUYxSDYyA7qM1m9q99sqj
NC85w1+w9hosnsdCiz+zsEAP3YzWx5ghUHGn13+PbQg0cHUXZ5/twUAK+2ysDr0O
bgkMrxZgKkSqFjIIeOi9oBjkxpDu7wXyMG3xJXaw1To4inLuotPZrS3IT+hyLrDd
T6dUW8lIgsJ4Tl/A8ypYgHL8LKqR8WVWgaywIO7e9pxhOl0SwQFdD87wn1j9PFeZ
Uo7vFJHlWyPFjLhY8GUEKhGl2+UxMnNfkEAHZnd+Ry0jTauIp825DCD2
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:20:48 2025 by rpki-client