Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/Ku7mlWdQUS5PjXzyTqi5z00hFMY.roa
File: Ku7mlWdQUS5PjXzyTqi5z00hFMY.roa (raw, json)
Hash identifier: +sz8F3cQaVFueJNq3Z5YxsZjo0X7LoW394t5IaIo8M8=
Subject key identifier: 2A:EE:E6:95:67:50:51:2E:4F:8D:7C:F2:4E:A8:B9:CF:4D:21:14:C6
Certificate issuer: /CN=3d8a553e05f0319bf452fa206c14ccda87304654
Certificate serial: 019537C1CDC4B4305FACC8606393279236C1
Authority key identifier: 3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/Ku7mlWdQUS5PjXzyTqi5z00hFMY.roa
Signing time: Mon 24 Feb 2025 11:40:02 +0000
ROA not before: Mon 24 Feb 2025 11:40:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8368
IP address blocks: 46.243.24.0/21 maxlen: 24
78.41.64.0/21 maxlen: 24
78.110.192.0/20 maxlen: 24
82.146.96.0/19 maxlen: 24
85.158.208.0/21 maxlen: 24
87.237.8.0/21 maxlen: 24
88.82.32.0/19 maxlen: 24
89.35.16.0/21 maxlen: 24
89.250.176.0/20 maxlen: 24
91.197.108.0/22 maxlen: 24
94.140.160.0/19 maxlen: 24
94.158.248.0/24 maxlen: 24
95.171.160.0/19 maxlen: 24
178.132.8.0/21 maxlen: 24
185.47.0.0/22 maxlen: 24
185.48.100.0/22 maxlen: 24
185.78.180.0/22 maxlen: 24
185.81.224.0/22 maxlen: 24
185.90.184.0/22 maxlen: 22
185.174.64.0/22 maxlen: 24
185.214.4.0/22 maxlen: 24
185.224.236.0/22 maxlen: 22
188.64.72.0/21 maxlen: 24
188.118.0.0/18 maxlen: 24
195.110.54.0/23 maxlen: 24
195.144.64.0/19 maxlen: 24
195.225.100.0/22 maxlen: 24
213.193.200.0/21 maxlen: 24
213.193.224.0/21 maxlen: 24
213.193.248.0/23 maxlen: 24
2001:4158::/29 maxlen: 48
2001:4c40::/32 maxlen: 48
2a00:1fb8::/32 maxlen: 48
2a01:8c20::/32 maxlen: 48
2a0b:8b00::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:37:c1:cd:c4:b4:30:5f:ac:c8:60:63:93:27:92:36:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8a553e05f0319bf452fa206c14ccda87304654
Validity
Not Before: Feb 24 11:40:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2aeee6956750512e4f8d7cf24ea8b9cf4d2114c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:59:74:4c:55:8d:d5:8e:2e:90:43:c7:34:b8:
8f:ca:2a:38:89:21:36:42:0d:11:59:86:04:14:4c:
a8:3f:3e:da:31:27:de:f5:bd:23:37:e0:b2:29:53:
5a:3c:3c:00:8e:6b:85:9b:8d:c4:ad:89:0e:f6:d6:
b4:fb:bf:29:1f:9c:70:fd:03:9d:65:c4:04:8d:62:
ec:79:40:bd:60:b3:48:f8:55:66:f8:0e:98:8d:6c:
c4:9c:7d:6c:9c:8e:c4:0a:44:2d:df:45:f2:23:02:
7f:f2:20:96:c5:d2:e3:5b:90:20:98:93:ca:c3:d7:
bc:bb:b5:af:e3:52:57:32:59:a5:36:88:96:93:fd:
c7:87:76:08:c3:04:1c:84:ad:07:29:f2:92:0d:83:
d8:e9:b8:f1:46:d2:fc:61:c4:08:8b:54:19:3e:e3:
dc:33:c9:8e:b4:1a:b3:f2:2b:c3:91:2e:cd:00:e2:
e0:c4:8d:a7:a6:8f:5e:d1:b0:0c:37:54:db:79:1e:
09:dd:d2:a7:00:7e:bd:70:0b:3a:3e:90:07:d0:20:
6d:51:0b:18:5f:19:cf:91:14:e8:df:1c:ed:0f:0e:
60:4a:cf:81:8d:c0:12:07:11:d0:73:72:bb:3a:93:
92:5b:b9:3f:63:00:36:81:f8:cb:1a:73:bf:7b:ec:
53:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:EE:E6:95:67:50:51:2E:4F:8D:7C:F2:4E:A8:B9:CF:4D:21:14:C6
X509v3 Authority Key Identifier:
keyid:3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/Ku7mlWdQUS5PjXzyTqi5z00hFMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.24.0/21
78.41.64.0/21
78.110.192.0/20
82.146.96.0/19
85.158.208.0/21
87.237.8.0/21
88.82.32.0/19
89.35.16.0/21
89.250.176.0/20
91.197.108.0/22
94.140.160.0/19
94.158.248.0/24
95.171.160.0/19
178.132.8.0/21
185.47.0.0/22
185.48.100.0/22
185.78.180.0/22
185.81.224.0/22
185.90.184.0/22
185.174.64.0/22
185.214.4.0/22
185.224.236.0/22
188.64.72.0/21
188.118.0.0/18
195.110.54.0/23
195.144.64.0/19
195.225.100.0/22
213.193.200.0/21
213.193.224.0/21
213.193.248.0/23
IPv6:
2001:4158::/29
2001:4c40::/32
2a00:1fb8::/32
2a01:8c20::/32
2a0b:8b00::/29
Signature Algorithm: sha256WithRSAEncryption
15:8d:43:9a:47:fd:51:51:9e:cc:5b:b2:ff:34:70:74:ab:53:
17:56:38:3b:69:c9:68:8c:ef:b3:3d:c4:e7:6b:01:ef:0a:da:
22:62:88:17:26:3c:f5:82:e2:b1:ce:56:9a:01:69:51:24:eb:
5c:77:50:b7:73:01:8a:e0:1a:db:a3:0d:89:cc:31:10:76:69:
af:ff:6f:44:79:2f:e1:d8:88:d4:22:04:43:03:32:5a:96:04:
b2:c7:7a:21:2e:ab:29:71:29:c0:b3:51:98:b0:9a:6d:35:18:
fc:2a:6e:0f:2a:73:b4:3b:37:bc:75:01:5a:f2:c0:62:4e:07:
51:09:77:2e:ef:03:40:e3:95:5f:f3:d7:2a:92:17:87:14:9d:
b5:c1:db:cd:61:bf:cc:42:cc:46:6d:0f:26:97:88:4f:d4:74:
2d:07:57:a1:e6:4a:07:57:9b:d9:1c:f5:27:3e:65:62:95:1a:
88:3b:5d:a4:f3:3c:84:f9:d8:e6:05:de:2f:01:18:62:6e:76:
04:d3:50:e7:ce:51:e2:da:b6:30:13:ac:79:7c:62:19:35:0f:
33:d9:0a:5d:f4:47:22:78:99:83:e5:0e:ad:b4:50:eb:18:f4:
36:58:92:e1:e3:f2:82:88:ad:6d:8a:04:c1:7f:9c:de:ae:e0:
e8:2c:7b:20
-----BEGIN CERTIFICATE-----
MIIF2zCCBMOgAwIBAgISAZU3wc3EtDBfrMhgY5MnkjbBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGE1NTNlMDVmMDMxOWJmNDUyZmEyMDZjMTRjY2RhODcz
MDQ2NTQwHhcNMjUwMjI0MTE0MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWVlZTY5NTY3NTA1MTJlNGY4ZDdjZjI0ZWE4YjljZjRkMjExNGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFl0TFWN1Y4ukEPHNLiPyio4iSE2
Qg0RWYYEFEyoPz7aMSfe9b0jN+CyKVNaPDwAjmuFm43ErYkO9ta0+78pH5xw/QOd
ZcQEjWLseUC9YLNI+FVm+A6YjWzEnH1snI7ECkQt30XyIwJ/8iCWxdLjW5AgmJPK
w9e8u7Wv41JXMlmlNoiWk/3Hh3YIwwQchK0HKfKSDYPY6bjxRtL8YcQIi1QZPuPc
M8mOtBqz8ivDkS7NAOLgxI2npo9e0bAMN1TbeR4J3dKnAH69cAs6PpAH0CBtUQsY
XxnPkRTo3xztDw5gSs+BjcASBxHQc3K7OpOSW7k/YwA2gfjLGnO/e+xTZQIDAQAB
o4IC5zCCAuMwHQYDVR0OBBYEFCru5pVnUFEuT4188k6ouc9NIRTGMB8GA1UdIwQY
MBaAFD2KVT4F8DGb9FL6IGwUzNqHMEZUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81MmNlNTQtZTQ5Yy00MTFjLTg1Mjct
MGZiNDgyM2Y1Yjg3LzEvS3U3bWxXZFFVUzVQalh6eVRxaTV6MDBoRk1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81MmNlNTQtZTQ5Yy00MTFjLTg1MjctMGZiNDgyM2Y1Yjg3
LzEvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH8BggrBgEFBQcBBwEB/wSB7DCB6TCBuwQCAAEwgbQDBAMu
8xgDBANOKUADBARObsADBAVSkmADBANVntADBANX7QgDBAVYUiADBANZIxADBARZ
+rADBAJbxWwDBAVejKADBABenvgDBAVfq6ADBAOyhAgDBAK5LwADBAK5MGQDBAK5
TrQDBAK5UeADBAK5WrgDBAK5rkADBAK51gQDBAK54OwDBAO8QEgDBAa8dgADBAHD
bjYDBAXDkEADBALD4WQDBAPVwcgDBAPVweADBAHVwfgwKQQCAAIwIwMFAyABQVgD
BQAgAUxAAwUAKgAfuAMFACoBjCADBQMqC4sAMA0GCSqGSIb3DQEBCwUAA4IBAQAV
jUOaR/1RUZ7MW7L/NHB0q1MXVjg7aclojO+zPcTnawHvCtoiYogXJjz1guKxzlaa
AWlRJOtcd1C3cwGK4Brbow2JzDEQdmmv/29EeS/h2IjUIgRDAzJalgSyx3ohLqsp
cSnAs1GYsJptNRj8Km4PKnO0Oze8dQFa8sBiTgdRCXcu7wNA45Vf89cqkheHFJ21
wdvNYb/MQsxGbQ8ml4hP1HQtB1eh5koHV5vZHPUnPmVilRqIO12k8zyE+djmBd4v
ARhibnYE01DnzlHi2rYwE6x5fGIZNQ8z2Qpd9EcieJmD5Q6ttFDrGPQ2WJLh4/KC
iK1tigTBf5zeruDoLHsg
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:53:48 2025 by rpki-client on console.sobornost.net