Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/grC1f79IX2mM-qF8-NXonHt7K94.roa
File: grC1f79IX2mM-qF8-NXonHt7K94.roa (raw, json)
Hash identifier: PIn5LY5vZL3ojpOOs78b4n4ViIC2x4k2uUs9BW+BBPc=
Subject key identifier: 82:B0:B5:7F:BF:48:5F:69:8C:FA:A1:7C:F8:D5:E8:9C:7B:7B:2B:DE
Certificate issuer: /CN=0d87142bdc2b3f0d0848a0d800b6930b1abb34bc
Certificate serial: 04814B26
Authority key identifier: 0D:87:14:2B:DC:2B:3F:0D:08:48:A0:D8:00:B6:93:0B:1A:BB:34:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DYcUK9wrPw0ISKDYALaTCxq7NLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/grC1f79IX2mM-qF8-NXonHt7K94.roa
Signing time: Sat 01 Jan 2022 12:06:34 +0000
ROA not before: Sat 01 Jan 2022 12:06:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1820
IP address blocks: 80.92.224.0/20 maxlen: 32
212.110.144.0/21 maxlen: 32
212.110.152.0/22 maxlen: 32
92.119.220.0/22 maxlen: 32
82.117.229.0/24 maxlen: 32
193.111.48.0/22 maxlen: 32
82.117.244.0/24 maxlen: 32
92.60.176.0/20 maxlen: 32
185.38.208.0/23 maxlen: 32
185.39.196.0/22 maxlen: 32
212.110.128.0/20 maxlen: 32
193.16.47.0/24 maxlen: 32
185.170.192.0/22 maxlen: 32
128.0.168.0/21 maxlen: 32
195.66.93.0/24 maxlen: 32
193.111.0.0/23 maxlen: 32
85.90.211.0/24 maxlen: 32
31.172.136.0/21 maxlen: 32
85.90.223.0/24 maxlen: 32
217.20.160.0/19 maxlen: 32
185.45.244.0/22 maxlen: 32
2a01:6b0::/32 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75582246 (0x4814b26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d87142bdc2b3f0d0848a0d800b6930b1abb34bc
Validity
Not Before: Jan 1 12:06:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=82b0b57fbf485f698cfaa17cf8d5e89c7b7b2bde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:49:a0:f9:40:df:92:37:53:81:fc:e7:e1:ea:
f8:a5:4c:30:b9:bf:80:50:ef:5e:aa:97:6d:6a:f8:
a8:e1:94:3c:8d:88:fd:db:28:dc:36:0f:fb:a1:45:
48:7a:c9:52:9e:96:e1:8b:ed:f7:05:32:be:25:07:
c7:b8:36:4e:8e:fc:29:a6:7b:b7:f1:fc:48:c4:8d:
3f:42:05:6c:a4:b2:bd:ae:29:b0:4c:f4:a1:ed:95:
7f:58:e3:1d:2c:7e:b8:1f:8d:fe:09:74:3f:fb:74:
d8:be:1c:54:51:46:c6:45:14:be:fa:83:ad:f7:8e:
41:2d:bf:c8:e6:41:fc:d6:c6:86:0c:73:91:72:e6:
46:e8:e8:06:c6:e0:e0:a7:34:5a:72:37:56:3c:55:
10:7d:14:9a:ac:ed:23:ba:97:53:74:4c:e7:6f:39:
a6:08:e3:a0:95:e6:69:ee:78:47:42:01:a8:5c:aa:
b8:3b:c5:ee:91:02:35:e9:1d:32:4f:a7:ed:60:f4:
74:22:0a:5d:b8:a1:65:01:96:25:72:56:cb:17:01:
de:b5:ac:7b:d6:76:1a:35:e5:49:d0:d7:25:4c:55:
83:00:c7:c9:3c:13:70:0b:07:75:54:dd:f6:fa:37:
d2:bd:5d:73:be:d2:ef:7d:64:29:71:f9:9b:71:d4:
1d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:B0:B5:7F:BF:48:5F:69:8C:FA:A1:7C:F8:D5:E8:9C:7B:7B:2B:DE
X509v3 Authority Key Identifier:
keyid:0D:87:14:2B:DC:2B:3F:0D:08:48:A0:D8:00:B6:93:0B:1A:BB:34:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DYcUK9wrPw0ISKDYALaTCxq7NLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/grC1f79IX2mM-qF8-NXonHt7K94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/DYcUK9wrPw0ISKDYALaTCxq7NLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.136.0/21
80.92.224.0/20
82.117.229.0/24
82.117.244.0/24
85.90.211.0/24
85.90.223.0/24
92.60.176.0/20
92.119.220.0/22
128.0.168.0/21
185.38.208.0/23
185.39.196.0/22
185.45.244.0/22
185.170.192.0/22
193.16.47.0/24
193.111.0.0/23
193.111.48.0/22
195.66.93.0/24
212.110.128.0-212.110.155.255
217.20.160.0/19
IPv6:
2a01:6b0::/32
Signature Algorithm: sha256WithRSAEncryption
09:3c:9d:a9:8d:9a:0a:81:21:1e:81:cc:9d:bb:47:44:54:93:
5e:c0:89:8a:6a:6a:30:38:df:d7:36:17:15:79:ed:c4:d9:ef:
2e:64:4c:22:73:31:18:92:60:7a:a8:6f:2d:eb:0d:aa:d4:bb:
46:38:89:5b:58:a0:14:91:07:d9:a5:57:6c:5a:e5:7f:bc:b9:
19:93:c7:ef:81:a1:ef:93:e4:79:ad:e5:f1:ed:2e:08:7f:85:
c2:72:a0:30:70:b0:aa:56:ba:c2:74:cb:4b:13:2d:8c:1a:3e:
34:ea:10:cd:fc:a1:17:2d:88:db:1e:ec:0e:88:bb:d9:aa:94:
60:49:b2:52:9c:1c:f9:f8:76:e2:b6:90:1b:39:06:73:36:f6:
a0:f9:02:cf:61:86:64:1d:e2:27:b2:bb:4f:43:ce:28:e2:d7:
db:5e:7a:42:58:bc:03:84:6e:cc:ae:5a:c2:a0:e6:8e:44:d9:
d7:65:2b:e6:22:6a:20:08:53:99:a1:e5:d1:26:a6:ff:0c:e3:
00:e2:8a:ed:18:e1:b8:c7:1c:8d:7e:3f:83:2b:71:d3:c8:a4:
33:89:78:89:6f:99:8c:93:64:bb:b6:34:b6:79:72:62:b8:8e:
49:e2:35:5b:8a:01:1d:4d:0c:f8:ee:65:fd:fa:7a:0d:3b:84:
fa:f3:8b:7d
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIEBIFLJjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZDg3MTQyYmRjMmIzZjBkMDg0OGEwZDgwMGI2OTMwYjFhYmIzNGJjMB4XDTIyMDEw
MTEyMDYzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODJiMGI1N2ZiZjQ4
NWY2OThjZmFhMTdjZjhkNWU4OWM3YjdiMmJkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANZJoPlA35I3U4H85+Hq+KVMMLm/gFDvXqqXbWr4qOGUPI2I
/dso3DYP+6FFSHrJUp6W4Yvt9wUyviUHx7g2To78KaZ7t/H8SMSNP0IFbKSyva4p
sEz0oe2Vf1jjHSx+uB+N/gl0P/t02L4cVFFGxkUUvvqDrfeOQS2/yOZB/NbGhgxz
kXLmRujoBsbg4Kc0WnI3VjxVEH0UmqztI7qXU3RM5285pgjjoJXmae54R0IBqFyq
uDvF7pECNekdMk+n7WD0dCIKXbihZQGWJXJWyxcB3rWse9Z2GjXlSdDXJUxVgwDH
yTwTcAsHdVTd9vo30r1dc77S731kKXH5m3HUHYUCAwEAAaOCApAwggKMMB0GA1Ud
DgQWBBSCsLV/v0hfaYz6oXz41eice3sr3jAfBgNVHSMEGDAWgBQNhxQr3Cs/DQhI
oNgAtpMLGrs0vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RZY1VLOXdyUHcwSVNLRFlBTGFUQ3hxN05Mdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODgvOGY4Y2MwLWY2OTMtNDIxYy1iYzU0LWEzMTcwOGQ0MDM5MS8x
L2dyQzFmNzlJWDJtTS1xRjgtTlhvbkh0N0s5NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgv
OGY4Y2MwLWY2OTMtNDIxYy1iYzU0LWEzMTcwOGQ0MDM5MS8xL0RZY1VLOXdyUHcw
SVNLRFlBTGFUQ3hxN05Mdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
pQYIKwYBBQUHAQcBAf8EgZUwgZIwgYAEAgABMHoDBAMfrIgDBARQXOADBABSdeUD
BABSdfQDBABVWtMDBABVWt8DBARcPLADBAJcd9wDBAOAAKgDBAG5JtADBAK5J8QD
BAK5LfQDBAK5qsADBADBEC8DBAHBbwADBALBbzADBADDQl0wDAMEB9RugAMEAtRu
mAMEBdkUoDANBAIAAjAHAwUAKgEGsDANBgkqhkiG9w0BAQsFAAOCAQEACTydqY2a
CoEhHoHMnbtHRFSTXsCJimpqMDjf1zYXFXntxNnvLmRMInMxGJJgeqhvLesNqtS7
RjiJW1igFJEH2aVXbFrlf7y5GZPH74Gh75Pkea3l8e0uCH+FwnKgMHCwqla6wnTL
SxMtjBo+NOoQzfyhFy2I2x7sDoi72aqUYEmyUpwc+fh24raQGzkGczb2oPkCz2GG
ZB3iJ7K7T0POKOLX2156Qli8A4RuzK5awqDmjkTZ12Ur5iJqIAhTmaHl0Sam/wzj
AOKK7RjhuMccjX4/gytx08ikM4l4iW+ZjJNku7Y0tnlyYriOSeI1W4oBHU0M+O5l
/fp6DTuE+vOLfQ==
-----END CERTIFICATE-----
Generated at Wed Apr 30 03:49:33 2025 by rpki-client