Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/7b92bf-011b-44a7-8382-bfb2b8815e49/1/Q-8pI7cpT4fgTdHlSN-2DJuziP4.roa
File: Q-8pI7cpT4fgTdHlSN-2DJuziP4.roa (raw, json)
Hash identifier: 5IRE+nYJot3oRKIDHJpRaB/Dwj0yfMYd8yQJVVMhek8=
Subject key identifier: 43:EF:29:23:B7:29:4F:87:E0:4D:D1:E5:48:DF:B6:0C:9B:B3:88:FE
Certificate issuer: /CN=764f8daadf1d775d59d1502b573901b875513b56
Certificate serial: 018410D90D8F623472EBEF0C756D11386BBD
Authority key identifier: 76:4F:8D:AA:DF:1D:77:5D:59:D1:50:2B:57:39:01:B8:75:51:3B:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dk-Nqt8dd11Z0VArVzkBuHVRO1Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/7b92bf-011b-44a7-8382-bfb2b8815e49/1/Q-8pI7cpT4fgTdHlSN-2DJuziP4.roa
Signing time: Tue 25 Oct 2022 20:32:50 +0000
ROA not before: Tue 25 Oct 2022 20:32:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9125
IP address blocks: 93.93.192.0/21 maxlen: 21
93.93.199.0/24 maxlen: 24
92.42.253.0/24 maxlen: 24
92.42.252.0/24 maxlen: 24
92.42.248.0/22 maxlen: 22
92.42.254.0/24 maxlen: 24
92.42.255.0/24 maxlen: 24
89.23.93.0/24 maxlen: 24
89.23.68.0/23 maxlen: 23
89.23.70.0/24 maxlen: 24
89.23.65.0/24 maxlen: 24
89.23.75.0/24 maxlen: 24
89.23.74.0/24 maxlen: 24
178.254.134.0/24 maxlen: 24
178.254.133.0/24 maxlen: 24
178.254.136.0/22 maxlen: 22
178.254.144.0/20 maxlen: 20
178.254.140.0/22 maxlen: 22
178.254.160.0/22 maxlen: 22
178.254.169.0/24 maxlen: 24
178.254.175.0/24 maxlen: 24
178.254.177.0/24 maxlen: 24
178.254.182.0/24 maxlen: 24
178.254.184.0/24 maxlen: 24
178.254.184.0/21 maxlen: 21
178.254.128.0/21 maxlen: 21
95.140.112.0/22 maxlen: 22
95.140.116.0/22 maxlen: 22
95.140.115.0/24 maxlen: 24
95.140.120.0/23 maxlen: 23
95.140.124.0/22 maxlen: 22
95.140.125.0/24 maxlen: 24
185.157.44.0/24 maxlen: 24
109.111.254.0/24 maxlen: 24
217.169.208.0/20 maxlen: 20
217.169.208.0/22 maxlen: 22
217.169.212.0/22 maxlen: 22
217.169.219.0/24 maxlen: 24
217.169.216.0/22 maxlen: 22
217.169.220.0/22 maxlen: 22
5.172.32.0/21 maxlen: 21
109.111.226.0/24 maxlen: 24
109.111.225.0/24 maxlen: 24
109.111.224.0/24 maxlen: 24
109.111.232.0/22 maxlen: 22
109.111.229.0/24 maxlen: 24
109.111.228.0/24 maxlen: 24
109.111.230.0/23 maxlen: 23
109.111.227.0/24 maxlen: 24
109.111.240.0/24 maxlen: 24
109.111.236.0/22 maxlen: 22
109.111.246.0/24 maxlen: 24
109.111.243.0/24 maxlen: 24
109.111.244.0/24 maxlen: 24
109.111.250.0/24 maxlen: 24
109.111.252.0/23 maxlen: 24
109.111.247.0/24 maxlen: 24
109.111.248.0/24 maxlen: 24
2a02:b58::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:10:d9:0d:8f:62:34:72:eb:ef:0c:75:6d:11:38:6b:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=764f8daadf1d775d59d1502b573901b875513b56
Validity
Not Before: Oct 25 20:32:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43ef2923b7294f87e04dd1e548dfb60c9bb388fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:18:84:3a:e0:fb:f4:40:79:10:f4:d3:c2:01:
fb:5d:c9:41:38:64:f8:75:2f:b3:dd:ea:28:42:84:
90:7d:a0:14:39:76:f3:4a:ee:0c:39:ae:eb:d4:4e:
50:df:5c:59:86:02:e8:14:92:b6:4b:ec:13:4e:d4:
a4:3a:ce:58:46:0b:26:76:67:3a:4d:76:bf:48:f2:
98:c7:70:33:9b:40:03:75:54:ff:a5:4e:0e:91:fa:
e5:db:4b:68:57:89:31:f4:fa:b4:77:14:f9:8f:f4:
11:d5:fc:dd:65:69:26:8e:b0:89:8a:71:1b:bc:38:
19:fd:b7:b4:a0:45:fc:ff:22:32:71:be:22:b7:a7:
4b:5e:cc:da:ea:c9:9c:30:22:98:c0:b1:06:6a:59:
6d:91:6c:38:bf:43:4f:d7:ce:20:f7:66:86:a4:5d:
5c:53:04:fe:06:6e:d9:d8:78:68:be:14:f6:bb:34:
d6:d7:a6:3a:ba:90:1d:d8:ee:7b:40:09:d9:87:5a:
cf:39:46:2b:97:84:1c:21:07:67:c3:2a:be:8e:b8:
3a:2f:ab:87:64:b6:60:1f:79:67:b5:48:19:c9:52:
86:d5:76:fe:34:09:94:67:68:63:9d:b5:27:aa:47:
6d:18:b2:ba:b7:cf:29:b2:cd:5c:9a:51:e0:06:8c:
57:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:EF:29:23:B7:29:4F:87:E0:4D:D1:E5:48:DF:B6:0C:9B:B3:88:FE
X509v3 Authority Key Identifier:
keyid:76:4F:8D:AA:DF:1D:77:5D:59:D1:50:2B:57:39:01:B8:75:51:3B:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dk-Nqt8dd11Z0VArVzkBuHVRO1Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/7b92bf-011b-44a7-8382-bfb2b8815e49/1/Q-8pI7cpT4fgTdHlSN-2DJuziP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/7b92bf-011b-44a7-8382-bfb2b8815e49/1/dk-Nqt8dd11Z0VArVzkBuHVRO1Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.32.0/21
89.23.65.0/24
89.23.68.0-89.23.70.255
89.23.74.0/23
89.23.93.0/24
92.42.248.0/21
93.93.192.0/21
95.140.112.0-95.140.121.255
95.140.124.0/22
109.111.224.0-109.111.240.255
109.111.243.0-109.111.244.255
109.111.246.0-109.111.248.255
109.111.250.0/24
109.111.252.0-109.111.254.255
178.254.128.0-178.254.163.255
178.254.169.0/24
178.254.175.0/24
178.254.177.0/24
178.254.182.0/24
178.254.184.0/21
185.157.44.0/24
217.169.208.0/20
IPv6:
2a02:b58::/32
Signature Algorithm: sha256WithRSAEncryption
8c:22:e9:a8:d7:e2:88:15:2a:da:9a:66:dd:c0:22:80:f6:95:
ed:e4:54:73:c7:72:27:83:23:9b:86:55:02:3e:32:79:96:1d:
f0:96:ce:74:85:fa:90:dc:aa:8b:03:05:1e:a3:ad:ee:8b:d6:
8b:0d:84:1b:14:79:a9:ae:3d:dd:45:c6:d2:a7:16:ca:cf:26:
24:ef:bf:5b:45:86:af:54:bb:71:3c:07:b8:40:ca:81:21:7e:
41:ee:f8:5c:1b:bb:8e:e7:db:e5:f0:61:73:5f:39:d3:ef:7c:
a7:c1:e9:e6:86:70:ef:c1:4e:64:5d:88:49:10:8d:39:28:a2:
6c:58:8d:a2:ff:2a:be:f1:54:26:3f:9e:de:49:fa:5e:0e:89:
c3:38:5e:0f:62:4e:ea:d1:52:1c:1d:98:3c:54:cb:ab:11:21:
10:17:0b:59:e4:73:10:bb:d1:99:c7:ed:c9:06:63:c1:7d:b8:
78:86:ad:36:11:22:fd:36:bf:d8:5c:38:48:92:bc:db:60:ad:
6f:c9:69:26:1e:18:04:a7:be:93:00:dc:31:ae:c8:a4:54:d1:
65:65:5b:40:51:7a:3c:29:eb:f1:d5:d3:0a:68:6e:16:bb:11:
51:cc:9f:dc:b8:db:c2:f5:34:f1:78:f9:35:95:00:14:59:d7:
62:74:27:72
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgISAYQQ2Q2PYjRy6+8MdW0ROGu9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NGY4ZGFhZGYxZDc3NWQ1OWQxNTAyYjU3MzkwMWI4NzU1
MTNiNTYwHhcNMjIxMDI1MjAzMjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2VmMjkyM2I3Mjk0Zjg3ZTA0ZGQxZTU0OGRmYjYwYzliYjM4OGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3BiEOuD79EB5EPTTwgH7XclBOGT4
dS+z3eooQoSQfaAUOXbzSu4MOa7r1E5Q31xZhgLoFJK2S+wTTtSkOs5YRgsmdmc6
TXa/SPKYx3Azm0ADdVT/pU4Okfrl20toV4kx9Pq0dxT5j/QR1fzdZWkmjrCJinEb
vDgZ/be0oEX8/yIycb4it6dLXsza6smcMCKYwLEGalltkWw4v0NP184g92aGpF1c
UwT+Bm7Z2HhovhT2uzTW16Y6upAd2O57QAnZh1rPOUYrl4QcIQdnwyq+jrg6L6uH
ZLZgH3lntUgZyVKG1Xb+NAmUZ2hjnbUnqkdtGLK6t88pss1cmlHgBoxX6QIDAQAB
o4IC0zCCAs8wHQYDVR0OBBYEFEPvKSO3KU+H4E3R5Ujftgybs4j+MB8GA1UdIwQY
MBaAFHZPjarfHXddWdFQK1c5Abh1UTtWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGstTnF0OGRkMTFaMFZBclZ6a0J1SFZSTzFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC83YjkyYmYtMDExYi00NGE3LTgzODIt
YmZiMmI4ODE1ZTQ5LzEvUS04cEk3Y3BUNGZnVGRIbFNOLTJESnV6aVA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC83YjkyYmYtMDExYi00NGE3LTgzODItYmZiMmI4ODE1ZTQ5
LzEvZGstTnF0OGRkMTFaMFZBclZ6a0J1SFZSTzFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHoBggrBgEFBQcBBwEB/wSB2DCB1TCBwwQCAAEwgbwDBAMF
rCADBABZF0EwDAMEAlkXRAMEAFkXRgMEAVkXSgMEAFkXXQMEA1wq+AMEA11dwDAM
AwQEX4xwAwQBX4x4AwQCX4x8MAwDBAVtb+ADBABtb/AwDAMEAG1v8wMEAG1v9DAM
AwQBbW/2AwQAbW/4AwQAbW/6MAwDBAJtb/wDBABtb/4wDAMEB7L+gAMEArL+oAME
ALL+qQMEALL+rwMEALL+sQMEALL+tgMEA7L+uAMEALmdLAMEBNmp0DANBAIAAjAH
AwUAKgILWDANBgkqhkiG9w0BAQsFAAOCAQEAjCLpqNfiiBUq2ppm3cAigPaV7eRU
c8dyJ4Mjm4ZVAj4yeZYd8JbOdIX6kNyqiwMFHqOt7ovWiw2EGxR5qa493UXG0qcW
ys8mJO+/W0WGr1S7cTwHuEDKgSF+Qe74XBu7jufb5fBhc1850+98p8Hp5oZw78FO
ZF2ISRCNOSiibFiNov8qvvFUJj+e3kn6Xg6JwzheD2JO6tFSHB2YPFTLqxEhEBcL
WeRzELvRmcftyQZjwX24eIatNhEi/Ta/2Fw4SJK822Ctb8lpJh4YBKe+kwDcMa7I
pFTRZWVbQFF6PCnr8dXTCmhuFrsRUcyf3LjbwvU08Xj5NZUAFFnXYnQncg==
-----END CERTIFICATE-----
Generated at Thu May 1 22:29:09 2025 by rpki-client