Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/64e49a-5fe1-45c2-8310-34a9e98a5f86/1/A0tGHJyQnlzoLY0iXzhoD1SqJZc.roa
File: A0tGHJyQnlzoLY0iXzhoD1SqJZc.roa (raw, json)
Hash identifier: oVbnnGoqodoLK0UN5iq26bWyV39yu+/qCuUIHAVMGCo=
Subject key identifier: 03:4B:46:1C:9C:90:9E:5C:E8:2D:8D:22:5F:38:68:0F:54:AA:25:97
Certificate issuer: /CN=066369e2705cb433db0658ab666d08b67b1551dc
Certificate serial: 01942444BF17259AC2E849486E9C0DB547E0
Authority key identifier: 06:63:69:E2:70:5C:B4:33:DB:06:58:AB:66:6D:08:B6:7B:15:51:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BmNp4nBctDPbBlirZm0ItnsVUdw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/64e49a-5fe1-45c2-8310-34a9e98a5f86/1/A0tGHJyQnlzoLY0iXzhoD1SqJZc.roa
Signing time: Wed 01 Jan 2025 23:47:52 +0000
ROA not before: Wed 01 Jan 2025 23:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197308
IP address blocks: 5.179.112.0/21 maxlen: 21
31.216.32.0/21 maxlen: 21
81.91.0.0/20 maxlen: 20
176.57.88.0/22 maxlen: 22
185.21.144.0/22 maxlen: 22
185.27.240.0/22 maxlen: 22
193.108.0.0/24 maxlen: 24
193.108.1.0/24 maxlen: 24
193.108.2.0/23 maxlen: 23
193.108.4.0/24 maxlen: 24
193.108.5.0/24 maxlen: 24
193.108.6.0/24 maxlen: 24
213.180.64.0/19 maxlen: 19
2a00:5860::/32 maxlen: 32
2a03:2f80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:bf:17:25:9a:c2:e8:49:48:6e:9c:0d:b5:47:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=066369e2705cb433db0658ab666d08b67b1551dc
Validity
Not Before: Jan 1 23:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=034b461c9c909e5ce82d8d225f38680f54aa2597
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:22:0e:34:88:16:6f:82:14:02:f1:42:17:4a:
db:9e:2c:73:5e:16:34:4a:77:12:86:0a:38:a4:2e:
3b:34:4f:b2:e4:cb:ff:85:be:54:50:c5:98:53:59:
cb:ff:89:2b:e5:bc:b1:9e:c1:33:03:ce:bc:3e:fe:
2d:ad:88:ec:f4:9c:96:41:ce:19:6d:cb:be:12:2d:
bb:17:cf:2a:5a:ff:e7:14:63:06:80:fe:72:61:91:
c5:c3:29:da:16:eb:46:08:f8:f7:fc:47:71:c1:e5:
f8:8c:48:e8:56:d4:dc:8c:3f:79:ae:bb:c5:64:4a:
ae:9c:34:07:9b:33:a8:1f:6c:8f:8c:5f:c8:50:3b:
42:7a:b9:4e:68:0d:d9:9f:1b:27:3e:ce:d1:af:e4:
10:2c:3f:26:d4:3d:9f:8c:cd:91:0f:7a:05:5b:b4:
5a:71:4e:2d:de:9b:77:a2:3a:16:02:dc:b8:23:30:
3e:d5:7f:70:59:63:3f:72:5f:66:57:72:a3:03:80:
ff:6d:7c:11:26:d5:c7:99:4d:3e:c0:53:04:a1:92:
fe:47:ec:f9:25:a5:cb:03:3d:20:0b:f1:f4:e8:44:
97:81:85:73:aa:fb:35:c5:a7:10:83:09:4b:49:67:
ad:73:b5:16:62:2d:96:a4:6d:ec:ad:b4:46:c6:e6:
50:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:4B:46:1C:9C:90:9E:5C:E8:2D:8D:22:5F:38:68:0F:54:AA:25:97
X509v3 Authority Key Identifier:
keyid:06:63:69:E2:70:5C:B4:33:DB:06:58:AB:66:6D:08:B6:7B:15:51:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BmNp4nBctDPbBlirZm0ItnsVUdw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/64e49a-5fe1-45c2-8310-34a9e98a5f86/1/A0tGHJyQnlzoLY0iXzhoD1SqJZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/64e49a-5fe1-45c2-8310-34a9e98a5f86/1/BmNp4nBctDPbBlirZm0ItnsVUdw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.179.112.0/21
31.216.32.0/21
81.91.0.0/20
176.57.88.0/22
185.21.144.0/22
185.27.240.0/22
193.108.0.0-193.108.6.255
213.180.64.0/19
IPv6:
2a00:5860::/32
2a03:2f80::/32
Signature Algorithm: sha256WithRSAEncryption
64:a3:a9:14:e2:b7:7b:7a:e3:00:4a:ed:d2:57:92:f5:28:28:
e9:00:20:9e:c4:1c:5f:21:d9:5a:54:18:7a:10:4d:3e:ee:98:
bb:b2:e2:96:74:30:be:b1:7a:48:59:4d:7f:c7:5a:4b:c2:14:
2d:6f:fa:8d:46:1a:fd:d2:74:94:cd:5d:97:0e:7a:6d:04:a3:
b9:46:c4:d5:cb:7e:f9:f9:25:d8:00:b3:03:51:b9:d3:58:53:
a1:f1:da:2e:0a:03:b7:60:92:87:a9:1d:a3:03:08:e5:6e:92:
6e:69:de:a9:1e:e9:96:9e:26:70:fc:e6:1d:c9:56:9e:a8:87:
08:c5:0f:ec:a9:ad:ba:cc:e4:a8:f4:8a:9d:df:79:e7:cf:6e:
b2:cc:33:31:c6:0e:cf:d1:84:5f:74:45:80:29:59:e6:ae:9f:
a5:9b:09:da:fd:eb:ca:86:83:e6:8c:d7:f7:b4:be:e5:36:a1:
e0:3c:3f:31:6b:7a:50:c7:7f:27:63:ae:c0:66:d9:51:6e:f7:
1c:d4:95:c7:9f:22:28:4d:65:e0:bf:93:f0:e6:28:cf:a7:fd:
a4:ae:9d:4d:8f:1d:a7:2b:34:ff:96:20:8f:66:cb:d8:63:a2:
9d:af:a5:b9:a9:4e:63:12:dd:c7:74:91:e5:75:93:4c:3a:21:
36:c7:d3:c7
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZQkRL8XJZrC6ElIbpwNtUfgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NjM2OWUyNzA1Y2I0MzNkYjA2NThhYjY2NmQwOGI2N2Ix
NTUxZGMwHhcNMjUwMTAxMjM0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzRiNDYxYzljOTA5ZTVjZTgyZDhkMjI1ZjM4NjgwZjU0YWEyNTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCIONIgWb4IUAvFCF0rbnixzXhY0
SncShgo4pC47NE+y5Mv/hb5UUMWYU1nL/4kr5byxnsEzA868Pv4trYjs9JyWQc4Z
bcu+Ei27F88qWv/nFGMGgP5yYZHFwynaFutGCPj3/EdxweX4jEjoVtTcjD95rrvF
ZEqunDQHmzOoH2yPjF/IUDtCerlOaA3ZnxsnPs7Rr+QQLD8m1D2fjM2RD3oFW7Ra
cU4t3pt3ojoWAty4IzA+1X9wWWM/cl9mV3KjA4D/bXwRJtXHmU0+wFMEoZL+R+z5
JaXLAz0gC/H06ESXgYVzqvs1xacQgwlLSWetc7UWYi2WpG3srbRGxuZQqQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFANLRhyckJ5c6C2NIl84aA9UqiWXMB8GA1UdIwQY
MBaAFAZjaeJwXLQz2wZYq2ZtCLZ7FVHcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm1OcDRuQmN0RFBiQmxpclptMEl0bnNWVWR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC82NGU0OWEtNWZlMS00NWMyLTgzMTAt
MzRhOWU5OGE1Zjg2LzEvQTB0R0hKeVFubHpvTFkwaVh6aG9EMVNxSlpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC82NGU0OWEtNWZlMS00NWMyLTgzMTAtMzRhOWU5OGE1Zjg2
LzEvQm1OcDRuQmN0RFBiQmxpclptMEl0bnNWVWR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTA9BAIAATA3AwQDBbNwAwQD
H9ggAwQEUVsAAwQCsDlYAwQCuRWQAwQCuRvwMAsDAwLBbAMEAMFsBgMEBdW0QDAU
BAIAAjAOAwUAKgBYYAMFACoDL4AwDQYJKoZIhvcNAQELBQADggEBAGSjqRTit3t6
4wBK7dJXkvUoKOkAIJ7EHF8h2VpUGHoQTT7umLuy4pZ0ML6xekhZTX/HWkvCFC1v
+o1GGv3SdJTNXZcOem0Eo7lGxNXLfvn5JdgAswNRudNYU6Hx2i4KA7dgkoepHaMD
COVukm5p3qke6ZaeJnD85h3JVp6ohwjFD+yprbrM5Kj0ip3feefPbrLMMzHGDs/R
hF90RYApWeaun6WbCdr968qGg+aM1/e0vuU2oeA8PzFrelDHfydjrsBm2VFu9xzU
lcefIihNZeC/k/DmKM+n/aSunU2PHacrNP+WII9my9hjop2vpbmpTmMS3cd0keV1
k0w6ITbH08c=
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:21:22 2025 by rpki-client