Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/GhpTpgW64tSFuaS0pbKl89opsq8.roa
File: GhpTpgW64tSFuaS0pbKl89opsq8.roa (raw, json)
Hash identifier: 2Wron93LANvS77WOvmwaTogfUqhlP0TlDWCOGE4biV0=
Subject key identifier: 1A:1A:53:A6:05:BA:E2:D4:85:B9:A4:B4:A5:B2:A5:F3:DA:29:B2:AF
Certificate issuer: /CN=93b2981978885696ce1c2bbf4af99dadc2c618eb
Certificate serial: 019424B389236D985CCAF6DE869971D5EA07
Authority key identifier: 93:B2:98:19:78:88:56:96:CE:1C:2B:BF:4A:F9:9D:AD:C2:C6:18:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k7KYGXiIVpbOHCu_SvmdrcLGGOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/GhpTpgW64tSFuaS0pbKl89opsq8.roa
Signing time: Thu 02 Jan 2025 01:48:53 +0000
ROA not before: Thu 02 Jan 2025 01:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199256
IP address blocks: 5.149.168.0/21 maxlen: 24
45.137.184.0/22 maxlen: 22
81.173.12.0/22 maxlen: 24
91.216.236.0/24 maxlen: 24
91.216.241.0/24 maxlen: 24
93.119.24.0/22 maxlen: 24
144.2.240.0/21 maxlen: 24
159.253.224.0/22 maxlen: 24
185.32.152.0/22 maxlen: 24
185.57.100.0/22 maxlen: 24
185.122.132.0/22 maxlen: 24
185.156.196.0/22 maxlen: 24
2a04:b00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:89:23:6d:98:5c:ca:f6:de:86:99:71:d5:ea:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93b2981978885696ce1c2bbf4af99dadc2c618eb
Validity
Not Before: Jan 2 01:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a1a53a605bae2d485b9a4b4a5b2a5f3da29b2af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:2f:b6:fb:d9:15:66:c8:f8:f2:93:74:a3:57:
ff:38:1f:98:b3:ef:57:56:4a:44:ba:41:e4:8a:1e:
e3:8a:a4:74:87:50:e2:a6:dd:8b:f3:15:ba:ba:ab:
f2:3c:b2:1b:84:ad:b1:a0:a3:c6:2b:f7:20:b1:12:
5b:5b:87:28:11:31:1d:11:1d:b5:1e:1f:8e:ee:50:
e7:91:24:62:3b:75:d8:83:8e:7e:41:7b:b1:e3:69:
f3:77:d6:7a:91:a2:b4:fc:38:f9:3e:19:c2:d5:f8:
13:80:be:9b:c1:4c:aa:dd:6a:b3:b2:aa:e7:fb:fa:
dd:08:af:af:6c:2c:33:4d:0f:32:ca:72:21:e2:33:
23:4c:08:8e:e2:69:79:ed:9a:3c:1c:43:6c:e8:3a:
ff:51:25:e8:e6:80:3a:75:4e:d5:25:e6:65:b1:4d:
95:1e:c9:ce:3f:b5:b0:c2:98:a9:0c:f6:d0:2d:99:
30:87:df:8f:5d:50:5d:c0:77:50:3a:cc:70:30:c1:
53:91:ce:ba:ca:d5:a9:d5:47:2f:d3:80:e0:13:97:
db:d1:2b:25:d9:8f:40:e7:29:75:1e:f9:e8:62:40:
83:1b:d0:73:5b:9f:95:e9:eb:82:e8:86:3f:46:c0:
75:54:7a:33:ef:da:83:cf:b8:f7:3e:59:23:27:65:
f1:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:1A:53:A6:05:BA:E2:D4:85:B9:A4:B4:A5:B2:A5:F3:DA:29:B2:AF
X509v3 Authority Key Identifier:
keyid:93:B2:98:19:78:88:56:96:CE:1C:2B:BF:4A:F9:9D:AD:C2:C6:18:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k7KYGXiIVpbOHCu_SvmdrcLGGOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/GhpTpgW64tSFuaS0pbKl89opsq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/k7KYGXiIVpbOHCu_SvmdrcLGGOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.168.0/21
45.137.184.0/22
81.173.12.0/22
91.216.236.0/24
91.216.241.0/24
93.119.24.0/22
144.2.240.0/21
159.253.224.0/22
185.32.152.0/22
185.57.100.0/22
185.122.132.0/22
185.156.196.0/22
IPv6:
2a04:b00::/29
Signature Algorithm: sha256WithRSAEncryption
9c:c6:12:0b:03:33:c9:b9:8d:d7:97:e7:d7:81:12:4e:22:5f:
d9:6c:6e:1b:8d:ed:5f:98:a3:c3:ba:59:e6:64:be:5f:89:bb:
c7:cf:6b:26:d8:91:be:c3:83:74:bb:91:a2:b5:21:21:6b:87:
ae:65:78:9f:93:2f:3d:af:93:2a:34:c5:b3:a1:29:32:20:a4:
92:fc:94:32:b3:ee:7c:47:c7:14:78:7b:1b:8a:91:fe:65:2f:
ab:d8:bb:36:e6:38:fd:9b:b9:63:3c:8a:46:a4:b5:46:48:78:
25:af:84:4f:04:0e:ba:95:72:a2:03:c2:39:46:40:bb:ce:03:
d3:ca:12:f1:08:79:f8:07:ea:e7:7a:26:89:8a:c6:b5:8b:8a:
51:b7:8f:7d:86:45:a2:36:cc:3d:d2:fc:7f:ab:ac:8e:02:e2:
b3:90:96:98:e2:35:20:da:44:c8:96:24:0e:9e:6b:15:1f:f7:
78:e2:56:31:11:09:cf:9a:03:5c:81:65:43:e6:33:3a:8b:39:
70:bb:a4:bd:bf:a0:ab:46:08:ae:04:b3:6f:c7:55:64:96:30:
7c:a7:e4:4f:e7:8e:05:cf:7c:4a:03:ca:67:08:71:83:0d:92:
fb:56:e6:81:ee:b2:9b:4f:c1:2f:ab:38:06:93:cc:87:ca:18:
69:71:58:38
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZQks4kjbZhcyvbehplx1eoHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYjI5ODE5Nzg4ODU2OTZjZTFjMmJiZjRhZjk5ZGFkYzJj
NjE4ZWIwHhcNMjUwMTAyMDE0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTFhNTNhNjA1YmFlMmQ0ODViOWE0YjRhNWIyYTVmM2RhMjliMmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzC+2+9kVZsj48pN0o1f/OB+Ys+9X
VkpEukHkih7jiqR0h1Dipt2L8xW6uqvyPLIbhK2xoKPGK/cgsRJbW4coETEdER21
Hh+O7lDnkSRiO3XYg45+QXux42nzd9Z6kaK0/Dj5PhnC1fgTgL6bwUyq3Wqzsqrn
+/rdCK+vbCwzTQ8yynIh4jMjTAiO4ml57Zo8HENs6Dr/USXo5oA6dU7VJeZlsU2V
HsnOP7WwwpipDPbQLZkwh9+PXVBdwHdQOsxwMMFTkc66ytWp1Ucv04DgE5fb0Ssl
2Y9A5yl1HvnoYkCDG9BzW5+V6euC6IY/RsB1VHoz79qDz7j3PlkjJ2XxfQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFBoaU6YFuuLUhbmktKWypfPaKbKvMB8GA1UdIwQY
MBaAFJOymBl4iFaWzhwrv0r5na3CxhjrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazdLWUdYaUlWcGJPSEN1X1N2bWRyY0xHR09zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83OTg2YTktNGU0Ni00YzMzLTkyYzkt
MzFjOTVlMmExZDZmLzEvR2hwVHBnVzY0dFNGdWFTMHBiS2w4OW9wc3E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83OTg2YTktNGU0Ni00YzMzLTkyYzktMzFjOTVlMmExZDZm
LzEvazdLWUdYaUlWcGJPSEN1X1N2bWRyY0xHR09zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDBZWoAwQC
LYm4AwQCUa0MAwQAW9jsAwQAW9jxAwQCXXcYAwQDkALwAwQCn/3gAwQCuSCYAwQC
uTlkAwQCuXqEAwQCuZzEMA0EAgACMAcDBQMqBAsAMA0GCSqGSIb3DQEBCwUAA4IB
AQCcxhILAzPJuY3Xl+fXgRJOIl/ZbG4bje1fmKPDulnmZL5fibvHz2sm2JG+w4N0
u5GitSEha4euZXifky89r5MqNMWzoSkyIKSS/JQys+58R8cUeHsbipH+ZS+r2Ls2
5jj9m7ljPIpGpLVGSHglr4RPBA66lXKiA8I5RkC7zgPTyhLxCHn4B+rneiaJisa1
i4pRt499hkWiNsw90vx/q6yOAuKzkJaY4jUg2kTIliQOnmsVH/d44lYxEQnPmgNc
gWVD5jM6izlwu6S9v6CrRgiuBLNvx1VkljB8p+RP544Fz3xKA8pnCHGDDZL7VuaB
7rKbT8EvqzgGk8yHyhhpcVg4
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:08:51 2025 by rpki-client