Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/RO_vqVjc-WToTVgA2LecnPN6dt0.roa
File: RO_vqVjc-WToTVgA2LecnPN6dt0.roa (raw, json)
Hash identifier: jWGNKA1BOvpll3zjMK7kK32ayXj4dMaMQ6dbhZt9Q8o=
Subject key identifier: 44:EF:EF:A9:58:DC:F9:64:E8:4D:58:00:D8:B7:9C:9C:F3:7A:76:DD
Certificate issuer: /CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Certificate serial: 0194991B3D0982819001B81F7407AADFC94B
Authority key identifier: 30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/RO_vqVjc-WToTVgA2LecnPN6dt0.roa
Signing time: Fri 24 Jan 2025 16:18:06 +0000
ROA not before: Fri 24 Jan 2025 16:18:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204679
IP address blocks: 193.59.78.0/23 maxlen: 24
194.181.179.0/24 maxlen: 24
195.164.128.0/17 maxlen: 24
195.164.128.0/18 maxlen: 18
195.164.192.0/18 maxlen: 18
2001:a17::/32 maxlen: 48
2001:a17:fffa::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:99:1b:3d:09:82:81:90:01:b8:1f:74:07:aa:df:c9:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Validity
Not Before: Jan 24 16:18:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=44efefa958dcf964e84d5800d8b79c9cf37a76dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:c1:5b:e6:60:39:ea:b1:47:e6:c1:e5:6d:cf:
8a:8a:db:79:99:50:92:ea:8e:ce:70:4a:cf:e5:80:
09:a9:a5:5c:c9:98:66:ba:24:ca:88:0d:85:c2:36:
9f:d7:90:16:9a:9f:97:27:82:53:f0:aa:b0:60:a7:
2d:76:28:3b:f9:2f:6c:3d:ae:25:60:10:fb:18:3b:
c8:3a:72:33:03:06:b5:39:e3:0a:96:a6:f6:cb:a0:
00:5b:0d:61:90:73:b6:ce:46:b4:25:a5:9c:5e:ab:
32:a4:32:cc:b1:e1:cf:32:b6:64:3c:2c:0d:07:d5:
a1:9a:e1:2b:76:15:1c:3c:6e:ce:b0:5e:46:0d:b9:
9c:ea:fc:4e:ef:f6:7a:d2:49:97:e0:d8:43:1c:ad:
4b:6d:dc:0a:a3:13:42:7b:b9:b4:ef:ac:7c:eb:4c:
d4:f6:5d:7f:1f:5c:9b:bf:17:40:01:f9:e9:e3:17:
9e:3c:02:7d:60:43:fa:26:80:e1:4a:bc:ef:ca:75:
7d:ee:77:5e:57:a8:aa:7b:cc:46:41:fa:f0:40:c8:
73:05:d6:11:af:9e:79:f0:c1:66:38:50:93:20:0d:
2a:3a:b6:ee:e9:2b:86:45:f8:4f:56:27:fc:c4:6e:
b2:1e:3e:0a:50:7a:b0:6e:27:87:5a:73:ad:f2:0b:
5d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:EF:EF:A9:58:DC:F9:64:E8:4D:58:00:D8:B7:9C:9C:F3:7A:76:DD
X509v3 Authority Key Identifier:
keyid:30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/RO_vqVjc-WToTVgA2LecnPN6dt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.59.78.0/23
194.181.179.0/24
195.164.128.0/17
IPv6:
2001:a17::/32
Signature Algorithm: sha256WithRSAEncryption
86:e7:d0:df:35:a7:d3:9b:fe:da:03:32:c3:3b:85:66:fd:dc:
b0:e8:24:d6:1d:54:00:5a:20:fd:a4:b9:2b:a5:aa:9b:7a:c4:
62:4d:ee:89:ae:13:e8:83:5e:00:31:13:9b:38:41:99:23:11:
ab:76:6b:3a:94:5c:18:c1:5b:14:22:c8:f1:24:bf:8e:02:47:
04:9a:6e:73:71:fa:cb:33:b7:f5:13:cb:5e:78:c5:93:4b:32:
37:02:2e:ce:c2:e1:88:6f:c5:b8:e4:6e:c4:ba:08:53:e0:a0:
f2:e9:1f:15:5b:7b:b7:33:43:1d:0a:04:cf:d9:0c:7d:11:6d:
c3:e5:cb:0b:88:9f:9c:a3:d8:1b:46:45:9d:63:ad:72:88:75:
9c:ce:c1:cd:02:86:ad:4f:ce:ac:e3:0f:b5:84:54:d6:42:78:
5d:1d:5e:af:2c:0d:1b:1b:85:d2:9c:2e:88:c8:ee:1c:0d:ac:
af:43:76:74:71:d3:e9:9a:f9:c1:9a:80:32:2d:6b:b2:0f:14:
4a:ec:43:56:6b:86:68:fd:dd:90:a6:e3:45:b5:9a:82:98:d7:
8f:5d:4b:3d:1b:aa:85:8e:2f:52:46:b8:59:ba:15:96:88:86:
f2:65:9a:24:5d:69:db:6b:2f:ef:30:7b:3f:18:56:e2:97:7f:
ab:fd:42:1e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZSZGz0JgoGQAbgfdAeq38lLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYzQwOTYxM2ZlYTBhMmI0NDJjZTExMmU5Y2JkYjQ4NWUw
MTE4OGYwHhcNMjUwMTI0MTYxODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGVmZWZhOTU4ZGNmOTY0ZTg0ZDU4MDBkOGI3OWM5Y2YzN2E3NmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2cFb5mA56rFH5sHlbc+Kitt5mVCS
6o7OcErP5YAJqaVcyZhmuiTKiA2Fwjaf15AWmp+XJ4JT8KqwYKctdig7+S9sPa4l
YBD7GDvIOnIzAwa1OeMKlqb2y6AAWw1hkHO2zka0JaWcXqsypDLMseHPMrZkPCwN
B9WhmuErdhUcPG7OsF5GDbmc6vxO7/Z60kmX4NhDHK1LbdwKoxNCe7m076x860zU
9l1/H1ybvxdAAfnp4xeePAJ9YEP6JoDhSrzvynV97ndeV6iqe8xGQfrwQMhzBdYR
r5558MFmOFCTIA0qOrbu6SuGRfhPVif8xG6yHj4KUHqwbieHWnOt8gtdpQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFETv76lY3Plk6E1YANi3nJzzenbdMB8GA1UdIwQY
MBaAFDDECWE/6gorRCzhEunL20heARiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYt
YzA2NzFiZjRjZjNlLzEvUk9fdnFWamMtV1RvVFZnQTJMZWNuUE42ZHQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYtYzA2NzFiZjRjZjNl
LzEvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBwTtOAwQA
wrWzAwQHw6SAMA0EAgACMAcDBQAgAQoXMA0GCSqGSIb3DQEBCwUAA4IBAQCG59Df
NafTm/7aAzLDO4Vm/dyw6CTWHVQAWiD9pLkrpaqbesRiTe6JrhPog14AMRObOEGZ
IxGrdms6lFwYwVsUIsjxJL+OAkcEmm5zcfrLM7f1E8teeMWTSzI3Ai7OwuGIb8W4
5G7EughT4KDy6R8VW3u3M0MdCgTP2Qx9EW3D5csLiJ+co9gbRkWdY61yiHWczsHN
AoatT86s4w+1hFTWQnhdHV6vLA0bG4XSnC6IyO4cDayvQ3Z0cdPpmvnBmoAyLWuy
DxRK7ENWa4Zo/d2QpuNFtZqCmNePXUs9G6qFji9SRrhZuhWWiIbyZZokXWnbay/v
MHs/GFbil3+r/UIe
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:42:17 2025 by rpki-client