Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/1434cd-a3d6-4488-8888-749e980ec0b7/1/2sc4xknukJW-o5vl5Fz96F0QucA.roa
File: 2sc4xknukJW-o5vl5Fz96F0QucA.roa (raw, json)
Hash identifier: MbYv6i++8VmdaYHm6adLazhX2ff10i5IN4qgNm5FoPs=
Subject key identifier: DA:C7:38:C6:49:EE:90:95:BE:A3:9B:E5:E4:5C:FD:E8:5D:10:B9:C0
Certificate issuer: /CN=6940258a1a68ae605c073fb583b13e1376b778a7
Certificate serial: 019421B25A8DD967F6293CDC4CD308DC1275
Authority key identifier: 69:40:25:8A:1A:68:AE:60:5C:07:3F:B5:83:B1:3E:13:76:B7:78:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aUAlihpormBcBz-1g7E-E3a3eKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/1434cd-a3d6-4488-8888-749e980ec0b7/1/2sc4xknukJW-o5vl5Fz96F0QucA.roa
Signing time: Wed 01 Jan 2025 11:48:44 +0000
ROA not before: Wed 01 Jan 2025 11:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50204
IP address blocks: 91.217.100.0/23 maxlen: 23
151.249.96.0/21 maxlen: 21
185.22.16.0/22 maxlen: 22
193.32.12.0/22 maxlen: 22
195.211.252.0/22 maxlen: 22
2a00:5fa0::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:5a:8d:d9:67:f6:29:3c:dc:4c:d3:08:dc:12:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6940258a1a68ae605c073fb583b13e1376b778a7
Validity
Not Before: Jan 1 11:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dac738c649ee9095bea39be5e45cfde85d10b9c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c3:d9:23:ae:e7:c5:8f:b9:ef:08:f7:bf:96:
b0:9a:a8:01:d6:0a:0a:64:bc:6f:0d:b7:3a:ac:b6:
3c:34:c0:52:77:f1:cd:7f:b3:b4:a9:43:00:65:f7:
0e:af:20:0d:3f:74:ed:9e:7f:5e:1e:66:ad:e5:21:
df:4c:14:01:fc:3e:9c:2e:86:bd:f9:1d:78:22:f0:
65:ec:d6:d8:2b:41:79:a0:c9:55:82:c9:e7:18:ee:
01:01:ae:6f:5e:97:ae:a4:a2:24:a6:a2:48:52:55:
ae:d2:74:68:b1:2c:6f:2a:57:a1:91:91:09:45:02:
6c:db:d4:55:78:89:e5:c2:9b:54:57:e3:a6:81:1a:
ea:96:24:e5:1c:8e:76:42:ef:36:09:0b:05:f8:63:
37:d7:52:6b:5a:1e:d8:51:a7:0b:90:61:e5:2a:41:
c1:cd:87:a6:8c:01:31:9d:68:8a:6b:61:26:92:05:
cb:98:63:d0:9d:e1:b4:88:63:b4:2f:30:20:96:72:
c0:c8:0e:d4:93:c1:b5:37:e7:33:06:15:2a:5f:29:
f6:fa:2b:12:62:a3:12:c4:aa:6b:5e:63:e8:c4:7d:
bf:ee:ad:15:71:cd:96:49:5a:d8:e0:b4:f6:7d:c4:
6c:21:32:91:75:46:d5:85:d9:6a:ca:d0:60:69:ea:
fa:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:C7:38:C6:49:EE:90:95:BE:A3:9B:E5:E4:5C:FD:E8:5D:10:B9:C0
X509v3 Authority Key Identifier:
keyid:69:40:25:8A:1A:68:AE:60:5C:07:3F:B5:83:B1:3E:13:76:B7:78:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aUAlihpormBcBz-1g7E-E3a3eKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/1434cd-a3d6-4488-8888-749e980ec0b7/1/2sc4xknukJW-o5vl5Fz96F0QucA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/1434cd-a3d6-4488-8888-749e980ec0b7/1/aUAlihpormBcBz-1g7E-E3a3eKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.100.0/23
151.249.96.0/21
185.22.16.0/22
193.32.12.0/22
195.211.252.0/22
IPv6:
2a00:5fa0::/36
Signature Algorithm: sha256WithRSAEncryption
bd:8f:f7:ff:9d:68:2c:1d:9a:02:8b:34:76:b3:c4:fa:75:60:
84:7b:78:9d:9b:e0:d2:bb:a8:66:e1:bd:e7:b0:ff:22:09:21:
0b:ca:85:29:07:d5:1c:b9:53:ee:18:6f:3d:4b:97:bf:26:a4:
53:e6:8c:5f:97:15:a5:73:cb:c4:7d:a5:a3:47:d1:de:5b:50:
3c:97:bb:2a:40:69:8b:bf:8a:e1:6c:03:05:ca:c7:19:50:84:
b5:74:f3:9b:b7:62:e0:b7:75:2d:83:a1:12:0f:ab:b3:8e:24:
dd:ef:29:aa:a1:f8:3e:e9:99:b8:85:48:1b:6e:18:c4:ff:60:
39:31:55:63:38:9f:a8:81:f1:52:e1:d8:58:40:8d:f8:81:15:
1f:24:dd:a0:ba:ed:8a:b7:b7:93:af:b5:c4:d3:f0:73:56:2c:
0d:95:24:f7:80:42:61:29:e2:44:37:9b:e0:21:e3:b0:61:6a:
23:df:95:a7:8e:58:18:f7:40:81:80:81:be:a3:9a:c5:64:67:
2e:7c:16:c7:f6:e1:bb:ee:4b:58:fa:52:d6:b1:e0:b4:8d:bf:
38:9f:22:8f:84:d4:f1:dc:4c:62:80:04:5a:97:0a:fa:82:75:
99:8b:26:0b:6a:0e:52:5a:31:c2:ab:14:d5:41:f2:13:b5:37:
da:26:0c:07
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZQhslqN2Wf2KTzcTNMI3BJ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NDAyNThhMWE2OGFlNjA1YzA3M2ZiNTgzYjEzZTEzNzZi
Nzc4YTcwHhcNMjUwMTAxMTE0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWM3MzhjNjQ5ZWU5MDk1YmVhMzliZTVlNDVjZmRlODVkMTBiOWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsPZI67nxY+57wj3v5awmqgB1goK
ZLxvDbc6rLY8NMBSd/HNf7O0qUMAZfcOryANP3Ttnn9eHmat5SHfTBQB/D6cLoa9
+R14IvBl7NbYK0F5oMlVgsnnGO4BAa5vXpeupKIkpqJIUlWu0nRosSxvKlehkZEJ
RQJs29RVeInlwptUV+OmgRrqliTlHI52Qu82CQsF+GM311JrWh7YUacLkGHlKkHB
zYemjAExnWiKa2EmkgXLmGPQneG0iGO0LzAglnLAyA7Uk8G1N+czBhUqXyn2+isS
YqMSxKprXmPoxH2/7q0Vcc2WSVrY4LT2fcRsITKRdUbVhdlqytBgaer6mQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFNrHOMZJ7pCVvqOb5eRc/ehdELnAMB8GA1UdIwQY
MBaAFGlAJYoaaK5gXAc/tYOxPhN2t3inMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVVBbGlocG9ybUJjQnotMWc3RS1FM2EzZUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8xNDM0Y2QtYTNkNi00NDg4LTg4ODgt
NzQ5ZTk4MGVjMGI3LzEvMnNjNHhrbnVrSlctbzV2bDVGejk2RjBRdWNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8xNDM0Y2QtYTNkNi00NDg4LTg4ODgtNzQ5ZTk4MGVjMGI3
LzEvYVVBbGlocG9ybUJjQnotMWc3RS1FM2EzZUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAkBAIAATAeAwQBW9lkAwQD
l/lgAwQCuRYQAwQCwSAMAwQCw9P8MA4EAgACMAgDBgQqAF+gADANBgkqhkiG9w0B
AQsFAAOCAQEAvY/3/51oLB2aAos0drPE+nVghHt4nZvg0ruoZuG957D/IgkhC8qF
KQfVHLlT7hhvPUuXvyakU+aMX5cVpXPLxH2lo0fR3ltQPJe7KkBpi7+K4WwDBcrH
GVCEtXTzm7di4Ld1LYOhEg+rs44k3e8pqqH4PumZuIVIG24YxP9gOTFVYzifqIHx
UuHYWECN+IEVHyTdoLrtire3k6+1xNPwc1YsDZUk94BCYSniRDeb4CHjsGFqI9+V
p45YGPdAgYCBvqOaxWRnLnwWx/bhu+5LWPpS1rHgtI2/OJ8ij4TU8dxMYoAEWpcK
+oJ1mYsmC2oOUloxwqsU1UHyE7U32iYMBw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:09:07 2025 by rpki-client