Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/0_AeaKw5Lx77FU76al_2NiDdcHY.roa
File: 0_AeaKw5Lx77FU76al_2NiDdcHY.roa (raw, json)
Hash identifier: 4e5qL2j2fuVTCIFHhby4RQ1TswvL9aUyPyoBCZSy8CU=
Subject key identifier: D3:F0:1E:68:AC:39:2F:1E:FB:15:4E:FA:6A:5F:F6:36:20:DD:70:76
Certificate issuer: /CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Certificate serial: 0194244512EA2DFA2B702F9280EBDA28A847
Authority key identifier: 30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/0_AeaKw5Lx77FU76al_2NiDdcHY.roa
Signing time: Wed 01 Jan 2025 23:48:14 +0000
ROA not before: Wed 01 Jan 2025 23:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31167
IP address blocks: 85.14.128.0/18 maxlen: 18
85.14.131.0/24 maxlen: 24
85.14.153.0/24 maxlen: 24
109.74.80.0/20 maxlen: 20
109.74.90.0/24 maxlen: 24
217.119.176.0/20 maxlen: 20
217.171.16.0/20 maxlen: 20
217.171.27.0/24 maxlen: 24
2a00:1788::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:12:ea:2d:fa:2b:70:2f:92:80:eb:da:28:a8:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Validity
Not Before: Jan 1 23:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d3f01e68ac392f1efb154efa6a5ff63620dd7076
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:76:72:8e:2b:22:ec:bf:0b:b6:49:87:33:27:
37:07:3d:9e:98:6a:55:69:2d:f2:87:e2:50:f8:f0:
2c:25:25:cc:1b:7a:42:c1:c3:e6:c3:27:e4:2e:1a:
a5:19:35:8a:00:5b:84:69:68:b6:1e:34:9f:a8:1c:
93:7b:69:af:63:a4:c9:7e:f9:f8:bc:e6:aa:fa:93:
2b:40:e5:86:63:c8:46:f9:b5:fa:bf:60:c8:e1:8d:
74:12:58:1b:29:20:e0:81:34:06:01:cc:83:0d:15:
af:4a:ed:50:44:c5:57:60:04:65:c4:e5:ad:fe:cc:
a2:da:03:75:2b:bd:22:da:8a:3b:20:aa:25:fc:c8:
37:20:8b:14:e0:8b:a1:7d:bb:64:16:33:71:b0:ba:
8f:d6:e8:4f:63:0c:e3:b1:18:e0:06:77:ce:8f:31:
49:a0:09:b7:86:7f:5a:52:64:44:11:45:a1:1f:24:
82:7d:53:6f:71:6c:88:d9:44:f9:79:68:ea:73:50:
e9:af:5d:4a:4f:c1:32:dc:a5:af:0d:82:d1:3e:1d:
8a:b3:c4:6f:3f:ec:10:a3:a0:34:dd:db:7e:9b:41:
92:4d:8b:55:8b:ab:c5:05:81:e1:58:4a:38:91:4b:
ec:fe:df:d8:85:06:1f:a7:aa:a1:8c:0d:11:28:e4:
36:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:F0:1E:68:AC:39:2F:1E:FB:15:4E:FA:6A:5F:F6:36:20:DD:70:76
X509v3 Authority Key Identifier:
keyid:30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/0_AeaKw5Lx77FU76al_2NiDdcHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/MH2IfALgfJ5HTR-OIQScqmzj-9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.14.128.0/18
109.74.80.0/20
217.119.176.0/20
217.171.16.0/20
IPv6:
2a00:1788::/32
Signature Algorithm: sha256WithRSAEncryption
2a:60:17:46:99:fb:fe:f7:4e:e5:0c:c5:24:60:d5:8b:f9:fb:
cf:f9:c4:3f:3b:de:e7:04:2c:b2:b5:86:16:61:47:82:15:45:
24:4c:de:78:b0:02:43:a5:14:f2:b6:c1:6d:bf:fa:a9:fe:e4:
fe:83:15:f3:5b:48:d8:7e:b2:24:f0:83:94:2a:b8:d7:4b:8f:
c9:4a:fc:57:be:8c:f6:b2:6f:a7:51:8d:42:20:94:28:57:08:
94:d3:7f:e5:95:7b:3a:50:ba:1b:94:5e:b2:48:10:17:7d:50:
43:ac:56:6f:f6:04:42:db:32:74:3c:19:52:69:af:60:17:2b:
fa:b1:55:d0:47:ec:f6:7f:5a:b3:84:73:a9:de:1e:11:8b:dd:
6a:3c:10:e9:f3:19:7b:58:d5:5a:77:65:cf:80:3c:63:8f:d6:
ac:ce:34:a6:9d:10:68:88:e1:c9:db:79:fe:af:4d:3c:d1:e0:
46:06:73:1b:9e:4f:4b:65:fc:5a:1f:68:f8:66:a5:3f:eb:af:
ce:e2:28:19:0d:32:b5:f6:85:06:f9:6a:41:0e:bc:53:5f:3e:
fc:45:26:70:b5:45:85:93:4c:33:0e:e0:b4:35:d5:5a:64:1a:
ad:aa:50:a8:0a:49:ab:3d:f1:af:1b:d4:a5:7b:09:4f:18:2c:
9d:24:f9:0c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQkRRLqLforcC+SgOvaKKhHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Q4ODdjMDJlMDdjOWU0NzRkMWY4ZTIxMDQ5Y2FhNmNl
M2ZiZDMwHhcNMjUwMTAxMjM0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2YwMWU2OGFjMzkyZjFlZmIxNTRlZmE2YTVmZjYzNjIwZGQ3MDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnZyjisi7L8LtkmHMyc3Bz2emGpV
aS3yh+JQ+PAsJSXMG3pCwcPmwyfkLhqlGTWKAFuEaWi2HjSfqByTe2mvY6TJfvn4
vOaq+pMrQOWGY8hG+bX6v2DI4Y10ElgbKSDggTQGAcyDDRWvSu1QRMVXYARlxOWt
/syi2gN1K70i2oo7IKol/Mg3IIsU4IuhfbtkFjNxsLqP1uhPYwzjsRjgBnfOjzFJ
oAm3hn9aUmREEUWhHySCfVNvcWyI2UT5eWjqc1Dpr11KT8Ey3KWvDYLRPh2Ks8Rv
P+wQo6A03dt+m0GSTYtVi6vFBYHhWEo4kUvs/t/YhQYfp6qhjA0RKOQ2tQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNPwHmisOS8e+xVO+mpf9jYg3XB2MB8GA1UdIwQY
MBaAFDB9iHwC4HyeR00fjiEEnKps4/vTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUgySWZBTGdmSjVIVFItT0lRU2NxbXpqLTlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9iMjBkODMtNjEyYy00YjYyLTk3YTMt
MWE1ZTVmMTkxYmZhLzEvMF9BZWFLdzVMeDc3RlU3NmFsXzJOaURkY0hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9iMjBkODMtNjEyYy00YjYyLTk3YTMtMWE1ZTVmMTkxYmZh
LzEvTUgySWZBTGdmSjVIVFItT0lRU2NxbXpqLTlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGVQ6AAwQE
bUpQAwQE2XewAwQE2asQMA0EAgACMAcDBQAqABeIMA0GCSqGSIb3DQEBCwUAA4IB
AQAqYBdGmfv+907lDMUkYNWL+fvP+cQ/O97nBCyytYYWYUeCFUUkTN54sAJDpRTy
tsFtv/qp/uT+gxXzW0jYfrIk8IOUKrjXS4/JSvxXvoz2sm+nUY1CIJQoVwiU03/l
lXs6ULoblF6ySBAXfVBDrFZv9gRC2zJ0PBlSaa9gFyv6sVXQR+z2f1qzhHOp3h4R
i91qPBDp8xl7WNVad2XPgDxjj9aszjSmnRBoiOHJ23n+r0080eBGBnMbnk9LZfxa
H2j4ZqU/66/O4igZDTK19oUG+WpBDrxTXz78RSZwtUWFk0wzDuC0NdVaZBqtqlCo
CkmrPfGvG9SlewlPGCydJPkM
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:59:03 2025 by rpki-client