Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/Aqln2oXW1vmV-PUzF6Cd9Q8xD70.roa
File: Aqln2oXW1vmV-PUzF6Cd9Q8xD70.roa (raw, json)
Hash identifier: KUC6ZVgJ309wVObTlhs383nGmhCFSSEIPpt/KXrwLus=
Subject key identifier: 02:A9:67:DA:85:D6:D6:F9:95:F8:F5:33:17:A0:9D:F5:0F:31:0F:BD
Certificate issuer: /CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Certificate serial: 019427B60B27A0F24CE92D61560BB669D5D8
Authority key identifier: 23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/Aqln2oXW1vmV-PUzF6Cd9Q8xD70.roa
Signing time: Thu 02 Jan 2025 15:50:29 +0000
ROA not before: Thu 02 Jan 2025 15:50:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8491
IP address blocks: 81.95.32.0/20 maxlen: 20
81.95.42.0/24 maxlen: 24
81.95.46.0/24 maxlen: 24
82.194.224.0/19 maxlen: 19
82.194.232.0/24 maxlen: 24
82.194.237.0/24 maxlen: 24
87.238.96.0/21 maxlen: 21
87.238.101.0/24 maxlen: 24
89.188.160.0/19 maxlen: 19
2a03:8640::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:0b:27:a0:f2:4c:e9:2d:61:56:0b:b6:69:d5:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Validity
Not Before: Jan 2 15:50:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=02a967da85d6d6f995f8f53317a09df50f310fbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e9:cf:a6:4d:d6:82:f2:bf:c3:be:02:0e:ec:
81:93:9d:f0:31:dd:79:79:06:36:a1:32:95:eb:2a:
49:b8:b1:56:90:eb:2c:0d:3e:11:18:9f:42:46:c9:
f5:0d:6d:21:d0:bd:e3:28:d6:52:c2:c4:38:a0:03:
23:98:0b:30:94:d0:66:d2:89:c0:b7:a3:f9:c2:85:
7e:4b:4e:d9:69:ac:be:58:6b:50:30:a7:9e:97:64:
09:d9:d7:c1:0a:d9:11:49:64:2a:49:0b:d0:76:1a:
68:44:67:3f:c4:9a:81:63:72:72:95:27:9b:d0:d4:
70:c1:96:3d:e7:58:7a:22:da:5e:be:1c:8e:23:a0:
13:48:2c:65:23:8d:92:eb:78:03:4c:c6:cc:0a:a3:
25:7e:9e:8e:3f:93:e3:b5:07:2f:a0:31:1c:cc:46:
6a:a1:f4:f0:fb:67:e1:68:76:24:92:45:5b:66:5e:
56:03:d9:11:65:28:7c:96:aa:9d:c3:cf:79:e0:d3:
c5:b2:f4:7a:bc:d9:ed:e3:fc:61:37:b0:41:93:58:
96:f8:a8:7b:6b:7f:0c:6a:b5:27:25:e3:44:42:01:
40:ce:8c:cd:08:d4:da:33:0f:6e:97:9d:33:50:78:
a8:68:b5:5c:f4:61:e2:03:33:e0:9d:d1:ee:73:52:
fc:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:A9:67:DA:85:D6:D6:F9:95:F8:F5:33:17:A0:9D:F5:0F:31:0F:BD
X509v3 Authority Key Identifier:
keyid:23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/Aqln2oXW1vmV-PUzF6Cd9Q8xD70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.95.32.0/20
82.194.224.0/19
87.238.96.0/21
89.188.160.0/19
IPv6:
2a03:8640::/32
Signature Algorithm: sha256WithRSAEncryption
75:24:5c:91:b0:bd:2a:93:b0:05:30:b0:51:83:ca:91:ea:49:
89:81:2d:b1:bd:e2:24:1c:eb:79:ea:64:28:9f:3b:82:f8:6b:
a9:42:54:74:c6:fd:52:8f:cf:9b:ce:5d:e6:bb:4e:51:af:25:
5d:16:45:e7:cf:ea:41:21:6d:08:2b:71:f8:54:b4:27:ee:51:
c1:6e:be:71:e3:70:7f:b1:4d:b2:0d:a9:87:ee:61:34:5b:d1:
11:6f:31:f5:be:e4:13:f5:0d:c7:14:b5:62:3d:50:fa:ca:cf:
36:7e:ca:3f:9f:ca:17:91:e3:ec:c3:37:2f:7d:fa:5f:a0:a5:
27:66:78:08:eb:87:2c:97:59:cc:1c:cf:ea:7a:2f:6b:8d:f2:
5c:c0:62:eb:4c:06:93:b8:7f:5d:5b:5d:41:50:17:b3:d8:d5:
0a:75:b9:e7:03:ba:75:a5:8f:a0:10:f7:ac:bc:b9:d7:90:24:
ee:41:7f:ad:90:d2:d0:c4:87:6c:50:6b:cb:a1:09:2e:57:55:
9a:0d:f5:78:d5:86:61:80:3f:2b:52:40:2f:80:80:27:f0:e7:
c1:72:4d:b8:8c:83:0a:19:09:cc:ec:a5:60:81:9b:af:56:b8:
b2:8f:f1:e9:50:91:ce:81:5a:62:76:72:47:e5:68:4b:99:a2:
1a:52:91:10
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQntgsnoPJM6S1hVgu2adXYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZTNkOTJiZmUxNjYxOWNhNTAwYzAzMjY3ZWZmYTlhYTdj
YTBjNDcwHhcNMjUwMTAyMTU1MDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmE5NjdkYTg1ZDZkNmY5OTVmOGY1MzMxN2EwOWRmNTBmMzEwZmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuunPpk3WgvK/w74CDuyBk53wMd15
eQY2oTKV6ypJuLFWkOssDT4RGJ9CRsn1DW0h0L3jKNZSwsQ4oAMjmAswlNBm0onA
t6P5woV+S07Zaay+WGtQMKeel2QJ2dfBCtkRSWQqSQvQdhpoRGc/xJqBY3JylSeb
0NRwwZY951h6ItpevhyOI6ATSCxlI42S63gDTMbMCqMlfp6OP5PjtQcvoDEczEZq
ofTw+2fhaHYkkkVbZl5WA9kRZSh8lqqdw8954NPFsvR6vNnt4/xhN7BBk1iW+Kh7
a38MarUnJeNEQgFAzozNCNTaMw9ul50zUHioaLVc9GHiAzPgndHuc1L8yQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAKpZ9qF1tb5lfj1MxegnfUPMQ+9MB8GA1UdIwQY
MBaAFCPj2Sv+FmGcpQDAMmfv+pqnygxHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYt
ZjFiZjBjMzNhOTA4LzEvQXFsbjJvWFcxdm1WLVBVekY2Q2Q5UTh4RDcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYtZjFiZjBjMzNhOTA4
LzEvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUV8gAwQF
UsLgAwQDV+5gAwQFWbygMA0EAgACMAcDBQAqA4ZAMA0GCSqGSIb3DQEBCwUAA4IB
AQB1JFyRsL0qk7AFMLBRg8qR6kmJgS2xveIkHOt56mQonzuC+GupQlR0xv1Sj8+b
zl3mu05RryVdFkXnz+pBIW0IK3H4VLQn7lHBbr5x43B/sU2yDamH7mE0W9ERbzH1
vuQT9Q3HFLViPVD6ys82fso/n8oXkePswzcvffpfoKUnZngI64csl1nMHM/qei9r
jfJcwGLrTAaTuH9dW11BUBez2NUKdbnnA7p1pY+gEPesvLnXkCTuQX+tkNLQxIds
UGvLoQkuV1WaDfV41YZhgD8rUkAvgIAn8OfBck24jIMKGQnM7KVggZuvVriyj/Hp
UJHOgVpidnJH5WhLmaIaUpEQ
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:14:59 2025 by rpki-client