Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/308179-be69-4c10-8694-fbd399a4475e/1/1-UL9cqmZR86h5znGrLr9rng1OoA.roa
File: 1-UL9cqmZR86h5znGrLr9rng1OoA.roa (raw, json)
Hash identifier: E9P7J2BtII/1SfdjE4hkF/I8cNTQ+7Tkvjo9UHiDiQ4=
Subject key identifier: F9:42:FD:72:A9:99:47:CE:A1:E7:39:C6:AC:BA:FD:AE:78:35:3A:80
Certificate issuer: /CN=34d519247402bcfbdf0ece9020ad64622e9d3bae
Certificate serial: 0194236A21788C503ABFD56A35E507A73A8C
Authority key identifier: 34:D5:19:24:74:02:BC:FB:DF:0E:CE:90:20:AD:64:62:2E:9D:3B:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NNUZJHQCvPvfDs6QIK1kYi6dO64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/308179-be69-4c10-8694-fbd399a4475e/1/1-UL9cqmZR86h5znGrLr9rng1OoA.roa
Signing time: Wed 01 Jan 2025 19:49:05 +0000
ROA not before: Wed 01 Jan 2025 19:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204144
IP address blocks: 185.41.204.0/23 maxlen: 23
185.107.252.0/22 maxlen: 22
185.108.212.0/22 maxlen: 22
185.111.164.0/22 maxlen: 22
185.112.236.0/22 maxlen: 22
185.113.72.0/22 maxlen: 22
185.113.76.0/22 maxlen: 22
185.163.236.0/22 maxlen: 22
185.236.216.0/23 maxlen: 23
185.236.218.0/23 maxlen: 23
188.114.208.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:21:78:8c:50:3a:bf:d5:6a:35:e5:07:a7:3a:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34d519247402bcfbdf0ece9020ad64622e9d3bae
Validity
Not Before: Jan 1 19:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f942fd72a99947cea1e739c6acbafdae78353a80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b6:ab:5f:7f:ce:1c:41:e1:ef:bb:fb:2d:36:
7f:42:31:94:e3:10:89:fc:b3:ef:0f:cd:e8:e1:95:
93:4f:ae:5e:b3:14:9e:f4:ca:41:6f:a1:ea:c0:40:
5d:a7:ec:f3:6f:cb:56:f5:ed:14:8f:ff:6e:55:6c:
21:bc:01:1f:7f:85:b6:38:7f:87:dd:28:e5:6c:6e:
39:5e:4c:70:b4:8a:17:1a:5b:5f:33:95:4a:00:be:
6a:2d:cf:24:32:3a:bc:d7:3f:f0:0c:a5:26:e6:46:
c6:b7:a7:e2:ec:d4:42:59:e0:f0:0d:ca:96:8b:08:
b5:c5:5c:c2:f7:48:e4:af:94:b2:0c:6e:e7:50:ee:
e4:ac:27:0f:48:2c:54:3e:8b:c2:06:e0:ca:8e:a3:
ba:86:15:cd:db:48:a6:37:66:00:b4:7b:26:50:11:
fb:09:51:f0:23:ee:63:5e:c8:3b:49:7c:c4:62:75:
5b:eb:b0:7c:65:97:2c:4b:6b:6a:73:31:e8:50:f2:
0a:21:e8:c0:fd:c8:cd:b0:bf:0e:05:c5:5c:aa:54:
1d:bc:94:87:5f:8b:33:98:c1:9c:91:b1:7b:57:73:
ba:96:a1:fd:a8:b7:f6:0e:63:f3:58:44:77:90:45:
53:e4:fe:5c:83:5c:d7:31:d1:24:8b:97:f8:fa:1b:
6a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:42:FD:72:A9:99:47:CE:A1:E7:39:C6:AC:BA:FD:AE:78:35:3A:80
X509v3 Authority Key Identifier:
keyid:34:D5:19:24:74:02:BC:FB:DF:0E:CE:90:20:AD:64:62:2E:9D:3B:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NNUZJHQCvPvfDs6QIK1kYi6dO64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/308179-be69-4c10-8694-fbd399a4475e/1/1-UL9cqmZR86h5znGrLr9rng1OoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/308179-be69-4c10-8694-fbd399a4475e/1/NNUZJHQCvPvfDs6QIK1kYi6dO64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.41.204.0/23
185.107.252.0/22
185.108.212.0/22
185.111.164.0/22
185.112.236.0/22
185.113.72.0/21
185.163.236.0/22
185.236.216.0/22
188.114.208.0/20
Signature Algorithm: sha256WithRSAEncryption
09:2b:58:3b:8e:04:6e:58:9b:5c:41:92:48:81:16:be:bc:6c:
e5:36:03:3f:dc:4b:5c:15:35:1c:ef:de:a2:66:51:69:3b:3f:
2e:06:8f:3f:7f:69:da:b1:88:67:bc:09:07:d9:fe:6d:ec:63:
ab:44:9e:07:19:e3:6c:4d:2a:83:f8:5c:7e:1d:b9:87:7e:b0:
86:60:77:ab:6e:20:7f:c4:b7:69:3f:95:a5:8d:df:7b:e5:89:
7c:0b:29:03:35:54:f3:0f:ac:e3:a2:84:61:b7:5e:ac:b3:6a:
2c:56:3b:1f:71:b5:91:ef:77:de:a0:e0:4f:5c:16:4f:08:c4:
eb:a8:37:a2:1f:b8:15:73:da:7a:2b:e6:da:15:af:bc:a8:cf:
78:f3:32:9a:16:cc:c1:a0:c4:aa:2b:23:fb:43:74:a4:cf:13:
1c:84:fd:80:be:04:b0:3f:06:f3:25:8c:7b:7e:22:38:6a:ff:
2c:6a:52:36:bc:46:e2:3b:a8:57:f0:95:f6:d8:d6:0c:f2:e1:
31:36:53:65:a1:2b:5d:a9:b0:93:5a:f8:36:55:fc:78:0b:b2:
dc:14:c7:98:59:86:91:ae:a7:a6:eb:40:eb:b9:e2:79:c7:7d:
3a:39:4d:9d:b9:bf:84:3f:32:c9:15:e5:57:13:ee:d3:cc:74:
46:75:6e:8b
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZQjaiF4jFA6v9VqNeUHpzqMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZDUxOTI0NzQwMmJjZmJkZjBlY2U5MDIwYWQ2NDYyMmU5
ZDNiYWUwHhcNMjUwMTAxMTk0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTQyZmQ3MmE5OTk0N2NlYTFlNzM5YzZhY2JhZmRhZTc4MzUzYTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7arX3/OHEHh77v7LTZ/QjGU4xCJ
/LPvD83o4ZWTT65esxSe9MpBb6HqwEBdp+zzb8tW9e0Uj/9uVWwhvAEff4W2OH+H
3SjlbG45XkxwtIoXGltfM5VKAL5qLc8kMjq81z/wDKUm5kbGt6fi7NRCWeDwDcqW
iwi1xVzC90jkr5SyDG7nUO7krCcPSCxUPovCBuDKjqO6hhXN20imN2YAtHsmUBH7
CVHwI+5jXsg7SXzEYnVb67B8ZZcsS2tqczHoUPIKIejA/cjNsL8OBcVcqlQdvJSH
X4szmMGckbF7V3O6lqH9qLf2DmPzWER3kEVT5P5cg1zXMdEki5f4+htqXQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFPlC/XKpmUfOoec5xqy6/a54NTqAMB8GA1UdIwQY
MBaAFDTVGSR0Arz73w7OkCCtZGIunTuuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk5VWkpIUUN2UHZmRHM2UUlLMWtZaTZkTzY0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8zMDgxNzktYmU2OS00YzEwLTg2OTQt
ZmJkMzk5YTQ0NzVlLzEvMS1VTDljcW1aUjg2aDV6bkdyTHI5cm5nMU9vQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjIvMzA4MTc5LWJlNjktNGMxMC04Njk0LWZiZDM5OWE0NDc1
ZS8xL05OVVpKSFFDdlB2ZkRzNlFJSzFrWWk2ZE82NC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBPBggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAbkpzAME
Arlr/AMEArls1AMEArlvpAMEArlw7AMEA7lxSAMEArmj7AMEArns2AMEBLxy0DAN
BgkqhkiG9w0BAQsFAAOCAQEACStYO44EblibXEGSSIEWvrxs5TYDP9xLXBU1HO/e
omZRaTs/LgaPP39p2rGIZ7wJB9n+bexjq0SeBxnjbE0qg/hcfh25h36whmB3q24g
f8S3aT+VpY3fe+WJfAspAzVU8w+s46KEYbderLNqLFY7H3G1ke933qDgT1wWTwjE
66g3oh+4FXPaeivm2hWvvKjPePMymhbMwaDEqisj+0N0pM8THIT9gL4EsD8G8yWM
e34iOGr/LGpSNrxG4juoV/CV9tjWDPLhMTZTZaErXamwk1r4NlX8eAuy3BTHmFmG
ka6nputA67niecd9OjlNnbm/hD8yyRXlVxPu08x0RnVuiw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:17:35 2025 by rpki-client