Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/62631b-fdf3-413f-8f22-ece088f01827/1/pWYU_3rSNo7EOhyAYaHN6usNBI0.roa
File: pWYU_3rSNo7EOhyAYaHN6usNBI0.roa (raw, json)
Hash identifier: KeYaihRxFR7GfUW9GuvXnSgoYdgkOnmiGNfHnpBGPBE=
Subject key identifier: A5:66:14:FF:7A:D2:36:8E:C4:3A:1C:80:61:A1:CD:EA:EB:0D:04:8D
Certificate issuer: /CN=95380935e7e8a21ec32b65a7fc4ed7d468278521
Certificate serial: 019423D7E9D2659AF61D1824CEB2BE3BCFCC
Authority key identifier: 95:38:09:35:E7:E8:A2:1E:C3:2B:65:A7:FC:4E:D7:D4:68:27:85:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lTgJNefooh7DK2Wn_E7X1GgnhSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/62631b-fdf3-413f-8f22-ece088f01827/1/pWYU_3rSNo7EOhyAYaHN6usNBI0.roa
Signing time: Wed 01 Jan 2025 21:49:00 +0000
ROA not before: Wed 01 Jan 2025 21:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33915
IP address blocks: 148.200.0.0/21 maxlen: 21
148.200.14.0/24 maxlen: 24
148.200.140.0/22 maxlen: 22
148.200.240.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:e9:d2:65:9a:f6:1d:18:24:ce:b2:be:3b:cf:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95380935e7e8a21ec32b65a7fc4ed7d468278521
Validity
Not Before: Jan 1 21:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a56614ff7ad2368ec43a1c8061a1cdeaeb0d048d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c6:98:69:ab:ac:9c:7f:82:a2:58:e1:2a:c7:
ec:13:2b:56:1a:78:2c:2f:f5:26:d8:3c:c8:bb:8e:
b6:be:3b:44:bd:a5:60:ad:40:00:cb:a8:b5:6c:08:
97:d1:e7:3e:70:07:73:fa:48:f3:d3:3b:57:cb:54:
d1:80:73:26:85:54:85:05:f0:8c:d8:5e:e4:6e:54:
cf:10:2b:0d:d5:0c:38:5d:d3:ab:0b:38:2c:85:97:
fc:bf:c7:af:c1:e3:9c:90:eb:a3:e5:70:7c:26:a9:
16:0f:69:5f:cb:72:3c:66:08:cd:8d:49:c4:d9:27:
52:44:63:cf:16:d1:fb:1b:fb:37:d2:40:33:15:12:
a8:74:3d:a4:bb:b8:e1:55:10:1f:fb:97:f2:89:d7:
87:f8:c2:e9:38:67:b6:6a:b1:f6:31:4d:3a:42:55:
a3:12:9a:5a:cb:19:3a:7a:be:34:6e:df:f6:9b:e3:
b1:ef:56:20:01:53:da:d8:e5:e7:32:8a:c5:09:28:
f1:17:05:3e:3c:65:49:ad:a5:67:9c:c4:37:6a:61:
08:a4:35:97:3a:8f:72:1d:9c:e4:55:9d:5a:4d:9a:
64:f7:63:86:ca:3f:e3:e8:fc:c9:c2:ff:9c:85:5f:
61:81:89:ce:8b:3b:f0:a3:25:c3:41:ae:14:ee:ce:
86:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:66:14:FF:7A:D2:36:8E:C4:3A:1C:80:61:A1:CD:EA:EB:0D:04:8D
X509v3 Authority Key Identifier:
keyid:95:38:09:35:E7:E8:A2:1E:C3:2B:65:A7:FC:4E:D7:D4:68:27:85:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lTgJNefooh7DK2Wn_E7X1GgnhSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/62631b-fdf3-413f-8f22-ece088f01827/1/pWYU_3rSNo7EOhyAYaHN6usNBI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/62631b-fdf3-413f-8f22-ece088f01827/1/lTgJNefooh7DK2Wn_E7X1GgnhSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.200.0.0/21
148.200.14.0/24
148.200.140.0/22
148.200.240.0/21
Signature Algorithm: sha256WithRSAEncryption
a2:bd:cc:5f:67:f0:59:9e:6b:b6:f4:79:68:d0:2b:ce:fb:b3:
77:e4:35:fe:f6:0d:09:8c:70:52:46:b4:fd:a2:9a:d8:50:5d:
aa:f6:ef:a1:2f:47:06:84:05:d6:f9:32:08:11:8d:fa:d6:27:
38:05:ad:a6:a8:b2:a3:18:cd:ca:86:e1:94:77:ec:3e:0a:9b:
90:19:37:bb:44:e2:72:c8:e2:6a:94:97:92:66:38:c7:10:e6:
b4:bf:73:e2:0c:f6:8c:82:94:eb:b2:c7:d6:83:22:19:4d:4f:
83:93:cc:c0:49:c8:ab:2a:3b:1f:12:d1:e1:e0:26:ed:86:f6:
b1:7e:0f:d2:cf:ef:93:77:ab:fe:9f:20:95:bc:66:ef:96:41:
d2:0a:b2:c6:42:da:e2:2c:06:92:04:39:fb:1d:da:d7:8d:be:
76:4e:ee:c4:75:df:de:f7:8b:89:95:bf:65:04:80:8e:78:d5:
e5:84:c2:7c:5f:41:5b:0e:d0:ad:c7:bd:41:17:d3:a5:bf:98:
d8:43:0d:53:f7:90:f0:a2:eb:2e:9c:92:63:b7:14:31:2d:44:
e7:6a:02:c0:3d:9b:55:60:ab:22:2e:42:04:46:30:c7:c0:90:
fa:27:bd:30:fa:85:1a:59:25:62:48:0a:7f:c1:60:e1:91:f3:
78:85:6a:e8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQj1+nSZZr2HRgkzrK+O8/MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MzgwOTM1ZTdlOGEyMWVjMzJiNjVhN2ZjNGVkN2Q0Njgy
Nzg1MjEwHhcNMjUwMTAxMjE0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTY2MTRmZjdhZDIzNjhlYzQzYTFjODA2MWExY2RlYWViMGQwNDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8aYaausnH+ColjhKsfsEytWGngs
L/Um2DzIu462vjtEvaVgrUAAy6i1bAiX0ec+cAdz+kjz0ztXy1TRgHMmhVSFBfCM
2F7kblTPECsN1Qw4XdOrCzgshZf8v8evweOckOuj5XB8JqkWD2lfy3I8ZgjNjUnE
2SdSRGPPFtH7G/s30kAzFRKodD2ku7jhVRAf+5fyideH+MLpOGe2arH2MU06QlWj
Eppayxk6er40bt/2m+Ox71YgAVPa2OXnMorFCSjxFwU+PGVJraVnnMQ3amEIpDWX
Oo9yHZzkVZ1aTZpk92OGyj/j6PzJwv+chV9hgYnOizvwoyXDQa4U7s6GiwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKVmFP960jaOxDocgGGhzerrDQSNMB8GA1UdIwQY
MBaAFJU4CTXn6KIewytlp/xO19RoJ4UhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFRnSk5lZm9vaDdESzJXbl9FN1gxR2duaFNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC82MjYzMWItZmRmMy00MTNmLThmMjIt
ZWNlMDg4ZjAxODI3LzEvcFdZVV8zclNObzdFT2h5QVlhSE42dXNOQkkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC82MjYzMWItZmRmMy00MTNmLThmMjItZWNlMDg4ZjAxODI3
LzEvbFRnSk5lZm9vaDdESzJXbl9FN1gxR2duaFNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDlMgAAwQA
lMgOAwQClMiMAwQDlMjwMA0GCSqGSIb3DQEBCwUAA4IBAQCivcxfZ/BZnmu29Hlo
0CvO+7N35DX+9g0JjHBSRrT9oprYUF2q9u+hL0cGhAXW+TIIEY361ic4Ba2mqLKj
GM3KhuGUd+w+CpuQGTe7ROJyyOJqlJeSZjjHEOa0v3PiDPaMgpTrssfWgyIZTU+D
k8zAScirKjsfEtHh4Cbthvaxfg/Sz++Td6v+nyCVvGbvlkHSCrLGQtriLAaSBDn7
HdrXjb52Tu7Edd/e94uJlb9lBICOeNXlhMJ8X0FbDtCtx71BF9Olv5jYQw1T95Dw
ousunJJjtxQxLUTnagLAPZtVYKsiLkIERjDHwJD6J70w+oUaWSViSAp/wWDhkfN4
hWro
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:09:36 2025 by rpki-client