Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/nd2mEoM182MlqnyU97QFBEBtYLc.roa
File: nd2mEoM182MlqnyU97QFBEBtYLc.roa (raw, json)
Hash identifier: H4CTJi+dex4a2tP/U9S7boExXOmFzvTZ0iE52ANC1z0=
Subject key identifier: 9D:DD:A6:12:83:35:F3:63:25:AA:7C:94:F7:B4:05:04:40:6D:60:B7
Certificate issuer: /CN=ac2119178bfd923a4b5ec406d9fe1452b2776efa
Certificate serial: 0194206800A22F4E05175A64E17F94A4AC65
Authority key identifier: AC:21:19:17:8B:FD:92:3A:4B:5E:C4:06:D9:FE:14:52:B2:77:6E:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/nd2mEoM182MlqnyU97QFBEBtYLc.roa
Signing time: Wed 01 Jan 2025 05:47:54 +0000
ROA not before: Wed 01 Jan 2025 05:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39790
IP address blocks: 81.91.80.0/20 maxlen: 21
185.14.224.0/22 maxlen: 23
2001:1568::/32 maxlen: 33
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:00:a2:2f:4e:05:17:5a:64:e1:7f:94:a4:ac:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac2119178bfd923a4b5ec406d9fe1452b2776efa
Validity
Not Before: Jan 1 05:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ddda6128335f36325aa7c94f7b40504406d60b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:4b:80:1f:d3:ed:26:42:4c:cd:da:c3:40:74:
3e:9d:b6:27:20:40:d6:f9:cb:52:47:b2:44:fd:aa:
38:0f:f6:ab:59:95:42:32:3d:25:a7:08:d0:4b:38:
ee:6f:26:b5:31:13:0e:16:3b:8b:0c:00:ec:b9:d6:
2c:2a:c7:09:79:4b:03:8e:3e:6a:92:9d:20:e5:4e:
c1:99:4f:96:bb:cf:e3:07:ed:8d:0e:b2:b3:5f:9b:
45:33:95:4d:fa:92:69:44:9c:b3:02:92:97:57:31:
04:b3:84:0a:8e:c0:56:fa:15:dc:a5:66:34:2f:b0:
69:67:a6:72:8e:19:55:fb:6a:76:ff:d5:04:ff:e9:
8d:19:f9:88:56:f3:c0:d0:2e:2d:01:84:79:b6:8e:
af:c5:c6:3b:e5:d3:74:dd:b5:b9:70:31:97:4b:c3:
5d:f2:a7:6a:d3:a7:7d:2b:66:fe:fb:a7:b9:f9:1a:
da:d4:73:79:5d:a3:55:bb:3b:64:f7:76:22:9e:c2:
88:a6:23:bd:76:06:b4:0c:dd:37:8b:78:50:a8:b8:
bc:3d:49:95:ab:ea:39:8e:65:7e:11:e0:ed:41:7d:
15:f4:81:d9:78:bc:78:8d:5b:7c:1e:75:bb:4d:4b:
d7:33:10:d0:53:d3:6c:e4:c8:e0:6b:23:f6:66:2f:
20:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:DD:A6:12:83:35:F3:63:25:AA:7C:94:F7:B4:05:04:40:6D:60:B7
X509v3 Authority Key Identifier:
keyid:AC:21:19:17:8B:FD:92:3A:4B:5E:C4:06:D9:FE:14:52:B2:77:6E:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/nd2mEoM182MlqnyU97QFBEBtYLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.91.80.0/20
185.14.224.0/22
IPv6:
2001:1568::/32
Signature Algorithm: sha256WithRSAEncryption
8a:09:ce:e3:81:31:ed:b8:a2:8c:25:3c:52:c2:5b:b3:a1:a5:
82:9a:43:bc:54:72:a3:fd:2c:b2:c0:c6:f1:c0:e0:14:3e:4f:
dd:c9:db:9e:e5:5a:ea:46:f2:89:85:7d:5a:09:92:3f:a3:1b:
cd:85:00:32:c8:b2:ac:2b:80:1e:82:58:b1:8d:5a:84:08:2b:
86:0c:cb:47:79:97:20:d2:25:06:0d:63:85:52:b9:2a:37:57:
46:27:ee:ec:3b:48:51:e7:16:27:05:61:85:6a:73:f2:f8:76:
3a:43:1e:57:da:d4:7c:77:d7:77:39:20:b9:89:7d:77:3a:47:
68:2e:78:09:85:d2:e1:af:51:73:a2:cd:87:e9:fc:b8:46:3d:
1d:aa:6b:b3:e8:55:48:af:50:e5:7f:98:b8:bb:ba:c9:0e:6d:
4f:c4:e7:77:af:a1:52:29:8a:51:fb:b0:a1:6a:6c:c8:53:78:
41:6c:bf:5b:85:67:a1:2e:85:52:7c:70:2c:13:6f:b8:f7:3c:
18:c3:fa:63:70:66:0b:18:94:52:76:f9:74:84:e4:4e:3b:d8:
d0:05:e0:1c:8d:fa:9a:d2:e5:e8:97:ff:8b:7f:86:2e:97:e5:
c9:5d:67:e5:7f:8d:d7:a3:01:c6:28:5a:e6:f2:1c:82:cc:6a:
18:97:93:2e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQgaACiL04FF1pk4X+UpKxlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMjExOTE3OGJmZDkyM2E0YjVlYzQwNmQ5ZmUxNDUyYjI3
NzZlZmEwHhcNMjUwMTAxMDU0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGRkYTYxMjgzMzVmMzYzMjVhYTdjOTRmN2I0MDUwNDQwNmQ2MGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7EuAH9PtJkJMzdrDQHQ+nbYnIEDW
+ctSR7JE/ao4D/arWZVCMj0lpwjQSzjubya1MRMOFjuLDADsudYsKscJeUsDjj5q
kp0g5U7BmU+Wu8/jB+2NDrKzX5tFM5VN+pJpRJyzApKXVzEEs4QKjsBW+hXcpWY0
L7BpZ6ZyjhlV+2p2/9UE/+mNGfmIVvPA0C4tAYR5to6vxcY75dN03bW5cDGXS8Nd
8qdq06d9K2b++6e5+Rra1HN5XaNVuztk93YinsKIpiO9dga0DN03i3hQqLi8PUmV
q+o5jmV+EeDtQX0V9IHZeLx4jVt8HnW7TUvXMxDQU9Ns5MjgayP2Zi8gXwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJ3dphKDNfNjJap8lPe0BQRAbWC3MB8GA1UdIwQY
MBaAFKwhGReL/ZI6S17EBtn+FFKyd276MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckNFWkY0djlranBMWHNRRzJmNFVVckozYnZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yYThmN2UtZTYwNS00MTE0LTkwZTgt
ZjYwMGQwZmQwM2NlLzEvbmQybUVvTTE4Mk1scW55VTk3UUZCRUJ0WUxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yYThmN2UtZTYwNS00MTE0LTkwZTgtZjYwMGQwZmQwM2Nl
LzEvckNFWkY0djlranBMWHNRRzJmNFVVckozYnZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUVtQAwQC
uQ7gMA0EAgACMAcDBQAgARVoMA0GCSqGSIb3DQEBCwUAA4IBAQCKCc7jgTHtuKKM
JTxSwluzoaWCmkO8VHKj/SyywMbxwOAUPk/dydue5VrqRvKJhX1aCZI/oxvNhQAy
yLKsK4AeglixjVqECCuGDMtHeZcg0iUGDWOFUrkqN1dGJ+7sO0hR5xYnBWGFanPy
+HY6Qx5X2tR8d9d3OSC5iX13OkdoLngJhdLhr1Fzos2H6fy4Rj0dqmuz6FVIr1Dl
f5i4u7rJDm1PxOd3r6FSKYpR+7ChamzIU3hBbL9bhWehLoVSfHAsE2+49zwYw/pj
cGYLGJRSdvl0hOROO9jQBeAcjfqa0uXol/+Lf4Yul+XJXWflf43XowHGKFrm8hyC
zGoYl5Mu
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:39:47 2025 by rpki-client