Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/r4X2HvAwh5ygol1cL2nGNDVz3U4.roa
File: r4X2HvAwh5ygol1cL2nGNDVz3U4.roa (raw, json)
Hash identifier: 7aCXdpb3SzbFP3HJ9KQNb5y78LcqzI5vEIV6FBttc2k=
Subject key identifier: AF:85:F6:1E:F0:30:87:9C:A0:A2:5D:5C:2F:69:C6:34:35:73:DD:4E
Certificate issuer: /CN=149d1f67a41ca2e405017cbe48bafff1733e3869
Certificate serial: 01942368D4091FE81B317D36F20D17A1CFE3
Authority key identifier: 14:9D:1F:67:A4:1C:A2:E4:05:01:7C:BE:48:BA:FF:F1:73:3E:38:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/r4X2HvAwh5ygol1cL2nGNDVz3U4.roa
Signing time: Wed 01 Jan 2025 19:47:40 +0000
ROA not before: Wed 01 Jan 2025 19:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59729
IP address blocks: 93.188.155.0/24 maxlen: 24
185.162.10.0/24 maxlen: 24
185.204.53.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:d4:09:1f:e8:1b:31:7d:36:f2:0d:17:a1:cf:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=149d1f67a41ca2e405017cbe48bafff1733e3869
Validity
Not Before: Jan 1 19:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af85f61ef030879ca0a25d5c2f69c6343573dd4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:3e:09:ea:c8:3f:e6:f5:dd:11:2a:6f:0c:5f:
92:d0:00:ea:24:72:a7:f4:d5:b0:8d:3a:65:2c:60:
59:1b:ff:e9:56:7d:fa:8b:b1:62:5d:96:5f:ce:53:
31:af:d4:4a:01:f8:af:ba:0b:04:41:04:a5:d9:f5:
0e:90:2a:2f:cf:39:e6:e1:03:30:e8:7d:ee:7c:f2:
05:91:ef:db:f6:02:e7:70:f3:5f:2a:2c:c3:5b:fa:
9e:78:7a:41:2f:c0:40:9a:bb:16:bf:07:09:24:c0:
48:17:7b:91:d7:88:87:fe:69:9b:16:4a:6e:82:92:
21:18:7d:b0:20:0d:ae:9c:9a:b0:b7:fb:b6:26:3c:
b1:04:59:17:d0:32:b9:4f:b2:40:75:30:49:56:9e:
79:5a:34:3a:2b:2e:be:7a:2a:36:53:1d:fd:fd:75:
e8:3d:ff:8f:07:8d:cd:82:56:5c:a6:51:2c:d3:71:
17:d3:bb:0e:c8:13:a1:a6:03:50:8b:87:87:6b:81:
cc:db:94:f0:d0:a0:aa:9a:6d:8d:24:cb:02:b9:20:
c8:cf:4d:c5:76:13:c6:c9:ac:d8:d7:84:88:77:2a:
28:67:c8:eb:59:44:ce:e5:41:a0:ef:5a:48:ef:1f:
2a:3a:ac:c2:b6:f9:09:07:c9:33:97:f0:0a:9c:4d:
72:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:85:F6:1E:F0:30:87:9C:A0:A2:5D:5C:2F:69:C6:34:35:73:DD:4E
X509v3 Authority Key Identifier:
keyid:14:9D:1F:67:A4:1C:A2:E4:05:01:7C:BE:48:BA:FF:F1:73:3E:38:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/r4X2HvAwh5ygol1cL2nGNDVz3U4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.188.155.0/24
185.162.10.0/24
185.204.53.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:94:11:a6:fc:b5:c2:2b:da:dc:c0:6d:d1:bf:60:a9:43:fc:
7d:4e:56:bd:7d:1c:65:22:ca:81:a2:20:cd:b3:47:50:a7:2f:
56:77:aa:d6:d7:77:d6:13:b3:e3:14:76:75:cd:0a:b1:fa:29:
43:8f:9b:77:8e:26:08:a7:76:99:6d:20:a2:79:c7:70:2b:62:
25:33:00:57:cc:d9:85:50:49:4e:7a:ef:c3:ce:fd:a8:d9:a9:
f3:c0:45:4e:a7:9c:62:71:2e:af:49:bf:b3:5c:03:b1:b8:53:
25:0f:93:89:69:51:15:e2:94:2d:c9:4d:ee:1b:0c:85:86:0e:
f8:fc:46:a4:9e:ce:ec:1c:95:72:54:38:81:38:f6:86:54:8e:
ab:00:17:ea:55:50:e1:86:07:87:0f:9f:34:33:78:42:06:c7:
f5:b7:28:99:39:94:53:9e:94:26:f3:c4:f4:fa:43:11:5a:25:
1f:4a:a4:b8:20:f8:66:54:02:ed:58:d4:b7:ce:f0:61:f3:e6:
a1:5f:f5:53:cc:88:d9:6d:bb:98:a7:e7:62:1c:68:f2:7c:82:
1c:72:21:57:75:7b:13:a0:77:df:0d:39:a3:af:da:c5:5e:b3:
ac:51:c1:05:f7:06:0b:25:f4:d5:2f:9d:53:d8:de:12:7e:a5:
92:90:39:6a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQjaNQJH+gbMX028g0Xoc/jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0OWQxZjY3YTQxY2EyZTQwNTAxN2NiZTQ4YmFmZmYxNzMz
ZTM4NjkwHhcNMjUwMTAxMTk0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjg1ZjYxZWYwMzA4NzljYTBhMjVkNWMyZjY5YzYzNDM1NzNkZDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmD4J6sg/5vXdESpvDF+S0ADqJHKn
9NWwjTplLGBZG//pVn36i7FiXZZfzlMxr9RKAfivugsEQQSl2fUOkCovzznm4QMw
6H3ufPIFke/b9gLncPNfKizDW/qeeHpBL8BAmrsWvwcJJMBIF3uR14iH/mmbFkpu
gpIhGH2wIA2unJqwt/u2JjyxBFkX0DK5T7JAdTBJVp55WjQ6Ky6+eio2Ux39/XXo
Pf+PB43NglZcplEs03EX07sOyBOhpgNQi4eHa4HM25Tw0KCqmm2NJMsCuSDIz03F
dhPGyazY14SIdyooZ8jrWUTO5UGg71pI7x8qOqzCtvkJB8kzl/AKnE1y9wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK+F9h7wMIecoKJdXC9pxjQ1c91OMB8GA1UdIwQY
MBaAFBSdH2ekHKLkBQF8vki6//FzPjhpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkowZlo2UWNvdVFGQVh5LVNMcl84WE0tT0drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iNTA5MGEtZWM1OC00NmRiLTlkZDkt
NTQ4NTY4MmEwNWY1LzEvcjRYMkh2QXdoNXlnb2wxY0wybkdORFZ6M1U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iNTA5MGEtZWM1OC00NmRiLTlkZDktNTQ4NTY4MmEwNWY1
LzEvRkowZlo2UWNvdVFGQVh5LVNMcl84WE0tT0drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXbybAwQA
uaIKAwQAucw1MA0GCSqGSIb3DQEBCwUAA4IBAQC9lBGm/LXCK9rcwG3Rv2CpQ/x9
Tla9fRxlIsqBoiDNs0dQpy9Wd6rW13fWE7PjFHZ1zQqx+ilDj5t3jiYIp3aZbSCi
ecdwK2IlMwBXzNmFUElOeu/Dzv2o2anzwEVOp5xicS6vSb+zXAOxuFMlD5OJaVEV
4pQtyU3uGwyFhg74/Eakns7sHJVyVDiBOPaGVI6rABfqVVDhhgeHD580M3hCBsf1
tyiZOZRTnpQm88T0+kMRWiUfSqS4IPhmVALtWNS3zvBh8+ahX/VTzIjZbbuYp+di
HGjyfIIcciFXdXsToHffDTmjr9rFXrOsUcEF9wYLJfTVL51T2N4SfqWSkDlq
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:04:40 2025 by rpki-client