Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/786b51-e2df-4fd6-9c9b-f567c3e9f5ff/1/dfL-gvA2Qkqn6Qpe6zWj7lI7kd4.roa
File: dfL-gvA2Qkqn6Qpe6zWj7lI7kd4.roa (raw, json)
Hash identifier: eEFaV0ZEz0n+bynhdMbupQugpBJCLZ2opvaJX3bJhrc=
Subject key identifier: 75:F2:FE:82:F0:36:42:4A:A7:E9:0A:5E:EB:35:A3:EE:52:3B:91:DE
Certificate issuer: /CN=4ec3a062cb96d9a3f21a8b2da848f81c6f73bf95
Certificate serial: 019420D621EF6051F62AC18883E45F240AA0
Authority key identifier: 4E:C3:A0:62:CB:96:D9:A3:F2:1A:8B:2D:A8:48:F8:1C:6F:73:BF:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TsOgYsuW2aPyGostqEj4HG9zv5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/786b51-e2df-4fd6-9c9b-f567c3e9f5ff/1/dfL-gvA2Qkqn6Qpe6zWj7lI7kd4.roa
Signing time: Wed 01 Jan 2025 07:48:11 +0000
ROA not before: Wed 01 Jan 2025 07:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 91.228.132.0/23 maxlen: 24
91.229.46.0/23 maxlen: 24
185.80.198.0/23 maxlen: 24
185.147.176.0/22 maxlen: 24
188.209.116.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:21:ef:60:51:f6:2a:c1:88:83:e4:5f:24:0a:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ec3a062cb96d9a3f21a8b2da848f81c6f73bf95
Validity
Not Before: Jan 1 07:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75f2fe82f036424aa7e90a5eeb35a3ee523b91de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:1a:15:a6:10:09:27:d2:90:18:77:ee:c1:e7:
20:c4:ee:b9:a7:f7:1e:6b:17:8c:87:b1:89:d7:db:
61:d4:da:0c:f6:c5:cf:83:1f:27:03:7f:7d:fa:00:
f7:28:1a:04:f3:24:ac:2d:41:f4:2d:85:3c:4a:34:
f5:8a:22:2a:5f:b9:0b:73:e0:ee:d4:30:ee:b6:b8:
77:71:1f:36:88:5b:45:0b:6b:66:90:08:06:d9:fa:
9e:33:5f:f5:36:68:a1:95:52:41:84:4c:fa:b0:1c:
e6:4e:d2:81:2a:24:2b:b2:7c:72:ba:49:67:01:6b:
08:7a:56:20:c2:b6:22:96:4e:1c:02:ec:08:20:46:
b1:d7:22:5a:cb:a3:34:af:f1:44:3d:12:36:aa:1d:
69:4a:c3:26:8c:ab:cc:f4:f6:fb:a3:d7:35:18:9e:
ef:22:c3:0f:d1:15:89:36:fe:cc:72:36:5c:72:22:
a0:ee:b8:66:74:00:65:5c:cd:4c:34:be:9e:82:c0:
13:81:ba:96:a3:fe:45:e5:a7:f3:eb:80:56:bb:03:
df:44:5c:42:6e:87:d8:24:f7:b3:3f:6e:6b:41:e7:
90:62:ba:0e:33:15:d9:b7:aa:1e:dd:ba:89:fc:2a:
91:de:a4:10:36:89:65:c6:4b:e7:ef:79:6b:2c:a1:
ef:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:F2:FE:82:F0:36:42:4A:A7:E9:0A:5E:EB:35:A3:EE:52:3B:91:DE
X509v3 Authority Key Identifier:
keyid:4E:C3:A0:62:CB:96:D9:A3:F2:1A:8B:2D:A8:48:F8:1C:6F:73:BF:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TsOgYsuW2aPyGostqEj4HG9zv5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/786b51-e2df-4fd6-9c9b-f567c3e9f5ff/1/dfL-gvA2Qkqn6Qpe6zWj7lI7kd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/786b51-e2df-4fd6-9c9b-f567c3e9f5ff/1/TsOgYsuW2aPyGostqEj4HG9zv5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.132.0/23
91.229.46.0/23
185.80.198.0/23
185.147.176.0/22
188.209.116.0/22
Signature Algorithm: sha256WithRSAEncryption
91:e7:01:38:6e:ed:81:39:5e:a6:e4:20:18:b3:d4:be:fe:40:
20:89:5d:f7:90:35:5e:90:5f:94:90:23:11:5b:12:4c:9b:69:
37:44:ad:9c:5a:93:4f:e2:45:f1:80:82:9a:bd:ec:4d:73:ca:
2e:1a:b7:51:45:12:16:ed:5e:1a:59:7c:f3:e9:94:41:4f:93:
91:29:7a:87:76:3e:f7:59:47:49:58:c2:97:68:58:7f:fa:14:
cd:14:a3:ba:2d:72:3e:0f:6e:78:ac:2f:f0:50:0e:65:7d:36:
bb:d0:88:3b:78:3d:a2:f6:cf:dc:1b:2d:9c:a7:65:4f:08:ce:
05:d0:f4:47:ed:96:25:f0:be:3d:ed:94:b0:a2:31:cd:e8:8a:
12:c9:fa:32:3b:2e:df:48:98:bd:f4:b6:c4:ba:b9:7c:ff:95:
34:9c:e8:5d:2f:4d:64:40:d4:be:47:c6:46:07:a7:3b:f9:f5:
67:c1:4d:66:9b:97:b3:8c:db:6e:79:e4:15:47:00:6b:16:5e:
b7:ad:57:8e:d7:cd:07:ff:86:4d:b1:4a:a3:e7:86:74:6a:fe:
da:1f:6d:5f:67:44:6a:5b:33:09:8b:83:1e:44:7e:ff:50:6b:
6f:d1:e2:0c:f2:57:df:cb:cc:62:a9:20:83:61:b4:cf:61:c3:
1c:c3:14:2f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQg1iHvYFH2KsGIg+RfJAqgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlYzNhMDYyY2I5NmQ5YTNmMjFhOGIyZGE4NDhmODFjNmY3
M2JmOTUwHhcNMjUwMTAxMDc0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWYyZmU4MmYwMzY0MjRhYTdlOTBhNWVlYjM1YTNlZTUyM2I5MWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxoVphAJJ9KQGHfuwecgxO65p/ce
axeMh7GJ19th1NoM9sXPgx8nA399+gD3KBoE8ySsLUH0LYU8SjT1iiIqX7kLc+Du
1DDutrh3cR82iFtFC2tmkAgG2fqeM1/1NmihlVJBhEz6sBzmTtKBKiQrsnxyukln
AWsIelYgwrYilk4cAuwIIEax1yJay6M0r/FEPRI2qh1pSsMmjKvM9Pb7o9c1GJ7v
IsMP0RWJNv7McjZcciKg7rhmdABlXM1MNL6egsATgbqWo/5F5afz64BWuwPfRFxC
bofYJPezP25rQeeQYroOMxXZt6oe3bqJ/CqR3qQQNollxkvn73lrLKHvcwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHXy/oLwNkJKp+kKXus1o+5SO5HeMB8GA1UdIwQY
MBaAFE7DoGLLltmj8hqLLahI+Bxvc7+VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHNPZ1lzdVcyYVB5R29zdHFFajRIRzl6djVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83ODZiNTEtZTJkZi00ZmQ2LTljOWIt
ZjU2N2MzZTlmNWZmLzEvZGZMLWd2QTJRa3FuNlFwZTZ6V2o3bEk3a2Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi83ODZiNTEtZTJkZi00ZmQ2LTljOWItZjU2N2MzZTlmNWZm
LzEvVHNPZ1lzdVcyYVB5R29zdHFFajRIRzl6djVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBW+SEAwQB
W+UuAwQBuVDGAwQCuZOwAwQCvNF0MA0GCSqGSIb3DQEBCwUAA4IBAQCR5wE4bu2B
OV6m5CAYs9S+/kAgiV33kDVekF+UkCMRWxJMm2k3RK2cWpNP4kXxgIKavexNc8ou
GrdRRRIW7V4aWXzz6ZRBT5ORKXqHdj73WUdJWMKXaFh/+hTNFKO6LXI+D254rC/w
UA5lfTa70Ig7eD2i9s/cGy2cp2VPCM4F0PRH7ZYl8L497ZSwojHN6IoSyfoyOy7f
SJi99LbEurl8/5U0nOhdL01kQNS+R8ZGB6c7+fVnwU1mm5ezjNtueeQVRwBrFl63
rVeO180H/4ZNsUqj54Z0av7aH21fZ0RqWzMJi4MeRH7/UGtv0eIM8lffy8xiqSCD
YbTPYcMcwxQv
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:26:41 2025 by rpki-client