Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/gSkSalLxBBTZ5ze-KWxeB_8DtQg.roa
File: gSkSalLxBBTZ5ze-KWxeB_8DtQg.roa (raw, json)
Hash identifier: X8zrqUjiyTt5wAUyN7WfFsY2WeTVhfo2FCeXdvrhuMI=
Subject key identifier: 81:29:12:6A:52:F1:04:14:D9:E7:37:BE:29:6C:5E:07:FF:03:B5:08
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 0194266B4C296B94FA62991E50889950AD92
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/gSkSalLxBBTZ5ze-KWxeB_8DtQg.roa
Signing time: Thu 02 Jan 2025 09:49:13 +0000
ROA not before: Thu 02 Jan 2025 09:49:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62206
IP address blocks: 91.228.12.0/24 maxlen: 24
91.228.13.0/24 maxlen: 24
91.228.14.0/24 maxlen: 24
91.228.15.0/24 maxlen: 24
94.154.32.0/24 maxlen: 24
94.154.35.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.37.0/24 maxlen: 24
94.154.38.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:4c:29:6b:94:fa:62:99:1e:50:88:99:50:ad:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Jan 2 09:49:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8129126a52f10414d9e737be296c5e07ff03b508
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d3:b5:c8:4f:1a:e1:be:51:0c:52:51:cc:8a:
9d:52:41:8d:2b:61:60:6b:ae:c7:46:c3:cd:1a:c4:
9e:e9:2e:46:7d:4f:e2:df:69:66:ab:2f:09:dd:a3:
26:b0:32:3e:93:23:a4:14:98:78:14:98:dd:da:79:
59:59:ec:15:37:a6:36:82:ba:b8:57:e9:ce:6f:55:
12:3e:15:44:cc:cc:8a:2c:97:4b:07:5d:a4:08:a5:
28:c0:9d:d9:a3:eb:ee:e7:49:90:a8:4e:4f:f0:c9:
1e:46:ad:16:d5:c2:bd:b9:5e:12:c4:b8:ee:c7:09:
1f:89:6f:8e:3c:51:af:a2:7d:e5:02:e7:db:0d:15:
58:26:b5:2d:22:06:42:3e:40:9e:41:70:33:8e:a1:
83:9f:59:bb:2d:5e:69:ce:90:c6:24:49:04:f0:aa:
21:87:f5:78:0c:4a:71:0b:a2:8b:ca:eb:ce:6f:b6:
d0:cb:77:17:3f:7a:3f:72:e4:8e:f1:24:af:9e:4e:
1f:ed:a5:9d:64:1e:4c:99:ae:ff:f6:e2:4d:d1:03:
71:af:bb:a9:07:6e:27:9c:42:11:c0:a0:da:64:ac:
62:71:e8:37:bf:d7:6e:8e:f1:84:7a:96:c0:e5:ff:
a3:fb:eb:8b:74:3d:5e:0a:86:39:d7:28:ba:56:a3:
8c:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:29:12:6A:52:F1:04:14:D9:E7:37:BE:29:6C:5E:07:FF:03:B5:08
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/gSkSalLxBBTZ5ze-KWxeB_8DtQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.12.0/22
94.154.32.0/24
94.154.35.0-94.154.38.255
Signature Algorithm: sha256WithRSAEncryption
13:1b:6a:b9:cc:72:db:9e:d1:89:3a:ea:0f:2a:1b:b1:28:a3:
b9:68:e0:5c:52:67:3d:a9:5a:de:da:09:1c:87:10:92:77:4c:
6f:2e:9b:b8:11:73:66:88:95:ab:74:55:20:af:f9:bf:cf:e9:
1e:49:3c:c9:f4:51:77:23:54:d1:e2:2d:29:bc:d2:07:eb:f0:
b9:c9:c6:fc:91:a3:c2:d6:f1:a6:b1:c9:5d:c8:e7:4a:29:d4:
6d:95:7a:0a:e5:38:87:9c:47:92:3c:e3:a2:0c:e4:47:5b:cb:
fb:c6:80:b3:49:90:2e:7d:f4:63:ab:58:75:b5:a7:7d:ee:3e:
ba:f0:21:4a:5b:6e:8b:f3:6c:d1:0b:f3:d4:0d:93:d6:a1:06:
30:ee:ea:50:d0:d8:1e:da:f4:68:55:4c:2d:f7:2e:d3:28:ef:
06:c7:96:f2:f7:d6:4d:0d:66:b9:19:c4:f9:83:b6:9d:6f:11:
72:92:15:92:77:04:a6:76:57:bf:28:0e:6b:23:b2:94:54:09:
d1:f3:17:e1:df:99:d2:40:e4:84:79:92:a9:74:fa:ce:fe:33:
dc:ba:1b:1b:1e:1a:f4:d1:fe:d6:6a:c1:44:2e:d6:0f:1b:de:
70:36:d3:be:ea:2b:ce:2a:ac:42:cb:bd:5b:ae:fe:9e:37:d7:
b0:7d:d9:fd
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQma0wpa5T6YpkeUIiZUK2SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjUwMTAyMDk0OTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTI5MTI2YTUyZjEwNDE0ZDllNzM3YmUyOTZjNWUwN2ZmMDNiNTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNO1yE8a4b5RDFJRzIqdUkGNK2Fg
a67HRsPNGsSe6S5GfU/i32lmqy8J3aMmsDI+kyOkFJh4FJjd2nlZWewVN6Y2grq4
V+nOb1USPhVEzMyKLJdLB12kCKUowJ3Zo+vu50mQqE5P8MkeRq0W1cK9uV4SxLju
xwkfiW+OPFGvon3lAufbDRVYJrUtIgZCPkCeQXAzjqGDn1m7LV5pzpDGJEkE8Koh
h/V4DEpxC6KLyuvOb7bQy3cXP3o/cuSO8SSvnk4f7aWdZB5Mma7/9uJN0QNxr7up
B24nnEIRwKDaZKxiceg3v9dujvGEepbA5f+j++uLdD1eCoY51yi6VqOMMwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFIEpEmpS8QQU2ec3vilsXgf/A7UIMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvZ1NrU2FsTHhCQlRaNXplLUtXeGVCXzhEdFFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCW+QMAwQA
XpogMAwDBABemiMDBABemiYwDQYJKoZIhvcNAQELBQADggEBABMbarnMctue0Yk6
6g8qG7Eoo7lo4FxSZz2pWt7aCRyHEJJ3TG8um7gRc2aIlat0VSCv+b/P6R5JPMn0
UXcjVNHiLSm80gfr8LnJxvyRo8LW8aaxyV3I50op1G2VegrlOIecR5I846IM5Edb
y/vGgLNJkC599GOrWHW1p33uPrrwIUpbbovzbNEL89QNk9ahBjDu6lDQ2B7a9GhV
TC33LtMo7wbHlvL31k0NZrkZxPmDtp1vEXKSFZJ3BKZ2V78oDmsjspRUCdHzF+Hf
mdJA5IR5kql0+s7+M9y6GxseGvTR/tZqwUQu1g8b3nA2077qK84qrELLvVuu/p43
17B92f0=
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:10:24 2025 by rpki-client