Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/DQ47vKDjcl-2XGhWvGpEltnbLx0.roa
File: DQ47vKDjcl-2XGhWvGpEltnbLx0.roa (raw, json)
Hash identifier: xO7ywYo6rKZE+1UGlrRMauCBtFM1TiMUXrJWYhc9zkg=
Subject key identifier: 0D:0E:3B:BC:A0:E3:72:5F:B6:5C:68:56:BC:6A:44:96:D9:DB:2F:1D
Certificate issuer: /CN=08a34daaa887d98a5348c3a460a21fc84e11a4e6
Certificate serial: 01941FFA518B4427AF52BF4A9C5816E2C7B7
Authority key identifier: 08:A3:4D:AA:A8:87:D9:8A:53:48:C3:A4:60:A2:1F:C8:4E:11:A4:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/DQ47vKDjcl-2XGhWvGpEltnbLx0.roa
Signing time: Wed 01 Jan 2025 03:48:06 +0000
ROA not before: Wed 01 Jan 2025 03:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206617
IP address blocks: 31.14.184.0/21 maxlen: 24
89.32.152.0/23 maxlen: 24
89.40.234.0/23 maxlen: 24
93.114.170.0/24 maxlen: 24
93.114.245.0/24 maxlen: 24
93.115.210.0/24 maxlen: 24
185.18.24.0/22 maxlen: 24
185.167.52.0/22 maxlen: 24
188.213.16.0/24 maxlen: 24
188.213.40.0/21 maxlen: 22
188.240.42.0/24 maxlen: 24
188.240.44.0/23 maxlen: 23
188.241.153.0/24 maxlen: 24
188.241.186.0/24 maxlen: 24
188.241.251.0/24 maxlen: 24
193.178.224.0/23 maxlen: 23
195.2.218.0/23 maxlen: 23
2a03:f140::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:51:8b:44:27:af:52:bf:4a:9c:58:16:e2:c7:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08a34daaa887d98a5348c3a460a21fc84e11a4e6
Validity
Not Before: Jan 1 03:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d0e3bbca0e3725fb65c6856bc6a4496d9db2f1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:da:26:df:fc:8b:9f:c6:c3:90:31:c7:62:a4:
34:8e:d5:1d:fc:dd:6d:26:10:ef:40:a0:d5:d2:f6:
da:f5:07:e3:02:2e:24:31:41:1b:ce:86:6c:48:f9:
56:07:cb:ad:c3:7d:46:5b:31:38:25:c7:f9:b1:66:
3b:fe:82:04:d2:bb:0c:f9:fc:f8:7b:f1:96:1b:1f:
ab:1a:e9:a2:9b:57:4c:14:5e:66:5a:ac:7a:a3:0c:
ba:00:4d:d8:64:82:0a:eb:12:aa:db:89:0d:ec:0e:
4e:44:dd:ef:de:7a:d0:d1:38:9a:3c:0d:f6:83:b3:
ed:f8:35:c6:17:5c:b4:00:82:4a:2f:bf:b5:0e:06:
2e:06:de:f4:2b:bf:da:5d:5e:b9:48:f9:ea:2c:1c:
6d:e7:d6:20:f6:22:8d:7a:57:d7:de:6f:f8:60:39:
8c:3e:79:7b:69:97:fc:7b:cd:75:52:2f:83:72:a3:
d1:6a:4c:8a:ad:c8:4a:d9:8e:fc:72:84:85:f3:13:
11:18:ef:f4:45:1f:70:86:45:ed:3e:0d:ae:00:21:
09:bb:46:ac:a0:57:18:e5:01:fd:e8:a8:8d:1e:21:
57:c1:10:af:bd:a1:7e:32:80:0d:75:6d:6d:06:9c:
1b:d3:7a:fc:ca:28:67:b6:e6:66:1a:4f:c1:1d:e1:
3e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:0E:3B:BC:A0:E3:72:5F:B6:5C:68:56:BC:6A:44:96:D9:DB:2F:1D
X509v3 Authority Key Identifier:
keyid:08:A3:4D:AA:A8:87:D9:8A:53:48:C3:A4:60:A2:1F:C8:4E:11:A4:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/DQ47vKDjcl-2XGhWvGpEltnbLx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.184.0/21
89.32.152.0/23
89.40.234.0/23
93.114.170.0/24
93.114.245.0/24
93.115.210.0/24
185.18.24.0/22
185.167.52.0/22
188.213.16.0/24
188.213.40.0/21
188.240.42.0/24
188.240.44.0/23
188.241.153.0/24
188.241.186.0/24
188.241.251.0/24
193.178.224.0/23
195.2.218.0/23
IPv6:
2a03:f140::/32
Signature Algorithm: sha256WithRSAEncryption
81:96:2e:f6:c9:b8:46:d2:37:f2:7e:90:6a:6c:7b:b6:26:bf:
04:b7:61:62:bb:46:ce:3f:30:03:35:a7:fb:02:fa:b1:85:6d:
fd:f3:03:87:40:1b:ab:6b:f9:0c:d5:53:e3:39:de:05:ae:67:
5f:1e:41:2b:95:66:84:ee:05:2e:38:28:42:20:59:88:13:89:
8f:1b:60:06:2d:e1:0c:77:b8:cf:3d:2c:e1:e7:47:89:68:56:
7c:6f:53:97:bc:2d:8d:2f:5d:75:ca:0b:26:b8:18:44:c0:26:
a9:c5:9a:22:46:70:08:4a:0c:4c:fb:bf:75:e6:98:de:1c:7a:
a3:80:4d:85:ef:f9:e7:dc:cb:e5:20:75:a8:80:9b:c8:b0:33:
a2:a5:a4:f0:2b:fc:2c:24:93:9d:6f:ae:dd:bd:31:79:ca:6e:
1d:4e:98:a6:20:28:19:42:0e:54:6f:d0:02:85:26:f6:1e:a3:
6c:ec:38:7e:db:2e:61:e7:85:5b:71:06:05:fc:3c:4f:81:f1:
59:b4:4b:3c:bd:af:7d:31:c3:f0:5e:a6:e8:8d:a9:d8:1e:25:
c7:f9:a2:67:b3:b5:9f:fb:ae:30:15:a2:2f:17:ab:25:b3:fa:
0a:1c:68:f4:e7:01:c3:f4:69:c0:0d:f9:86:c4:e3:ef:56:a8:
dd:45:8f:2a
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAZQf+lGLRCevUr9KnFgW4se3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YTM0ZGFhYTg4N2Q5OGE1MzQ4YzNhNDYwYTIxZmM4NGUx
MWE0ZTYwHhcNMjUwMTAxMDM0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDBlM2JiY2EwZTM3MjVmYjY1YzY4NTZiYzZhNDQ5NmQ5ZGIyZjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09om3/yLn8bDkDHHYqQ0jtUd/N1t
JhDvQKDV0vba9QfjAi4kMUEbzoZsSPlWB8utw31GWzE4Jcf5sWY7/oIE0rsM+fz4
e/GWGx+rGumim1dMFF5mWqx6owy6AE3YZIIK6xKq24kN7A5ORN3v3nrQ0TiaPA32
g7Pt+DXGF1y0AIJKL7+1DgYuBt70K7/aXV65SPnqLBxt59Yg9iKNelfX3m/4YDmM
Pnl7aZf8e811Ui+DcqPRakyKrchK2Y78coSF8xMRGO/0RR9whkXtPg2uACEJu0as
oFcY5QH96KiNHiFXwRCvvaF+MoANdW1tBpwb03r8yihntuZmGk/BHeE+YQIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFA0OO7yg43JftlxoVrxqRJbZ2y8dMB8GA1UdIwQY
MBaAFAijTaqoh9mKU0jDpGCiH8hOEaTmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9mNDMzYzMtMTMyZi00ZDY2LWJkMzAt
YzYyY2YyMGE1ZWM5LzEvRFE0N3ZLRGpjbC0yWEdoV3ZHcEVsdG5iTHgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9mNDMzYzMtMTMyZi00ZDY2LWJkMzAtYzYyY2YyMGE1ZWM5
LzEvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAx8OuAME
AVkgmAMEAVko6gMEAF1yqgMEAF1y9QMEAF1z0gMEArkSGAMEArmnNAMEALzVEAME
A7zVKAMEALzwKgMEAbzwLAMEALzxmQMEALzxugMEALzx+wMEAcGy4AMEAcMC2jAN
BAIAAjAHAwUAKgPxQDANBgkqhkiG9w0BAQsFAAOCAQEAgZYu9sm4RtI38n6Qamx7
tia/BLdhYrtGzj8wAzWn+wL6sYVt/fMDh0Abq2v5DNVT4zneBa5nXx5BK5VmhO4F
LjgoQiBZiBOJjxtgBi3hDHe4zz0s4edHiWhWfG9Tl7wtjS9ddcoLJrgYRMAmqcWa
IkZwCEoMTPu/deaY3hx6o4BNhe/559zL5SB1qICbyLAzoqWk8Cv8LCSTnW+u3b0x
ecpuHU6YpiAoGUIOVG/QAoUm9h6jbOw4ftsuYeeFW3EGBfw8T4HxWbRLPL2vfTHD
8F6m6I2p2B4lx/miZ7O1n/uuMBWiLxerJbP6Chxo9OcBw/RpwA35hsTj71ao3UWP
Kg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:27:19 2025 by rpki-client