Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/If5j4KjsWFg3kwDUxrHpbFCCjpg.roa
File: If5j4KjsWFg3kwDUxrHpbFCCjpg.roa (raw, json)
Hash identifier: iGbVOgQjxfoZ4tZTHfIMlZvCv27war8Yd/ywUcGl39o=
Subject key identifier: 21:FE:63:E0:A8:EC:58:58:37:93:00:D4:C6:B1:E9:6C:50:82:8E:98
Certificate issuer: /CN=53e3aedd91be82451342dcd1c9828345db661a5f
Certificate serial: 019426D99EC9489185D556A7D512384EDFE1
Authority key identifier: 53:E3:AE:DD:91:BE:82:45:13:42:DC:D1:C9:82:83:45:DB:66:1A:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/If5j4KjsWFg3kwDUxrHpbFCCjpg.roa
Signing time: Thu 02 Jan 2025 11:49:43 +0000
ROA not before: Thu 02 Jan 2025 11:49:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43668
IP address blocks: 91.197.184.0/22 maxlen: 22
185.225.196.0/24 maxlen: 24
194.116.141.0/24 maxlen: 24
2001:67c:15d8::/48 maxlen: 48
2a0d:5d00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:9e:c9:48:91:85:d5:56:a7:d5:12:38:4e:df:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53e3aedd91be82451342dcd1c9828345db661a5f
Validity
Not Before: Jan 2 11:49:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=21fe63e0a8ec5858379300d4c6b1e96c50828e98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:48:3e:46:17:ec:2f:fa:ba:f2:b9:a2:8c:f7:
12:4c:dd:68:cd:6a:dd:a7:62:50:56:44:d6:1c:71:
3c:76:b5:42:86:60:37:c3:cb:00:9f:40:13:81:49:
21:21:b9:9c:c5:b1:f7:60:65:ed:68:34:fc:af:13:
58:12:e4:10:43:e0:00:cc:3e:1b:67:79:f5:58:f7:
b8:9d:b4:6a:be:1b:92:e7:7b:6c:c9:d2:45:a0:75:
c7:cc:65:95:24:ef:a2:2f:f1:99:ad:23:d4:94:1c:
52:9a:23:31:0a:48:e0:33:9a:d6:dc:50:9a:05:82:
2d:d2:71:41:3f:96:d9:ab:a9:79:c4:d4:30:75:e9:
a2:d0:c1:48:64:54:2a:e9:3e:07:25:66:9c:30:ac:
c1:15:53:44:2d:2f:27:e6:63:aa:ff:e7:cd:cd:7c:
91:c0:d3:80:6b:a5:e3:2f:99:bf:06:15:34:74:17:
90:39:85:a9:d9:eb:a7:e8:b5:09:66:cd:da:dc:7f:
b5:5e:04:bd:e6:46:13:25:26:cf:8c:45:78:6c:2c:
c4:15:90:14:74:20:48:58:e6:04:d3:ae:98:6a:7c:
1c:bd:e3:16:aa:47:56:54:92:9e:d6:e7:2e:41:99:
87:24:80:81:8f:21:c7:d3:58:82:b6:7c:ef:f5:be:
aa:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:FE:63:E0:A8:EC:58:58:37:93:00:D4:C6:B1:E9:6C:50:82:8E:98
X509v3 Authority Key Identifier:
keyid:53:E3:AE:DD:91:BE:82:45:13:42:DC:D1:C9:82:83:45:DB:66:1A:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/If5j4KjsWFg3kwDUxrHpbFCCjpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.184.0/22
185.225.196.0/24
194.116.141.0/24
IPv6:
2001:67c:15d8::/48
2a0d:5d00::/29
Signature Algorithm: sha256WithRSAEncryption
58:a0:9d:f5:8a:80:1a:90:91:1a:42:e4:d4:42:7f:95:19:9a:
1e:a7:cd:1c:7d:15:fa:97:22:a5:97:6d:0e:33:e6:ab:26:ff:
f6:7f:27:4a:ad:2e:b4:45:b1:8e:11:02:65:7c:11:5d:34:96:
b5:3c:02:d2:f9:8b:a9:7f:d2:c4:02:eb:26:b5:7d:2e:18:12:
95:f2:c9:e4:e7:5b:5b:77:57:14:80:02:b2:78:c5:1c:c7:eb:
63:c4:a6:4d:21:33:46:9f:29:ed:20:f6:fa:b4:af:bf:ba:4b:
53:3a:cc:de:b0:a9:44:47:1f:f6:e3:b4:d1:cd:73:72:8a:b5:
32:11:b7:a7:2d:f8:04:d2:3c:5f:d8:fa:c9:7c:15:9d:d3:b2:
c4:4b:91:b5:99:29:e5:83:ad:9d:fb:d6:00:d1:89:db:ae:2f:
af:73:65:e7:87:5e:16:af:38:08:b7:66:86:7b:fb:ac:80:0b:
a1:ef:c0:1c:af:68:1a:a1:c7:9f:35:db:94:db:ed:b6:b0:80:
08:df:6c:e3:14:2f:f2:32:cf:2f:2a:66:3c:6e:5e:cf:ef:5e:
4f:20:e2:19:3e:82:32:51:0d:32:fd:ee:53:e5:f2:6b:01:51:
88:2b:0e:e4:ad:1a:10:b8:3f:83:d8:b9:f7:ef:4e:ea:68:c6:
7c:f0:29:5e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQm2Z7JSJGF1Van1RI4Tt/hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZTNhZWRkOTFiZTgyNDUxMzQyZGNkMWM5ODI4MzQ1ZGI2
NjFhNWYwHhcNMjUwMTAyMTE0OTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWZlNjNlMGE4ZWM1ODU4Mzc5MzAwZDRjNmIxZTk2YzUwODI4ZTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUg+RhfsL/q68rmijPcSTN1ozWrd
p2JQVkTWHHE8drVChmA3w8sAn0ATgUkhIbmcxbH3YGXtaDT8rxNYEuQQQ+AAzD4b
Z3n1WPe4nbRqvhuS53tsydJFoHXHzGWVJO+iL/GZrSPUlBxSmiMxCkjgM5rW3FCa
BYIt0nFBP5bZq6l5xNQwdemi0MFIZFQq6T4HJWacMKzBFVNELS8n5mOq/+fNzXyR
wNOAa6XjL5m/BhU0dBeQOYWp2eun6LUJZs3a3H+1XgS95kYTJSbPjEV4bCzEFZAU
dCBIWOYE066YanwcveMWqkdWVJKe1ucuQZmHJICBjyHH01iCtnzv9b6q1QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCH+Y+Co7FhYN5MA1Max6WxQgo6YMB8GA1UdIwQY
MBaAFFPjrt2RvoJFE0Lc0cmCg0XbZhpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVS1PdTNaRy1na1VUUXR6UnlZS0RSZHRtR2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8wNGU4YjItYzc2Zi00NjI5LTk1YWQt
YTdkOTQ1YWYxNGU1LzEvSWY1ajRLanNXRmcza3dEVXhySHBiRkNDanBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8wNGU4YjItYzc2Zi00NjI5LTk1YWQtYTdkOTQ1YWYxNGU1
LzEvVS1PdTNaRy1na1VUUXR6UnlZS0RSZHRtR2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQCW8W4AwQA
ueHEAwQAwnSNMBYEAgACMBADBwAgAQZ8FdgDBQMqDV0AMA0GCSqGSIb3DQEBCwUA
A4IBAQBYoJ31ioAakJEaQuTUQn+VGZoep80cfRX6lyKll20OM+arJv/2fydKrS60
RbGOEQJlfBFdNJa1PALS+Yupf9LEAusmtX0uGBKV8snk51tbd1cUgAKyeMUcx+tj
xKZNITNGnyntIPb6tK+/uktTOszesKlERx/247TRzXNyirUyEbenLfgE0jxf2PrJ
fBWd07LES5G1mSnlg62d+9YA0Ynbri+vc2Xnh14WrzgIt2aGe/usgAuh78Acr2ga
ocefNduU2+22sIAI32zjFC/yMs8vKmY8bl7P715PIOIZPoIyUQ0y/e5T5fJrAVGI
Kw7krRoQuD+D2Ln3707qaMZ88Cle
-----END CERTIFICATE-----
Generated at Sat Apr 26 23:00:12 2025 by rpki-client