Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/FUn2t9ppYu0Wn0pkoCRZ-HiUy7U.roa
File: FUn2t9ppYu0Wn0pkoCRZ-HiUy7U.roa (raw, json)
Hash identifier: IgKhBAHaInAK8D+wEDHgOoVh2qEqWhDFRzWVOdnNaSE=
Subject key identifier: 15:49:F6:B7:DA:69:62:ED:16:9F:4A:64:A0:24:59:F8:78:94:CB:B5
Certificate issuer: /CN=e43baafc64b33e43db78dc7aed605ef70406d9af
Certificate serial: 01941FFA23F31C88E2084DDA60249917F530
Authority key identifier: E4:3B:AA:FC:64:B3:3E:43:DB:78:DC:7A:ED:60:5E:F7:04:06:D9:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Duq_GSzPkPbeNx67WBe9wQG2a8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/FUn2t9ppYu0Wn0pkoCRZ-HiUy7U.roa
Signing time: Wed 01 Jan 2025 03:47:54 +0000
ROA not before: Wed 01 Jan 2025 03:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31334
IP address blocks: 24.134.0.0/16 maxlen: 16
31.16.0.0/14 maxlen: 24
37.4.0.0/15 maxlen: 23
77.20.0.0/14 maxlen: 24
77.24.0.0/16 maxlen: 16
77.25.0.0/17 maxlen: 23
83.169.128.0/18 maxlen: 24
88.134.0.0/16 maxlen: 24
91.64.0.0/14 maxlen: 24
95.88.0.0/14 maxlen: 24
109.47.0.0/16 maxlen: 16
109.84.0.0/15 maxlen: 15
146.52.0.0/16 maxlen: 24
178.24.0.0/14 maxlen: 24
185.19.196.0/22 maxlen: 22
188.192.0.0/14 maxlen: 24
2a02:8100::/27 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:23:f3:1c:88:e2:08:4d:da:60:24:99:17:f5:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e43baafc64b33e43db78dc7aed605ef70406d9af
Validity
Not Before: Jan 1 03:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1549f6b7da6962ed169f4a64a02459f87894cbb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2b:d9:e7:a3:2e:55:c8:2a:23:a5:0b:53:65:
bc:d1:0b:71:b1:5d:00:4c:f8:ee:4d:c7:9d:95:5d:
72:fc:cf:e2:28:7f:96:9f:48:33:f4:57:61:e3:91:
a2:0d:ff:89:7f:a0:74:96:66:c6:39:c9:7f:89:ae:
26:1d:8a:90:e9:16:68:ed:11:3a:c3:c6:a9:2a:ba:
8f:da:af:c6:29:31:13:ed:c9:c0:30:b8:f8:b1:2c:
1a:c8:2d:03:91:82:ad:25:2e:20:4e:35:73:9f:29:
0d:0e:3f:2c:6d:60:6c:b3:2b:b9:ab:52:17:c8:8d:
1f:15:2d:ed:e5:95:ac:b7:f1:7b:7d:89:a2:20:d2:
6f:95:39:8b:04:1f:35:57:8a:68:08:7e:2f:65:a0:
d4:9d:9c:2d:94:53:59:be:d3:20:cf:f6:29:66:bb:
ed:7f:89:4b:47:de:73:f1:f3:32:cd:e9:6f:b9:19:
55:25:56:e5:23:c9:25:32:9d:de:9f:fd:f3:7b:24:
5c:9a:a8:d0:c0:87:5a:93:68:bb:43:0c:de:cf:4a:
99:78:33:a4:f6:79:da:ef:1e:45:c3:22:b9:58:8d:
f8:aa:21:3e:90:93:f2:14:86:ea:4b:e4:2d:c5:af:
ac:51:81:27:35:76:0a:fb:68:7a:79:62:a2:95:20:
b6:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:49:F6:B7:DA:69:62:ED:16:9F:4A:64:A0:24:59:F8:78:94:CB:B5
X509v3 Authority Key Identifier:
keyid:E4:3B:AA:FC:64:B3:3E:43:DB:78:DC:7A:ED:60:5E:F7:04:06:D9:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Duq_GSzPkPbeNx67WBe9wQG2a8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/FUn2t9ppYu0Wn0pkoCRZ-HiUy7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/5Duq_GSzPkPbeNx67WBe9wQG2a8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
24.134.0.0/16
31.16.0.0/14
37.4.0.0/15
77.20.0.0-77.25.127.255
83.169.128.0/18
88.134.0.0/16
91.64.0.0/14
95.88.0.0/14
109.47.0.0/16
109.84.0.0/15
146.52.0.0/16
178.24.0.0/14
185.19.196.0/22
188.192.0.0/14
IPv6:
2a02:8100::/27
Signature Algorithm: sha256WithRSAEncryption
af:e6:16:64:06:71:aa:2e:6c:95:1a:e7:69:58:75:79:d8:b4:
09:92:59:3b:3b:e6:34:e9:4c:39:82:94:87:e3:21:43:8d:6c:
5f:29:4b:cb:9f:7c:97:82:82:0d:51:2d:8f:48:5a:e3:c7:ba:
d8:5d:bb:b2:ee:cf:8b:16:64:d2:2c:c3:2d:ab:a8:04:54:6c:
11:9e:e0:64:23:3f:93:f8:0b:6f:b8:ba:61:15:cf:32:10:ce:
96:8a:63:ed:9a:52:bc:87:87:53:f6:51:52:58:d8:7e:ac:34:
b3:4f:f5:7e:1c:8c:a4:46:b4:3b:b3:d3:7b:5b:da:69:39:d2:
dd:9c:82:96:00:7e:79:d8:a7:d1:97:4a:d7:14:d2:be:52:e4:
a0:3e:08:66:ac:9e:dd:c6:0f:ff:51:2d:60:5a:15:42:7c:dd:
b1:27:c8:85:62:d2:40:27:2b:a9:ec:fb:a7:55:01:0b:09:15:
4e:64:5c:31:69:e0:07:a6:c1:87:57:af:6e:99:ad:eb:97:fe:
57:ed:d2:a9:47:c5:fb:c0:2d:a4:8e:1b:b5:f9:dc:2a:71:de:
8b:be:12:fe:ae:a1:e0:72:11:19:88:89:db:f2:31:6b:7c:80:
cf:55:4b:7a:d3:8d:2a:65:6a:32:63:12:b3:0a:f5:cf:95:5b:
9b:2e:e1:de
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAZQf+iPzHIjiCE3aYCSZF/UwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2JhYWZjNjRiMzNlNDNkYjc4ZGM3YWVkNjA1ZWY3MDQw
NmQ5YWYwHhcNMjUwMTAxMDM0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTQ5ZjZiN2RhNjk2MmVkMTY5ZjRhNjRhMDI0NTlmODc4OTRjYmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCvZ56MuVcgqI6ULU2W80QtxsV0A
TPjuTcedlV1y/M/iKH+Wn0gz9Fdh45GiDf+Jf6B0lmbGOcl/ia4mHYqQ6RZo7RE6
w8apKrqP2q/GKTET7cnAMLj4sSwayC0DkYKtJS4gTjVznykNDj8sbWBssyu5q1IX
yI0fFS3t5ZWst/F7fYmiINJvlTmLBB81V4poCH4vZaDUnZwtlFNZvtMgz/YpZrvt
f4lLR95z8fMyzelvuRlVJVblI8klMp3en/3zeyRcmqjQwIdak2i7Qwzez0qZeDOk
9nna7x5FwyK5WI34qiE+kJPyFIbqS+Qtxa+sUYEnNXYK+2h6eWKilSC2WQIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFBVJ9rfaaWLtFp9KZKAkWfh4lMu1MB8GA1UdIwQY
MBaAFOQ7qvxksz5D23jceu1gXvcEBtmvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUR1cV9HU3pQa1BiZU54NjdXQmU5d1FHMmE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9jODBkNDgtODMwYy00Y2MzLWFlNTIt
ZTY4MTJkYWI2OTk5LzEvRlVuMnQ5cHBZdTBXbjBwa29DUlotSGlVeTdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9jODBkNDgtODMwYy00Y2MzLWFlNTItZTY4MTJkYWI2OTk5
LzEvNUR1cV9HU3pQa1BiZU54NjdXQmU5d1FHMmE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBWBAIAATBQAwMAGIYDAwIf
EAMDASUEMAsDAwJNFAMEB00ZAAMEBlOpgAMDAFiGAwMCW0ADAwJfWAMDAG0vAwMB
bVQDAwCSNAMDArIYAwQCuRPEAwMCvMAwDQQCAAIwBwMFBSoCgQAwDQYJKoZIhvcN
AQELBQADggEBAK/mFmQGcaoubJUa52lYdXnYtAmSWTs75jTpTDmClIfjIUONbF8p
S8uffJeCgg1RLY9IWuPHuthdu7Luz4sWZNIswy2rqARUbBGe4GQjP5P4C2+4umEV
zzIQzpaKY+2aUryHh1P2UVJY2H6sNLNP9X4cjKRGtDuz03tb2mk50t2cgpYAfnnY
p9GXStcU0r5S5KA+CGasnt3GD/9RLWBaFUJ83bEnyIVi0kAnK6ns+6dVAQsJFU5k
XDFp4AemwYdXr26ZreuX/lft0qlHxfvALaSOG7X53Cpx3ou+Ev6uoeByERmIidvy
MWt8gM9VS3rTjSplajJjErMK9c+VW5su4d4=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:03:52 2025 by rpki-client