Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/c84a4d-9e57-4756-bdbb-01aa056b1f6f/1/5GniNEhMinY30K7EXaIu9sAOhOQ.roa
File: 5GniNEhMinY30K7EXaIu9sAOhOQ.roa (raw, json)
Hash identifier: QfzSo55A79YZ0l6NKBygH+Tw/Dr7wh1jiZA/eg3De/Y=
Subject key identifier: E4:69:E2:34:48:4C:8A:76:37:D0:AE:C4:5D:A2:2E:F6:C0:0E:84:E4
Certificate issuer: /CN=9bbc4239c9cb981f19a495e633d3bec889fcbe89
Certificate serial: 0194266BA629C20AE77E06C82C92C8E0904B
Authority key identifier: 9B:BC:42:39:C9:CB:98:1F:19:A4:95:E6:33:D3:BE:C8:89:FC:BE:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m7xCOcnLmB8ZpJXmM9O-yIn8vok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/c84a4d-9e57-4756-bdbb-01aa056b1f6f/1/5GniNEhMinY30K7EXaIu9sAOhOQ.roa
Signing time: Thu 02 Jan 2025 09:49:36 +0000
ROA not before: Thu 02 Jan 2025 09:49:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43940
IP address blocks: 62.4.32.0/19 maxlen: 24
109.72.96.0/20 maxlen: 21
185.64.0.0/22 maxlen: 24
185.179.92.0/22 maxlen: 22
213.133.0.0/19 maxlen: 24
213.196.64.0/19 maxlen: 19
2a03:7a0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:a6:29:c2:0a:e7:7e:06:c8:2c:92:c8:e0:90:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bbc4239c9cb981f19a495e633d3bec889fcbe89
Validity
Not Before: Jan 2 09:49:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e469e234484c8a7637d0aec45da22ef6c00e84e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e3:f2:3f:78:cf:bf:67:cb:bd:06:8d:86:1b:
66:79:32:e8:c9:3e:d9:10:59:93:1d:3a:e8:57:55:
e0:a7:d3:43:10:a5:6b:d5:51:5a:42:5f:39:a2:c3:
10:83:8d:8e:5f:58:aa:13:0a:1d:53:21:d4:be:65:
47:a8:61:43:28:04:da:ac:02:67:24:fa:ba:ab:95:
4d:86:55:b6:d1:cd:fc:57:62:f2:ee:02:70:3f:c6:
12:47:d9:c5:15:f6:a1:8e:aa:99:28:ef:32:13:48:
1b:7b:76:e0:de:6a:8f:2f:2a:0e:5f:27:29:dd:19:
4f:62:61:1a:99:3a:e2:9d:23:12:42:d6:78:07:4b:
c0:6a:0d:69:16:00:98:d6:70:85:96:c6:63:2b:28:
c0:58:ec:92:a6:f6:03:28:76:df:e9:ac:6a:f1:7f:
98:0f:4e:86:8f:31:f9:5c:4b:37:55:14:4c:4f:84:
23:0d:9c:eb:e6:bd:22:b4:3b:cf:6c:8e:f8:0a:22:
c3:05:2c:89:0a:a8:67:54:c6:9e:27:68:cf:0e:ef:
4d:80:d6:67:36:61:30:fc:d4:7a:11:e2:07:ad:2f:
80:5e:3d:77:5b:e9:ab:53:0e:79:c6:84:e9:54:95:
b2:6d:73:0f:06:79:dd:fa:6e:fa:ec:df:0c:4a:6d:
b9:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:69:E2:34:48:4C:8A:76:37:D0:AE:C4:5D:A2:2E:F6:C0:0E:84:E4
X509v3 Authority Key Identifier:
keyid:9B:BC:42:39:C9:CB:98:1F:19:A4:95:E6:33:D3:BE:C8:89:FC:BE:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m7xCOcnLmB8ZpJXmM9O-yIn8vok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/c84a4d-9e57-4756-bdbb-01aa056b1f6f/1/5GniNEhMinY30K7EXaIu9sAOhOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/c84a4d-9e57-4756-bdbb-01aa056b1f6f/1/m7xCOcnLmB8ZpJXmM9O-yIn8vok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.4.32.0/19
109.72.96.0/20
185.64.0.0/22
185.179.92.0/22
213.133.0.0/19
213.196.64.0/19
IPv6:
2a03:7a0::/29
Signature Algorithm: sha256WithRSAEncryption
6a:86:4e:83:e9:ce:1d:c9:de:00:60:55:76:9d:bf:fe:3b:96:
46:b3:e9:dd:b1:01:10:b1:05:f1:61:f1:9f:40:d7:ad:c2:e3:
7f:a4:8b:08:af:87:51:ce:ea:69:93:31:b7:e1:ca:03:2b:c2:
ae:af:60:78:1d:36:3a:aa:e1:14:09:28:ea:85:1e:0c:8d:58:
27:10:4e:57:55:21:1c:3c:ea:f1:91:3b:9b:57:aa:a9:c1:f0:
c9:28:c1:1f:1d:31:c0:a1:96:ed:6d:d8:98:3b:5e:dd:36:18:
91:39:1a:f6:2e:bf:5c:b9:9c:87:c6:f7:21:de:ee:1d:2c:bf:
06:fc:7e:21:ce:ca:43:ac:bd:ff:a2:0a:7c:90:23:05:90:ff:
e3:ec:55:c2:fd:63:90:71:5a:b9:2b:35:e1:31:78:e0:34:f0:
5b:c3:cc:3c:43:54:0f:8b:7a:3a:11:da:fe:be:24:55:ad:89:
92:c2:c4:a1:41:80:ec:7f:8e:cb:31:8f:54:19:ca:e1:e7:cb:
86:27:86:15:15:36:53:5a:89:6e:71:9c:ef:47:29:2d:4e:c8:
e9:6e:d3:49:a7:24:3b:f9:6e:9e:96:2d:e7:26:31:e6:78:78:
63:d2:64:24:76:0d:af:65:4a:0c:df:e8:fe:58:58:65:a5:fa:
e2:65:88:64
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQma6YpwgrnfgbILJLI4JBLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliYmM0MjM5YzljYjk4MWYxOWE0OTVlNjMzZDNiZWM4ODlm
Y2JlODkwHhcNMjUwMTAyMDk0OTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDY5ZTIzNDQ4NGM4YTc2MzdkMGFlYzQ1ZGEyMmVmNmMwMGU4NGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmePyP3jPv2fLvQaNhhtmeTLoyT7Z
EFmTHTroV1Xgp9NDEKVr1VFaQl85osMQg42OX1iqEwodUyHUvmVHqGFDKATarAJn
JPq6q5VNhlW20c38V2Ly7gJwP8YSR9nFFfahjqqZKO8yE0gbe3bg3mqPLyoOXycp
3RlPYmEamTrinSMSQtZ4B0vAag1pFgCY1nCFlsZjKyjAWOySpvYDKHbf6axq8X+Y
D06GjzH5XEs3VRRMT4QjDZzr5r0itDvPbI74CiLDBSyJCqhnVMaeJ2jPDu9NgNZn
NmEw/NR6EeIHrS+AXj13W+mrUw55xoTpVJWybXMPBnnd+m767N8MSm25iQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFORp4jRITIp2N9CuxF2iLvbADoTkMB8GA1UdIwQY
MBaAFJu8QjnJy5gfGaSV5jPTvsiJ/L6JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTd4Q09jbkxtQjhacEpYbU05Ty15SW44dm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9jODRhNGQtOWU1Ny00NzU2LWJkYmIt
MDFhYTA1NmIxZjZmLzEvNUduaU5FaE1pblkzMEs3RVhhSXU5c0FPaE9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9jODRhNGQtOWU1Ny00NzU2LWJkYmItMDFhYTA1NmIxZjZm
LzEvbTd4Q09jbkxtQjhacEpYbU05Ty15SW44dm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQFPgQgAwQE
bUhgAwQCuUAAAwQCubNcAwQF1YUAAwQF1cRAMA0EAgACMAcDBQMqAwegMA0GCSqG
SIb3DQEBCwUAA4IBAQBqhk6D6c4dyd4AYFV2nb/+O5ZGs+ndsQEQsQXxYfGfQNet
wuN/pIsIr4dRzuppkzG34coDK8Kur2B4HTY6quEUCSjqhR4MjVgnEE5XVSEcPOrx
kTubV6qpwfDJKMEfHTHAoZbtbdiYO17dNhiRORr2Lr9cuZyHxvch3u4dLL8G/H4h
zspDrL3/ogp8kCMFkP/j7FXC/WOQcVq5KzXhMXjgNPBbw8w8Q1QPi3o6Edr+viRV
rYmSwsShQYDsf47LMY9UGcrh58uGJ4YVFTZTWolucZzvRyktTsjpbtNJpyQ7+W6e
li3nJjHmeHhj0mQkdg2vZUoM3+j+WFhlpfriZYhk
-----END CERTIFICATE-----
Generated at Fri Apr 25 15:29:38 2025 by rpki-client