Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/67501a-78db-4c38-8a95-261666c3a589/1/al13DKIt3SfqclQUqJ641JV2HWg.roa
File: al13DKIt3SfqclQUqJ641JV2HWg.roa (raw, json)
Hash identifier: Jc3t3A50esUFct6rJU/d535MsDkwn1l4iRxFWqy7EFw=
Subject key identifier: 6A:5D:77:0C:A2:2D:DD:27:EA:72:54:14:A8:9E:B8:D4:95:76:1D:68
Certificate issuer: /CN=8cfff21538e225618314615e4f0d0688b7b0dd5a
Certificate serial: 019425FD6EE447E4B16C96808FEAC6142BEA
Authority key identifier: 8C:FF:F2:15:38:E2:25:61:83:14:61:5E:4F:0D:06:88:B7:B0:DD:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jP_yFTjiJWGDFGFeTw0GiLew3Vo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/67501a-78db-4c38-8a95-261666c3a589/1/al13DKIt3SfqclQUqJ641JV2HWg.roa
Signing time: Thu 02 Jan 2025 07:49:13 +0000
ROA not before: Thu 02 Jan 2025 07:49:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31477
IP address blocks: 83.137.144.0/21 maxlen: 24
87.238.168.0/21 maxlen: 24
89.188.0.0/19 maxlen: 24
89.200.200.0/21 maxlen: 24
91.196.104.0/24 maxlen: 24
91.196.105.0/24 maxlen: 24
185.80.245.0/24 maxlen: 24
2a01:1b0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:6e:e4:47:e4:b1:6c:96:80:8f:ea:c6:14:2b:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8cfff21538e225618314615e4f0d0688b7b0dd5a
Validity
Not Before: Jan 2 07:49:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a5d770ca22ddd27ea725414a89eb8d495761d68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:48:4d:72:f8:38:b5:79:f9:a9:dc:1c:45:f8:
8e:43:c0:0e:6c:5d:79:33:03:c1:4c:be:6f:de:bd:
6b:ec:b8:59:60:19:26:d0:ba:6b:0f:14:c2:98:c8:
cc:ec:90:1b:71:90:3f:42:0c:59:11:2d:5e:a5:56:
69:e1:71:d8:99:a9:c5:18:ea:68:60:94:07:08:8e:
a6:2a:64:cf:5f:3d:3a:7f:cd:0f:90:a0:01:96:38:
91:e9:ed:81:77:79:86:25:25:cb:34:d5:14:85:99:
c7:8a:ca:6e:96:1e:47:56:84:7b:7c:4d:b6:c8:b1:
0b:9c:25:cf:ba:5b:7c:a1:07:07:46:7f:a5:b3:f0:
ec:48:b9:3a:af:04:30:c5:4c:02:58:e0:dd:46:0a:
48:80:15:db:ef:13:72:7f:1e:2f:4c:11:c7:7d:39:
61:a2:b1:81:ac:75:f5:e5:81:3b:8e:e0:b7:4b:38:
f2:b2:02:2c:cc:06:82:75:38:a4:fb:d5:a9:e8:ef:
21:6a:d1:fb:5e:41:70:89:05:56:84:ad:58:95:f8:
dc:2c:eb:6b:6d:45:3a:14:87:5b:a1:6f:e0:c9:51:
83:cc:1b:33:35:0b:c5:a9:29:4f:e2:9f:d1:74:0e:
e3:19:cf:8e:44:e9:03:bd:2b:f9:af:3a:bb:12:87:
e5:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:5D:77:0C:A2:2D:DD:27:EA:72:54:14:A8:9E:B8:D4:95:76:1D:68
X509v3 Authority Key Identifier:
keyid:8C:FF:F2:15:38:E2:25:61:83:14:61:5E:4F:0D:06:88:B7:B0:DD:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jP_yFTjiJWGDFGFeTw0GiLew3Vo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/67501a-78db-4c38-8a95-261666c3a589/1/al13DKIt3SfqclQUqJ641JV2HWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/67501a-78db-4c38-8a95-261666c3a589/1/jP_yFTjiJWGDFGFeTw0GiLew3Vo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.137.144.0/21
87.238.168.0/21
89.188.0.0/19
89.200.200.0/21
91.196.104.0/23
185.80.245.0/24
IPv6:
2a01:1b0::/32
Signature Algorithm: sha256WithRSAEncryption
8d:7e:da:84:3e:e1:8f:d4:c8:67:1d:f4:b7:f7:d1:2a:9d:9a:
12:f3:25:cd:df:e9:11:5d:52:11:bb:bd:3b:58:f1:0e:5d:10:
8c:97:8e:c8:7f:f4:24:9e:55:21:57:47:a4:75:53:a3:b4:4b:
1e:11:ad:2a:74:5d:30:85:37:4c:9c:16:fa:cb:c1:dc:86:5d:
1e:73:3c:2b:bc:fd:a5:54:22:6e:d1:8d:a3:70:11:02:87:c5:
a0:3c:73:a4:8d:ae:8b:4a:5d:c1:42:c0:6b:81:f4:21:20:cf:
28:44:04:9e:97:9c:c4:f5:d6:df:b2:fe:a9:17:dc:1c:55:39:
bf:db:8f:69:d4:fc:bf:b7:8a:26:f9:a3:d1:fe:02:dc:f9:df:
b8:62:ca:f1:7a:e8:2f:63:33:35:c5:49:83:52:66:db:16:9b:
56:9c:ec:20:d5:49:78:75:a7:66:14:bf:47:3d:8a:42:eb:68:
84:82:1a:b0:00:e3:a7:fa:2d:96:94:8c:fe:55:3f:3b:dd:d4:
35:73:29:b5:13:ec:0f:f7:2f:2f:6d:b8:75:e5:e9:b5:ba:46:
b1:fe:b3:9a:db:79:ea:b8:76:07:45:99:fa:ea:5a:49:c2:28:
52:9c:d0:79:93:48:96:95:e0:0a:5e:48:45:81:7a:be:3c:0e:
da:cb:c5:a8
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQl/W7kR+SxbJaAj+rGFCvqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZmZmMjE1MzhlMjI1NjE4MzE0NjE1ZTRmMGQwNjg4Yjdi
MGRkNWEwHhcNMjUwMTAyMDc0OTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTVkNzcwY2EyMmRkZDI3ZWE3MjU0MTRhODllYjhkNDk1NzYxZDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkhNcvg4tXn5qdwcRfiOQ8AObF15
MwPBTL5v3r1r7LhZYBkm0LprDxTCmMjM7JAbcZA/QgxZES1epVZp4XHYmanFGOpo
YJQHCI6mKmTPXz06f80PkKABljiR6e2Bd3mGJSXLNNUUhZnHispulh5HVoR7fE22
yLELnCXPult8oQcHRn+ls/DsSLk6rwQwxUwCWODdRgpIgBXb7xNyfx4vTBHHfTlh
orGBrHX15YE7juC3SzjysgIszAaCdTik+9Wp6O8hatH7XkFwiQVWhK1YlfjcLOtr
bUU6FIdboW/gyVGDzBszNQvFqSlP4p/RdA7jGc+OROkDvSv5rzq7EoflRQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFGpddwyiLd0n6nJUFKieuNSVdh1oMB8GA1UdIwQY
MBaAFIz/8hU44iVhgxRhXk8NBoi3sN1aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalBfeUZUamlKV0dERkdGZVR3MEdpTGV3M1ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi82NzUwMWEtNzhkYi00YzM4LThhOTUt
MjYxNjY2YzNhNTg5LzEvYWwxM0RLSXQzU2ZxY2xRVXFKNjQxSlYySFdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi82NzUwMWEtNzhkYi00YzM4LThhOTUtMjYxNjY2YzNhNTg5
LzEvalBfeUZUamlKV0dERkdGZVR3MEdpTGV3M1ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDU4mQAwQD
V+6oAwQFWbwAAwQDWcjIAwQBW8RoAwQAuVD1MA0EAgACMAcDBQAqAQGwMA0GCSqG
SIb3DQEBCwUAA4IBAQCNftqEPuGP1MhnHfS399EqnZoS8yXN3+kRXVIRu707WPEO
XRCMl47If/QknlUhV0ekdVOjtEseEa0qdF0whTdMnBb6y8Hchl0eczwrvP2lVCJu
0Y2jcBECh8WgPHOkja6LSl3BQsBrgfQhIM8oRASel5zE9dbfsv6pF9wcVTm/249p
1Py/t4om+aPR/gLc+d+4YsrxeugvYzM1xUmDUmbbFptWnOwg1Ul4dadmFL9HPYpC
62iEghqwAOOn+i2WlIz+VT873dQ1cym1E+wP9y8vbbh15em1ukax/rOa23nquHYH
RZn66lpJwihSnNB5k0iWleAKXkhFgXq+PA7ay8Wo
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:06:55 2025 by rpki-client