Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/puxQYZc-bCSrSQ9uTbWytBh-eug.roa
File: puxQYZc-bCSrSQ9uTbWytBh-eug.roa (raw, json)
Hash identifier: GCBmXahO4pMrxN7DjJxkuPfStuAZ5NPuhQw85mRhQ5g=
Subject key identifier: A6:EC:50:61:97:3E:6C:24:AB:49:0F:6E:4D:B5:B2:B4:18:7E:7A:E8
Certificate issuer: /CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Certificate serial: 0194236A297186DBCECF16B390122BCC4CFC
Authority key identifier: 2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/puxQYZc-bCSrSQ9uTbWytBh-eug.roa
Signing time: Wed 01 Jan 2025 19:49:07 +0000
ROA not before: Wed 01 Jan 2025 19:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47330
IP address blocks: 37.156.28.0/23 maxlen: 23
92.114.16.0/22 maxlen: 22
92.114.20.0/24 maxlen: 24
92.114.21.0/24 maxlen: 24
188.213.65.0/24 maxlen: 24
188.213.66.0/24 maxlen: 24
188.213.67.0/24 maxlen: 24
188.213.68.0/24 maxlen: 24
188.213.69.0/24 maxlen: 24
2a00:5ca6::/31 maxlen: 31
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:29:71:86:db:ce:cf:16:b3:90:12:2b:cc:4c:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Validity
Not Before: Jan 1 19:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6ec5061973e6c24ab490f6e4db5b2b4187e7ae8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:dd:29:b9:5d:0b:65:59:87:3f:60:5f:c9:20:
31:f9:0c:4b:1b:f3:01:9c:b2:ec:88:9b:a4:91:24:
4b:99:48:10:4f:b9:37:9e:6d:04:ba:1c:2f:28:67:
af:2c:04:7e:aa:0e:42:18:42:59:2f:9f:96:ee:e9:
a2:91:21:6c:9d:96:41:fd:3c:8c:1c:69:88:50:5b:
78:47:ae:8c:e0:04:11:81:f6:82:d3:39:36:97:52:
9b:5d:0f:3c:80:73:72:36:67:2c:10:c0:e7:90:b7:
ab:af:21:0f:35:fb:d7:92:4e:d4:90:66:45:72:ad:
3c:59:e2:0c:0e:c2:ef:40:bd:7e:15:0d:90:d2:0c:
ff:f7:46:23:f7:31:ac:86:6f:ca:09:c7:4f:7a:94:
48:5d:a8:7e:d3:a1:00:3d:a3:21:33:93:24:80:66:
ff:69:29:08:36:c4:02:06:d3:74:dc:12:ae:0e:c4:
fd:6e:bd:22:88:aa:2b:d4:58:2e:2d:06:6f:ea:b3:
b3:a3:b0:50:51:86:d2:64:fc:1f:fb:4e:f6:e4:a7:
e5:c7:21:2d:ce:1b:49:e4:f5:58:4d:22:f6:53:5c:
43:5b:b7:c6:37:89:c3:ad:0d:e4:4a:87:fc:be:cc:
cd:c0:c7:dd:a4:59:38:94:68:e7:1b:1f:7b:6d:a6:
4d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:EC:50:61:97:3E:6C:24:AB:49:0F:6E:4D:B5:B2:B4:18:7E:7A:E8
X509v3 Authority Key Identifier:
keyid:2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/puxQYZc-bCSrSQ9uTbWytBh-eug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/L2pDTEtdI5xObkG35YXI1Y-Jlas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.28.0/23
92.114.16.0-92.114.21.255
188.213.65.0-188.213.69.255
IPv6:
2a00:5ca6::/31
Signature Algorithm: sha256WithRSAEncryption
1c:6e:46:ba:9b:34:7a:1a:0f:c7:ca:7f:c1:8e:10:c2:6c:73:
b2:05:44:a2:1f:84:46:62:90:89:d9:23:05:17:7b:b3:67:5c:
67:33:0d:68:16:91:a1:06:27:e6:ef:3a:8f:3b:40:07:d1:5d:
56:0d:60:97:db:c7:6b:47:c7:b0:ca:3a:23:df:5c:c8:12:72:
9c:16:07:a5:23:6e:fd:1b:cb:ec:41:2c:39:cc:d7:f2:77:32:
72:0a:e1:5c:bd:ea:16:76:ff:6d:b7:21:54:4a:a1:46:07:f5:
35:90:66:39:79:42:a2:89:4d:1c:0e:6d:39:78:dd:5f:8d:25:
b9:fa:b5:a6:74:ef:ba:d4:45:80:52:33:52:12:d0:96:6a:8e:
17:c0:ef:b0:5d:39:c1:a8:b5:9e:fb:cf:25:74:35:1f:41:18:
4d:23:36:a1:b1:a9:eb:8d:99:2c:7b:39:dc:05:7a:d3:d8:f5:
40:21:17:76:c7:98:cf:61:84:b7:87:49:c8:a8:1a:67:eb:40:
ef:68:69:34:d5:fc:3c:0f:79:b3:78:91:ee:c3:73:f2:79:24:
2a:5b:57:3b:3b:32:62:e7:0e:70:a9:6e:71:ff:ab:75:c7:88:
82:2f:50:19:2b:4d:2e:f8:30:50:00:e6:73:c7:4f:d0:1b:e3:
37:79:2b:4a
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZQjailxhtvOzxazkBIrzEz8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNmE0MzRjNGI1ZDIzOWM0ZTZlNDFiN2U1ODVjOGQ1OGY4
OTk1YWIwHhcNMjUwMTAxMTk0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmVjNTA2MTk3M2U2YzI0YWI0OTBmNmU0ZGI1YjJiNDE4N2U3YWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtd0puV0LZVmHP2BfySAx+QxLG/MB
nLLsiJukkSRLmUgQT7k3nm0EuhwvKGevLAR+qg5CGEJZL5+W7umikSFsnZZB/TyM
HGmIUFt4R66M4AQRgfaC0zk2l1KbXQ88gHNyNmcsEMDnkLerryEPNfvXkk7UkGZF
cq08WeIMDsLvQL1+FQ2Q0gz/90Yj9zGshm/KCcdPepRIXah+06EAPaMhM5MkgGb/
aSkINsQCBtN03BKuDsT9br0iiKor1FguLQZv6rOzo7BQUYbSZPwf+0725KflxyEt
zhtJ5PVYTSL2U1xDW7fGN4nDrQ3kSof8vszNwMfdpFk4lGjnGx97baZNmwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFKbsUGGXPmwkq0kPbk21srQYfnroMB8GA1UdIwQY
MBaAFC9qQ0xLXSOcTm5Bt+WFyNWPiZWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWIt
NDBiNmQ2N2ZjZDk0LzEvcHV4UVlaYy1iQ1NyU1E5dVRiV3l0QmgtZXVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWItNDBiNmQ2N2ZjZDk0
LzEvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAoBAIAATAiAwQBJZwcMAwD
BARcchADBAFcchQwDAMEALzVQQMEAbzVRDANBAIAAjAHAwUBKgBcpjANBgkqhkiG
9w0BAQsFAAOCAQEAHG5Gups0ehoPx8p/wY4QwmxzsgVEoh+ERmKQidkjBRd7s2dc
ZzMNaBaRoQYn5u86jztAB9FdVg1gl9vHa0fHsMo6I99cyBJynBYHpSNu/RvL7EEs
OczX8ncycgrhXL3qFnb/bbchVEqhRgf1NZBmOXlCoolNHA5tOXjdX40lufq1pnTv
utRFgFIzUhLQlmqOF8DvsF05wai1nvvPJXQ1H0EYTSM2obGp642ZLHs53AV609j1
QCEXdseYz2GEt4dJyKgaZ+tA72hpNNX8PA95s3iR7sNz8nkkKltXOzsyYucOcKlu
cf+rdceIgi9QGStNLvgwUADmc8dP0BvjN3krSg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:54:51 2025 by rpki-client