Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/5c92d5-a7eb-4929-ae19-da138ade222b/1/4Vo1LbgSg-781dFksjaURY1r5lM.roa
File: 4Vo1LbgSg-781dFksjaURY1r5lM.roa (raw, json)
Hash identifier: cGkOqX+2Vt3J4A41hGsuYT10AGm/PDPU84x1eGxgeOc=
Subject key identifier: E1:5A:35:2D:B8:12:83:EE:FC:D5:D1:64:B2:36:94:45:8D:6B:E6:53
Certificate issuer: /CN=40f872e4cdb07d6839147e43a4a419bc84ba3214
Certificate serial: 01942747A11261810B95151EFE6A548B1A21
Authority key identifier: 40:F8:72:E4:CD:B0:7D:68:39:14:7E:43:A4:A4:19:BC:84:BA:32:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QPhy5M2wfWg5FH5DpKQZvIS6MhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/5c92d5-a7eb-4929-ae19-da138ade222b/1/4Vo1LbgSg-781dFksjaURY1r5lM.roa
Signing time: Thu 02 Jan 2025 13:49:53 +0000
ROA not before: Thu 02 Jan 2025 13:49:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15739
IP address blocks: 185.91.96.0/23 maxlen: 24
185.91.97.0/24 maxlen: 24
185.91.98.0/23 maxlen: 24
185.91.98.0/24 maxlen: 24
2a05:e380::/29 maxlen: 29
2a05:e380:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:a1:12:61:81:0b:95:15:1e:fe:6a:54:8b:1a:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40f872e4cdb07d6839147e43a4a419bc84ba3214
Validity
Not Before: Jan 2 13:49:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e15a352db81283eefcd5d164b23694458d6be653
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8b:5f:d4:35:cd:7a:5d:8c:6a:f1:71:21:72:
60:35:77:b6:9d:bb:35:e7:26:fa:c5:eb:60:ed:d8:
c2:ff:01:53:cb:a6:d8:bf:73:d9:b9:c2:0e:8a:3a:
02:fb:3f:79:15:eb:87:4d:73:ef:d2:ac:68:d9:fd:
04:08:8e:eb:1b:cf:c4:e5:8c:f9:ca:be:dd:32:bd:
0f:39:07:3e:ba:09:bf:06:f0:6a:8a:7a:ed:62:98:
90:2d:ba:e2:fa:41:ae:69:84:81:4d:98:fe:54:70:
fd:8c:f0:5a:ea:61:51:ae:e8:d6:fe:c5:ec:b7:87:
3d:61:d7:35:67:2f:4a:58:88:22:8b:5b:c9:fe:8c:
8b:44:44:cd:b9:a9:03:a5:00:76:b6:ed:4e:91:51:
db:5a:3e:ae:f3:75:fd:ab:85:64:5e:05:c2:67:c1:
98:e0:a7:94:0e:2d:71:1a:4a:2e:5b:62:0e:7c:4c:
d0:9a:63:4a:63:51:f0:95:85:f8:90:8b:d7:2c:03:
09:f0:53:ea:5e:1c:29:ab:fa:06:1e:12:41:db:87:
be:4c:6b:13:0d:eb:dc:70:f9:88:1f:95:75:25:fb:
4f:1a:8b:e3:fb:2c:45:64:e6:39:78:83:db:0c:70:
4a:97:df:06:e6:55:ee:71:49:9a:9d:d7:b0:8d:f8:
1c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:5A:35:2D:B8:12:83:EE:FC:D5:D1:64:B2:36:94:45:8D:6B:E6:53
X509v3 Authority Key Identifier:
keyid:40:F8:72:E4:CD:B0:7D:68:39:14:7E:43:A4:A4:19:BC:84:BA:32:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QPhy5M2wfWg5FH5DpKQZvIS6MhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/5c92d5-a7eb-4929-ae19-da138ade222b/1/4Vo1LbgSg-781dFksjaURY1r5lM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/5c92d5-a7eb-4929-ae19-da138ade222b/1/QPhy5M2wfWg5FH5DpKQZvIS6MhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.91.96.0/22
IPv6:
2a05:e380::/29
Signature Algorithm: sha256WithRSAEncryption
ea:5f:69:93:e8:b9:d3:a2:96:60:9c:a4:59:9a:38:8a:04:56:
91:21:58:f5:fb:c6:97:23:89:99:b6:0f:8a:c2:77:98:c3:fc:
3e:f7:03:06:04:91:fa:54:fa:2e:bd:80:fa:0e:85:4a:e5:18:
6b:ef:09:4d:09:1f:fb:c1:97:96:c6:68:99:53:17:e1:23:c4:
49:35:35:85:48:07:c7:9f:c2:99:77:f6:52:9f:a8:1c:98:b5:
23:6b:47:f5:3f:c1:48:c8:fd:73:3f:59:64:b4:44:87:c1:e6:
1f:6f:ca:70:ae:45:b2:eb:46:1b:31:4f:23:27:96:3f:97:21:
f7:ee:bf:d9:ab:c1:02:2b:26:cb:63:45:78:a8:03:d3:21:bf:
e7:7b:89:95:af:ea:b0:05:5c:4b:72:95:7b:ff:70:17:8a:64:
20:3f:23:97:58:1d:30:f2:6c:64:5b:2f:0d:2d:14:32:60:7a:
f4:64:2e:fc:ae:ff:b4:53:fd:64:1f:db:39:2a:9c:78:93:4f:
73:3a:9d:82:59:af:2a:fb:dc:16:ea:87:de:8b:fa:73:4d:13:
67:71:15:41:7f:a0:ce:0d:68:cf:ca:97:c2:d0:e0:18:21:03:
d9:c6:f7:96:f0:09:ce:2d:63:05:99:49:6d:a4:bd:34:03:ef:
d3:39:5a:90
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnR6ESYYELlRUe/mpUixohMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZjg3MmU0Y2RiMDdkNjgzOTE0N2U0M2E0YTQxOWJjODRi
YTMyMTQwHhcNMjUwMTAyMTM0OTUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTVhMzUyZGI4MTI4M2VlZmNkNWQxNjRiMjM2OTQ0NThkNmJlNjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmItf1DXNel2MavFxIXJgNXe2nbs1
5yb6xetg7djC/wFTy6bYv3PZucIOijoC+z95FeuHTXPv0qxo2f0ECI7rG8/E5Yz5
yr7dMr0POQc+ugm/BvBqinrtYpiQLbri+kGuaYSBTZj+VHD9jPBa6mFRrujW/sXs
t4c9Ydc1Zy9KWIgii1vJ/oyLRETNuakDpQB2tu1OkVHbWj6u83X9q4VkXgXCZ8GY
4KeUDi1xGkouW2IOfEzQmmNKY1HwlYX4kIvXLAMJ8FPqXhwpq/oGHhJB24e+TGsT
DevccPmIH5V1JftPGovj+yxFZOY5eIPbDHBKl98G5lXucUmandewjfgckQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOFaNS24EoPu/NXRZLI2lEWNa+ZTMB8GA1UdIwQY
MBaAFED4cuTNsH1oORR+Q6SkGbyEujIUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVBoeTVNMndmV2c1Rkg1RHBLUVp2SVM2TWhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC81YzkyZDUtYTdlYi00OTI5LWFlMTkt
ZGExMzhhZGUyMjJiLzEvNFZvMUxiZ1NnLTc4MWRGa3NqYVVSWTFyNWxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC81YzkyZDUtYTdlYi00OTI5LWFlMTktZGExMzhhZGUyMjJi
LzEvUVBoeTVNMndmV2c1Rkg1RHBLUVp2SVM2TWhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVtgMA0E
AgACMAcDBQMqBeOAMA0GCSqGSIb3DQEBCwUAA4IBAQDqX2mT6LnTopZgnKRZmjiK
BFaRIVj1+8aXI4mZtg+KwneYw/w+9wMGBJH6VPouvYD6DoVK5Rhr7wlNCR/7wZeW
xmiZUxfhI8RJNTWFSAfHn8KZd/ZSn6gcmLUja0f1P8FIyP1zP1lktESHweYfb8pw
rkWy60YbMU8jJ5Y/lyH37r/Zq8ECKybLY0V4qAPTIb/ne4mVr+qwBVxLcpV7/3AX
imQgPyOXWB0w8mxkWy8NLRQyYHr0ZC78rv+0U/1kH9s5Kpx4k09zOp2CWa8q+9wW
6ofei/pzTRNncRVBf6DODWjPypfC0OAYIQPZxveW8AnOLWMFmUltpL00A+/TOVqQ
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:23:24 2025 by rpki-client