Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/qZsU012FOT7iNKmn0Q6fmLHg-jY.roa
File: qZsU012FOT7iNKmn0Q6fmLHg-jY.roa (raw, json)
Hash identifier: t+/X1ob1d2V1rnzYvMBrQBRc/+JtrsZ+AHNltw325kg=
Subject key identifier: A9:9B:14:D3:5D:85:39:3E:E2:34:A9:A7:D1:0E:9F:98:B1:E0:FA:36
Certificate issuer: /CN=af781c845339900f7e6b2033e63888b53ae57875
Certificate serial: 019421B174EACF8D42284D70A875E9928B13
Authority key identifier: AF:78:1C:84:53:39:90:0F:7E:6B:20:33:E6:38:88:B5:3A:E5:78:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/qZsU012FOT7iNKmn0Q6fmLHg-jY.roa
Signing time: Wed 01 Jan 2025 11:47:45 +0000
ROA not before: Wed 01 Jan 2025 11:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203536
IP address blocks: 46.167.8.0/21 maxlen: 21
92.118.120.0/22 maxlen: 22
194.59.14.0/23 maxlen: 23
194.59.14.0/24 maxlen: 24
194.59.32.0/23 maxlen: 23
2a09:a640::/32 maxlen: 32
2a0f:bc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:74:ea:cf:8d:42:28:4d:70:a8:75:e9:92:8b:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af781c845339900f7e6b2033e63888b53ae57875
Validity
Not Before: Jan 1 11:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a99b14d35d85393ee234a9a7d10e9f98b1e0fa36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:77:75:ba:f6:5a:10:c0:8c:cb:73:56:77:7b:
63:1e:ec:e5:b4:fb:8f:fe:16:b5:19:6e:f3:c2:44:
a3:4f:a2:c3:47:42:5d:c3:2e:c7:c6:d0:32:1e:f8:
de:13:f9:12:50:97:41:5b:85:f6:4a:58:5a:cf:ae:
db:3a:fc:53:82:72:4e:67:5a:b4:df:1f:64:28:e7:
2f:f8:a8:d0:a4:0b:f8:7f:1a:2e:e3:e1:f4:2f:3c:
f7:ea:8f:c2:4a:d4:81:b3:40:c1:67:22:7d:03:c1:
fb:5b:92:80:ea:97:b7:5d:89:8c:41:53:ad:3b:9e:
e2:f4:df:15:ce:ce:1c:5b:95:fb:c3:db:8e:d6:db:
11:19:9f:5b:9e:cf:9d:6e:b0:ae:90:1b:e1:0f:e7:
4e:51:f3:f7:a4:c8:f3:f9:e3:65:29:43:be:4e:f1:
ea:f7:49:91:37:48:a9:98:4d:bc:9b:f4:13:8f:3e:
6a:83:6b:b6:92:fe:de:a2:a1:fd:10:76:92:d0:5c:
8c:90:63:a6:c5:33:d4:09:c6:07:2e:48:52:f3:7d:
62:77:a4:f5:28:90:5b:34:fd:e9:32:06:ca:15:1a:
b4:c6:e6:48:d4:f4:78:39:4b:05:c5:d3:86:92:ad:
57:33:21:7b:d4:86:64:8c:cc:13:4c:3e:4a:02:fe:
ab:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:9B:14:D3:5D:85:39:3E:E2:34:A9:A7:D1:0E:9F:98:B1:E0:FA:36
X509v3 Authority Key Identifier:
keyid:AF:78:1C:84:53:39:90:0F:7E:6B:20:33:E6:38:88:B5:3A:E5:78:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/qZsU012FOT7iNKmn0Q6fmLHg-jY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.167.8.0/21
92.118.120.0/22
194.59.14.0/23
194.59.32.0/23
IPv6:
2a09:a640::/32
2a0f:bc0::/29
Signature Algorithm: sha256WithRSAEncryption
1d:37:79:9a:9d:1d:f9:4c:ed:90:fa:1d:fb:ae:64:28:e5:82:
e4:45:e4:f0:f6:58:ad:94:15:59:cd:c5:e1:4e:c7:03:1f:53:
2b:54:50:71:bc:cb:79:b1:40:52:e0:e1:9f:06:03:37:7b:bf:
d4:39:cc:e7:76:02:9d:f8:bf:07:c6:de:53:f4:0d:e2:06:62:
dc:46:78:2a:fb:e3:03:f9:01:f3:3a:29:65:6b:01:d4:8a:eb:
7d:fa:9f:e4:8e:67:39:77:6d:67:7e:1a:d0:48:7f:60:f8:d3:
36:3e:ec:40:03:5b:e2:36:fc:9b:a3:1e:80:26:dd:2b:0b:62:
25:fe:6e:2b:a3:6d:cb:77:4c:79:ac:8a:41:65:14:d5:51:a3:
a7:8b:46:d8:aa:ba:37:77:f5:ea:f4:07:84:ff:32:f8:76:45:
59:99:f3:ca:e8:50:00:ef:b8:21:f4:38:62:f2:96:b4:fc:c5:
ac:52:d6:fa:80:4d:e6:7f:4b:20:cd:2c:10:40:9a:59:e4:41:
00:2e:6f:73:fe:c7:f1:8b:e7:64:39:ec:6d:59:82:1e:69:cc:
ca:d7:3a:d3:5f:ee:1f:59:6a:59:b9:ee:b4:d9:07:81:04:d2:
a5:86:18:6f:1f:c7:3b:d9:b3:1f:95:ce:38:e0:c0:5e:d0:6c:
09:38:34:75
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZQhsXTqz41CKE1wqHXpkosTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzgxYzg0NTMzOTkwMGY3ZTZiMjAzM2U2Mzg4OGI1M2Fl
NTc4NzUwHhcNMjUwMTAxMTE0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTliMTRkMzVkODUzOTNlZTIzNGE5YTdkMTBlOWY5OGIxZTBmYTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6nd1uvZaEMCMy3NWd3tjHuzltPuP
/ha1GW7zwkSjT6LDR0Jdwy7HxtAyHvjeE/kSUJdBW4X2Slhaz67bOvxTgnJOZ1q0
3x9kKOcv+KjQpAv4fxou4+H0Lzz36o/CStSBs0DBZyJ9A8H7W5KA6pe3XYmMQVOt
O57i9N8Vzs4cW5X7w9uO1tsRGZ9bns+dbrCukBvhD+dOUfP3pMjz+eNlKUO+TvHq
90mRN0ipmE28m/QTjz5qg2u2kv7eoqH9EHaS0FyMkGOmxTPUCcYHLkhS831id6T1
KJBbNP3pMgbKFRq0xuZI1PR4OUsFxdOGkq1XMyF71IZkjMwTTD5KAv6r4QIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFKmbFNNdhTk+4jSpp9EOn5ix4Po2MB8GA1UdIwQY
MBaAFK94HIRTOZAPfmsgM+Y4iLU65Xh1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9kMWM3MWQtYWE1MC00ZDc4LThlNTIt
NWNmMzdhMzQ4MzBkLzEvcVpzVTAxMkZPVDdpTkttbjBRNmZtTEhnLWpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9kMWM3MWQtYWE1MC00ZDc4LThlNTItNWNmMzdhMzQ4MzBk
LzEvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQDLqcIAwQC
XHZ4AwQBwjsOAwQBwjsgMBQEAgACMA4DBQAqCaZAAwUDKg8LwDANBgkqhkiG9w0B
AQsFAAOCAQEAHTd5mp0d+UztkPod+65kKOWC5EXk8PZYrZQVWc3F4U7HAx9TK1RQ
cbzLebFAUuDhnwYDN3u/1DnM53YCnfi/B8beU/QN4gZi3EZ4KvvjA/kB8zopZWsB
1Irrffqf5I5nOXdtZ34a0Eh/YPjTNj7sQANb4jb8m6MegCbdKwtiJf5uK6Nty3dM
eayKQWUU1VGjp4tG2Kq6N3f16vQHhP8y+HZFWZnzyuhQAO+4IfQ4YvKWtPzFrFLW
+oBN5n9LIM0sEECaWeRBAC5vc/7H8YvnZDnsbVmCHmnMytc601/uH1lqWbnutNkH
gQTSpYYYbx/HO9mzH5XOOODAXtBsCTg0dQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:06:05 2025 by rpki-client