Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/IzLkhR_yv-v1GWTNh9mHUxrH6l4.roa
File: IzLkhR_yv-v1GWTNh9mHUxrH6l4.roa (raw, json)
Hash identifier: Gz5yahpviiaRhf/uooYdv+kvLqcJz9y4V27m2bP2qhQ=
Subject key identifier: 23:32:E4:85:1F:F2:BF:EB:F5:19:64:CD:87:D9:87:53:1A:C7:EA:5E
Certificate issuer: /CN=26a5aa918cbfeb3e12997f33890feb258907b343
Certificate serial: 019424B3A911694B792B40F70201691EE0CE
Authority key identifier: 26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/IzLkhR_yv-v1GWTNh9mHUxrH6l4.roa
Signing time: Thu 02 Jan 2025 01:49:01 +0000
ROA not before: Thu 02 Jan 2025 01:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198414
IP address blocks: 91.228.196.0/22 maxlen: 24
91.234.146.0/24 maxlen: 24
91.237.52.0/24 maxlen: 24
91.239.66.0/23 maxlen: 24
185.5.96.0/22 maxlen: 24
185.25.148.0/22 maxlen: 24
185.180.204.0/22 maxlen: 24
185.193.112.0/22 maxlen: 24
185.201.112.0/22 maxlen: 24
193.17.184.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:a9:11:69:4b:79:2b:40:f7:02:01:69:1e:e0:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26a5aa918cbfeb3e12997f33890feb258907b343
Validity
Not Before: Jan 2 01:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2332e4851ff2bfebf51964cd87d987531ac7ea5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:92:0d:c8:2a:ce:9e:11:6a:cb:a2:da:96:28:
fd:1f:19:fc:c1:3b:e4:b0:b4:95:6e:e6:64:9e:a8:
42:4d:62:29:73:6f:d1:39:78:b8:0d:91:d4:fc:16:
a5:63:a1:7a:78:3d:5a:7c:c0:64:88:32:0a:b6:f7:
b7:30:ba:ba:91:82:b3:2d:04:6a:c3:a1:2a:76:e2:
1a:f3:ff:10:b7:a8:b5:c0:3e:18:0e:b1:e1:61:c4:
dd:39:09:7a:4b:fd:9b:fb:09:e9:2c:92:30:db:7a:
e1:55:b5:7d:84:9f:9f:b2:a0:0f:78:1c:31:b5:b3:
0d:cd:80:a6:82:f0:90:40:f7:31:fd:e6:77:94:2f:
dc:29:76:e7:69:6e:fb:c8:c3:01:c2:18:73:a9:47:
e9:c1:31:29:fc:a0:a8:f9:66:56:80:df:c0:da:c1:
29:c3:29:15:53:f4:e8:89:1f:7a:41:29:d7:5a:4d:
fa:a5:1f:37:bf:a9:73:40:ef:03:70:67:11:f0:77:
a5:16:49:06:c0:07:4a:76:ab:ed:bb:c8:f8:cc:b3:
b2:ce:6f:8a:18:30:24:92:92:23:4d:48:03:df:18:
2d:96:c5:d3:74:c5:25:a4:99:9f:7c:14:e3:d4:2b:
f0:f7:17:b7:c5:d6:5e:ec:85:c5:39:c1:87:6f:bc:
3f:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:32:E4:85:1F:F2:BF:EB:F5:19:64:CD:87:D9:87:53:1A:C7:EA:5E
X509v3 Authority Key Identifier:
keyid:26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/IzLkhR_yv-v1GWTNh9mHUxrH6l4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.196.0/22
91.234.146.0/24
91.237.52.0/24
91.239.66.0/23
185.5.96.0/22
185.25.148.0/22
185.180.204.0/22
185.193.112.0/22
185.201.112.0/22
193.17.184.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:2a:3e:cc:b3:0d:3d:61:16:a6:3f:ab:c7:c7:30:94:d3:81:
c1:08:40:5c:02:89:0a:ff:f1:d8:79:70:76:02:74:ce:14:2a:
f2:9d:9b:66:1a:5d:32:5a:8e:82:92:e0:35:bb:ea:da:fc:e5:
76:3b:c4:32:af:18:81:9d:49:04:3a:38:62:b3:31:59:51:9b:
76:1d:85:8c:6e:fa:15:f5:59:40:3d:e8:62:0a:58:01:a6:af:
d0:4f:91:96:b0:8b:63:50:a3:86:83:75:8b:be:7c:8c:18:d4:
04:c9:39:09:05:ea:09:20:51:f4:5f:f5:8d:fa:70:26:7f:9d:
08:fe:c4:c8:1e:55:23:5c:25:36:91:bb:9f:f6:af:8a:39:96:
67:00:12:a3:2d:fa:89:14:7c:a2:52:14:6d:2d:d5:bd:ab:35:
e4:e6:25:dd:96:18:fd:d2:86:a8:6c:6f:ac:12:c8:6b:c8:cb:
96:b5:a2:0a:99:d9:68:85:8c:02:35:2a:f6:2f:a8:12:f8:04:
58:17:50:28:37:db:da:2a:ca:7e:1f:42:c6:23:66:81:77:93:
3e:fa:69:45:a3:b7:86:f4:cb:cd:f1:bc:62:f0:2a:89:cc:45:
ee:ca:89:e7:b4:f5:7d:2b:17:25:1e:56:80:06:a6:49:4d:7e:
1d:00:71:22
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZQks6kRaUt5K0D3AgFpHuDOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YTVhYTkxOGNiZmViM2UxMjk5N2YzMzg5MGZlYjI1ODkw
N2IzNDMwHhcNMjUwMTAyMDE0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzMyZTQ4NTFmZjJiZmViZjUxOTY0Y2Q4N2Q5ODc1MzFhYzdlYTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA65INyCrOnhFqy6Lalij9Hxn8wTvk
sLSVbuZknqhCTWIpc2/ROXi4DZHU/BalY6F6eD1afMBkiDIKtve3MLq6kYKzLQRq
w6EqduIa8/8Qt6i1wD4YDrHhYcTdOQl6S/2b+wnpLJIw23rhVbV9hJ+fsqAPeBwx
tbMNzYCmgvCQQPcx/eZ3lC/cKXbnaW77yMMBwhhzqUfpwTEp/KCo+WZWgN/A2sEp
wykVU/ToiR96QSnXWk36pR83v6lzQO8DcGcR8HelFkkGwAdKdqvtu8j4zLOyzm+K
GDAkkpIjTUgD3xgtlsXTdMUlpJmffBTj1Cvw9xe3xdZe7IXFOcGHb7w/OQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFCMy5IUf8r/r9RlkzYfZh1Max+peMB8GA1UdIwQY
MBaAFCalqpGMv+s+Epl/M4kP6yWJB7NDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTIt
Mjk3ZTI4MmQ2NmE4LzEvSXpMa2hSX3l2LXYxR1dUTmg5bUhVeHJINmw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTItMjk3ZTI4MmQ2NmE4
LzEvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCW+TEAwQA
W+qSAwQAW+00AwQBW+9CAwQCuQVgAwQCuRmUAwQCubTMAwQCucFwAwQCuclwAwQA
wRG4MA0GCSqGSIb3DQEBCwUAA4IBAQBdKj7Msw09YRamP6vHxzCU04HBCEBcAokK
//HYeXB2AnTOFCrynZtmGl0yWo6CkuA1u+ra/OV2O8QyrxiBnUkEOjhiszFZUZt2
HYWMbvoV9VlAPehiClgBpq/QT5GWsItjUKOGg3WLvnyMGNQEyTkJBeoJIFH0X/WN
+nAmf50I/sTIHlUjXCU2kbuf9q+KOZZnABKjLfqJFHyiUhRtLdW9qzXk5iXdlhj9
0oaobG+sEshryMuWtaIKmdlohYwCNSr2L6gS+ARYF1AoN9vaKsp+H0LGI2aBd5M+
+mlFo7eG9MvN8bxi8CqJzEXuyonntPV9KxclHlaABqZJTX4dAHEi
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:54:45 2025 by rpki-client