Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/2EKjaUidRu8zIjzcab1-hzlZXps.roa
File: 2EKjaUidRu8zIjzcab1-hzlZXps.roa (raw, json)
Hash identifier: RjRGogC1LZx6lUyAkvVmWnOFSCZxMDAz52KYObtnMx4=
Subject key identifier: D8:42:A3:69:48:9D:46:EF:33:22:3C:DC:69:BD:7E:87:39:59:5E:9B
Certificate issuer: /CN=b7733e9de9485b44671c8e511da221e4153c711b
Certificate serial: 019425204B008C5E1C7A7994928CBAE0FAB3
Authority key identifier: B7:73:3E:9D:E9:48:5B:44:67:1C:8E:51:1D:A2:21:E4:15:3C:71:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t3M-nelIW0RnHI5RHaIh5BU8cRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/2EKjaUidRu8zIjzcab1-hzlZXps.roa
Signing time: Thu 02 Jan 2025 03:47:40 +0000
ROA not before: Thu 02 Jan 2025 03:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209828
IP address blocks: 91.241.48.0/24 maxlen: 32
91.241.49.0/24 maxlen: 32
91.241.50.0/24 maxlen: 32
91.241.51.0/24 maxlen: 32
194.5.236.0/24 maxlen: 32
194.5.237.0/24 maxlen: 32
2a00:7544::/32 maxlen: 32
2a0c:8dc0::/29 maxlen: 32
2a0c:8dc0::/30 maxlen: 30
2a0c:8dc4::/32 maxlen: 32
2a0c:8dc5::/32 maxlen: 32
2a0c:8dc6::/32 maxlen: 32
2a0c:8dc7::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:20:4b:00:8c:5e:1c:7a:79:94:92:8c:ba:e0:fa:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7733e9de9485b44671c8e511da221e4153c711b
Validity
Not Before: Jan 2 03:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d842a369489d46ef33223cdc69bd7e8739595e9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:88:36:a9:04:a2:0d:d0:f7:20:39:ee:69:5b:
2c:1e:72:d3:eb:5a:5d:69:ec:0a:0f:76:dc:a0:bc:
01:93:bd:c1:30:aa:c2:47:72:9b:26:e1:8a:08:99:
56:b3:31:1a:d1:39:84:af:82:c1:94:40:1c:2f:61:
3b:7c:d9:04:14:d9:71:48:ff:3a:87:67:ab:23:55:
d1:90:13:12:a6:08:25:1e:3d:8a:2c:97:a2:97:77:
4d:57:53:a8:c0:4a:ea:46:5f:a2:53:2a:6e:4e:d7:
a3:15:13:a2:ae:e5:b9:25:28:2e:18:ec:66:da:11:
7d:80:fe:2b:75:e3:8c:d1:67:d7:e0:7b:32:1a:e0:
5d:b7:16:d3:81:c7:a5:28:4d:2a:51:98:84:72:ba:
c2:33:61:28:42:c6:e7:94:6e:2a:9a:d9:1c:4a:bb:
2c:c3:e3:2b:02:27:63:97:0e:29:61:53:61:0d:95:
4a:ec:91:4e:29:c8:d8:23:8d:36:1a:52:9f:eb:4d:
5f:c2:14:e4:e5:d5:de:fc:fe:e0:71:91:a5:d9:ad:
a7:21:87:f3:d8:c4:46:62:c1:f7:29:59:08:d5:d5:
27:1d:fd:ca:b0:99:2a:4d:67:73:24:9f:60:52:6f:
76:a7:14:41:ff:86:38:89:8c:25:ff:be:c4:3d:6f:
90:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:42:A3:69:48:9D:46:EF:33:22:3C:DC:69:BD:7E:87:39:59:5E:9B
X509v3 Authority Key Identifier:
keyid:B7:73:3E:9D:E9:48:5B:44:67:1C:8E:51:1D:A2:21:E4:15:3C:71:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t3M-nelIW0RnHI5RHaIh5BU8cRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/2EKjaUidRu8zIjzcab1-hzlZXps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/t3M-nelIW0RnHI5RHaIh5BU8cRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.48.0/22
194.5.236.0/23
IPv6:
2a00:7544::/32
2a0c:8dc0::/29
Signature Algorithm: sha256WithRSAEncryption
59:30:a5:a0:25:0d:a9:22:2b:b8:7b:2f:42:35:ae:18:fa:83:
f1:a9:c7:ec:2c:e5:ad:9e:f3:48:1d:39:4a:97:6b:e5:f5:e5:
fb:a0:c5:f1:7d:a6:ed:e7:13:aa:9a:04:83:b6:6a:b4:d7:e2:
c2:38:ca:7f:1d:1f:16:ff:c7:11:86:a0:b8:a9:ec:19:7b:d9:
59:fc:46:68:fd:1a:e3:b8:67:3e:0b:a7:6e:b7:be:27:42:e2:
ba:8c:a7:9e:c8:a5:78:17:86:df:33:18:01:9d:df:16:bc:6a:
a5:6a:df:d6:b6:8f:58:e8:45:b8:b2:89:be:b3:24:7e:57:1f:
81:3b:3e:c4:e0:18:34:af:16:80:13:d3:ca:79:54:84:70:fb:
08:cf:0c:19:a4:55:8e:6b:e7:84:79:2a:51:5a:29:a5:b6:8f:
c1:ef:d8:79:27:f4:74:2c:4c:c2:64:e2:5e:e7:bf:48:46:c5:
f6:49:e3:85:f9:72:c1:14:cc:e2:27:94:5c:d6:a9:e2:af:96:
9c:64:b8:61:00:88:af:1c:aa:0c:db:35:75:23:25:bb:6c:54:
7a:2d:07:ea:40:ad:46:e1:5a:bc:cf:41:81:c8:ee:0e:26:bb:
8a:e6:c0:cc:48:f1:b7:75:6c:c7:99:86:11:fd:fd:cb:62:19:
69:a7:cc:db
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQlIEsAjF4cenmUkoy64PqzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NzMzZTlkZTk0ODViNDQ2NzFjOGU1MTFkYTIyMWU0MTUz
YzcxMWIwHhcNMjUwMTAyMDM0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODQyYTM2OTQ4OWQ0NmVmMzMyMjNjZGM2OWJkN2U4NzM5NTk1ZTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsog2qQSiDdD3IDnuaVssHnLT61pd
aewKD3bcoLwBk73BMKrCR3KbJuGKCJlWszEa0TmEr4LBlEAcL2E7fNkEFNlxSP86
h2erI1XRkBMSpgglHj2KLJeil3dNV1OowErqRl+iUypuTtejFROiruW5JSguGOxm
2hF9gP4rdeOM0WfX4HsyGuBdtxbTgcelKE0qUZiEcrrCM2EoQsbnlG4qmtkcSrss
w+MrAidjlw4pYVNhDZVK7JFOKcjYI402GlKf601fwhTk5dXe/P7gcZGl2a2nIYfz
2MRGYsH3KVkI1dUnHf3KsJkqTWdzJJ9gUm92pxRB/4Y4iYwl/77EPW+Q2QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFNhCo2lInUbvMyI83Gm9foc5WV6bMB8GA1UdIwQY
MBaAFLdzPp3pSFtEZxyOUR2iIeQVPHEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDNNLW5lbElXMFJuSEk1UkhhSWg1QlU4Y1JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8xN2U0NTAtODgxOC00YTI3LTlmMzUt
NTE4Y2QxNDcxM2ViLzEvMkVLamFVaWRSdTh6SWp6Y2FiMS1oemxaWHBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8xN2U0NTAtODgxOC00YTI3LTlmMzUtNTE4Y2QxNDcxM2Vi
LzEvdDNNLW5lbElXMFJuSEk1UkhhSWg1QlU4Y1JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCW/EwAwQB
wgXsMBQEAgACMA4DBQAqAHVEAwUDKgyNwDANBgkqhkiG9w0BAQsFAAOCAQEAWTCl
oCUNqSIruHsvQjWuGPqD8anH7CzlrZ7zSB05Spdr5fXl+6DF8X2m7ecTqpoEg7Zq
tNfiwjjKfx0fFv/HEYaguKnsGXvZWfxGaP0a47hnPgunbre+J0LiuoynnsileBeG
3zMYAZ3fFrxqpWrf1raPWOhFuLKJvrMkflcfgTs+xOAYNK8WgBPTynlUhHD7CM8M
GaRVjmvnhHkqUVoppbaPwe/YeSf0dCxMwmTiXue/SEbF9knjhflywRTM4ieUXNap
4q+WnGS4YQCIrxyqDNs1dSMlu2xUei0H6kCtRuFavM9BgcjuDia7iubAzEjxt3Vs
x5mGEf39y2IZaafM2w==
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:28:50 2025 by rpki-client