Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/4a1ebd-d44e-4892-85b3-735a0cc1e789/1/dcbMwMMoAbrSDYORYR-a2Au1hPA.roa
File: dcbMwMMoAbrSDYORYR-a2Au1hPA.roa (raw, json)
Hash identifier: GaJP4UO0sS8NGTP1pZn3Q8XkpBsgZUPrCjP5yXsfKKw=
Subject key identifier: 75:C6:CC:C0:C3:28:01:BA:D2:0D:83:91:61:1F:9A:D8:0B:B5:84:F0
Certificate issuer: /CN=1dde756a9b6d14000c3e150d5b7d6095b7613fe4
Certificate serial: 019423D72105F046A62FEEACC603E44051C7
Authority key identifier: 1D:DE:75:6A:9B:6D:14:00:0C:3E:15:0D:5B:7D:60:95:B7:61:3F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hd51apttFAAMPhUNW31glbdhP-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/4a1ebd-d44e-4892-85b3-735a0cc1e789/1/dcbMwMMoAbrSDYORYR-a2Au1hPA.roa
Signing time: Wed 01 Jan 2025 21:48:08 +0000
ROA not before: Wed 01 Jan 2025 21:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47224
IP address blocks: 91.221.32.0/24 maxlen: 24
91.221.33.0/24 maxlen: 24
171.25.191.0/24 maxlen: 24
185.10.32.0/23 maxlen: 23
185.10.34.0/23 maxlen: 23
193.169.242.0/23 maxlen: 23
194.152.48.0/24 maxlen: 24
194.152.49.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:21:05:f0:46:a6:2f:ee:ac:c6:03:e4:40:51:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1dde756a9b6d14000c3e150d5b7d6095b7613fe4
Validity
Not Before: Jan 1 21:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75c6ccc0c32801bad20d8391611f9ad80bb584f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b6:00:5a:60:ae:48:6e:99:55:aa:a3:51:3f:
b9:b6:06:76:6d:cc:a9:9c:9a:eb:a5:c8:c0:64:8b:
5b:16:60:8b:eb:4b:94:cf:b8:67:d4:a8:1d:30:fe:
7d:7f:f8:79:e1:44:f2:49:08:41:20:fb:b6:f3:8e:
c3:46:49:bf:96:d0:45:9a:97:2b:aa:70:ee:7e:05:
5e:00:bb:0a:8f:c5:fd:09:80:02:17:a3:3b:e2:7e:
1f:d4:95:4c:af:c7:62:f8:35:af:2b:6b:0b:34:79:
02:bc:07:ac:64:ef:c4:90:3f:a7:44:1a:57:bf:6f:
4d:54:c8:19:cd:b5:71:6f:32:11:90:1d:8d:75:b8:
71:5f:16:53:89:67:8e:e0:91:be:27:9b:3a:44:7e:
6d:ff:8b:44:32:57:b8:f3:89:01:d7:ad:54:e0:3e:
e5:b7:67:55:f2:0a:1d:b4:75:1f:6a:a2:2b:09:8c:
b6:9b:f9:1b:1d:1a:73:cb:e6:fb:a5:44:77:5a:d6:
a0:82:19:e0:71:95:26:51:1a:d5:e0:c1:c8:c0:08:
23:26:c0:1e:5c:97:41:ea:55:cc:fe:c8:03:e3:c5:
23:4c:78:f5:6f:fd:14:1c:94:95:00:ec:64:28:43:
e8:94:2e:53:80:88:b4:93:c3:9d:69:45:e4:64:46:
2a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:C6:CC:C0:C3:28:01:BA:D2:0D:83:91:61:1F:9A:D8:0B:B5:84:F0
X509v3 Authority Key Identifier:
keyid:1D:DE:75:6A:9B:6D:14:00:0C:3E:15:0D:5B:7D:60:95:B7:61:3F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hd51apttFAAMPhUNW31glbdhP-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/4a1ebd-d44e-4892-85b3-735a0cc1e789/1/dcbMwMMoAbrSDYORYR-a2Au1hPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/4a1ebd-d44e-4892-85b3-735a0cc1e789/1/Hd51apttFAAMPhUNW31glbdhP-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.32.0/23
171.25.191.0/24
185.10.32.0/22
193.169.242.0/23
194.152.48.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:e2:b6:98:02:2f:34:04:f5:1a:d6:87:e5:1f:ba:8e:75:7b:
4b:06:03:a9:37:eb:8d:0a:6a:38:52:35:3a:db:74:0c:89:07:
66:7c:d2:84:3c:b5:5e:bf:a8:14:35:32:a4:30:64:66:2e:b2:
a4:da:7e:bc:15:c1:55:42:bd:7c:8d:95:13:87:eb:3e:6c:ac:
fa:56:0e:28:2a:40:51:26:2f:99:79:39:db:1d:b0:79:5a:0b:
f6:ab:39:aa:ae:e6:8f:e2:fc:47:b4:1e:98:d1:64:f7:54:7d:
06:e4:f0:25:63:ba:d7:08:b5:49:4c:96:49:5b:25:42:e7:27:
98:f3:c1:66:82:4e:73:5e:bb:31:8d:9c:e1:57:fb:7f:7c:1c:
51:dd:81:16:73:1e:0f:68:74:03:16:97:f5:38:01:cf:94:4d:
31:6c:d6:99:2e:55:d5:28:d5:c3:9f:05:1b:8d:94:0f:34:a5:
f1:96:6c:53:16:34:a3:88:8e:11:de:f9:89:5e:62:78:5e:99:
6b:d0:2b:cc:31:5d:1a:3d:1a:27:23:e5:8c:7b:a2:6f:48:41:
c9:07:e0:8f:1d:4a:ff:94:2f:fd:1a:fe:3c:59:3d:9e:2b:fa:
38:8e:67:87:ed:1f:c3:0a:e6:6e:3e:e0:ec:87:82:ea:0d:22:
bc:76:00:94
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQj1yEF8EamL+6sxgPkQFHHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZGU3NTZhOWI2ZDE0MDAwYzNlMTUwZDViN2Q2MDk1Yjc2
MTNmZTQwHhcNMjUwMTAxMjE0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWM2Y2NjMGMzMjgwMWJhZDIwZDgzOTE2MTFmOWFkODBiYjU4NGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbYAWmCuSG6ZVaqjUT+5tgZ2bcyp
nJrrpcjAZItbFmCL60uUz7hn1KgdMP59f/h54UTySQhBIPu2847DRkm/ltBFmpcr
qnDufgVeALsKj8X9CYACF6M74n4f1JVMr8di+DWvK2sLNHkCvAesZO/EkD+nRBpX
v29NVMgZzbVxbzIRkB2NdbhxXxZTiWeO4JG+J5s6RH5t/4tEMle484kB161U4D7l
t2dV8godtHUfaqIrCYy2m/kbHRpzy+b7pUR3WtagghngcZUmURrV4MHIwAgjJsAe
XJdB6lXM/sgD48UjTHj1b/0UHJSVAOxkKEPolC5TgIi0k8OdaUXkZEYq2QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHXGzMDDKAG60g2DkWEfmtgLtYTwMB8GA1UdIwQY
MBaAFB3edWqbbRQADD4VDVt9YJW3YT/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGQ1MWFwdHRGQUFNUGhVTlczMWdsYmRoUC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My80YTFlYmQtZDQ0ZS00ODkyLTg1YjMt
NzM1YTBjYzFlNzg5LzEvZGNiTXdNTW9BYnJTRFlPUllSLWEyQXUxaFBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My80YTFlYmQtZDQ0ZS00ODkyLTg1YjMtNzM1YTBjYzFlNzg5
LzEvSGQ1MWFwdHRGQUFNUGhVTlczMWdsYmRoUC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBW90gAwQA
qxm/AwQCuQogAwQBwanyAwQBwpgwMA0GCSqGSIb3DQEBCwUAA4IBAQAM4raYAi80
BPUa1oflH7qOdXtLBgOpN+uNCmo4UjU623QMiQdmfNKEPLVev6gUNTKkMGRmLrKk
2n68FcFVQr18jZUTh+s+bKz6Vg4oKkBRJi+ZeTnbHbB5Wgv2qzmqruaP4vxHtB6Y
0WT3VH0G5PAlY7rXCLVJTJZJWyVC5yeY88Fmgk5zXrsxjZzhV/t/fBxR3YEWcx4P
aHQDFpf1OAHPlE0xbNaZLlXVKNXDnwUbjZQPNKXxlmxTFjSjiI4R3vmJXmJ4Xplr
0CvMMV0aPRonI+WMe6JvSEHJB+CPHUr/lC/9Gv48WT2eK/o4jmeH7R/DCuZuPuDs
h4LqDSK8dgCU
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:42:45 2025 by rpki-client