Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/E3lQ3Vr10jq9ATP48BdsgV0ni5c.roa
File: E3lQ3Vr10jq9ATP48BdsgV0ni5c.roa (raw, json)
Hash identifier: DWsfeOc3ZBgTzno1uRo3ykb5smRVQA+I3gH9K/w+mdc=
Subject key identifier: 13:79:50:DD:5A:F5:D2:3A:BD:01:33:F8:F0:17:6C:81:5D:27:8B:97
Certificate issuer: /CN=ec9b0931118f08bf4a34b3e052fd8f8a5c1ecab0
Certificate serial: 01942143F9CEAD9F170D7019DE339F6816AF
Authority key identifier: EC:9B:09:31:11:8F:08:BF:4A:34:B3:E0:52:FD:8F:8A:5C:1E:CA:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7JsJMRGPCL9KNLPgUv2PilweyrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/E3lQ3Vr10jq9ATP48BdsgV0ni5c.roa
Signing time: Wed 01 Jan 2025 09:48:10 +0000
ROA not before: Wed 01 Jan 2025 09:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42656
IP address blocks: 5.134.208.0/21 maxlen: 24
91.194.188.0/23 maxlen: 24
91.207.14.0/23 maxlen: 24
193.203.222.0/23 maxlen: 24
2a02:dc8::/30 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:f9:ce:ad:9f:17:0d:70:19:de:33:9f:68:16:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec9b0931118f08bf4a34b3e052fd8f8a5c1ecab0
Validity
Not Before: Jan 1 09:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=137950dd5af5d23abd0133f8f0176c815d278b97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:01:da:64:86:f1:70:72:80:cf:9c:83:7d:11:
0d:2e:23:3a:88:94:53:cf:2a:94:c7:47:a0:d5:c7:
a3:bc:eb:a8:12:b4:14:50:b1:72:d6:a7:1b:db:a4:
28:09:2b:78:76:58:ab:87:26:b3:2d:44:ad:8a:98:
b3:11:19:89:7b:a1:73:ab:e4:fd:d4:5f:19:78:0f:
27:e1:47:17:e0:57:0b:02:76:29:4f:72:0b:ad:da:
cd:e0:cf:4a:ed:71:fd:14:ef:36:5b:aa:71:6c:b3:
5b:73:63:1d:5b:ef:60:f3:22:15:fc:32:0c:04:d8:
05:fd:d5:8c:dd:fc:68:67:db:21:aa:9e:11:59:e1:
44:a8:25:a9:2b:97:07:0e:a2:92:e2:80:8f:9c:b1:
ab:a9:07:14:be:fe:80:cc:1b:29:e7:20:d8:c7:86:
23:86:6d:8c:ce:71:87:5f:da:4c:65:e3:92:87:81:
e0:5d:ad:67:8e:25:48:2b:74:27:ee:3c:38:53:2a:
7b:a5:73:f3:11:13:0f:e2:73:73:d0:b0:61:ac:73:
6d:e8:93:a9:cf:d7:e1:a2:02:5b:a9:36:0b:eb:ae:
61:94:22:c9:a3:6e:e1:32:75:e5:91:a0:2a:08:3e:
3f:16:36:dd:f6:ac:d3:04:84:74:fb:12:5b:92:b8:
9c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:79:50:DD:5A:F5:D2:3A:BD:01:33:F8:F0:17:6C:81:5D:27:8B:97
X509v3 Authority Key Identifier:
keyid:EC:9B:09:31:11:8F:08:BF:4A:34:B3:E0:52:FD:8F:8A:5C:1E:CA:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7JsJMRGPCL9KNLPgUv2PilweyrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/E3lQ3Vr10jq9ATP48BdsgV0ni5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/7JsJMRGPCL9KNLPgUv2PilweyrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.208.0/21
91.194.188.0/23
91.207.14.0/23
193.203.222.0/23
IPv6:
2a02:dc8::/30
Signature Algorithm: sha256WithRSAEncryption
5b:de:31:b9:14:90:23:65:42:09:ab:14:e6:e0:82:0d:35:a7:
47:4d:c0:f2:18:17:73:cd:3b:a0:0f:a3:0d:2b:b3:74:70:2a:
53:90:1f:2e:d4:aa:a6:0b:63:01:1e:58:4f:2a:db:b6:28:e9:
68:94:81:8d:53:2d:f5:71:da:93:9f:a5:87:0d:77:22:33:b7:
f8:b8:02:6e:ca:47:b5:62:bc:1e:e9:2f:68:9e:48:20:42:34:
31:a8:f4:e3:66:b4:88:8f:fa:a7:85:2a:55:74:b0:07:36:6b:
2e:b5:65:40:70:dc:b8:20:7c:8a:33:7a:f2:05:70:27:38:d9:
c9:bf:6c:33:a1:97:6d:0b:fd:31:b4:cc:8b:76:0a:7a:03:74:
05:9e:3f:c8:f5:8a:ad:ac:ca:4e:31:7b:cb:ec:42:43:70:94:
ab:ce:17:b0:5a:5d:f3:00:fd:4f:af:0a:1e:5f:be:b5:34:4f:
1e:db:44:de:ea:8b:6c:2a:46:de:15:a4:56:cf:6a:e3:98:d3:
9b:5c:ad:3d:41:e1:02:ad:aa:9f:c5:1e:1e:ad:3f:6e:d4:49:
77:f4:ad:c7:16:e0:e4:2b:13:e1:26:4b:3d:a2:41:50:12:ec:
8c:50:6b:5b:89:da:71:f2:68:e3:dc:88:20:e4:d3:d1:b5:6e:
2f:f4:e6:5d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQhQ/nOrZ8XDXAZ3jOfaBavMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjOWIwOTMxMTE4ZjA4YmY0YTM0YjNlMDUyZmQ4ZjhhNWMx
ZWNhYjAwHhcNMjUwMTAxMDk0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzc5NTBkZDVhZjVkMjNhYmQwMTMzZjhmMDE3NmM4MTVkMjc4Yjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwHaZIbxcHKAz5yDfRENLiM6iJRT
zyqUx0eg1cejvOuoErQUULFy1qcb26QoCSt4dlirhyazLUStipizERmJe6Fzq+T9
1F8ZeA8n4UcX4FcLAnYpT3ILrdrN4M9K7XH9FO82W6pxbLNbc2MdW+9g8yIV/DIM
BNgF/dWM3fxoZ9shqp4RWeFEqCWpK5cHDqKS4oCPnLGrqQcUvv6AzBsp5yDYx4Yj
hm2MznGHX9pMZeOSh4HgXa1njiVIK3Qn7jw4Uyp7pXPzERMP4nNz0LBhrHNt6JOp
z9fhogJbqTYL665hlCLJo27hMnXlkaAqCD4/Fjbd9qzTBIR0+xJbkricEwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBN5UN1a9dI6vQEz+PAXbIFdJ4uXMB8GA1UdIwQY
MBaAFOybCTERjwi/SjSz4FL9j4pcHsqwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0pzSk1SR1BDTDlLTkxQZ1V2MlBpbHdleXJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8wNzc2YTItNWU4OS00ZTJjLTkzNzAt
NWIzMDRlZWMwMDI1LzEvRTNsUTNWcjEwanE5QVRQNDhCZHNnVjBuaTVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8wNzc2YTItNWU4OS00ZTJjLTkzNzAtNWIzMDRlZWMwMDI1
LzEvN0pzSk1SR1BDTDlLTkxQZ1V2MlBpbHdleXJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDBYbQAwQB
W8K8AwQBW88OAwQBwcveMA0EAgACMAcDBQIqAg3IMA0GCSqGSIb3DQEBCwUAA4IB
AQBb3jG5FJAjZUIJqxTm4IINNadHTcDyGBdzzTugD6MNK7N0cCpTkB8u1KqmC2MB
HlhPKtu2KOlolIGNUy31cdqTn6WHDXciM7f4uAJuyke1Yrwe6S9onkggQjQxqPTj
ZrSIj/qnhSpVdLAHNmsutWVAcNy4IHyKM3ryBXAnONnJv2wzoZdtC/0xtMyLdgp6
A3QFnj/I9YqtrMpOMXvL7EJDcJSrzhewWl3zAP1PrwoeX761NE8e20Te6otsKkbe
FaRWz2rjmNObXK09QeECraqfxR4erT9u1El39K3HFuDkKxPhJks9okFQEuyMUGtb
idpx8mjj3Igg5NPRtW4v9OZd
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:52:36 2025 by rpki-client