Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/b90729-83d2-4c18-8063-11fe27d8e170/1/GOFFPgaA_FNPo8jH9LLALXPdKRA.roa
File: GOFFPgaA_FNPo8jH9LLALXPdKRA.roa (raw, json)
Hash identifier: JZqDVZ5TyXAW6arfyTRJvqhjtcPlVF0bW1jBuVqcZ2U=
Subject key identifier: 18:E1:45:3E:06:80:FC:53:4F:A3:C8:C7:F4:B2:C0:2D:73:DD:29:10
Certificate issuer: /CN=ae04106f302c0077e90b66762ebb222e611b33dd
Certificate serial: 0194221F85B2CC083E3FC77A4D74AE6CD381
Authority key identifier: AE:04:10:6F:30:2C:00:77:E9:0B:66:76:2E:BB:22:2E:61:1B:33:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rgQQbzAsAHfpC2Z2LrsiLmEbM90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/b90729-83d2-4c18-8063-11fe27d8e170/1/GOFFPgaA_FNPo8jH9LLALXPdKRA.roa
Signing time: Wed 01 Jan 2025 13:47:58 +0000
ROA not before: Wed 01 Jan 2025 13:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39199
IP address blocks: 91.218.88.0/22 maxlen: 22
91.218.88.0/24 maxlen: 24
91.218.89.0/24 maxlen: 24
91.218.90.0/24 maxlen: 24
91.218.91.0/24 maxlen: 24
195.34.204.0/22 maxlen: 22
195.34.204.0/24 maxlen: 24
195.34.205.0/24 maxlen: 24
195.34.206.0/24 maxlen: 24
195.34.207.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:85:b2:cc:08:3e:3f:c7:7a:4d:74:ae:6c:d3:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae04106f302c0077e90b66762ebb222e611b33dd
Validity
Not Before: Jan 1 13:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=18e1453e0680fc534fa3c8c7f4b2c02d73dd2910
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b3:3d:9e:f2:21:29:07:30:9b:f5:91:40:67:
ce:a2:62:e9:db:df:64:ae:40:b3:8e:97:a3:e5:c4:
e8:97:fa:2d:a9:b6:64:d4:f3:43:83:16:8e:a0:65:
e0:4a:78:57:cc:4e:28:17:56:83:57:bf:5d:bc:ad:
f6:c6:47:68:bf:e4:84:de:f6:49:3f:96:62:95:64:
2c:e2:52:b0:17:be:04:57:c4:60:30:c9:36:00:27:
0f:9c:50:53:43:15:09:f9:54:b8:9b:58:6e:15:19:
10:8e:b2:7c:7d:21:83:80:84:07:27:7e:b0:9d:f2:
5a:29:8a:7a:ef:6d:69:c8:10:89:14:02:60:cd:d6:
bc:92:bc:74:e3:81:c7:fd:16:bf:27:2c:eb:9a:5d:
54:ff:14:94:34:a5:26:a3:a0:b8:82:14:08:4f:22:
73:58:de:1c:06:af:13:9f:ff:d1:e1:c7:b6:ad:49:
fb:3a:f9:be:11:d7:d8:2d:8e:d9:69:0d:f3:04:25:
43:82:53:89:cf:7c:a8:7b:3b:23:4d:e2:9b:bf:05:
9c:a9:1c:82:a5:60:2b:ce:95:57:0a:43:02:bb:d4:
4c:5a:90:8f:92:f0:91:15:37:b5:d7:52:39:8a:8a:
74:27:bd:f1:07:87:54:3d:d8:cb:d6:60:b5:26:5d:
a4:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:E1:45:3E:06:80:FC:53:4F:A3:C8:C7:F4:B2:C0:2D:73:DD:29:10
X509v3 Authority Key Identifier:
keyid:AE:04:10:6F:30:2C:00:77:E9:0B:66:76:2E:BB:22:2E:61:1B:33:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rgQQbzAsAHfpC2Z2LrsiLmEbM90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/b90729-83d2-4c18-8063-11fe27d8e170/1/GOFFPgaA_FNPo8jH9LLALXPdKRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/b90729-83d2-4c18-8063-11fe27d8e170/1/rgQQbzAsAHfpC2Z2LrsiLmEbM90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.88.0/22
195.34.204.0/22
Signature Algorithm: sha256WithRSAEncryption
62:0d:9d:b6:56:2d:b7:6b:09:fb:26:47:83:ce:c8:40:3b:1f:
43:29:dc:2a:fd:b1:d3:ff:cf:4d:86:e3:60:4d:76:82:54:7e:
49:d5:06:bd:da:88:82:cc:d9:ef:27:76:ab:82:ce:48:40:a9:
db:b0:18:2c:d3:f8:20:f6:37:49:d3:d3:d6:9e:6b:5d:2d:33:
7b:a4:8f:c9:ef:71:07:7e:d9:f7:3b:48:26:ac:98:ff:42:69:
7b:aa:86:94:56:61:fc:59:ab:12:21:c4:92:c4:c8:62:f8:6b:
9f:02:ea:78:50:b4:ec:63:87:ae:a4:4d:8a:1f:4f:11:05:0e:
5e:c9:2b:28:15:fb:0e:69:4c:68:ee:10:95:ce:42:01:bb:37:
29:40:00:40:c4:65:72:e5:65:b7:33:9b:21:b0:cf:ad:f0:d2:
6e:81:97:c1:0f:de:5d:d6:fe:50:e3:04:ce:41:43:f2:dd:cd:
6e:dd:f3:84:6e:53:85:99:ae:d2:5d:89:72:b3:93:4e:ce:39:
dc:15:f3:51:b9:ba:0c:fe:85:42:e4:47:d5:0c:97:9a:0c:a0:
52:c2:8a:e8:3c:47:d5:2e:0e:5e:63:23:8b:64:fd:34:a3:40:
fb:48:bd:d6:c0:c9:13:28:92:e5:ab:e7:8d:f6:c9:6e:5b:ce:
0d:34:f5:3f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiH4WyzAg+P8d6TXSubNOBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlMDQxMDZmMzAyYzAwNzdlOTBiNjY3NjJlYmIyMjJlNjEx
YjMzZGQwHhcNMjUwMTAxMTM0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGUxNDUzZTA2ODBmYzUzNGZhM2M4YzdmNGIyYzAyZDczZGQyOTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrM9nvIhKQcwm/WRQGfOomLp299k
rkCzjpej5cTol/otqbZk1PNDgxaOoGXgSnhXzE4oF1aDV79dvK32xkdov+SE3vZJ
P5ZilWQs4lKwF74EV8RgMMk2ACcPnFBTQxUJ+VS4m1huFRkQjrJ8fSGDgIQHJ36w
nfJaKYp6721pyBCJFAJgzda8krx044HH/Ra/Jyzrml1U/xSUNKUmo6C4ghQITyJz
WN4cBq8Tn//R4ce2rUn7Ovm+EdfYLY7ZaQ3zBCVDglOJz3yoezsjTeKbvwWcqRyC
pWArzpVXCkMCu9RMWpCPkvCRFTe111I5iop0J73xB4dUPdjL1mC1Jl2kvQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBjhRT4GgPxTT6PIx/SywC1z3SkQMB8GA1UdIwQY
MBaAFK4EEG8wLAB36Qtmdi67Ii5hGzPdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmdRUWJ6QXNBSGZwQzJaMkxyc2lMbUViTTkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9iOTA3MjktODNkMi00YzE4LTgwNjMt
MTFmZTI3ZDhlMTcwLzEvR09GRlBnYUFfRk5QbzhqSDlMTEFMWFBkS1JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9iOTA3MjktODNkMi00YzE4LTgwNjMtMTFmZTI3ZDhlMTcw
LzEvcmdRUWJ6QXNBSGZwQzJaMkxyc2lMbUViTTkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW9pYAwQC
wyLMMA0GCSqGSIb3DQEBCwUAA4IBAQBiDZ22Vi23awn7JkeDzshAOx9DKdwq/bHT
/89NhuNgTXaCVH5J1Qa92oiCzNnvJ3args5IQKnbsBgs0/gg9jdJ09PWnmtdLTN7
pI/J73EHftn3O0gmrJj/Qml7qoaUVmH8WasSIcSSxMhi+GufAup4ULTsY4eupE2K
H08RBQ5eySsoFfsOaUxo7hCVzkIBuzcpQABAxGVy5WW3M5shsM+t8NJugZfBD95d
1v5Q4wTOQUPy3c1u3fOEblOFma7SXYlys5NOzjncFfNRuboM/oVC5EfVDJeaDKBS
woroPEfVLg5eYyOLZP00o0D7SL3WwMkTKJLlq+eN9sluW84NNPU/
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:37:38 2025 by rpki-client