Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/4b7576-2b9c-43af-8817-6b0065508996/1/IAWEnryJVpaK2PC1i1p1gzyA5aM.roa
File: IAWEnryJVpaK2PC1i1p1gzyA5aM.roa (raw, json)
Hash identifier: V8zeqHEXmBXDf+5VLnGO8LhbeOvdCzFQOaNucWQFdJs=
Subject key identifier: 20:05:84:9E:BC:89:56:96:8A:D8:F0:B5:8B:5A:75:83:3C:80:E5:A3
Certificate issuer: /CN=5a4a47d582bb0e9680f89258ab96d05867d352ef
Certificate serial: 01942369C2AF2D0451AA5DC08F75BC9F4713
Authority key identifier: 5A:4A:47:D5:82:BB:0E:96:80:F8:92:58:AB:96:D0:58:67:D3:52:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WkpH1YK7DpaA-JJYq5bQWGfTUu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/4b7576-2b9c-43af-8817-6b0065508996/1/IAWEnryJVpaK2PC1i1p1gzyA5aM.roa
Signing time: Wed 01 Jan 2025 19:48:41 +0000
ROA not before: Wed 01 Jan 2025 19:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47862
IP address blocks: 109.205.24.0/24 maxlen: 24
109.205.25.0/24 maxlen: 24
109.205.26.0/24 maxlen: 24
109.205.27.0/24 maxlen: 24
176.74.48.0/21 maxlen: 21
176.74.48.0/24 maxlen: 24
176.74.49.0/24 maxlen: 24
176.74.50.0/24 maxlen: 24
176.74.51.0/24 maxlen: 24
176.74.52.0/24 maxlen: 24
176.74.53.0/24 maxlen: 24
176.74.54.0/24 maxlen: 24
176.74.55.0/24 maxlen: 24
185.76.128.0/24 maxlen: 24
2a00:1b00::/48 maxlen: 48
2a00:1b00:1000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:c2:af:2d:04:51:aa:5d:c0:8f:75:bc:9f:47:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a4a47d582bb0e9680f89258ab96d05867d352ef
Validity
Not Before: Jan 1 19:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2005849ebc8956968ad8f0b58b5a75833c80e5a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:90:c5:91:07:3e:0c:0a:e3:0c:4c:10:73:7e:
7d:cb:f8:6f:a5:b5:54:c1:ee:bd:d3:d4:b4:23:80:
b9:e1:9c:fb:b9:b8:93:e7:46:da:a1:bf:e4:04:c6:
4a:2b:f2:08:27:47:92:57:f1:4d:a3:68:77:9f:c9:
cb:00:0c:2f:07:d1:ac:55:39:d2:81:c8:1b:32:df:
53:fa:77:81:65:9e:68:cf:5d:88:50:a0:0b:67:a5:
65:36:b7:f7:3e:2b:c8:82:54:39:16:0a:a1:68:99:
26:ed:f8:da:8e:cb:77:77:dc:58:f1:fc:0e:9f:64:
2f:b6:fc:f5:cc:f4:d4:df:80:14:c9:e5:61:0a:11:
eb:14:0f:b9:a1:69:6d:14:7b:6c:e3:a6:97:a5:03:
d0:c5:9d:88:b2:2d:43:f4:94:53:0e:db:c6:81:4b:
67:33:aa:66:dc:ae:3f:40:43:5f:3c:5d:da:51:9b:
37:64:1e:3f:5b:1c:b5:5a:0a:2f:4a:fc:1f:55:d1:
9b:2a:a5:a8:5e:de:e4:f8:01:70:3c:00:f0:48:f6:
6c:e6:db:f0:88:63:4d:53:bd:a6:36:e8:24:69:06:
00:a9:c6:c5:22:ee:14:0d:b0:8f:9d:02:a7:6c:e4:
45:9e:30:20:8b:20:53:51:bd:2b:a5:cc:91:b5:8b:
e5:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:05:84:9E:BC:89:56:96:8A:D8:F0:B5:8B:5A:75:83:3C:80:E5:A3
X509v3 Authority Key Identifier:
keyid:5A:4A:47:D5:82:BB:0E:96:80:F8:92:58:AB:96:D0:58:67:D3:52:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WkpH1YK7DpaA-JJYq5bQWGfTUu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/4b7576-2b9c-43af-8817-6b0065508996/1/IAWEnryJVpaK2PC1i1p1gzyA5aM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/4b7576-2b9c-43af-8817-6b0065508996/1/WkpH1YK7DpaA-JJYq5bQWGfTUu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.24.0/22
176.74.48.0/21
185.76.128.0/24
IPv6:
2a00:1b00::/48
2a00:1b00:1000::/48
Signature Algorithm: sha256WithRSAEncryption
76:28:5e:68:f9:12:e6:d1:56:f5:3b:63:16:9b:1c:5f:b9:7e:
8f:93:03:46:04:78:bb:d1:37:31:7d:fd:3f:88:bf:23:a1:d0:
90:ef:e5:84:e8:9a:fa:19:15:96:e7:c7:e3:5c:bf:47:84:ed:
a2:20:1f:54:da:69:e9:e5:6b:b6:7e:51:85:ce:44:22:05:52:
17:e9:5b:c3:9c:0b:0a:23:b2:ed:92:ac:7f:af:ad:d8:eb:88:
40:7a:2b:e2:f9:f7:27:56:2e:fc:6f:2a:bf:48:97:1a:6d:a3:
5a:02:1a:05:04:46:fb:e7:77:6e:76:ea:b5:35:af:cb:32:c6:
d7:4a:0d:44:f3:f6:e4:c0:63:15:f1:fd:1f:25:de:72:c6:02:
93:a6:f0:fe:1f:85:1d:55:ac:b2:4e:36:dd:e8:a3:c6:ec:ef:
1b:ce:89:a7:f3:b0:a8:28:f5:9b:cd:0b:15:68:74:7b:70:38:
09:26:cc:2c:2c:b8:02:b0:1b:04:96:10:43:5b:12:ee:69:a3:
b2:40:f0:b8:87:e8:ab:af:13:84:39:a7:b6:f3:87:73:64:ed:
cb:a3:84:03:3d:9b:82:d3:4a:b0:f3:84:f2:4f:d7:7e:a5:d4:
e7:42:e3:f0:3b:5f:3f:ef:48:a1:42:02:a7:ef:49:4d:e1:3d:
ec:72:00:4d
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZQjacKvLQRRql3Aj3W8n0cTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNGE0N2Q1ODJiYjBlOTY4MGY4OTI1OGFiOTZkMDU4Njdk
MzUyZWYwHhcNMjUwMTAxMTk0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDA1ODQ5ZWJjODk1Njk2OGFkOGYwYjU4YjVhNzU4MzNjODBlNWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA35DFkQc+DArjDEwQc359y/hvpbVU
we6909S0I4C54Zz7ubiT50baob/kBMZKK/IIJ0eSV/FNo2h3n8nLAAwvB9GsVTnS
gcgbMt9T+neBZZ5oz12IUKALZ6VlNrf3PivIglQ5FgqhaJkm7fjajst3d9xY8fwO
n2Qvtvz1zPTU34AUyeVhChHrFA+5oWltFHts46aXpQPQxZ2Isi1D9JRTDtvGgUtn
M6pm3K4/QENfPF3aUZs3ZB4/Wxy1WgovSvwfVdGbKqWoXt7k+AFwPADwSPZs5tvw
iGNNU72mNugkaQYAqcbFIu4UDbCPnQKnbORFnjAgiyBTUb0rpcyRtYvlmwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFCAFhJ68iVaWitjwtYtadYM8gOWjMB8GA1UdIwQY
MBaAFFpKR9WCuw6WgPiSWKuW0Fhn01LvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2twSDFZSzdEcGFBLUpKWXE1YlFXR2ZUVXU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS80Yjc1NzYtMmI5Yy00M2FmLTg4MTct
NmIwMDY1NTA4OTk2LzEvSUFXRW5yeUpWcGFLMlBDMWkxcDFnenlBNWFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS80Yjc1NzYtMmI5Yy00M2FmLTg4MTctNmIwMDY1NTA4OTk2
LzEvV2twSDFZSzdEcGFBLUpKWXE1YlFXR2ZUVXU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQCbc0YAwQD
sEowAwQAuUyAMBgEAgACMBIDBwAqABsAAAADBwAqABsAEAAwDQYJKoZIhvcNAQEL
BQADggEBAHYoXmj5EubRVvU7YxabHF+5fo+TA0YEeLvRNzF9/T+IvyOh0JDv5YTo
mvoZFZbnx+Ncv0eE7aIgH1Taaenla7Z+UYXORCIFUhfpW8OcCwojsu2SrH+vrdjr
iEB6K+L59ydWLvxvKr9Ilxpto1oCGgUERvvnd2526rU1r8syxtdKDUTz9uTAYxXx
/R8l3nLGApOm8P4fhR1VrLJONt3oo8bs7xvOiafzsKgo9ZvNCxVodHtwOAkmzCws
uAKwGwSWEENbEu5po7JA8LiH6KuvE4Q5p7bzh3Nk7cujhAM9m4LTSrDzhPJP136l
1OdC4/A7Xz/vSKFCAqfvSU3hPexyAE0=
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:26:17 2025 by rpki-client