Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/572a98-3bb7-4276-9d39-dff5a09a82cb/1/k4aTxBF_DmBio83fOwNHIHkeyiA.roa
File: k4aTxBF_DmBio83fOwNHIHkeyiA.roa (raw, json)
Hash identifier: IVVbmDsKyhVLGaHbxiyIMsj1K/TNy+QiBpkicXXI0O8=
Subject key identifier: 93:86:93:C4:11:7F:0E:60:62:A3:CD:DF:3B:03:47:20:79:1E:CA:20
Certificate issuer: /CN=2d698baf9ff3eeebe66284889fbf689d4e683c81
Certificate serial: 019426D96719D0D2452E3727BF0DB6C36376
Authority key identifier: 2D:69:8B:AF:9F:F3:EE:EB:E6:62:84:88:9F:BF:68:9D:4E:68:3C:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LWmLr5_z7uvmYoSIn79onU5oPIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/572a98-3bb7-4276-9d39-dff5a09a82cb/1/k4aTxBF_DmBio83fOwNHIHkeyiA.roa
Signing time: Thu 02 Jan 2025 11:49:29 +0000
ROA not before: Thu 02 Jan 2025 11:49:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3209
IP address blocks: 2.200.0.0/13 maxlen: 24
80.226.0.0/16 maxlen: 24
90.186.0.0/16 maxlen: 24
109.40.0.0/14 maxlen: 24
109.44.0.0/15 maxlen: 15
109.46.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:67:19:d0:d2:45:2e:37:27:bf:0d:b6:c3:63:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d698baf9ff3eeebe66284889fbf689d4e683c81
Validity
Not Before: Jan 2 11:49:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=938693c4117f0e6062a3cddf3b034720791eca20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ff:b2:19:d2:2b:1e:1b:dc:f2:1a:50:35:14:
64:cd:23:ff:33:50:19:9c:34:18:78:0c:f4:be:fc:
78:88:f9:b9:9b:a9:a3:32:71:75:70:30:16:46:ff:
e1:68:11:a5:68:2b:f2:2d:4f:e5:53:66:c3:fb:22:
02:d4:11:8b:a8:88:19:e5:62:75:7f:59:2b:43:c1:
32:3c:dc:f4:70:b6:33:cb:76:98:d8:af:94:47:b1:
36:e9:46:21:6f:66:fb:66:97:bd:dd:ff:c5:43:2b:
3f:34:09:b6:b9:3c:a0:09:fd:75:a2:96:a3:22:7d:
79:c9:4c:ed:d4:2d:c7:df:4b:8a:35:8e:b7:b7:43:
9b:61:10:84:89:8f:be:c8:5c:8e:bb:15:2b:bd:27:
a9:2b:83:9f:a2:01:b4:ce:68:2d:68:d6:a9:6a:b8:
fd:28:ee:e7:52:59:20:b2:54:82:38:01:d1:a5:31:
67:60:b9:53:2e:6e:2f:29:15:5e:f6:2f:22:9d:0f:
94:14:90:d5:93:18:4a:2b:74:51:04:b7:c5:dc:3d:
1e:4a:63:0c:d5:a1:a1:2b:8b:a7:7e:c2:f1:4d:17:
da:44:5a:ea:d9:e0:7c:39:92:e8:03:52:ef:aa:0c:
f2:26:ff:f4:51:26:5b:52:c5:07:48:ec:23:c9:0d:
65:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:86:93:C4:11:7F:0E:60:62:A3:CD:DF:3B:03:47:20:79:1E:CA:20
X509v3 Authority Key Identifier:
keyid:2D:69:8B:AF:9F:F3:EE:EB:E6:62:84:88:9F:BF:68:9D:4E:68:3C:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LWmLr5_z7uvmYoSIn79onU5oPIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/572a98-3bb7-4276-9d39-dff5a09a82cb/1/k4aTxBF_DmBio83fOwNHIHkeyiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/572a98-3bb7-4276-9d39-dff5a09a82cb/1/LWmLr5_z7uvmYoSIn79onU5oPIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.200.0.0/13
80.226.0.0/16
90.186.0.0/16
109.40.0.0-109.46.255.255
Signature Algorithm: sha256WithRSAEncryption
4d:73:d7:8e:a4:e7:52:31:bf:66:e8:f1:2d:c2:2a:60:f4:28:
f2:e6:dd:8e:de:ed:02:3d:db:43:75:b7:9d:c4:e7:22:d6:f7:
54:8c:7f:a1:ab:1e:48:86:1c:cb:a2:0f:9f:d3:1c:57:77:01:
7f:89:e6:45:86:25:2c:7a:e0:9d:d3:80:6f:7b:7e:7c:77:7b:
02:35:22:6f:81:64:e5:34:ce:d3:12:d2:87:6a:8b:3e:bf:cc:
b3:22:05:cf:c6:a8:37:42:93:70:cd:9a:fe:5e:43:b1:90:69:
2d:16:27:51:10:a8:f1:dd:31:ca:6d:01:ff:57:f5:9f:38:6e:
75:50:c5:97:85:7d:fc:b0:9d:8f:5f:5f:2e:a5:5c:01:0f:f8:
71:06:ba:71:bf:d5:03:5e:4c:f7:62:e1:67:d0:99:f1:30:fb:
ac:eb:71:46:9e:1e:90:81:88:7b:ef:91:dc:4c:80:0f:88:16:
f2:e4:dd:35:70:77:2e:03:a2:f9:70:2d:cf:73:9b:1a:23:3f:
16:f2:90:0f:51:ab:b1:20:93:83:6e:21:d1:84:5d:a2:13:0a:
ce:de:61:f9:38:2c:be:93:dd:e8:7a:92:7f:2f:82:6a:ea:5e:
77:9f:c9:bc:cd:52:6b:98:27:63:cb:e8:f9:98:44:af:74:3f:
76:65:fa:62
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQm2WcZ0NJFLjcnvw22w2N2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkNjk4YmFmOWZmM2VlZWJlNjYyODQ4ODlmYmY2ODlkNGU2
ODNjODEwHhcNMjUwMTAyMTE0OTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mzg2OTNjNDExN2YwZTYwNjJhM2NkZGYzYjAzNDcyMDc5MWVjYTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtP+yGdIrHhvc8hpQNRRkzSP/M1AZ
nDQYeAz0vvx4iPm5m6mjMnF1cDAWRv/haBGlaCvyLU/lU2bD+yIC1BGLqIgZ5WJ1
f1krQ8EyPNz0cLYzy3aY2K+UR7E26UYhb2b7Zpe93f/FQys/NAm2uTygCf11opaj
In15yUzt1C3H30uKNY63t0ObYRCEiY++yFyOuxUrvSepK4OfogG0zmgtaNaparj9
KO7nUlkgslSCOAHRpTFnYLlTLm4vKRVe9i8inQ+UFJDVkxhKK3RRBLfF3D0eSmMM
1aGhK4unfsLxTRfaRFrq2eB8OZLoA1LvqgzyJv/0USZbUsUHSOwjyQ1l+QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJOGk8QRfw5gYqPN3zsDRyB5HsogMB8GA1UdIwQY
MBaAFC1pi6+f8+7r5mKEiJ+/aJ1OaDyBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFdtTHI1X3o3dXZtWW9TSW43OW9uVTVvUElFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS81NzJhOTgtM2JiNy00Mjc2LTlkMzkt
ZGZmNWEwOWE4MmNiLzEvazRhVHhCRl9EbUJpbzgzZk93TkhJSGtleWlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS81NzJhOTgtM2JiNy00Mjc2LTlkMzktZGZmNWEwOWE4MmNi
LzEvTFdtTHI1X3o3dXZtWW9TSW43OW9uVTVvUElFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAATAbAwMDAsgDAwBQ
4gMDAFq6MAoDAwNtKAMDAG0uMA0GCSqGSIb3DQEBCwUAA4IBAQBNc9eOpOdSMb9m
6PEtwipg9Cjy5t2O3u0CPdtDdbedxOci1vdUjH+hqx5IhhzLog+f0xxXdwF/ieZF
hiUseuCd04Bve358d3sCNSJvgWTlNM7TEtKHaos+v8yzIgXPxqg3QpNwzZr+XkOx
kGktFidREKjx3THKbQH/V/WfOG51UMWXhX38sJ2PX18upVwBD/hxBrpxv9UDXkz3
YuFn0JnxMPus63FGnh6QgYh775HcTIAPiBby5N01cHcuA6L5cC3Pc5saIz8W8pAP
UauxIJODbiHRhF2iEwrO3mH5OCy+k93oepJ/L4Jq6l53n8m8zVJrmCdjy+j5mESv
dD92Zfpi
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:08:12 2025 by rpki-client