Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/9a6860-224f-4b34-a9b6-bc192bb73025/1/glbAf6IutJeA1wA9zcIVkw-1mp0.roa
File: glbAf6IutJeA1wA9zcIVkw-1mp0.roa (raw, json)
Hash identifier: ESJ6dYFBwvP8YpbvVt0/saN/BWXL7V+r0E/HCTFScAI=
Subject key identifier: 82:56:C0:7F:A2:2E:B4:97:80:D7:00:3D:CD:C2:15:93:0F:B5:9A:9D
Certificate issuer: /CN=02cc691476a6e7895b0e456116444f91937bf01e
Certificate serial: 0194A763D9CF69FE6E22A08951C151631648
Authority key identifier: 02:CC:69:14:76:A6:E7:89:5B:0E:45:61:16:44:4F:91:93:7B:F0:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AsxpFHam54lbDkVhFkRPkZN78B4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/9a6860-224f-4b34-a9b6-bc192bb73025/1/glbAf6IutJeA1wA9zcIVkw-1mp0.roa
Signing time: Mon 27 Jan 2025 10:52:06 +0000
ROA not before: Mon 27 Jan 2025 10:52:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8319
IP address blocks: 194.153.151.0/24 maxlen: 24
195.158.32.0/19 maxlen: 24
195.250.48.0/24 maxlen: 24
212.218.0.0/16 maxlen: 24
212.218.153.0/24 maxlen: 24
2001:4cd8::/32 maxlen: 64
2001:4cd9::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a7:63:d9:cf:69:fe:6e:22:a0:89:51:c1:51:63:16:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02cc691476a6e7895b0e456116444f91937bf01e
Validity
Not Before: Jan 27 10:52:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8256c07fa22eb49780d7003dcdc215930fb59a9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a7:67:60:3a:b0:51:f3:73:a4:cb:78:8f:de:
bc:11:64:83:17:ce:8a:2d:39:df:5a:97:41:35:03:
eb:d4:9e:d1:58:34:cb:99:35:78:36:a3:00:d0:1d:
bd:82:ac:01:0b:f8:59:ad:0c:d4:99:42:bf:14:89:
b0:b2:1b:18:a3:59:31:66:b4:d6:4c:3a:2d:37:19:
ba:d1:21:2f:ae:7c:18:2d:f4:1b:f7:2e:58:34:2b:
09:d5:7e:26:9c:28:e4:2b:29:e0:8f:8f:c8:51:30:
d5:63:d7:94:2f:6e:e8:7d:39:a1:b2:26:7c:be:48:
77:89:62:14:22:07:f3:b0:e4:f4:63:57:3f:50:e6:
ad:a6:90:0a:9a:26:ef:32:2e:01:f8:65:9a:4e:5a:
4e:a9:9a:f1:95:bc:ba:05:df:33:f3:55:0f:b9:88:
e1:e0:a5:1d:77:32:67:b8:4c:b9:5e:4d:86:37:5d:
59:b4:25:99:72:7b:b3:d8:c9:4b:49:fe:bb:e3:7d:
fb:3d:3e:f6:2a:e1:d0:ae:21:d5:e9:cc:06:c8:dc:
da:3e:ce:27:68:6c:7f:8b:ce:4e:41:29:63:9e:6a:
52:64:07:f5:d0:43:e9:cf:1d:0a:0a:8d:80:20:b1:
1f:95:ff:e5:31:28:8b:2e:a3:b9:c4:46:0b:b1:64:
eb:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:56:C0:7F:A2:2E:B4:97:80:D7:00:3D:CD:C2:15:93:0F:B5:9A:9D
X509v3 Authority Key Identifier:
keyid:02:CC:69:14:76:A6:E7:89:5B:0E:45:61:16:44:4F:91:93:7B:F0:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AsxpFHam54lbDkVhFkRPkZN78B4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9a6860-224f-4b34-a9b6-bc192bb73025/1/glbAf6IutJeA1wA9zcIVkw-1mp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9a6860-224f-4b34-a9b6-bc192bb73025/1/AsxpFHam54lbDkVhFkRPkZN78B4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.153.151.0/24
195.158.32.0/19
195.250.48.0/24
212.218.0.0/16
IPv6:
2001:4cd8::/31
Signature Algorithm: sha256WithRSAEncryption
11:67:c3:2b:0c:1a:a6:d0:cc:13:2e:8a:e2:7e:d4:1d:32:ab:
ac:e0:b7:65:bd:58:96:d9:3d:ed:8e:9c:1d:a2:b4:15:b6:b5:
62:5c:fe:24:5a:3c:3f:d9:45:25:e1:c4:67:41:ac:96:89:35:
fa:72:1c:10:8b:13:77:33:a0:eb:89:d3:40:bf:17:6a:ae:fa:
40:64:29:73:1a:b9:16:01:c6:61:86:55:75:f3:29:c9:06:64:
80:0f:41:2f:bd:0b:95:59:64:c3:85:f4:09:f8:76:be:21:24:
11:1b:43:ff:7d:1a:ff:41:8f:a5:63:9e:f8:e3:39:68:a6:56:
a4:5e:b2:fc:c0:92:e2:35:2e:ea:4a:40:0b:7f:e0:f9:08:c7:
95:b8:33:8c:b3:6a:03:8b:2b:6e:b7:b4:eb:5f:4a:0b:90:1d:
a6:46:3a:44:21:7f:aa:d8:08:6c:9d:43:1f:89:e9:ef:9f:ae:
84:2e:41:b6:b7:1a:d8:fd:98:6c:f9:7b:b4:d6:32:a3:15:ee:
a6:21:da:c2:de:01:77:d3:89:c2:73:eb:c3:37:cb:15:ac:57:
73:ae:27:11:7d:8f:6f:51:d9:98:a6:84:1f:18:39:06:4b:24:
6e:49:42:56:34:3b:1c:77:44:e8:8b:2b:f1:74:a7:c6:80:a6:
d9:fa:4c:f6
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZSnY9nPaf5uIqCJUcFRYxZIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyY2M2OTE0NzZhNmU3ODk1YjBlNDU2MTE2NDQ0ZjkxOTM3
YmYwMWUwHhcNMjUwMTI3MTA1MjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjU2YzA3ZmEyMmViNDk3ODBkNzAwM2RjZGMyMTU5MzBmYjU5YTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKdnYDqwUfNzpMt4j968EWSDF86K
LTnfWpdBNQPr1J7RWDTLmTV4NqMA0B29gqwBC/hZrQzUmUK/FImwshsYo1kxZrTW
TDotNxm60SEvrnwYLfQb9y5YNCsJ1X4mnCjkKyngj4/IUTDVY9eUL27ofTmhsiZ8
vkh3iWIUIgfzsOT0Y1c/UOatppAKmibvMi4B+GWaTlpOqZrxlby6Bd8z81UPuYjh
4KUddzJnuEy5Xk2GN11ZtCWZcnuz2MlLSf674337PT72KuHQriHV6cwGyNzaPs4n
aGx/i85OQSljnmpSZAf10EPpzx0KCo2AILEflf/lMSiLLqO5xEYLsWTrBQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFIJWwH+iLrSXgNcAPc3CFZMPtZqdMB8GA1UdIwQY
MBaAFALMaRR2pueJWw5FYRZET5GTe/AeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXN4cEZIYW01NGxiRGtWaEZrUlBrWk43OEI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS85YTY4NjAtMjI0Zi00YjM0LWE5YjYt
YmMxOTJiYjczMDI1LzEvZ2xiQWY2SXV0SmVBMXdBOXpjSVZrdy0xbXAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS85YTY4NjAtMjI0Zi00YjM0LWE5YjYtYmMxOTJiYjczMDI1
LzEvQXN4cEZIYW01NGxiRGtWaEZrUlBrWk43OEI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwQAwpmXAwQF
w54gAwQAw/owAwMA1NowDQQCAAIwBwMFASABTNgwDQYJKoZIhvcNAQELBQADggEB
ABFnwysMGqbQzBMuiuJ+1B0yq6zgt2W9WJbZPe2OnB2itBW2tWJc/iRaPD/ZRSXh
xGdBrJaJNfpyHBCLE3czoOuJ00C/F2qu+kBkKXMauRYBxmGGVXXzKckGZIAPQS+9
C5VZZMOF9An4dr4hJBEbQ/99Gv9Bj6VjnvjjOWimVqResvzAkuI1LupKQAt/4PkI
x5W4M4yzagOLK263tOtfSguQHaZGOkQhf6rYCGydQx+J6e+froQuQba3Gtj9mGz5
e7TWMqMV7qYh2sLeAXfTicJz68M3yxWsV3OuJxF9j29R2ZimhB8YOQZLJG5JQlY0
Oxx3ROiLK/F0p8aAptn6TPY=
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:16:29 2025 by rpki-client