Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/7MGhJydOctXAsjZrMgD0-FeP_ag.roa
File: 7MGhJydOctXAsjZrMgD0-FeP_ag.roa (raw, json)
Hash identifier: py+p7p7Nsng6GcqDQ0gCuxm4gjOkDxfiu5u5FDoEkVA=
Subject key identifier: EC:C1:A1:27:27:4E:72:D5:C0:B2:36:6B:32:00:F4:F8:57:8F:FD:A8
Certificate issuer: /CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Certificate serial: 01945FC0FFACD07032CFCE2CB63B7F796A08
Authority key identifier: 4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/7MGhJydOctXAsjZrMgD0-FeP_ag.roa
Signing time: Mon 13 Jan 2025 13:01:11 +0000
ROA not before: Mon 13 Jan 2025 13:01:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25124
IP address blocks: 81.91.128.0/20 maxlen: 20
81.91.128.0/21 maxlen: 21
81.91.128.0/22 maxlen: 22
81.91.128.0/23 maxlen: 23
81.91.130.0/23 maxlen: 23
81.91.130.0/24 maxlen: 24
81.91.132.0/22 maxlen: 22
81.91.132.0/23 maxlen: 23
81.91.134.0/23 maxlen: 23
81.91.136.0/22 maxlen: 22
81.91.136.0/23 maxlen: 23
81.91.138.0/23 maxlen: 23
81.91.138.0/24 maxlen: 24
81.91.138.40/29 maxlen: 29
81.91.138.48/28 maxlen: 28
81.91.138.80/28 maxlen: 28
81.91.138.112/28 maxlen: 28
81.91.139.0/24 maxlen: 24
81.91.140.0/22 maxlen: 22
81.91.140.0/23 maxlen: 23
81.91.142.0/23 maxlen: 23
91.184.80.0/20 maxlen: 20
109.162.128.0/20 maxlen: 20
109.162.144.0/20 maxlen: 20
109.162.144.0/21 maxlen: 21
109.162.160.0/20 maxlen: 20
109.162.176.0/20 maxlen: 20
109.162.176.0/24 maxlen: 24
109.162.192.0/20 maxlen: 20
109.162.208.0/20 maxlen: 20
109.162.224.0/20 maxlen: 20
213.207.208.0/20 maxlen: 20
213.207.224.0/20 maxlen: 20
213.207.232.0/21 maxlen: 21
213.207.240.0/20 maxlen: 20
2a01:3c8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5f:c0:ff:ac:d0:70:32:cf:ce:2c:b6:3b:7f:79:6a:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Validity
Not Before: Jan 13 13:01:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ecc1a127274e72d5c0b2366b3200f4f8578ffda8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:5b:d0:2f:4f:f9:da:a4:a4:f2:72:04:28:38:
2f:69:8f:9c:b0:dc:34:f0:e4:3b:da:97:7f:15:04:
ac:02:c9:9d:dc:2c:a3:2a:73:5f:a5:94:7e:79:a9:
cc:cc:16:28:0e:6d:05:5c:e3:d3:48:5a:d1:ea:55:
1a:9b:19:22:58:b7:a0:5a:1b:f2:75:51:8a:5f:4c:
ac:73:8b:50:46:8e:57:19:8c:9f:21:c5:a3:e9:4b:
99:85:bf:38:b9:c4:c2:b4:c2:48:6b:62:8a:f4:ea:
6e:73:a3:13:cc:86:eb:ce:a6:15:01:61:ca:7d:b6:
02:f3:56:25:b6:ee:da:8d:17:4b:c1:38:aa:b1:67:
d8:ae:c6:10:eb:8b:ed:44:74:78:72:1d:8b:d5:c2:
02:67:bc:ff:fa:19:69:32:ad:30:7f:f6:41:6d:7f:
c0:ab:0d:f6:19:7e:13:d8:d1:ad:75:7b:0b:0f:9c:
b1:14:f2:ac:df:2f:0a:c1:49:e2:8a:67:8b:31:cd:
a9:ea:54:0c:e5:35:64:f8:45:26:a5:2a:40:24:ad:
3f:bf:e6:0c:dd:41:72:c3:e1:ec:f5:b9:29:ba:e5:
2d:e3:25:45:26:a9:fd:5f:16:c2:2e:e8:64:33:99:
cb:14:a7:c2:2c:b5:a8:46:25:8b:d7:29:b2:c0:59:
18:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:C1:A1:27:27:4E:72:D5:C0:B2:36:6B:32:00:F4:F8:57:8F:FD:A8
X509v3 Authority Key Identifier:
keyid:4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/7MGhJydOctXAsjZrMgD0-FeP_ag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/TddPu7rljdCHbZnoDsgqEaRHf34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.91.128.0/20
91.184.80.0/20
109.162.128.0-109.162.239.255
213.207.208.0-213.207.255.255
IPv6:
2a01:3c8::/32
Signature Algorithm: sha256WithRSAEncryption
62:eb:9a:b6:6d:62:25:07:f3:98:ec:68:9c:55:2c:5e:0a:6a:
8b:83:63:80:cd:d1:ff:f3:e4:43:ff:26:67:56:8f:b6:33:45:
fb:ce:89:a6:5a:d6:bb:4d:d6:2a:4e:9a:92:09:82:3a:8f:74:
6a:6d:21:f5:d5:e9:8e:93:d6:28:88:88:b9:07:9b:8a:c7:29:
3c:7a:de:61:51:b1:de:15:df:7d:ff:41:02:40:b2:40:2a:3e:
bd:9a:8a:d6:0a:94:9a:df:f4:cd:77:b6:5e:3a:26:c1:55:84:
0c:d1:f0:02:e0:c0:08:d1:66:30:b0:46:b1:d8:8e:de:58:f4:
52:c5:1c:b0:da:e7:4b:bc:a5:b5:66:e6:03:c5:1c:ac:2e:b4:
72:96:f4:93:b5:ba:56:73:e4:dc:3b:00:73:c6:c4:a0:8f:4a:
82:d0:1a:96:6c:b6:4d:8a:06:87:0a:c7:86:b1:63:5c:2d:ff:
d1:52:f6:34:23:4c:61:3c:52:b4:fb:ef:20:9e:e5:7f:b9:5d:
9c:67:78:d1:a3:19:7f:ee:b3:4c:d1:e0:dc:0f:76:82:32:30:
08:32:2a:59:69:a6:62:50:9d:13:7b:90:ef:3e:ea:17:1a:61:
84:a8:a7:4f:a3:51:ae:ed:2f:24:d9:a0:bc:84:69:d9:7c:50:
fe:5a:6d:44
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZRfwP+s0HAyz84stjt/eWoIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDc0ZmJiYmFlNThkZDA4NzZkOTllODBlYzgyYTExYTQ0
NzdmN2UwHhcNMjUwMTEzMTMwMTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2MxYTEyNzI3NGU3MmQ1YzBiMjM2NmIzMjAwZjRmODU3OGZmZGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlvQL0/52qSk8nIEKDgvaY+csNw0
8OQ72pd/FQSsAsmd3CyjKnNfpZR+eanMzBYoDm0FXOPTSFrR6lUamxkiWLegWhvy
dVGKX0ysc4tQRo5XGYyfIcWj6UuZhb84ucTCtMJIa2KK9Opuc6MTzIbrzqYVAWHK
fbYC81Yltu7ajRdLwTiqsWfYrsYQ64vtRHR4ch2L1cICZ7z/+hlpMq0wf/ZBbX/A
qw32GX4T2NGtdXsLD5yxFPKs3y8KwUniimeLMc2p6lQM5TVk+EUmpSpAJK0/v+YM
3UFyw+Hs9bkpuuUt4yVFJqn9XxbCLuhkM5nLFKfCLLWoRiWL1ymywFkYxQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFOzBoScnTnLVwLI2azIA9PhXj/2oMB8GA1UdIwQY
MBaAFE3XT7u65Y3Qh22Z6A7IKhGkR39+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmIt
OGVhYjdmNGZlNzdlLzEvN01HaEp5ZE9jdFhBc2pack1nRDAtRmVQX2FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmItOGVhYjdmNGZlNzdl
LzEvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAtBAIAATAnAwQEUVuAAwQE
W7hQMAwDBAdtooADBARtouAwCwMEBNXP0AMDBNXAMA0EAgACMAcDBQAqAQPIMA0G
CSqGSIb3DQEBCwUAA4IBAQBi65q2bWIlB/OY7GicVSxeCmqLg2OAzdH/8+RD/yZn
Vo+2M0X7zommWta7TdYqTpqSCYI6j3RqbSH11emOk9YoiIi5B5uKxyk8et5hUbHe
Fd99/0ECQLJAKj69morWCpSa3/TNd7ZeOibBVYQM0fAC4MAI0WYwsEax2I7eWPRS
xRyw2udLvKW1ZuYDxRysLrRylvSTtbpWc+TcOwBzxsSgj0qC0BqWbLZNigaHCseG
sWNcLf/RUvY0I0xhPFK0++8gnuV/uV2cZ3jRoxl/7rNM0eDcD3aCMjAIMipZaaZi
UJ0Te5DvPuoXGmGEqKdPo1Gu7S8k2aC8hGnZfFD+Wm1E
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:50:07 2025 by rpki-client