Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/d81745-658d-4a74-92f7-5d3a421a0f10/1/4aLpoXObM3ew7yN9vHEAPc0fnWk.roa
File: 4aLpoXObM3ew7yN9vHEAPc0fnWk.roa (raw, json)
Hash identifier: ar8XjMMpMsT7IlojVLcbANVoZnXxQWrx82eUQGbYerI=
Subject key identifier: E1:A2:E9:A1:73:9B:33:77:B0:EF:23:7D:BC:71:00:3D:CD:1F:9D:69
Certificate issuer: /CN=5f08dc10218ac6db79430ae7c44515590417d605
Certificate serial: 019427486999C96B31657DE1ED0E68C1EC67
Authority key identifier: 5F:08:DC:10:21:8A:C6:DB:79:43:0A:E7:C4:45:15:59:04:17:D6:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XwjcECGKxtt5QwrnxEUVWQQX1gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/d81745-658d-4a74-92f7-5d3a421a0f10/1/4aLpoXObM3ew7yN9vHEAPc0fnWk.roa
Signing time: Thu 02 Jan 2025 13:50:44 +0000
ROA not before: Thu 02 Jan 2025 13:50:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29577
IP address blocks: 92.249.56.0/24 maxlen: 24
92.249.57.0/24 maxlen: 24
92.249.58.0/24 maxlen: 24
92.249.59.0/24 maxlen: 24
176.101.32.0/24 maxlen: 24
176.101.33.0/24 maxlen: 24
176.101.34.0/24 maxlen: 24
176.101.35.0/24 maxlen: 24
176.101.36.0/24 maxlen: 24
176.101.37.0/24 maxlen: 24
176.101.38.0/24 maxlen: 24
176.101.39.0/24 maxlen: 24
176.101.40.0/24 maxlen: 24
176.101.41.0/24 maxlen: 24
176.101.42.0/24 maxlen: 24
176.101.43.0/24 maxlen: 24
176.101.44.0/24 maxlen: 24
176.101.45.0/24 maxlen: 24
176.101.46.0/24 maxlen: 24
176.101.47.0/24 maxlen: 24
176.101.48.0/24 maxlen: 24
176.101.49.0/24 maxlen: 24
176.101.50.0/24 maxlen: 24
176.101.51.0/24 maxlen: 24
176.101.52.0/24 maxlen: 24
176.101.53.0/24 maxlen: 24
176.101.54.0/24 maxlen: 24
176.101.55.0/24 maxlen: 24
194.146.148.0/24 maxlen: 24
194.146.149.0/24 maxlen: 24
194.146.150.0/24 maxlen: 24
194.146.151.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:69:99:c9:6b:31:65:7d:e1:ed:0e:68:c1:ec:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f08dc10218ac6db79430ae7c44515590417d605
Validity
Not Before: Jan 2 13:50:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e1a2e9a1739b3377b0ef237dbc71003dcd1f9d69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b3:7c:98:5c:78:df:e3:c6:aa:26:2c:6b:03:
b4:90:be:8f:4a:01:81:6f:bd:f3:2e:38:03:a7:89:
d3:97:af:a6:46:00:2f:5b:da:de:a2:af:dd:f9:99:
19:95:43:e4:2a:e0:63:94:b5:d2:c5:1f:2e:ca:43:
f9:22:b7:9a:c2:ec:4e:db:26:db:3a:d0:cd:a5:38:
0a:e2:5b:15:33:0a:6a:92:0b:80:35:38:53:36:98:
a1:9c:50:4f:d2:ba:37:9f:95:4c:50:ba:47:30:30:
a5:66:72:51:9e:fc:15:aa:f3:0e:ed:19:b6:90:98:
7c:3e:1e:75:c6:08:aa:5a:04:90:c3:1b:8c:f7:da:
84:a4:7c:88:0a:fc:29:a9:51:40:ee:b9:5e:06:f6:
5d:9c:bd:fc:e4:c9:f7:db:b2:5d:73:d0:88:b4:9c:
b8:8a:8d:87:e5:25:80:87:71:78:bf:25:87:bc:f3:
1c:49:76:97:6d:d3:aa:e1:75:3e:56:38:45:dc:20:
99:56:0f:d4:21:d0:72:f5:0e:ec:5d:55:2e:79:7c:
d1:62:f1:de:cf:99:70:62:18:18:87:b5:37:3c:c4:
84:d2:1e:d6:ad:ac:12:d0:69:18:a4:a4:dc:11:03:
3d:48:82:56:ba:6e:a0:81:03:65:23:f7:0d:bb:2f:
0d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:A2:E9:A1:73:9B:33:77:B0:EF:23:7D:BC:71:00:3D:CD:1F:9D:69
X509v3 Authority Key Identifier:
keyid:5F:08:DC:10:21:8A:C6:DB:79:43:0A:E7:C4:45:15:59:04:17:D6:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XwjcECGKxtt5QwrnxEUVWQQX1gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/d81745-658d-4a74-92f7-5d3a421a0f10/1/4aLpoXObM3ew7yN9vHEAPc0fnWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/d81745-658d-4a74-92f7-5d3a421a0f10/1/XwjcECGKxtt5QwrnxEUVWQQX1gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.249.56.0/22
176.101.32.0-176.101.55.255
194.146.148.0/22
Signature Algorithm: sha256WithRSAEncryption
82:eb:1b:a1:35:3a:1c:b1:74:e8:ba:2f:ae:9f:53:fa:32:6a:
d7:21:8c:55:22:4c:02:c9:83:c3:f0:57:7e:1e:da:5a:ab:18:
47:cc:82:41:8e:b1:da:16:a2:cf:b7:f1:2b:7e:e7:e5:8d:96:
33:d6:be:8f:1d:33:e1:39:05:07:95:44:14:b3:16:05:f5:39:
6c:4d:bc:d5:ac:d4:9b:f7:59:e7:21:8d:1d:fa:ce:f3:af:9e:
44:76:f8:04:56:ff:e6:dc:70:34:fa:4b:23:eb:58:01:ac:88:
be:56:f3:32:26:40:f0:ef:db:51:d6:18:6e:11:ea:67:0c:c3:
08:c3:43:85:c2:b1:86:90:1e:c8:7b:1a:6c:2b:ec:a0:11:6c:
94:86:fa:cb:09:bd:30:2d:ce:d6:20:9f:80:79:6c:1e:bd:0b:
5c:d7:f7:7c:6b:e4:f2:b6:d8:35:bd:cd:6d:73:71:cb:2c:86:
f9:25:08:46:c9:9a:bb:da:f9:a3:a7:85:eb:8d:e3:ea:cc:ef:
40:fc:f5:d2:33:87:47:d3:24:e2:ae:d7:97:e0:97:41:b7:16:
da:ef:09:5c:80:a0:5e:cf:74:cb:05:05:e3:94:db:76:7f:28:
b2:eb:c8:3f:67:20:35:da:50:c5:36:5a:b6:c2:d6:1f:c7:1c:
84:c2:0c:04
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQnSGmZyWsxZX3h7Q5owexnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMDhkYzEwMjE4YWM2ZGI3OTQzMGFlN2M0NDUxNTU5MDQx
N2Q2MDUwHhcNMjUwMTAyMTM1MDQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWEyZTlhMTczOWIzMzc3YjBlZjIzN2RiYzcxMDAzZGNkMWY5ZDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrN8mFx43+PGqiYsawO0kL6PSgGB
b73zLjgDp4nTl6+mRgAvW9reoq/d+ZkZlUPkKuBjlLXSxR8uykP5IreawuxO2ybb
OtDNpTgK4lsVMwpqkguANThTNpihnFBP0ro3n5VMULpHMDClZnJRnvwVqvMO7Rm2
kJh8Ph51xgiqWgSQwxuM99qEpHyICvwpqVFA7rleBvZdnL385Mn327Jdc9CItJy4
io2H5SWAh3F4vyWHvPMcSXaXbdOq4XU+VjhF3CCZVg/UIdBy9Q7sXVUueXzRYvHe
z5lwYhgYh7U3PMSE0h7WrawS0GkYpKTcEQM9SIJWum6ggQNlI/cNuy8NIwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOGi6aFzmzN3sO8jfbxxAD3NH51pMB8GA1UdIwQY
MBaAFF8I3BAhisbbeUMK58RFFVkEF9YFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHdqY0VDR0t4dHQ1UXdybnhFVVZXUVFYMWdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9kODE3NDUtNjU4ZC00YTc0LTkyZjct
NWQzYTQyMWEwZjEwLzEvNGFMcG9YT2JNM2V3N3lOOXZIRUFQYzBmbldrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9kODE3NDUtNjU4ZC00YTc0LTkyZjctNWQzYTQyMWEwZjEw
LzEvWHdqY0VDR0t4dHQ1UXdybnhFVVZXUVFYMWdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCXPk4MAwD
BAWwZSADBAOwZTADBALCkpQwDQYJKoZIhvcNAQELBQADggEBAILrG6E1OhyxdOi6
L66fU/oyatchjFUiTALJg8PwV34e2lqrGEfMgkGOsdoWos+38St+5+WNljPWvo8d
M+E5BQeVRBSzFgX1OWxNvNWs1Jv3WechjR36zvOvnkR2+ARW/+bccDT6SyPrWAGs
iL5W8zImQPDv21HWGG4R6mcMwwjDQ4XCsYaQHsh7Gmwr7KARbJSG+ssJvTAtztYg
n4B5bB69C1zX93xr5PK22DW9zW1zccsshvklCEbJmrva+aOnheuN4+rM70D89dIz
h0fTJOKu15fgl0G3FtrvCVyAoF7PdMsFBeOU23Z/KLLryD9nIDXaUMU2WrbC1h/H
HITCDAQ=
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:33:34 2025 by rpki-client