Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/979bdb-01a3-4d17-8746-fe44772d5ae1/1/k86L2r6PyseZfyszmOgSsSpazQk.roa
File: k86L2r6PyseZfyszmOgSsSpazQk.roa (raw, json)
Hash identifier: IsdULHTb1wucLEEG+EnermzxJ4zmYkO1E7qf8JXpI3M=
Subject key identifier: 93:CE:8B:DA:BE:8F:CA:C7:99:7F:2B:33:98:E8:12:B1:2A:5A:CD:09
Certificate issuer: /CN=f1dd795be36e4b5b309ebc8e04ea7394135c714c
Certificate serial: 019424B31BFA2A011AAF9C05AF16C32E98E2
Authority key identifier: F1:DD:79:5B:E3:6E:4B:5B:30:9E:BC:8E:04:EA:73:94:13:5C:71:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8d15W-NuS1swnryOBOpzlBNccUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/979bdb-01a3-4d17-8746-fe44772d5ae1/1/k86L2r6PyseZfyszmOgSsSpazQk.roa
Signing time: Thu 02 Jan 2025 01:48:25 +0000
ROA not before: Thu 02 Jan 2025 01:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209979
IP address blocks: 194.35.100.0/22 maxlen: 22
194.35.100.0/24 maxlen: 24
194.35.101.0/24 maxlen: 24
194.35.102.0/24 maxlen: 24
194.35.103.0/24 maxlen: 24
2a09:c580::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:1b:fa:2a:01:1a:af:9c:05:af:16:c3:2e:98:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1dd795be36e4b5b309ebc8e04ea7394135c714c
Validity
Not Before: Jan 2 01:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=93ce8bdabe8fcac7997f2b3398e812b12a5acd09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:66:15:74:4c:16:ea:f9:58:cc:95:9a:37:bb:
bd:50:39:e2:a5:da:ff:6c:bd:f4:37:6b:5a:57:ab:
98:20:4f:80:9d:81:68:0e:13:96:dd:e1:44:6c:1b:
4f:19:f9:85:74:d2:e9:81:9b:37:77:b1:ed:b2:ad:
37:f0:27:fd:76:6e:73:61:c5:81:81:59:b1:62:87:
0a:70:26:3f:02:80:d1:dd:cb:6c:4f:28:de:f2:5c:
d2:d1:c6:ab:08:ba:fc:9f:20:8c:6f:12:55:b4:4a:
4f:b3:3a:1c:2a:af:e8:34:88:38:39:27:e1:cc:b1:
fc:d4:a7:92:1e:4a:ac:ed:e9:51:75:ac:6c:4d:07:
2c:91:79:23:d9:4e:ab:7f:3c:ac:ea:45:51:17:1d:
0e:4a:08:76:74:21:05:10:73:92:90:1f:d6:85:9c:
e0:a1:45:b2:eb:e4:ea:19:c3:56:db:ab:db:0c:16:
79:11:ca:a5:fa:c7:2c:58:b6:6e:95:d2:d2:58:cf:
a7:da:1f:7d:1e:a1:71:a4:2d:b1:81:dc:97:5f:21:
e5:e9:8c:92:54:ed:d1:21:ee:64:bd:7f:ff:31:1d:
e3:fb:09:bd:c0:2e:9c:d0:09:0f:01:de:1a:5b:17:
fe:97:e8:e9:bb:ad:1a:15:da:d2:84:e9:d6:17:c4:
fc:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:CE:8B:DA:BE:8F:CA:C7:99:7F:2B:33:98:E8:12:B1:2A:5A:CD:09
X509v3 Authority Key Identifier:
keyid:F1:DD:79:5B:E3:6E:4B:5B:30:9E:BC:8E:04:EA:73:94:13:5C:71:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d15W-NuS1swnryOBOpzlBNccUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/979bdb-01a3-4d17-8746-fe44772d5ae1/1/k86L2r6PyseZfyszmOgSsSpazQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/979bdb-01a3-4d17-8746-fe44772d5ae1/1/8d15W-NuS1swnryOBOpzlBNccUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.35.100.0/22
IPv6:
2a09:c580::/32
Signature Algorithm: sha256WithRSAEncryption
6f:06:b8:3b:e3:29:c7:3b:51:02:6e:7d:39:2f:b0:13:93:65:
47:40:2a:45:c3:e2:0b:ba:f1:14:c0:e9:c3:ca:6b:ae:23:f4:
80:c2:e2:b5:c6:ed:2e:00:b6:38:c5:0f:17:4d:6f:86:41:1a:
1b:46:3a:d8:a6:0e:55:a3:3e:4c:d8:7f:1c:11:37:a8:a9:81:
b3:86:49:c7:97:6c:bd:f8:58:2c:9a:9a:a4:80:41:e4:20:a5:
97:9d:eb:42:d9:83:0a:e4:a1:9f:16:16:b1:ef:0c:05:88:98:
fd:79:24:e2:b5:22:20:a4:fd:08:5b:54:91:8d:64:19:84:59:
16:ac:26:04:a2:48:6f:63:3c:f0:ad:a5:32:60:2d:c3:84:cd:
f3:78:45:fd:35:c1:1f:46:ff:42:38:c2:55:6a:db:26:29:7a:
04:75:79:91:18:8f:44:3d:94:50:eb:97:71:17:7b:46:a5:e2:
92:db:ff:19:cb:1e:d3:a7:ad:a1:81:b0:62:cb:3a:5f:3c:cf:
7f:be:33:92:14:ed:06:90:34:86:a1:0e:eb:30:2c:2a:bc:30:
8a:bc:ae:2f:e0:da:e1:4f:c5:bf:45:a6:20:8d:4a:5d:98:5b:
8a:a2:d1:0e:a5:9d:62:8b:ae:71:94:ec:0d:9a:28:79:53:1c:
2b:83:0a:dc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQksxv6KgEar5wFrxbDLpjiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZGQ3OTViZTM2ZTRiNWIzMDllYmM4ZTA0ZWE3Mzk0MTM1
YzcxNGMwHhcNMjUwMTAyMDE0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2NlOGJkYWJlOGZjYWM3OTk3ZjJiMzM5OGU4MTJiMTJhNWFjZDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2YVdEwW6vlYzJWaN7u9UDnipdr/
bL30N2taV6uYIE+AnYFoDhOW3eFEbBtPGfmFdNLpgZs3d7Htsq038Cf9dm5zYcWB
gVmxYocKcCY/AoDR3ctsTyje8lzS0carCLr8nyCMbxJVtEpPszocKq/oNIg4OSfh
zLH81KeSHkqs7elRdaxsTQcskXkj2U6rfzys6kVRFx0OSgh2dCEFEHOSkB/WhZzg
oUWy6+TqGcNW26vbDBZ5Ecql+scsWLZuldLSWM+n2h99HqFxpC2xgdyXXyHl6YyS
VO3RIe5kvX//MR3j+wm9wC6c0AkPAd4aWxf+l+jpu60aFdrShOnWF8T83wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJPOi9q+j8rHmX8rM5joErEqWs0JMB8GA1UdIwQY
MBaAFPHdeVvjbktbMJ68jgTqc5QTXHFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGQxNVctTnVTMXN3bnJ5T0JPcHpsQk5jY1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85NzliZGItMDFhMy00ZDE3LTg3NDYt
ZmU0NDc3MmQ1YWUxLzEvazg2TDJyNlB5c2VaZnlzem1PZ1NzU3BhelFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS85NzliZGItMDFhMy00ZDE3LTg3NDYtZmU0NDc3MmQ1YWUx
LzEvOGQxNVctTnVTMXN3bnJ5T0JPcHpsQk5jY1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwiNkMA0E
AgACMAcDBQAqCcWAMA0GCSqGSIb3DQEBCwUAA4IBAQBvBrg74ynHO1ECbn05L7AT
k2VHQCpFw+ILuvEUwOnDymuuI/SAwuK1xu0uALY4xQ8XTW+GQRobRjrYpg5Voz5M
2H8cETeoqYGzhknHl2y9+FgsmpqkgEHkIKWXnetC2YMK5KGfFhax7wwFiJj9eSTi
tSIgpP0IW1SRjWQZhFkWrCYEokhvYzzwraUyYC3DhM3zeEX9NcEfRv9COMJVatsm
KXoEdXmRGI9EPZRQ65dxF3tGpeKS2/8Zyx7Tp62hgbBiyzpfPM9/vjOSFO0GkDSG
oQ7rMCwqvDCKvK4v4NrhT8W/RaYgjUpdmFuKotEOpZ1ii65xlOwNmih5Uxwrgwrc
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:18:07 2025 by rpki-client