Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/1b4708-eef9-49de-b887-f32069ec4ee5/1/DtG9QHgbh6DEslt8mTDXVaxdqQ4.roa
File: DtG9QHgbh6DEslt8mTDXVaxdqQ4.roa (raw, json)
Hash identifier: FeW6iqctyQqjdDbIjMhTvYTHZA4p9G/jqf5MmgvmOo4=
Subject key identifier: 0E:D1:BD:40:78:1B:87:A0:C4:B2:5B:7C:99:30:D7:55:AC:5D:A9:0E
Certificate issuer: /CN=57c1fe8083646749816ad3fa64098345fb61e9f5
Certificate serial: 0194221F5F8D0B0B11664DDBFC79AE4FB9F9
Authority key identifier: 57:C1:FE:80:83:64:67:49:81:6A:D3:FA:64:09:83:45:FB:61:E9:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8H-gINkZ0mBatP6ZAmDRfth6fU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/1b4708-eef9-49de-b887-f32069ec4ee5/1/DtG9QHgbh6DEslt8mTDXVaxdqQ4.roa
Signing time: Wed 01 Jan 2025 13:47:48 +0000
ROA not before: Wed 01 Jan 2025 13:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57099
IP address blocks: 91.229.222.0/24 maxlen: 24
91.229.223.0/24 maxlen: 24
146.255.104.0/21 maxlen: 21
146.255.104.0/24 maxlen: 24
146.255.105.0/24 maxlen: 24
146.255.106.0/23 maxlen: 23
146.255.108.0/22 maxlen: 22
164.138.80.0/21 maxlen: 21
185.16.224.0/22 maxlen: 22
185.47.216.0/24 maxlen: 24
185.47.217.0/24 maxlen: 24
185.47.218.0/24 maxlen: 24
185.47.219.0/24 maxlen: 24
185.56.40.0/24 maxlen: 24
185.56.41.0/24 maxlen: 24
185.56.42.0/24 maxlen: 24
185.56.43.0/24 maxlen: 24
2a04:3c0::/29 maxlen: 29
2a04:d840::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:5f:8d:0b:0b:11:66:4d:db:fc:79:ae:4f:b9:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c1fe8083646749816ad3fa64098345fb61e9f5
Validity
Not Before: Jan 1 13:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0ed1bd40781b87a0c4b25b7c9930d755ac5da90e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f9:f4:1f:9e:46:66:41:28:5a:b2:fc:89:23:
46:ae:de:52:46:56:ed:f0:fd:7f:95:85:cc:b1:b0:
18:fe:3b:6e:0a:6b:04:4c:d1:66:b9:6e:7d:e2:5f:
d1:34:85:07:ca:66:d8:09:58:57:fd:12:37:a3:e9:
8c:a9:1c:f5:a9:44:7d:44:81:b3:8f:10:d7:a8:4e:
b1:f5:45:e3:f1:4a:18:55:ba:b1:a0:c6:92:cb:09:
c4:a0:c3:36:72:89:bc:46:9b:a1:21:02:0f:9e:b6:
87:d0:77:f8:64:df:fd:10:e9:8d:0d:69:3d:c0:c5:
25:65:8e:82:53:24:84:f5:1a:52:30:4d:66:1c:16:
b8:7d:f7:61:87:aa:a1:f5:71:ef:3a:a5:53:14:1a:
81:9f:20:23:e3:8d:8c:4a:25:c9:71:64:d9:8b:cf:
fe:af:e0:13:f3:fa:db:f3:ef:4f:68:77:5e:0b:6a:
97:51:cf:8a:60:24:b4:50:f3:a1:72:8e:9e:d3:5b:
16:45:55:8a:e6:ee:59:d8:e6:05:6f:90:b8:b1:66:
bf:db:75:cd:6d:29:1e:e4:94:e3:95:b2:60:59:34:
93:8e:cb:a6:bf:0a:b2:26:68:06:dc:f6:61:6f:55:
86:e2:2a:91:99:1e:51:60:71:89:99:43:09:24:5a:
78:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:D1:BD:40:78:1B:87:A0:C4:B2:5B:7C:99:30:D7:55:AC:5D:A9:0E
X509v3 Authority Key Identifier:
keyid:57:C1:FE:80:83:64:67:49:81:6A:D3:FA:64:09:83:45:FB:61:E9:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8H-gINkZ0mBatP6ZAmDRfth6fU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/1b4708-eef9-49de-b887-f32069ec4ee5/1/DtG9QHgbh6DEslt8mTDXVaxdqQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/1b4708-eef9-49de-b887-f32069ec4ee5/1/V8H-gINkZ0mBatP6ZAmDRfth6fU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.222.0/23
146.255.104.0/21
164.138.80.0/21
185.16.224.0/22
185.47.216.0/22
185.56.40.0/22
IPv6:
2a04:3c0::/29
2a04:d840::/29
Signature Algorithm: sha256WithRSAEncryption
90:85:f9:d9:0f:19:c4:c2:48:18:ad:81:60:0f:38:a4:33:8d:
ad:d0:18:4b:aa:1f:f4:ca:48:d2:41:86:a3:07:24:0a:64:30:
3c:fe:85:0e:f0:3a:b7:6a:3e:78:27:c2:c0:46:00:87:4b:60:
d8:bf:14:e9:b2:b9:69:a1:b9:c7:60:86:d2:65:db:0a:ec:a1:
c5:fe:97:c5:64:f9:65:08:b0:42:0a:e2:00:ee:7d:5d:b9:9d:
b6:65:98:8c:a6:f3:c7:03:fc:b1:0f:39:2d:14:9f:ae:12:e3:
c6:c7:6d:4e:d7:5c:fb:31:80:c2:d1:96:a5:61:01:b6:be:78:
48:e6:bc:05:d6:fd:b7:87:cd:b5:d6:f6:c4:6d:e2:00:45:be:
93:48:57:05:ac:5d:ee:0f:68:23:bf:6c:55:39:bd:4e:f1:d2:
bb:28:57:09:3a:c0:00:4d:04:ab:a7:ee:77:41:1e:84:fc:06:
48:b0:30:06:83:fe:2d:81:b1:c1:67:b9:7f:57:74:1a:87:40:
b5:8f:d6:e2:04:b8:c6:d1:9c:f2:0b:f4:da:29:ce:7e:0f:0a:
4f:89:91:c1:04:1b:89:04:3b:f3:f0:21:55:e6:92:85:49:15:
a1:3e:77:7d:c2:94:a5:68:11:f0:7a:88:b2:cc:17:0c:74:d7:
98:62:dc:57
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZQiH1+NCwsRZk3b/HmuT7n5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzFmZTgwODM2NDY3NDk4MTZhZDNmYTY0MDk4MzQ1ZmI2
MWU5ZjUwHhcNMjUwMTAxMTM0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWQxYmQ0MDc4MWI4N2EwYzRiMjViN2M5OTMwZDc1NWFjNWRhOTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfn0H55GZkEoWrL8iSNGrt5SRlbt
8P1/lYXMsbAY/jtuCmsETNFmuW594l/RNIUHymbYCVhX/RI3o+mMqRz1qUR9RIGz
jxDXqE6x9UXj8UoYVbqxoMaSywnEoMM2com8RpuhIQIPnraH0Hf4ZN/9EOmNDWk9
wMUlZY6CUySE9RpSME1mHBa4ffdhh6qh9XHvOqVTFBqBnyAj442MSiXJcWTZi8/+
r+AT8/rb8+9PaHdeC2qXUc+KYCS0UPOhco6e01sWRVWK5u5Z2OYFb5C4sWa/23XN
bSke5JTjlbJgWTSTjsumvwqyJmgG3PZhb1WG4iqRmR5RYHGJmUMJJFp4JQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFA7RvUB4G4egxLJbfJkw11WsXakOMB8GA1UdIwQY
MBaAFFfB/oCDZGdJgWrT+mQJg0X7Yen1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhILWdJTmtaMG1CYXRQNlpBbURSZnRoNmZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8xYjQ3MDgtZWVmOS00OWRlLWI4ODct
ZjMyMDY5ZWM0ZWU1LzEvRHRHOVFIZ2JoNkRFc2x0OG1URFhWYXhkcVE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8xYjQ3MDgtZWVmOS00OWRlLWI4ODctZjMyMDY5ZWM0ZWU1
LzEvVjhILWdJTmtaMG1CYXRQNlpBbURSZnRoNmZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQBW+XeAwQD
kv9oAwQDpIpQAwQCuRDgAwQCuS/YAwQCuTgoMBQEAgACMA4DBQMqBAPAAwUDKgTY
QDANBgkqhkiG9w0BAQsFAAOCAQEAkIX52Q8ZxMJIGK2BYA84pDONrdAYS6of9MpI
0kGGowckCmQwPP6FDvA6t2o+eCfCwEYAh0tg2L8U6bK5aaG5x2CG0mXbCuyhxf6X
xWT5ZQiwQgriAO59XbmdtmWYjKbzxwP8sQ85LRSfrhLjxsdtTtdc+zGAwtGWpWEB
tr54SOa8Bdb9t4fNtdb2xG3iAEW+k0hXBaxd7g9oI79sVTm9TvHSuyhXCTrAAE0E
q6fud0EehPwGSLAwBoP+LYGxwWe5f1d0GodAtY/W4gS4xtGc8gv02inOfg8KT4mR
wQQbiQQ78/AhVeaShUkVoT53fcKUpWgR8HqIsswXDHTXmGLcVw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:06:51 2025 by rpki-client