Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/531a4c-6521-4ef9-8878-31f4cc12d620/1/TWq28Ae0YWlnL9QMmIL7aFBiUGw.roa
File: TWq28Ae0YWlnL9QMmIL7aFBiUGw.roa (raw, json)
Hash identifier: +h8RDHE7R4Fi6gqXkHnd/C2ymQ77DKFkbRcxLwhFxSk=
Subject key identifier: 4D:6A:B6:F0:07:B4:61:69:67:2F:D4:0C:98:82:FB:68:50:62:50:6C
Certificate issuer: /CN=c66a5f2b468db35eb562bd37e1f36ecea813ccac
Certificate serial: 019421B22A19DF522AC1EF1CD7BFC084BAF9
Authority key identifier: C6:6A:5F:2B:46:8D:B3:5E:B5:62:BD:37:E1:F3:6E:CE:A8:13:CC:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmpfK0aNs161Yr034fNuzqgTzKw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/531a4c-6521-4ef9-8878-31f4cc12d620/1/TWq28Ae0YWlnL9QMmIL7aFBiUGw.roa
Signing time: Wed 01 Jan 2025 11:48:31 +0000
ROA not before: Wed 01 Jan 2025 11:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41670
IP address blocks: 89.248.240.0/20 maxlen: 20
185.110.204.0/22 maxlen: 22
2a01:168::/29 maxlen: 29
2a01:168::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:2a:19:df:52:2a:c1:ef:1c:d7:bf:c0:84:ba:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66a5f2b468db35eb562bd37e1f36ecea813ccac
Validity
Not Before: Jan 1 11:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d6ab6f007b46169672fd40c9882fb685062506c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a9:df:28:2d:cf:c9:5d:24:3b:85:3d:3d:c5:
41:fe:5c:4f:30:d0:b8:60:0c:41:8c:36:4f:ee:9d:
72:a4:b1:f6:2e:af:bc:47:07:be:46:9b:af:2e:3c:
6a:84:88:3d:f4:2c:61:cd:cb:37:2f:54:3d:b9:17:
90:ef:68:52:96:2d:d2:31:1f:06:65:e7:76:80:97:
a6:aa:68:a8:68:d9:4f:a3:56:4d:71:9f:07:0e:2e:
2d:9f:e4:77:3d:41:16:46:dd:05:0d:39:f8:af:f5:
79:4a:a1:83:05:4e:fa:ca:8c:2e:fd:6d:73:66:96:
7a:24:5c:8a:60:20:6e:27:88:27:f9:67:8e:87:2c:
d0:15:a4:27:74:b2:86:e1:57:cc:e1:66:65:b7:c9:
52:cf:72:c1:24:9e:73:cb:6f:45:39:5b:20:11:af:
3a:65:2e:3e:40:7a:b7:8a:fe:55:07:38:36:5d:76:
04:33:d2:e9:40:01:ff:20:90:09:b8:2a:02:5b:14:
05:73:06:a4:a0:07:a8:73:09:74:d4:11:8a:c0:12:
6f:85:2c:63:26:49:03:1a:8f:52:ea:1a:4e:ee:8d:
92:09:76:d0:30:03:cc:07:20:9a:50:89:dd:ab:c0:
6f:21:ec:93:8b:bd:4b:9a:7e:2c:df:14:93:82:db:
8b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:6A:B6:F0:07:B4:61:69:67:2F:D4:0C:98:82:FB:68:50:62:50:6C
X509v3 Authority Key Identifier:
keyid:C6:6A:5F:2B:46:8D:B3:5E:B5:62:BD:37:E1:F3:6E:CE:A8:13:CC:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmpfK0aNs161Yr034fNuzqgTzKw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/531a4c-6521-4ef9-8878-31f4cc12d620/1/TWq28Ae0YWlnL9QMmIL7aFBiUGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/531a4c-6521-4ef9-8878-31f4cc12d620/1/xmpfK0aNs161Yr034fNuzqgTzKw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.248.240.0/20
185.110.204.0/22
IPv6:
2a01:168::/29
Signature Algorithm: sha256WithRSAEncryption
20:be:6f:f6:23:80:fe:b6:b3:67:dc:47:e8:36:ba:1c:a7:9f:
16:11:cb:d7:b6:4d:63:4f:c7:59:c5:1b:22:8a:36:e8:5d:ee:
94:2c:8e:85:2c:9d:48:60:b6:60:41:c5:30:47:f3:a9:21:6f:
84:6d:ce:18:8e:53:3f:7f:7c:f8:93:aa:b0:c0:67:47:05:c7:
cf:54:ec:38:fb:66:34:65:dd:3d:d5:1b:ed:66:ed:36:0b:c7:
fa:2c:fb:37:d6:7f:3f:5c:62:1e:2a:c4:82:f8:d0:1d:55:8b:
78:b3:c9:54:cc:80:e6:6d:03:ad:12:87:6e:92:e5:ca:ef:4e:
e9:ff:eb:67:1c:f8:2c:67:31:95:2a:8d:25:ca:43:c6:da:75:
33:ea:fa:ca:ce:b9:8d:7a:a8:f7:20:c7:8c:17:d3:7d:fa:5f:
ea:51:66:b5:a8:1f:a5:fe:e1:3f:50:e1:a0:a1:83:04:6e:67:
06:b8:54:63:85:b8:67:bd:9c:24:44:06:70:9f:8f:df:76:36:
a2:36:1f:08:b2:4f:aa:9e:bd:53:b9:ad:94:69:40:e8:9b:40:
95:c1:c0:d6:46:ca:2e:5d:f2:02:b2:15:3f:e6:fd:66:b3:cc:
bc:2b:43:96:c7:92:2c:e9:bd:bc:48:65:cf:53:49:68:18:da:
bc:ef:a4:f9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQhsioZ31Iqwe8c17/AhLr5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmE1ZjJiNDY4ZGIzNWViNTYyYmQzN2UxZjM2ZWNlYTgx
M2NjYWMwHhcNMjUwMTAxMTE0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDZhYjZmMDA3YjQ2MTY5NjcyZmQ0MGM5ODgyZmI2ODUwNjI1MDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApanfKC3PyV0kO4U9PcVB/lxPMNC4
YAxBjDZP7p1ypLH2Lq+8Rwe+RpuvLjxqhIg99Cxhzcs3L1Q9uReQ72hSli3SMR8G
Zed2gJemqmioaNlPo1ZNcZ8HDi4tn+R3PUEWRt0FDTn4r/V5SqGDBU76yowu/W1z
ZpZ6JFyKYCBuJ4gn+WeOhyzQFaQndLKG4VfM4WZlt8lSz3LBJJ5zy29FOVsgEa86
ZS4+QHq3iv5VBzg2XXYEM9LpQAH/IJAJuCoCWxQFcwakoAeocwl01BGKwBJvhSxj
JkkDGo9S6hpO7o2SCXbQMAPMByCaUIndq8BvIeyTi71Lmn4s3xSTgtuLJQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFE1qtvAHtGFpZy/UDJiC+2hQYlBsMB8GA1UdIwQY
MBaAFMZqXytGjbNetWK9N+Hzbs6oE8ysMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1wZkswYU5zMTYxWXIwMzRmTnV6cWdUekt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS81MzFhNGMtNjUyMS00ZWY5LTg4Nzgt
MzFmNGNjMTJkNjIwLzEvVFdxMjhBZTBZV2xuTDlRTW1JTDdhRkJpVUd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS81MzFhNGMtNjUyMS00ZWY5LTg4NzgtMzFmNGNjMTJkNjIw
LzEveG1wZkswYU5zMTYxWXIwMzRmTnV6cWdUekt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEWfjwAwQC
uW7MMA0EAgACMAcDBQMqAQFoMA0GCSqGSIb3DQEBCwUAA4IBAQAgvm/2I4D+trNn
3EfoNrocp58WEcvXtk1jT8dZxRsiijboXe6ULI6FLJ1IYLZgQcUwR/OpIW+Ebc4Y
jlM/f3z4k6qwwGdHBcfPVOw4+2Y0Zd091RvtZu02C8f6LPs31n8/XGIeKsSC+NAd
VYt4s8lUzIDmbQOtEodukuXK707p/+tnHPgsZzGVKo0lykPG2nUz6vrKzrmNeqj3
IMeMF9N9+l/qUWa1qB+l/uE/UOGgoYMEbmcGuFRjhbhnvZwkRAZwn4/fdjaiNh8I
sk+qnr1Tua2UaUDom0CVwcDWRsouXfICshU/5v1ms8y8K0OWx5Is6b28SGXPU0lo
GNq876T5
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:47:21 2025 by rpki-client