Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/pY29XiCKfPgxYFYQ6-Ey_qrcL8w.roa
File: pY29XiCKfPgxYFYQ6-Ey_qrcL8w.roa (raw, json)
Hash identifier: UStN0NQIs1Hh3GK9cdElOtzaqGJ6jlYdtTPTd6s3Eic=
Subject key identifier: A5:8D:BD:5E:20:8A:7C:F8:31:60:56:10:EB:E1:32:FE:AA:DC:2F:CC
Certificate issuer: /CN=a79bba2805a988954e4fec42570530f16f9e7093
Certificate serial: 0194206856576359807134689FF2D52C70A1
Authority key identifier: A7:9B:BA:28:05:A9:88:95:4E:4F:EC:42:57:05:30:F1:6F:9E:70:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/pY29XiCKfPgxYFYQ6-Ey_qrcL8w.roa
Signing time: Wed 01 Jan 2025 05:48:16 +0000
ROA not before: Wed 01 Jan 2025 05:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34343
IP address blocks: 81.171.32.0/20 maxlen: 24
81.171.64.0/20 maxlen: 20
81.171.64.0/23 maxlen: 24
81.171.67.0/24 maxlen: 24
81.171.72.0/24 maxlen: 24
81.171.73.0/24 maxlen: 24
81.171.74.0/24 maxlen: 24
81.171.83.0/24 maxlen: 24
81.171.88.0/21 maxlen: 24
81.171.88.0/22 maxlen: 24
81.171.92.0/23 maxlen: 24
81.171.96.0/24 maxlen: 24
81.171.100.0/22 maxlen: 24
185.90.196.0/22 maxlen: 22
193.108.27.0/24 maxlen: 24
2001:4de0::/32 maxlen: 48
2001:4de0::/46 maxlen: 48
2001:4de0:1::/48 maxlen: 48
2001:4de0:2::/48 maxlen: 48
2001:4de0:3::/48 maxlen: 48
2001:4de0:101::/48 maxlen: 48
2001:4de0:1004::/48 maxlen: 48
2001:4de0:1005::/48 maxlen: 48
2001:4de0:aaa0::/44 maxlen: 48
2001:4de0:aaad::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:56:57:63:59:80:71:34:68:9f:f2:d5:2c:70:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a79bba2805a988954e4fec42570530f16f9e7093
Validity
Not Before: Jan 1 05:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a58dbd5e208a7cf831605610ebe132feaadc2fcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:cb:1a:cd:cc:80:37:9c:f5:90:22:b7:be:a9:
a5:9f:78:36:7b:92:8f:03:2e:14:66:6e:3b:41:61:
e2:ad:50:0d:61:e7:c2:58:e9:0d:f6:a6:b2:5b:3d:
a6:12:64:ea:e2:5e:22:5a:e9:04:28:f3:58:e5:6a:
77:05:d7:b0:7a:c5:ba:0e:fd:9c:3c:ba:8b:b8:d1:
c0:4d:96:25:9b:e4:e6:42:77:5b:69:35:f0:5e:f9:
38:8a:57:9a:ad:88:c2:6e:ae:ba:98:07:5e:e4:29:
5b:74:6c:ee:1e:f0:9a:07:ae:7e:88:6c:7d:bd:cb:
95:b6:18:cb:b1:3c:a1:85:1f:0b:81:46:d8:0d:06:
30:85:52:7e:0a:7e:43:95:1e:43:7b:51:9d:c4:39:
aa:a6:75:88:99:82:c8:22:7a:48:94:65:7e:45:c5:
c5:88:f5:58:f8:1d:b8:78:7d:10:fd:4f:5d:96:b2:
74:06:13:b8:98:ec:13:3b:fb:33:8d:87:30:0d:1e:
d1:79:06:0a:d7:b2:a4:16:f5:96:98:34:88:ea:a6:
7c:2f:85:9b:a4:22:59:74:95:15:58:43:0f:c1:9d:
58:23:c4:c2:34:b1:b8:d6:35:50:c0:1b:4d:a5:ea:
96:bc:b5:e8:8d:41:ba:d7:de:de:cc:3a:97:c3:78:
63:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:8D:BD:5E:20:8A:7C:F8:31:60:56:10:EB:E1:32:FE:AA:DC:2F:CC
X509v3 Authority Key Identifier:
keyid:A7:9B:BA:28:05:A9:88:95:4E:4F:EC:42:57:05:30:F1:6F:9E:70:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/pY29XiCKfPgxYFYQ6-Ey_qrcL8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/p5u6KAWpiJVOT-xCVwUw8W-ecJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.171.32.0/20
81.171.64.0/20
81.171.83.0/24
81.171.88.0-81.171.96.255
81.171.100.0/22
185.90.196.0/22
193.108.27.0/24
IPv6:
2001:4de0::/32
Signature Algorithm: sha256WithRSAEncryption
0f:40:fa:b1:e0:ef:ee:3f:81:1a:90:8e:f1:77:8d:29:5b:34:
ad:d8:7b:8e:c4:2a:27:64:cb:70:86:cc:6e:bf:9d:3a:02:8a:
e0:00:aa:18:38:b7:98:46:20:45:8f:3e:68:96:48:8a:28:7f:
c6:4c:b0:f4:17:d6:ba:96:ba:b2:ce:57:20:ea:35:01:7f:2d:
b3:f1:cd:79:64:f8:88:6e:87:da:73:c8:c6:29:98:09:d8:7a:
80:c9:e0:83:20:3d:64:1e:9a:42:27:18:05:e1:eb:be:24:8d:
00:6d:ca:cd:d0:89:49:a7:68:e6:4e:85:52:f9:47:75:79:37:
55:c2:65:5e:c6:50:d5:88:a3:b2:91:b1:62:3d:11:ea:f7:53:
3e:30:5b:af:5f:03:34:0e:da:e8:ed:61:99:b3:fc:0f:a1:46:
63:ce:45:fd:1c:2c:6f:5e:90:a6:91:b5:d6:0d:78:fc:cf:cf:
47:74:8b:84:8b:ae:34:20:6e:94:95:8e:19:c1:5a:2b:39:b6:
0a:fa:ed:2e:44:0b:f6:6d:0b:7e:99:d5:25:a3:82:36:d6:ae:
f7:0e:13:f3:87:09:44:c8:a3:44:ec:02:89:86:08:ee:fb:d2:
c4:cf:cf:17:28:b6:f9:51:71:15:7b:65:75:17:41:65:9a:54:
d9:04:32:db
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZQgaFZXY1mAcTRon/LVLHChMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3OWJiYTI4MDVhOTg4OTU0ZTRmZWM0MjU3MDUzMGYxNmY5
ZTcwOTMwHhcNMjUwMTAxMDU0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNThkYmQ1ZTIwOGE3Y2Y4MzE2MDU2MTBlYmUxMzJmZWFhZGMyZmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcsazcyAN5z1kCK3vqmln3g2e5KP
Ay4UZm47QWHirVANYefCWOkN9qayWz2mEmTq4l4iWukEKPNY5Wp3BdewesW6Dv2c
PLqLuNHATZYlm+TmQndbaTXwXvk4ilearYjCbq66mAde5ClbdGzuHvCaB65+iGx9
vcuVthjLsTyhhR8LgUbYDQYwhVJ+Cn5DlR5De1GdxDmqpnWImYLIInpIlGV+RcXF
iPVY+B24eH0Q/U9dlrJ0BhO4mOwTO/szjYcwDR7ReQYK17KkFvWWmDSI6qZ8L4Wb
pCJZdJUVWEMPwZ1YI8TCNLG41jVQwBtNpeqWvLXojUG6197ezDqXw3hjIQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFKWNvV4ginz4MWBWEOvhMv6q3C/MMB8GA1UdIwQY
MBaAFKebuigFqYiVTk/sQlcFMPFvnnCTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDV1NktBV3BpSlZPVC14Q1Z3VXc4Vy1lY0pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9kMTQwZmItMDNhZS00NWQ5LThkZGMt
ZTFlZDlkZDJhMDJhLzEvcFkyOVhpQ0tmUGd4WUZZUTYtRXlfcXJjTDh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9kMTQwZmItMDNhZS00NWQ5LThkZGMtZTFlZDlkZDJhMDJh
LzEvcDV1NktBV3BpSlZPVC14Q1Z3VXc4Vy1lY0pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyAwQEUasgAwQE
UatAAwQAUatTMAwDBANRq1gDBABRq2ADBAJRq2QDBAK5WsQDBADBbBswDQQCAAIw
BwMFACABTeAwDQYJKoZIhvcNAQELBQADggEBAA9A+rHg7+4/gRqQjvF3jSlbNK3Y
e47EKidky3CGzG6/nToCiuAAqhg4t5hGIEWPPmiWSIoof8ZMsPQX1rqWurLOVyDq
NQF/LbPxzXlk+Ihuh9pzyMYpmAnYeoDJ4IMgPWQemkInGAXh674kjQBtys3QiUmn
aOZOhVL5R3V5N1XCZV7GUNWIo7KRsWI9Eer3Uz4wW69fAzQO2ujtYZmz/A+hRmPO
Rf0cLG9ekKaRtdYNePzPz0d0i4SLrjQgbpSVjhnBWis5tgr67S5EC/ZtC36Z1SWj
gjbWrvcOE/OHCUTIo0TsAomGCO770sTPzxcotvlRcRV7ZXUXQWWaVNkEMts=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:15:51 2025 by rpki-client