Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/g-kEdXPQbrbF1SYHSzWVJZWyNiA.roa
File: g-kEdXPQbrbF1SYHSzWVJZWyNiA.roa (raw, json)
Hash identifier: xCfDgxXi6GOKp/4YHK5qs4mNBYx2q/RvxsJq7l2zrIQ=
Subject key identifier: 83:E9:04:75:73:D0:6E:B6:C5:D5:26:07:4B:35:95:25:95:B2:36:20
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 019422FC111FCC211D7DE507A1AA0B143B3B
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/g-kEdXPQbrbF1SYHSzWVJZWyNiA.roa
Signing time: Wed 01 Jan 2025 17:48:52 +0000
ROA not before: Wed 01 Jan 2025 17:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 81.22.130.0/24 maxlen: 24
81.22.135.0/24 maxlen: 24
89.185.1.0/24 maxlen: 24
89.185.3.0/24 maxlen: 24
109.72.117.0/24 maxlen: 24
109.72.120.0/24 maxlen: 24
109.72.127.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:11:1f:cc:21:1d:7d:e5:07:a1:aa:0b:14:3b:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 1 17:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=83e9047573d06eb6c5d526074b35952595b23620
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e8:ae:bd:af:92:13:4a:80:26:a2:d1:50:3a:
e1:64:7a:76:ef:51:ad:0e:2c:9d:38:81:a3:64:91:
a1:52:ad:a1:c2:0f:e3:eb:98:4c:29:48:3d:7c:d6:
10:d9:9c:da:44:81:db:8e:37:00:e3:eb:ed:8f:fa:
b8:18:55:60:88:5e:7b:d6:c4:f3:5c:27:d1:f1:2d:
af:bf:47:bf:5a:c5:1b:08:72:9c:ff:ab:17:e9:58:
e7:d5:7a:26:d3:8c:d9:0a:ad:9f:0a:32:1f:21:c1:
16:05:08:a5:a7:fb:39:8c:c2:ab:c0:17:c5:30:5f:
2c:0b:79:67:50:f7:85:f1:e1:ee:56:4a:fe:72:fc:
77:f9:f8:a5:67:63:44:c4:58:a2:4c:c0:af:b1:98:
34:39:fd:39:c2:16:ee:aa:d0:7c:76:e0:34:62:4e:
96:ed:0e:b1:0c:bc:ff:88:22:a3:91:13:4b:9e:e0:
32:10:95:55:31:6f:3f:6e:c5:d3:fc:d1:85:53:32:
a3:93:56:a0:f3:2e:fb:0c:ad:98:21:ee:8a:64:84:
56:d3:41:27:2b:95:65:bd:fa:39:51:85:6c:e0:f4:
da:ba:ef:aa:96:10:51:b7:b2:9f:63:36:ff:3a:45:
da:91:75:f0:3a:d8:ba:35:a8:23:1f:e0:1a:15:0c:
07:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:E9:04:75:73:D0:6E:B6:C5:D5:26:07:4B:35:95:25:95:B2:36:20
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/g-kEdXPQbrbF1SYHSzWVJZWyNiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.130.0/24
81.22.135.0/24
89.185.1.0/24
89.185.3.0/24
109.72.117.0/24
109.72.120.0/24
109.72.127.0/24
Signature Algorithm: sha256WithRSAEncryption
47:0c:5a:9a:27:cf:a8:26:29:34:a5:4f:71:66:69:0a:88:d6:
6d:d3:17:79:f3:79:89:b7:67:ed:97:79:9b:02:bd:71:0a:95:
c3:3f:96:e5:34:c6:cb:3a:4d:d5:e0:b8:b5:a0:f0:04:98:c6:
af:81:51:8b:93:aa:76:26:e7:a2:11:71:ca:09:5c:ca:f2:f8:
4e:37:d2:9e:d0:69:a9:4c:3a:2a:51:38:9c:6d:4a:96:e0:2c:
de:fc:c2:b8:2f:10:67:c2:2a:7b:ca:72:d0:e9:a6:00:bb:34:
7c:9f:ef:68:da:16:0e:3a:7e:9a:91:d8:b3:ce:b6:81:3c:be:
ab:64:84:31:6a:12:fe:15:0e:e8:64:83:8d:74:f4:46:87:ca:
ef:04:67:0a:70:94:1b:51:f6:fa:28:49:a6:16:51:78:d5:1f:
73:ad:02:ab:97:d5:b6:d2:ad:15:3f:f9:09:ae:f2:44:8f:22:
ff:5f:80:63:47:71:9b:83:9c:71:75:a5:3c:e8:73:f4:73:a6:
3b:c1:36:de:96:f3:ad:18:57:d2:41:94:a5:57:71:59:bd:f2:
13:ab:19:15:4a:66:ec:41:de:f9:fd:f9:26:13:65:1b:01:b8:
52:3a:61:45:bc:59:97:c5:6c:07:42:b4:d1:28:13:87:81:8c:
71:9d:64:02
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQi/BEfzCEdfeUHoaoLFDs7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjUwMTAxMTc0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2U5MDQ3NTczZDA2ZWI2YzVkNTI2MDc0YjM1OTUyNTk1YjIzNjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeiuva+SE0qAJqLRUDrhZHp271Gt
DiydOIGjZJGhUq2hwg/j65hMKUg9fNYQ2ZzaRIHbjjcA4+vtj/q4GFVgiF571sTz
XCfR8S2vv0e/WsUbCHKc/6sX6Vjn1Xom04zZCq2fCjIfIcEWBQilp/s5jMKrwBfF
MF8sC3lnUPeF8eHuVkr+cvx3+filZ2NExFiiTMCvsZg0Of05whbuqtB8duA0Yk6W
7Q6xDLz/iCKjkRNLnuAyEJVVMW8/bsXT/NGFUzKjk1ag8y77DK2YIe6KZIRW00En
K5Vlvfo5UYVs4PTauu+qlhBRt7KfYzb/OkXakXXwOti6NagjH+AaFQwHRQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIPpBHVz0G62xdUmB0s1lSWVsjYgMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvZy1rRWRYUFFicmJGMVNZSFN6V1ZKWld5TmlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAURaCAwQA
URaHAwQAWbkBAwQAWbkDAwQAbUh1AwQAbUh4AwQAbUh/MA0GCSqGSIb3DQEBCwUA
A4IBAQBHDFqaJ8+oJik0pU9xZmkKiNZt0xd583mJt2ftl3mbAr1xCpXDP5blNMbL
Ok3V4Li1oPAEmMavgVGLk6p2JueiEXHKCVzK8vhON9Ke0GmpTDoqUTicbUqW4Cze
/MK4LxBnwip7ynLQ6aYAuzR8n+9o2hYOOn6akdizzraBPL6rZIQxahL+FQ7oZION
dPRGh8rvBGcKcJQbUfb6KEmmFlF41R9zrQKrl9W20q0VP/kJrvJEjyL/X4BjR3Gb
g5xxdaU86HP0c6Y7wTbelvOtGFfSQZSlV3FZvfITqxkVSmbsQd75/fkmE2UbAbhS
OmFFvFmXxWwHQrTRKBOHgYxxnWQC
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:29:23 2025 by rpki-client