Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/2a98fb-e670-4cf4-81a4-4219022350fa/1/GqvJxk6cmO7Tb_I2mDvjscrokEE.roa
File: GqvJxk6cmO7Tb_I2mDvjscrokEE.roa (raw, json)
Hash identifier: yepd+YPVUD07Z1nRvo/cI6UMDSXFFH47vweszFDmLW0=
Subject key identifier: 1A:AB:C9:C6:4E:9C:98:EE:D3:6F:F2:36:98:3B:E3:B1:CA:E8:90:41
Certificate issuer: /CN=0608ade86a1ccf7a483b4c2962045db8d0ef826d
Certificate serial: 01942369E38121F4C332898B66D6684AC1C1
Authority key identifier: 06:08:AD:E8:6A:1C:CF:7A:48:3B:4C:29:62:04:5D:B8:D0:EF:82:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bgit6Gocz3pIO0wpYgRduNDvgm0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/2a98fb-e670-4cf4-81a4-4219022350fa/1/GqvJxk6cmO7Tb_I2mDvjscrokEE.roa
Signing time: Wed 01 Jan 2025 19:48:49 +0000
ROA not before: Wed 01 Jan 2025 19:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16082
IP address blocks: 31.24.0.0/21 maxlen: 21
37.77.176.0/21 maxlen: 21
62.133.0.0/19 maxlen: 19
83.218.128.0/19 maxlen: 19
87.117.72.0/21 maxlen: 21
87.117.112.0/21 maxlen: 21
87.224.0.0/17 maxlen: 17
109.238.64.0/20 maxlen: 20
185.15.104.0/22 maxlen: 22
212.237.64.0/19 maxlen: 19
217.13.128.0/19 maxlen: 19
2a02:b90::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:e3:81:21:f4:c3:32:89:8b:66:d6:68:4a:c1:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0608ade86a1ccf7a483b4c2962045db8d0ef826d
Validity
Not Before: Jan 1 19:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1aabc9c64e9c98eed36ff236983be3b1cae89041
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:1f:2e:1f:1a:f7:32:d1:68:c7:94:53:79:36:
98:dc:c1:eb:16:6d:83:6e:9a:b5:d4:75:e9:60:ec:
d1:cf:d8:6d:78:56:8f:4d:c7:c1:c2:52:46:a8:08:
12:05:86:bb:3a:02:30:6d:2c:32:b8:0e:a0:7e:a4:
23:e3:88:1b:bc:2d:53:67:12:7a:ab:7b:bd:96:9f:
b0:df:14:eb:6a:3b:f3:60:53:f3:2a:49:3d:3e:22:
6c:ff:30:da:84:ac:6e:4b:0b:85:08:00:87:56:ad:
c0:0d:df:ec:2e:2a:c6:3e:9b:1e:74:5b:4f:e9:a0:
b7:54:b2:b0:06:57:bf:21:7b:96:76:85:d9:02:9b:
4c:56:2d:46:1f:54:ec:23:60:8a:65:3a:d0:90:a5:
51:ef:33:ef:58:23:07:01:0a:49:36:dd:21:5d:32:
af:f7:10:97:ea:c8:11:51:e8:ff:39:cd:d9:01:12:
a0:28:cd:24:c4:5d:fd:03:ad:c1:f8:ad:8c:f1:3d:
67:83:2a:20:56:63:04:7e:47:5f:5a:7b:21:65:f3:
b8:8d:ee:53:44:86:e0:e1:0f:8e:3d:2a:16:27:6f:
67:2e:cf:d3:56:80:a3:c4:85:59:07:60:29:55:10:
38:33:24:97:bd:56:14:15:eb:85:8f:13:5a:d8:f3:
80:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:AB:C9:C6:4E:9C:98:EE:D3:6F:F2:36:98:3B:E3:B1:CA:E8:90:41
X509v3 Authority Key Identifier:
keyid:06:08:AD:E8:6A:1C:CF:7A:48:3B:4C:29:62:04:5D:B8:D0:EF:82:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bgit6Gocz3pIO0wpYgRduNDvgm0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2a98fb-e670-4cf4-81a4-4219022350fa/1/GqvJxk6cmO7Tb_I2mDvjscrokEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2a98fb-e670-4cf4-81a4-4219022350fa/1/Bgit6Gocz3pIO0wpYgRduNDvgm0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.0.0/21
37.77.176.0/21
62.133.0.0/19
83.218.128.0/19
87.117.72.0/21
87.117.112.0/21
87.224.0.0/17
109.238.64.0/20
185.15.104.0/22
212.237.64.0/19
217.13.128.0/19
IPv6:
2a02:b90::/32
Signature Algorithm: sha256WithRSAEncryption
0f:37:f8:4f:d2:50:0e:e2:db:e2:62:ea:85:ed:23:95:b6:9f:
69:ff:e1:45:a7:cb:d7:91:a7:4b:8e:e7:96:fb:83:4b:d9:1c:
20:e0:3c:e4:9e:7c:37:7b:6e:cf:f9:e5:fc:48:75:4a:6e:b4:
33:70:82:6b:c5:77:60:17:6d:8b:7a:1f:de:7b:3b:c7:56:97:
b0:5b:89:53:44:b6:9a:6b:57:51:1d:dd:8a:2f:30:77:52:96:
66:d3:7e:85:62:fb:d8:1f:7a:bf:7f:0b:d3:28:03:5d:ce:88:
f3:01:9d:1f:a1:78:b6:4d:b7:61:10:74:5d:0e:66:ae:8e:c7:
be:6c:19:21:45:df:04:51:36:aa:6a:2b:4e:87:cc:0c:1f:fb:
99:ff:86:4e:7e:de:57:6e:5e:20:88:7c:df:90:68:ee:08:09:
12:25:35:9a:2e:7d:bb:4d:dc:b7:c4:12:59:81:c6:3c:14:32:
78:25:ea:79:01:17:bf:16:d1:28:2d:6f:06:3d:b2:6d:f7:1a:
c2:c5:78:39:08:51:b3:f7:d1:c7:9b:c5:e2:ae:ed:39:22:90:
f9:5e:9b:fa:af:c3:32:cf:a2:65:06:b5:2e:bb:a0:11:35:25:
05:b6:3a:69:48:2c:29:9f:7e:a7:4f:dc:99:50:f6:20:02:0f:
3f:92:0d:ae
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZQjaeOBIfTDMomLZtZoSsHBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MDhhZGU4NmExY2NmN2E0ODNiNGMyOTYyMDQ1ZGI4ZDBl
ZjgyNmQwHhcNMjUwMTAxMTk0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWFiYzljNjRlOWM5OGVlZDM2ZmYyMzY5ODNiZTNiMWNhZTg5MDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyh8uHxr3MtFox5RTeTaY3MHrFm2D
bpq11HXpYOzRz9hteFaPTcfBwlJGqAgSBYa7OgIwbSwyuA6gfqQj44gbvC1TZxJ6
q3u9lp+w3xTrajvzYFPzKkk9PiJs/zDahKxuSwuFCACHVq3ADd/sLirGPpsedFtP
6aC3VLKwBle/IXuWdoXZAptMVi1GH1TsI2CKZTrQkKVR7zPvWCMHAQpJNt0hXTKv
9xCX6sgRUej/Oc3ZARKgKM0kxF39A63B+K2M8T1ngyogVmMEfkdfWnshZfO4je5T
RIbg4Q+OPSoWJ29nLs/TVoCjxIVZB2ApVRA4MySXvVYUFeuFjxNa2POARQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFBqrycZOnJju02/yNpg747HK6JBBMB8GA1UdIwQY
MBaAFAYIrehqHM96SDtMKWIEXbjQ74JtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmdpdDZHb2N6M3BJTzB3cFlnUmR1TkR2Z20wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8yYTk4ZmItZTY3MC00Y2Y0LTgxYTQt
NDIxOTAyMjM1MGZhLzEvR3F2SnhrNmNtTzdUYl9JMm1EdmpzY3Jva0VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8yYTk4ZmItZTY3MC00Y2Y0LTgxYTQtNDIxOTAyMjM1MGZh
LzEvQmdpdDZHb2N6M3BJTzB3cFlnUmR1TkR2Z20wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQDHxgAAwQD
JU2wAwQFPoUAAwQFU9qAAwQDV3VIAwQDV3VwAwQHV+AAAwQEbe5AAwQCuQ9oAwQF
1O1AAwQF2Q2AMA0EAgACMAcDBQAqAguQMA0GCSqGSIb3DQEBCwUAA4IBAQAPN/hP
0lAO4tviYuqF7SOVtp9p/+FFp8vXkadLjueW+4NL2Rwg4Dzknnw3e27P+eX8SHVK
brQzcIJrxXdgF22Leh/eezvHVpewW4lTRLaaa1dRHd2KLzB3UpZm036FYvvYH3q/
fwvTKANdzojzAZ0foXi2TbdhEHRdDmaujse+bBkhRd8EUTaqaitOh8wMH/uZ/4ZO
ft5Xbl4giHzfkGjuCAkSJTWaLn27Tdy3xBJZgcY8FDJ4Jep5ARe/FtEoLW8GPbJt
9xrCxXg5CFGz99HHm8Xiru05IpD5Xpv6r8Myz6JlBrUuu6ARNSUFtjppSCwpn36n
T9yZUPYgAg8/kg2u
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:20:42 2025 by rpki-client