Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/bY74pa2C3Js_pk8zrLxwAIuld50.roa
File: bY74pa2C3Js_pk8zrLxwAIuld50.roa (raw, json)
Hash identifier: hw+4FaOxGozuL2NvwyX/np4qCkqg+xjCV1sHwedmazg=
Subject key identifier: 6D:8E:F8:A5:AD:82:DC:9B:3F:A6:4F:33:AC:BC:70:00:8B:A5:77:9D
Certificate issuer: /CN=9f5ff3de10a31bbf5701c0bdb26c6508017da2ca
Certificate serial: 019422201B57B4F55DACC43D39CDA2E9D179
Authority key identifier: 9F:5F:F3:DE:10:A3:1B:BF:57:01:C0:BD:B2:6C:65:08:01:7D:A2:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n1_z3hCjG79XAcC9smxlCAF9oso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/bY74pa2C3Js_pk8zrLxwAIuld50.roa
Signing time: Wed 01 Jan 2025 13:48:36 +0000
ROA not before: Wed 01 Jan 2025 13:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39431
IP address blocks: 176.108.96.0/20 maxlen: 24
176.108.96.0/21 maxlen: 24
176.108.100.0/22 maxlen: 24
176.108.102.0/24 maxlen: 24
176.108.103.0/24 maxlen: 24
176.108.104.0/21 maxlen: 24
176.108.104.0/22 maxlen: 24
176.108.104.0/24 maxlen: 24
176.108.106.0/23 maxlen: 24
176.108.106.0/24 maxlen: 24
176.108.108.0/22 maxlen: 24
176.108.108.0/24 maxlen: 24
176.108.109.0/24 maxlen: 24
176.108.111.0/24 maxlen: 24
176.108.112.0/21 maxlen: 24
176.108.112.0/22 maxlen: 24
176.108.112.0/24 maxlen: 24
176.108.116.0/22 maxlen: 24
176.108.116.0/24 maxlen: 24
176.108.117.0/24 maxlen: 24
176.108.118.0/24 maxlen: 24
176.108.119.0/24 maxlen: 24
176.108.120.0/22 maxlen: 24
193.93.16.0/22 maxlen: 24
193.93.16.0/23 maxlen: 24
193.93.16.0/24 maxlen: 24
193.93.17.0/24 maxlen: 24
193.93.18.0/23 maxlen: 24
193.93.18.0/24 maxlen: 24
193.93.19.0/24 maxlen: 24
2001:678:468::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:1b:57:b4:f5:5d:ac:c4:3d:39:cd:a2:e9:d1:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f5ff3de10a31bbf5701c0bdb26c6508017da2ca
Validity
Not Before: Jan 1 13:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d8ef8a5ad82dc9b3fa64f33acbc70008ba5779d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:38:d9:7d:d8:48:e6:c2:fb:c9:2c:f3:d9:dc:
a9:8b:c0:1c:20:84:aa:be:24:d0:33:f6:3d:9b:5f:
7d:cb:aa:e5:55:d8:06:d5:8a:6b:be:85:fb:97:11:
3d:ce:6b:6d:1e:00:cb:5e:4a:d6:72:be:c9:69:d2:
f2:51:fd:52:10:ce:3e:1c:f9:38:41:f9:3e:53:40:
70:4a:c0:85:ea:0d:ec:24:b9:6a:85:1d:4c:ac:69:
41:8e:42:14:83:63:b7:5b:f8:bb:28:ed:60:13:ec:
54:bd:c0:89:2e:8f:e8:a2:a7:92:f7:b7:a9:ef:d9:
66:c8:86:1a:0e:1b:2f:da:88:af:3d:e3:92:50:5e:
c7:72:8d:5a:3c:66:29:dc:20:70:61:7b:56:e5:eb:
81:e5:2a:df:8d:9e:2f:3b:49:90:51:86:de:b6:ec:
c7:62:27:cf:eb:5b:94:f0:13:d1:4e:91:1b:1e:3e:
c5:1e:46:a7:4e:66:2f:8e:e8:8e:d6:a6:84:a5:b1:
46:b9:d0:24:80:ff:16:15:4d:92:36:03:7f:13:b2:
35:46:ac:e5:97:2e:cb:dc:75:28:16:7c:f2:e0:60:
17:ae:c1:2e:8e:3f:04:33:16:39:6a:c6:eb:db:d1:
d6:4f:fa:76:3a:69:fa:42:00:09:3c:b0:83:48:92:
b8:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:8E:F8:A5:AD:82:DC:9B:3F:A6:4F:33:AC:BC:70:00:8B:A5:77:9D
X509v3 Authority Key Identifier:
keyid:9F:5F:F3:DE:10:A3:1B:BF:57:01:C0:BD:B2:6C:65:08:01:7D:A2:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n1_z3hCjG79XAcC9smxlCAF9oso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/bY74pa2C3Js_pk8zrLxwAIuld50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/n1_z3hCjG79XAcC9smxlCAF9oso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.108.96.0-176.108.123.255
193.93.16.0/22
IPv6:
2001:678:468::/48
Signature Algorithm: sha256WithRSAEncryption
92:92:95:7a:c2:fa:66:c9:39:6d:aa:4b:7f:b8:11:bf:73:20:
60:89:da:0d:24:32:a9:37:f4:d6:39:c7:ab:d6:9f:3a:0c:83:
d2:a8:f9:27:88:3f:e1:cd:af:cb:63:2e:07:1b:f1:6d:11:5a:
e4:3e:8d:89:d0:26:89:45:60:86:75:ac:da:4d:5c:92:09:4d:
5d:fb:30:1f:ed:83:7b:b8:a3:74:52:a0:a5:28:a1:17:25:f4:
7d:1d:49:0e:69:f2:a7:de:70:77:fd:36:81:dc:e6:49:3d:10:
08:39:0c:29:4e:05:3b:49:1c:9b:26:5a:68:69:32:a1:93:b6:
36:f3:8d:3f:98:cf:6b:dc:87:c6:c5:19:81:c4:fd:1c:82:ea:
48:dc:2a:ee:af:6c:53:c7:61:31:05:fe:7b:e0:b2:d5:16:6a:
85:c7:07:2e:9e:36:1e:b9:98:64:63:60:d0:d6:fb:17:be:72:
9e:ad:58:3c:a1:7f:7c:94:7d:99:57:07:3e:82:d4:15:20:4d:
b8:98:0e:d6:42:eb:19:b4:0d:cc:20:c9:84:d0:62:c8:6e:4e:
ae:3f:fe:63:c1:63:9f:5d:d9:35:5b:0f:1a:1c:fc:85:54:ab:
46:f7:b1:ef:87:b7:69:10:f2:f3:39:b6:2e:20:d6:48:ad:fc:
ae:77:d8:fc
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZQiIBtXtPVdrMQ9Oc2i6dF5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNWZmM2RlMTBhMzFiYmY1NzAxYzBiZGIyNmM2NTA4MDE3
ZGEyY2EwHhcNMjUwMTAxMTM0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDhlZjhhNWFkODJkYzliM2ZhNjRmMzNhY2JjNzAwMDhiYTU3NzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTjZfdhI5sL7ySzz2dypi8AcIISq
viTQM/Y9m199y6rlVdgG1YprvoX7lxE9zmttHgDLXkrWcr7JadLyUf1SEM4+HPk4
Qfk+U0BwSsCF6g3sJLlqhR1MrGlBjkIUg2O3W/i7KO1gE+xUvcCJLo/ooqeS97ep
79lmyIYaDhsv2oivPeOSUF7Hco1aPGYp3CBwYXtW5euB5SrfjZ4vO0mQUYbetuzH
YifP61uU8BPRTpEbHj7FHkanTmYvjuiO1qaEpbFGudAkgP8WFU2SNgN/E7I1Rqzl
ly7L3HUoFnzy4GAXrsEujj8EMxY5asbr29HWT/p2Omn6QgAJPLCDSJK44wIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFG2O+KWtgtybP6ZPM6y8cACLpXedMB8GA1UdIwQY
MBaAFJ9f894Qoxu/VwHAvbJsZQgBfaLKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjFfejNoQ2pHNzlYQWNDOXNteGxDQUY5b3NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi80Y2FlMTAtMzdhNS00MGVmLTg5ZDUt
NTcwMWQwMWMxZTg3LzEvYlk3NHBhMkMzSnNfcGs4enJMeHdBSXVsZDUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi80Y2FlMTAtMzdhNS00MGVmLTg5ZDUtNTcwMWQwMWMxZTg3
LzEvbjFfejNoQ2pHNzlYQWNDOXNteGxDQUY5b3NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUMAwDBAWwbGAD
BAKwbHgDBALBXRAwDwQCAAIwCQMHACABBngEaDANBgkqhkiG9w0BAQsFAAOCAQEA
kpKVesL6Zsk5bapLf7gRv3MgYInaDSQyqTf01jnHq9afOgyD0qj5J4g/4c2vy2Mu
BxvxbRFa5D6NidAmiUVghnWs2k1ckglNXfswH+2De7ijdFKgpSihFyX0fR1JDmny
p95wd/02gdzmST0QCDkMKU4FO0kcmyZaaGkyoZO2NvONP5jPa9yHxsUZgcT9HILq
SNwq7q9sU8dhMQX+e+Cy1RZqhccHLp42HrmYZGNg0Nb7F75ynq1YPKF/fJR9mVcH
PoLUFSBNuJgO1kLrGbQNzCDJhNBiyG5Orj/+Y8Fjn13ZNVsPGhz8hVSrRvex74e3
aRDy8zm2LiDWSK38rnfY/A==
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:01:00 2025 by rpki-client