Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/d99af7-e1a0-4b56-b213-87f129dc0ff2/1/t0m5CFRk2ANTwdf9JIt0BYvGNEI.roa
File: t0m5CFRk2ANTwdf9JIt0BYvGNEI.roa (raw, json)
Hash identifier: 69oTBNrBltjFmdUcFgtVLvMtoZ+YCjNcAmHmn7C7UBY=
Subject key identifier: B7:49:B9:08:54:64:D8:03:53:C1:D7:FD:24:8B:74:05:8B:C6:34:42
Certificate issuer: /CN=2697ee5bea95b6fca92d7c8005b2531d0d510468
Certificate serial: 019428232B6018CB4B9F96F673B438B7B365
Authority key identifier: 26:97:EE:5B:EA:95:B6:FC:A9:2D:7C:80:05:B2:53:1D:0D:51:04:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JpfuW-qVtvypLXyABbJTHQ1RBGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/d99af7-e1a0-4b56-b213-87f129dc0ff2/1/t0m5CFRk2ANTwdf9JIt0BYvGNEI.roa
Signing time: Thu 02 Jan 2025 17:49:41 +0000
ROA not before: Thu 02 Jan 2025 17:49:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35615
IP address blocks: 194.39.36.0/22 maxlen: 22
194.39.36.0/23 maxlen: 23
194.39.36.0/24 maxlen: 24
194.39.37.0/24 maxlen: 24
194.39.38.0/23 maxlen: 23
194.39.38.0/24 maxlen: 24
194.39.39.0/24 maxlen: 24
2a0d:84c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:2b:60:18:cb:4b:9f:96:f6:73:b4:38:b7:b3:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2697ee5bea95b6fca92d7c8005b2531d0d510468
Validity
Not Before: Jan 2 17:49:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b749b9085464d80353c1d7fd248b74058bc63442
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b3:84:8c:05:f8:d7:b1:74:a9:ba:81:13:ac:
b5:18:79:e5:0a:f6:44:9c:48:a6:6c:b3:08:45:9b:
7b:b8:3e:07:1a:47:73:e5:dd:8a:fe:e6:71:ad:00:
48:1f:4e:84:69:2c:c0:d8:1d:da:d5:34:d3:fe:a4:
29:0f:58:bc:eb:63:44:2d:ce:58:82:98:21:f6:3e:
66:83:ce:ac:5f:c3:03:51:a2:d8:90:c4:35:40:d1:
37:b3:c4:1f:72:a5:26:f3:3f:89:5c:7b:d9:9c:82:
39:58:4d:6f:56:14:cc:7c:5b:97:35:67:73:a6:17:
fe:d2:b0:22:30:3e:d6:f6:1a:c8:e4:87:94:c3:96:
58:ab:f8:94:28:2c:3c:c6:ce:7d:a7:5c:17:28:4e:
fd:6a:25:e3:38:ff:82:44:dc:50:43:9f:72:5d:46:
b7:f6:7f:ae:be:6a:3f:0d:82:6c:cb:f0:78:21:a6:
51:c7:c4:0a:e8:58:0a:b0:85:06:56:fd:e5:c3:7d:
24:ff:e1:6b:ab:04:16:e6:9d:a1:4d:1c:19:1c:c6:
77:77:36:a2:c1:19:dd:f1:f8:0b:65:2a:8a:da:92:
5d:ab:7d:06:37:fe:99:a0:b4:e5:b5:0c:14:11:13:
21:2c:02:54:0a:47:c0:ee:1a:cd:2a:31:f8:43:1d:
ae:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:49:B9:08:54:64:D8:03:53:C1:D7:FD:24:8B:74:05:8B:C6:34:42
X509v3 Authority Key Identifier:
keyid:26:97:EE:5B:EA:95:B6:FC:A9:2D:7C:80:05:B2:53:1D:0D:51:04:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JpfuW-qVtvypLXyABbJTHQ1RBGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/d99af7-e1a0-4b56-b213-87f129dc0ff2/1/t0m5CFRk2ANTwdf9JIt0BYvGNEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/d99af7-e1a0-4b56-b213-87f129dc0ff2/1/JpfuW-qVtvypLXyABbJTHQ1RBGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.39.36.0/22
IPv6:
2a0d:84c0::/29
Signature Algorithm: sha256WithRSAEncryption
be:6b:f1:22:0e:f5:b6:53:44:d5:35:b9:df:aa:4f:c6:e2:00:
d9:78:1f:9e:2c:be:67:c5:f6:4f:08:4a:2a:8e:f5:ef:b1:0b:
64:88:97:8a:b5:72:9b:79:90:2f:4b:f4:c5:dc:9b:a7:57:b4:
57:86:bb:c9:21:68:5e:e9:02:17:de:78:a1:0a:2d:7a:cf:1b:
94:4b:33:37:82:94:b7:dc:84:c5:82:2a:db:f0:b5:b9:88:03:
31:ea:23:d0:7f:d9:4e:50:de:b1:1e:47:b8:8f:0d:fb:c9:77:
3d:f9:ca:d8:6f:07:3c:35:aa:78:26:c0:f1:03:0d:30:f0:a4:
17:01:c5:62:03:2a:f8:e3:22:17:e0:72:01:88:f4:bf:e4:f2:
04:ee:97:f7:80:09:ae:1c:d8:d5:91:65:d4:4c:2a:bf:c9:58:
01:28:da:0d:08:95:87:ea:a8:44:11:bd:60:28:b5:b0:b0:17:
83:09:18:8b:dc:12:4f:65:c4:f2:4b:6e:57:58:43:59:1d:29:
9a:ca:ce:18:f0:c1:9b:62:fa:8b:dd:49:30:81:db:5a:b5:48:
48:bc:d9:88:ce:d5:11:0e:ae:10:b2:c2:5c:cf:c2:e9:7e:56:
29:8c:9f:a9:ee:14:59:36:5e:ea:79:9a:f5:b4:d9:c5:10:0e:
8b:f2:07:59
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQoIytgGMtLn5b2c7Q4t7NlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2OTdlZTViZWE5NWI2ZmNhOTJkN2M4MDA1YjI1MzFkMGQ1
MTA0NjgwHhcNMjUwMTAyMTc0OTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzQ5YjkwODU0NjRkODAzNTNjMWQ3ZmQyNDhiNzQwNThiYzYzNDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrOEjAX417F0qbqBE6y1GHnlCvZE
nEimbLMIRZt7uD4HGkdz5d2K/uZxrQBIH06EaSzA2B3a1TTT/qQpD1i862NELc5Y
gpgh9j5mg86sX8MDUaLYkMQ1QNE3s8QfcqUm8z+JXHvZnII5WE1vVhTMfFuXNWdz
phf+0rAiMD7W9hrI5IeUw5ZYq/iUKCw8xs59p1wXKE79aiXjOP+CRNxQQ59yXUa3
9n+uvmo/DYJsy/B4IaZRx8QK6FgKsIUGVv3lw30k/+FrqwQW5p2hTRwZHMZ3dzai
wRnd8fgLZSqK2pJdq30GN/6ZoLTltQwUERMhLAJUCkfA7hrNKjH4Qx2uowIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLdJuQhUZNgDU8HX/SSLdAWLxjRCMB8GA1UdIwQY
MBaAFCaX7lvqlbb8qS18gAWyUx0NUQRoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnBmdVctcVZ0dnlwTFh5QUJiSlRIUTFSQkdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9kOTlhZjctZTFhMC00YjU2LWIyMTMt
ODdmMTI5ZGMwZmYyLzEvdDBtNUNGUmsyQU5Ud2RmOUpJdDBCWXZHTkVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9kOTlhZjctZTFhMC00YjU2LWIyMTMtODdmMTI5ZGMwZmYy
LzEvSnBmdVctcVZ0dnlwTFh5QUJiSlRIUTFSQkdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwickMA0E
AgACMAcDBQMqDYTAMA0GCSqGSIb3DQEBCwUAA4IBAQC+a/EiDvW2U0TVNbnfqk/G
4gDZeB+eLL5nxfZPCEoqjvXvsQtkiJeKtXKbeZAvS/TF3JunV7RXhrvJIWhe6QIX
3nihCi16zxuUSzM3gpS33ITFgirb8LW5iAMx6iPQf9lOUN6xHke4jw37yXc9+crY
bwc8Nap4JsDxAw0w8KQXAcViAyr44yIX4HIBiPS/5PIE7pf3gAmuHNjVkWXUTCq/
yVgBKNoNCJWH6qhEEb1gKLWwsBeDCRiL3BJPZcTyS25XWENZHSmays4Y8MGbYvqL
3UkwgdtatUhIvNmIztURDq4QssJcz8LpflYpjJ+p7hRZNl7qeZr1tNnFEA6L8gdZ
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:46:22 2025 by rpki-client