Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/a02cc6-1308-47e4-a087-39605f9081b7/1/4-Hd07EQEQSMnF-RmoIQG-f-msw.roa
File: 4-Hd07EQEQSMnF-RmoIQG-f-msw.roa (raw, json)
Hash identifier: 5L2RHjf2nHKLV7uL0XKnWxDBxm9LnDeMDKIuvtcOWVI=
Subject key identifier: E3:E1:DD:D3:B1:10:11:04:8C:9C:5F:91:9A:82:10:1B:E7:FE:9A:CC
Certificate issuer: /CN=79730b9ea010d832f940efb589c51889132f4c94
Certificate serial: 019423D75E469DF5A9C571D5D0E9512ACD90
Authority key identifier: 79:73:0B:9E:A0:10:D8:32:F9:40:EF:B5:89:C5:18:89:13:2F:4C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eXMLnqAQ2DL5QO-1icUYiRMvTJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/a02cc6-1308-47e4-a087-39605f9081b7/1/4-Hd07EQEQSMnF-RmoIQG-f-msw.roa
Signing time: Wed 01 Jan 2025 21:48:24 +0000
ROA not before: Wed 01 Jan 2025 21:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41955
IP address blocks: 185.199.216.0/22 maxlen: 24
194.26.188.0/22 maxlen: 24
2a0a:a3c0::/32 maxlen: 32
2a0a:a3c0::/44 maxlen: 48
2a10:7080::/29 maxlen: 29
2a10:7080::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:5e:46:9d:f5:a9:c5:71:d5:d0:e9:51:2a:cd:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79730b9ea010d832f940efb589c51889132f4c94
Validity
Not Before: Jan 1 21:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3e1ddd3b11011048c9c5f919a82101be7fe9acc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:85:ec:9f:f4:fe:96:f0:80:a0:3d:47:6c:49:
e4:88:d6:ba:1e:21:b9:9c:c1:b3:1a:92:82:51:46:
3f:a3:d3:bd:d8:cd:47:c1:e6:31:9c:48:bc:b1:9c:
db:94:bc:1e:2f:c0:c2:5d:c9:59:be:cd:9b:de:35:
6f:f4:07:42:11:02:60:ed:46:9e:4b:87:9c:c2:b7:
71:91:a2:2b:ea:f8:a3:94:c0:5e:cd:70:d6:57:2d:
81:f6:e0:f8:f5:d0:0f:27:a9:b9:85:94:39:4e:dc:
d2:d3:67:5e:16:e5:a6:57:ba:38:38:05:03:4e:0d:
63:de:6d:80:54:b4:77:63:80:87:98:e1:e1:e7:15:
7d:3e:bb:06:1a:9c:b3:6e:eb:ce:cb:9b:c3:d0:a0:
6d:04:3a:6b:d9:de:d9:63:5e:b3:da:fd:94:33:84:
b2:b5:7f:1b:de:8e:60:7a:e8:65:54:3c:e2:96:f2:
a3:46:fd:fd:cc:30:94:3c:6f:79:8d:bc:ca:9c:1c:
2d:48:77:a2:ed:86:d3:25:26:1f:01:d8:82:9a:35:
cb:c6:1c:d5:db:ea:01:97:c0:bd:18:af:07:1e:74:
5c:e5:55:8a:c0:12:28:a3:f4:41:09:2e:53:03:b7:
2d:86:38:59:0b:5c:f5:94:da:8c:6f:72:c9:24:d1:
aa:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:E1:DD:D3:B1:10:11:04:8C:9C:5F:91:9A:82:10:1B:E7:FE:9A:CC
X509v3 Authority Key Identifier:
keyid:79:73:0B:9E:A0:10:D8:32:F9:40:EF:B5:89:C5:18:89:13:2F:4C:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eXMLnqAQ2DL5QO-1icUYiRMvTJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/a02cc6-1308-47e4-a087-39605f9081b7/1/4-Hd07EQEQSMnF-RmoIQG-f-msw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/a02cc6-1308-47e4-a087-39605f9081b7/1/eXMLnqAQ2DL5QO-1icUYiRMvTJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.216.0/22
194.26.188.0/22
IPv6:
2a0a:a3c0::/32
2a10:7080::/29
Signature Algorithm: sha256WithRSAEncryption
53:b4:81:7d:aa:5e:c9:34:f3:ab:0b:76:7c:f6:35:35:cc:70:
00:d0:a6:e2:a7:1c:f3:6e:22:0f:9a:5c:f4:b7:fe:e8:f0:25:
f0:cb:34:d8:8a:9f:58:9a:75:77:75:8e:e0:ce:e4:c4:a6:10:
eb:25:df:19:6d:98:3d:19:c8:62:4a:96:2d:57:89:7e:5c:ca:
0c:eb:f4:7b:97:06:3c:91:8e:34:94:bd:cd:a1:37:cb:f4:c8:
ac:ec:6e:78:69:d1:c4:19:96:80:45:76:be:2e:96:70:41:de:
5c:eb:56:d9:6a:fa:ae:ab:11:65:3e:7b:a0:74:da:0f:02:fb:
21:5c:5c:76:d8:42:b7:64:f9:64:92:26:9f:df:af:36:71:f6:
7b:e9:bc:c4:c1:1e:06:58:f1:6b:17:d5:20:d4:fd:c6:89:e8:
bf:d3:0b:c2:09:e1:8f:ca:3a:66:1e:04:57:9b:d8:eb:8a:48:
d6:aa:39:b5:d2:5d:3e:48:de:3f:b1:67:dd:0b:ae:12:7a:c2:
8a:50:6f:2b:9c:67:6c:ff:07:ab:ac:6a:da:e3:bd:98:d1:0b:
00:7c:8b:33:71:38:b2:fb:26:89:ec:c3:cc:01:dd:fb:1e:84:
44:08:0e:dd:99:4e:8d:ad:88:cf:ea:8f:12:50:15:a5:31:89:
56:e2:11:6d
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQj115GnfWpxXHV0OlRKs2QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5NzMwYjllYTAxMGQ4MzJmOTQwZWZiNTg5YzUxODg5MTMy
ZjRjOTQwHhcNMjUwMTAxMjE0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2UxZGRkM2IxMTAxMTA0OGM5YzVmOTE5YTgyMTAxYmU3ZmU5YWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4Xsn/T+lvCAoD1HbEnkiNa6HiG5
nMGzGpKCUUY/o9O92M1HweYxnEi8sZzblLweL8DCXclZvs2b3jVv9AdCEQJg7Uae
S4ecwrdxkaIr6vijlMBezXDWVy2B9uD49dAPJ6m5hZQ5TtzS02deFuWmV7o4OAUD
Tg1j3m2AVLR3Y4CHmOHh5xV9PrsGGpyzbuvOy5vD0KBtBDpr2d7ZY16z2v2UM4Sy
tX8b3o5geuhlVDzilvKjRv39zDCUPG95jbzKnBwtSHei7YbTJSYfAdiCmjXLxhzV
2+oBl8C9GK8HHnRc5VWKwBIoo/RBCS5TA7cthjhZC1z1lNqMb3LJJNGqAwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFOPh3dOxEBEEjJxfkZqCEBvn/prMMB8GA1UdIwQY
MBaAFHlzC56gENgy+UDvtYnFGIkTL0yUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVhNTG5xQVEyREw1UU8tMWljVVlpUk12VEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9hMDJjYzYtMTMwOC00N2U0LWEwODct
Mzk2MDVmOTA4MWI3LzEvNC1IZDA3RVFFUVNNbkYtUm1vSVFHLWYtbXN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9hMDJjYzYtMTMwOC00N2U0LWEwODctMzk2MDVmOTA4MWI3
LzEvZVhNTG5xQVEyREw1UU8tMWljVVlpUk12VEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCucfYAwQC
whq8MBQEAgACMA4DBQAqCqPAAwUDKhBwgDANBgkqhkiG9w0BAQsFAAOCAQEAU7SB
fapeyTTzqwt2fPY1NcxwANCm4qcc824iD5pc9Lf+6PAl8Ms02IqfWJp1d3WO4M7k
xKYQ6yXfGW2YPRnIYkqWLVeJflzKDOv0e5cGPJGONJS9zaE3y/TIrOxueGnRxBmW
gEV2vi6WcEHeXOtW2Wr6rqsRZT57oHTaDwL7IVxcdthCt2T5ZJImn9+vNnH2e+m8
xMEeBljxaxfVINT9xonov9MLwgnhj8o6Zh4EV5vY64pI1qo5tdJdPkjeP7Fn3Quu
EnrCilBvK5xnbP8Hq6xq2uO9mNELAHyLM3E4svsmiezDzAHd+x6ERAgO3ZlOja2I
z+qPElAVpTGJVuIRbQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:02:53 2025 by rpki-client