Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/f4ca79-384f-47f2-aed8-a8d00383bcdd/1/aCQlUufyFAXyfrSRh5UlYee4hhI.roa
File: aCQlUufyFAXyfrSRh5UlYee4hhI.roa (raw, json)
Hash identifier: mJv4/wvWUFjjUO0qLpunwhk4Tn4azGG1QzZvm0z7rC8=
Subject key identifier: 68:24:25:52:E7:F2:14:05:F2:7E:B4:91:87:95:25:61:E7:B8:86:12
Certificate issuer: /CN=9ec448e1b1e0ebe4e976b120d398fe74d5e135f8
Certificate serial: 0194228DD80510D6EB49088B931931ADD5B7
Authority key identifier: 9E:C4:48:E1:B1:E0:EB:E4:E9:76:B1:20:D3:98:FE:74:D5:E1:35:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nsRI4bHg6-TpdrEg05j-dNXhNfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/f4ca79-384f-47f2-aed8-a8d00383bcdd/1/aCQlUufyFAXyfrSRh5UlYee4hhI.roa
Signing time: Wed 01 Jan 2025 15:48:28 +0000
ROA not before: Wed 01 Jan 2025 15:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50231
IP address blocks: 80.65.212.0/22 maxlen: 24
81.30.136.0/23 maxlen: 23
81.30.140.0/22 maxlen: 22
89.200.160.0/21 maxlen: 21
91.123.208.0/20 maxlen: 20
91.205.244.0/22 maxlen: 22
91.233.69.0/24 maxlen: 24
91.233.70.0/23 maxlen: 23
91.233.72.0/22 maxlen: 22
94.232.32.0/21 maxlen: 21
109.95.232.0/21 maxlen: 21
109.196.48.0/20 maxlen: 20
193.17.54.0/24 maxlen: 24
193.27.210.0/23 maxlen: 23
193.34.220.0/22 maxlen: 22
193.150.42.0/23 maxlen: 23
193.150.44.0/22 maxlen: 22
195.14.116.0/23 maxlen: 23
195.189.40.0/22 maxlen: 22
213.5.136.0/21 maxlen: 21
2a0d:1d40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:d8:05:10:d6:eb:49:08:8b:93:19:31:ad:d5:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ec448e1b1e0ebe4e976b120d398fe74d5e135f8
Validity
Not Before: Jan 1 15:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68242552e7f21405f27eb49187952561e7b88612
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:78:55:72:79:1c:f6:55:9c:f2:c5:d1:07:c0:
83:4d:5e:98:db:a5:cb:7e:b6:5c:58:c4:64:dd:2b:
2b:44:32:fb:7b:2b:53:f8:cd:eb:0a:70:33:b4:a9:
fc:e9:87:60:8b:9c:66:95:6f:f5:05:9c:ab:50:ce:
4d:7f:13:1b:81:ca:4b:0f:1a:a1:bd:46:8c:b2:9b:
58:4f:76:eb:d1:40:b2:0a:c7:d5:56:48:44:c9:29:
2e:4a:9a:bd:8c:35:88:32:8d:0a:f6:b1:25:6f:d5:
f0:45:0c:b8:b9:d8:af:ca:a4:45:25:90:87:73:24:
82:b9:c0:1c:be:0d:25:71:fb:01:c4:09:fc:21:7a:
7b:41:aa:1d:30:e3:30:0f:8d:97:71:3f:76:30:a1:
4e:2b:48:6b:8b:d3:d0:0b:5e:d4:32:f7:a6:5a:af:
25:9e:c1:5f:20:96:29:18:95:eb:04:92:02:a5:95:
5a:3e:c3:44:15:f1:21:1a:f8:0c:69:2a:96:c0:f5:
57:85:ac:2b:bf:c3:cd:c5:32:9c:a6:95:18:50:f3:
a5:3a:3c:3b:3f:b9:57:a7:07:0c:45:f6:3e:69:26:
91:4b:d3:f2:0d:ef:b8:3e:a3:25:5e:0c:33:2d:a0:
be:aa:20:32:45:5e:c8:09:42:c5:d3:99:7f:20:2e:
5f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:24:25:52:E7:F2:14:05:F2:7E:B4:91:87:95:25:61:E7:B8:86:12
X509v3 Authority Key Identifier:
keyid:9E:C4:48:E1:B1:E0:EB:E4:E9:76:B1:20:D3:98:FE:74:D5:E1:35:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nsRI4bHg6-TpdrEg05j-dNXhNfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/f4ca79-384f-47f2-aed8-a8d00383bcdd/1/aCQlUufyFAXyfrSRh5UlYee4hhI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/f4ca79-384f-47f2-aed8-a8d00383bcdd/1/nsRI4bHg6-TpdrEg05j-dNXhNfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.65.212.0/22
81.30.136.0/23
81.30.140.0/22
89.200.160.0/21
91.123.208.0/20
91.205.244.0/22
91.233.69.0-91.233.75.255
94.232.32.0/21
109.95.232.0/21
109.196.48.0/20
193.17.54.0/24
193.27.210.0/23
193.34.220.0/22
193.150.42.0-193.150.47.255
195.14.116.0/23
195.189.40.0/22
213.5.136.0/21
IPv6:
2a0d:1d40::/29
Signature Algorithm: sha256WithRSAEncryption
28:5e:34:b2:6c:89:42:fa:0f:2d:e0:24:b5:53:ee:01:b7:dd:
a9:34:3a:b9:45:b8:e5:6b:c6:bf:d1:b9:a6:37:d2:35:db:28:
31:b3:4b:80:be:97:e7:6c:ba:4a:2a:46:18:72:fd:ce:39:3a:
c0:cc:f1:85:be:d4:9e:12:36:90:1b:84:bf:ea:ef:5f:11:30:
db:06:e8:92:11:9e:08:bd:41:85:67:09:5c:87:73:f8:0a:a0:
26:41:6c:98:29:cc:86:53:bf:20:65:3b:f3:fe:91:4d:2e:6b:
8f:e9:38:10:fa:cc:51:d8:20:be:16:3d:fc:01:3f:29:3b:d8:
66:27:ae:10:eb:aa:7c:99:ba:9c:38:7e:59:c7:6f:5d:26:c3:
65:eb:f2:8b:4d:5d:7a:f4:5d:af:bc:cf:23:a1:62:43:3c:0d:
c5:3f:55:dc:ba:c3:c9:df:44:f9:9b:1d:85:d7:1f:fa:0c:8e:
a3:a9:da:bf:f3:b9:a0:e5:18:58:05:04:d9:24:e3:80:ae:71:
d0:69:84:33:9f:29:53:84:ef:c0:66:51:c0:af:eb:41:31:1b:
6c:e5:5c:55:6e:44:87:9d:d2:6a:cc:08:69:58:98:bf:1a:ab:
c0:43:7a:56:22:e6:5b:5c:de:86:93:f4:2f:67:35:79:d6:f6:
92:9c:61:7f
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAZQijdgFENbrSQiLkxkxrdW3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYzQ0OGUxYjFlMGViZTRlOTc2YjEyMGQzOThmZTc0ZDVl
MTM1ZjgwHhcNMjUwMTAxMTU0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODI0MjU1MmU3ZjIxNDA1ZjI3ZWI0OTE4Nzk1MjU2MWU3Yjg4NjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA73hVcnkc9lWc8sXRB8CDTV6Y26XL
frZcWMRk3SsrRDL7eytT+M3rCnAztKn86Ydgi5xmlW/1BZyrUM5NfxMbgcpLDxqh
vUaMsptYT3br0UCyCsfVVkhEySkuSpq9jDWIMo0K9rElb9XwRQy4udivyqRFJZCH
cySCucAcvg0lcfsBxAn8IXp7QaodMOMwD42XcT92MKFOK0hri9PQC17UMvemWq8l
nsFfIJYpGJXrBJICpZVaPsNEFfEhGvgMaSqWwPVXhawrv8PNxTKcppUYUPOlOjw7
P7lXpwcMRfY+aSaRS9PyDe+4PqMlXgwzLaC+qiAyRV7ICULF05l/IC5fawIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFGgkJVLn8hQF8n60kYeVJWHnuIYSMB8GA1UdIwQY
MBaAFJ7ESOGx4Ovk6XaxINOY/nTV4TX4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnNSSTRiSGc2LVRwZHJFZzA1ai1kTlhoTmZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9mNGNhNzktMzg0Zi00N2YyLWFlZDgt
YThkMDAzODNiY2RkLzEvYUNRbFV1ZnlGQVh5ZnJTUmg1VWxZZWU0aGhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9mNGNhNzktMzg0Zi00N2YyLWFlZDgtYThkMDAzODNiY2Rk
LzEvbnNSSTRiSGc2LVRwZHJFZzA1ai1kTlhoTmZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTB8BAIAATB2AwQCUEHU
AwQBUR6IAwQCUR6MAwQDWcigAwQEW3vQAwQCW830MAwDBABb6UUDBAJb6UgDBANe
6CADBANtX+gDBARtxDADBADBETYDBAHBG9IDBALBItwwDAMEAcGWKgMEBMGWIAME
AcMOdAMEAsO9KAMEA9UFiDANBAIAAjAHAwUDKg0dQDANBgkqhkiG9w0BAQsFAAOC
AQEAKF40smyJQvoPLeAktVPuAbfdqTQ6uUW45WvGv9G5pjfSNdsoMbNLgL6X52y6
SipGGHL9zjk6wMzxhb7UnhI2kBuEv+rvXxEw2wbokhGeCL1BhWcJXIdz+AqgJkFs
mCnMhlO/IGU78/6RTS5rj+k4EPrMUdggvhY9/AE/KTvYZieuEOuqfJm6nDh+Wcdv
XSbDZevyi01devRdr7zPI6FiQzwNxT9V3LrDyd9E+Zsdhdcf+gyOo6nav/O5oOUY
WAUE2STjgK5x0GmEM58pU4TvwGZRwK/rQTEbbOVcVW5Eh53SaswIaViYvxqrwEN6
ViLmW1zehpP0L2c1edb2kpxhfw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:00:40 2025 by rpki-client