Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/3be899-a52f-43ad-8e89-f1cd9fa28cc5/1/vOqn_POT4SJgIQweA7fnrAcEf9I.roa
File: vOqn_POT4SJgIQweA7fnrAcEf9I.roa (raw, json)
Hash identifier: 2I0bW2R+HbcHB9hILgmOeF30MmdjVomizQKa9+qzyDY=
Subject key identifier: BC:EA:A7:FC:F3:93:E1:22:60:21:0C:1E:03:B7:E7:AC:07:04:7F:D2
Certificate issuer: /CN=b79de9458d190e634329f9df1503b5222c1624ee
Certificate serial: 019421B24113D1F238CA551B15BEC6834BBC
Authority key identifier: B7:9D:E9:45:8D:19:0E:63:43:29:F9:DF:15:03:B5:22:2C:16:24:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t53pRY0ZDmNDKfnfFQO1IiwWJO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/3be899-a52f-43ad-8e89-f1cd9fa28cc5/1/vOqn_POT4SJgIQweA7fnrAcEf9I.roa
Signing time: Wed 01 Jan 2025 11:48:37 +0000
ROA not before: Wed 01 Jan 2025 11:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61076
IP address blocks: 91.198.102.0/24 maxlen: 24
185.231.52.0/24 maxlen: 24
185.231.53.0/24 maxlen: 24
185.231.54.0/24 maxlen: 24
185.231.55.0/24 maxlen: 24
2a0c:4100::/32 maxlen: 32
2a0c:4101::/32 maxlen: 32
2a0c:4102::/32 maxlen: 32
2a0c:4103::/32 maxlen: 32
2a0c:4104::/32 maxlen: 32
2a0c:4105::/32 maxlen: 32
2a0c:4106::/32 maxlen: 32
2a0c:4107::/32 maxlen: 32
2a13:bc80::/32 maxlen: 32
2a13:bc81::/32 maxlen: 32
2a13:bc82::/32 maxlen: 32
2a13:bc83::/32 maxlen: 32
2a13:bc84::/32 maxlen: 32
2a13:bc85::/32 maxlen: 32
2a13:bc86::/32 maxlen: 32
2a13:bc87::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:41:13:d1:f2:38:ca:55:1b:15:be:c6:83:4b:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b79de9458d190e634329f9df1503b5222c1624ee
Validity
Not Before: Jan 1 11:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bceaa7fcf393e12260210c1e03b7e7ac07047fd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ce:4e:bc:dd:90:a3:84:86:14:87:5d:28:be:
e5:f2:1f:e5:46:26:ca:93:d6:fe:a0:89:38:22:66:
52:cd:93:26:ab:63:4d:98:33:99:39:3c:ae:d6:90:
64:e5:e5:48:24:95:0a:23:cd:9a:1b:a2:a7:d8:f3:
46:32:9c:c6:95:9e:dc:b8:23:b7:25:31:6d:f7:13:
a4:d9:fb:bc:14:dc:ec:69:e6:8b:b6:61:c6:1e:0c:
e6:7a:5b:a9:54:3f:cd:a5:e6:9f:da:40:7e:2c:46:
99:4f:79:eb:aa:1b:d4:ac:8d:75:79:4a:d5:f2:1e:
fe:b4:54:16:33:29:58:d3:a1:f2:29:11:36:e7:d3:
9d:b2:4c:32:f0:25:9f:94:67:42:f0:5f:4e:bf:35:
57:cb:79:5e:cf:a6:91:25:df:db:f4:56:d7:ae:a3:
4c:b9:9e:05:23:07:2b:6a:cc:da:ed:5d:03:43:08:
ab:f5:7b:e0:e0:d6:1d:b6:91:94:0f:9b:21:43:9d:
c2:e0:6e:03:2b:4f:0f:8b:15:46:21:25:ef:7d:fd:
40:1a:ae:82:5b:bd:94:64:92:ec:04:3e:1e:01:aa:
4a:54:af:30:9c:4b:56:d6:a1:3d:7f:73:2b:8f:3c:
84:2c:ca:f4:5f:5d:d5:55:76:20:d8:f3:cc:13:1a:
e9:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:EA:A7:FC:F3:93:E1:22:60:21:0C:1E:03:B7:E7:AC:07:04:7F:D2
X509v3 Authority Key Identifier:
keyid:B7:9D:E9:45:8D:19:0E:63:43:29:F9:DF:15:03:B5:22:2C:16:24:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t53pRY0ZDmNDKfnfFQO1IiwWJO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/3be899-a52f-43ad-8e89-f1cd9fa28cc5/1/vOqn_POT4SJgIQweA7fnrAcEf9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/3be899-a52f-43ad-8e89-f1cd9fa28cc5/1/t53pRY0ZDmNDKfnfFQO1IiwWJO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.102.0/24
185.231.52.0/22
IPv6:
2a0c:4100::/29
2a13:bc80::/29
Signature Algorithm: sha256WithRSAEncryption
00:f2:97:ec:67:bc:be:95:07:ce:5b:58:ce:70:90:55:a1:f4:
6d:09:b6:74:73:91:06:f6:b4:13:53:b5:62:47:a3:a5:30:04:
41:8c:9d:55:d4:0e:17:2e:b6:a0:d4:d0:e1:e4:35:fd:45:b7:
1d:4e:f8:02:7b:21:0b:9c:7d:bf:22:91:0d:7f:2c:cc:f4:fa:
ae:c2:c7:93:7b:99:9a:16:ec:05:94:99:85:28:11:72:5b:9b:
ab:9e:aa:f2:60:20:c2:d1:7b:3e:d2:ee:44:8b:48:f2:2d:7c:
db:c0:c2:04:c8:42:59:d9:e8:46:79:d8:b2:cd:42:35:3f:f6:
ba:2e:5c:bc:83:81:d2:29:ef:38:fa:66:40:d9:0d:1a:20:71:
4b:cb:10:95:86:bd:0f:19:2f:0a:d8:5f:de:7a:1a:cd:0e:80:
a5:36:e0:c2:2f:69:19:a4:ad:a1:c6:7d:19:01:eb:25:19:1f:
e4:c5:5c:3a:62:91:a5:07:46:51:2a:ba:74:6b:13:f1:fa:f5:
f5:33:1f:c3:fc:43:b7:be:cf:1d:8c:f3:3a:23:dd:c1:1f:48:
67:3f:ad:78:48:ce:ac:6e:08:5a:e6:4a:3c:65:07:d3:ef:22:
cf:14:47:90:ba:19:d7:2b:9d:c5:04:0c:4a:0b:a8:e7:8f:bb:
01:8b:d7:ae
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQhskET0fI4ylUbFb7Gg0u8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3OWRlOTQ1OGQxOTBlNjM0MzI5ZjlkZjE1MDNiNTIyMmMx
NjI0ZWUwHhcNMjUwMTAxMTE0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2VhYTdmY2YzOTNlMTIyNjAyMTBjMWUwM2I3ZTdhYzA3MDQ3ZmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoc5OvN2Qo4SGFIddKL7l8h/lRibK
k9b+oIk4ImZSzZMmq2NNmDOZOTyu1pBk5eVIJJUKI82aG6Kn2PNGMpzGlZ7cuCO3
JTFt9xOk2fu8FNzsaeaLtmHGHgzmelupVD/Npeaf2kB+LEaZT3nrqhvUrI11eUrV
8h7+tFQWMylY06HyKRE259Odskwy8CWflGdC8F9OvzVXy3lez6aRJd/b9FbXrqNM
uZ4FIwcrasza7V0DQwir9Xvg4NYdtpGUD5shQ53C4G4DK08PixVGISXvff1AGq6C
W72UZJLsBD4eAapKVK8wnEtW1qE9f3MrjzyELMr0X13VVXYg2PPMExrpXQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFLzqp/zzk+EiYCEMHgO356wHBH/SMB8GA1UdIwQY
MBaAFLed6UWNGQ5jQyn53xUDtSIsFiTuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDUzcFJZMFpEbU5ES2ZuZkZRTzFJaXdXSk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8zYmU4OTktYTUyZi00M2FkLThlODkt
ZjFjZDlmYTI4Y2M1LzEvdk9xbl9QT1Q0U0pnSVF3ZUE3Zm5yQWNFZjlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8zYmU4OTktYTUyZi00M2FkLThlODktZjFjZDlmYTI4Y2M1
LzEvdDUzcFJZMFpEbU5ES2ZuZkZRTzFJaXdXSk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQAW8ZmAwQC
uec0MBQEAgACMA4DBQMqDEEAAwUDKhO8gDANBgkqhkiG9w0BAQsFAAOCAQEAAPKX
7Ge8vpUHzltYznCQVaH0bQm2dHORBva0E1O1YkejpTAEQYydVdQOFy62oNTQ4eQ1
/UW3HU74AnshC5x9vyKRDX8szPT6rsLHk3uZmhbsBZSZhSgRclubq56q8mAgwtF7
PtLuRItI8i1828DCBMhCWdnoRnnYss1CNT/2ui5cvIOB0invOPpmQNkNGiBxS8sQ
lYa9DxkvCthf3noazQ6ApTbgwi9pGaStocZ9GQHrJRkf5MVcOmKRpQdGUSq6dGsT
8fr19TMfw/xDt77PHYzzOiPdwR9IZz+teEjOrG4IWuZKPGUH0+8izxRHkLoZ1yud
xQQMSguo54+7AYvXrg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 15:24:49 2025 by rpki-client