Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/a1c6ec-c260-4ca2-887b-4bb94cbc2e73/1/4Y2Nbo1_a6IBq8Cl0IDfGwKCP_M.roa
File: 4Y2Nbo1_a6IBq8Cl0IDfGwKCP_M.roa (raw, json)
Hash identifier: 0bsJSEvzwH1XPIlPA10NL/s8qRTvdmZt752O+GQRDjw=
Subject key identifier: E1:8D:8D:6E:8D:7F:6B:A2:01:AB:C0:A5:D0:80:DF:1B:02:82:3F:F3
Certificate issuer: /CN=5b6d178f13851306b5634df159716319f4d82478
Certificate serial: 019425FD9CAB8352DE04784B307AC8B3B502
Authority key identifier: 5B:6D:17:8F:13:85:13:06:B5:63:4D:F1:59:71:63:19:F4:D8:24:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W20XjxOFEwa1Y03xWXFjGfTYJHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/a1c6ec-c260-4ca2-887b-4bb94cbc2e73/1/4Y2Nbo1_a6IBq8Cl0IDfGwKCP_M.roa
Signing time: Thu 02 Jan 2025 07:49:25 +0000
ROA not before: Thu 02 Jan 2025 07:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207459
IP address blocks: 80.253.254.0/24 maxlen: 32
80.253.255.0/24 maxlen: 32
91.217.119.0/24 maxlen: 32
193.31.117.0/24 maxlen: 32
213.142.132.0/24 maxlen: 24
213.142.133.0/24 maxlen: 24
213.142.134.0/24 maxlen: 24
213.142.149.0/24 maxlen: 24
213.142.150.0/24 maxlen: 32
213.142.156.0/24 maxlen: 24
2a0e:36c0::/29 maxlen: 32
2a0e:36c0::/32 maxlen: 32
2a0e:36c1::/32 maxlen: 32
2a0e:36c2::/32 maxlen: 32
2a0e:36c3::/32 maxlen: 32
2a0e:36c4::/32 maxlen: 32
2a0e:36c5::/32 maxlen: 32
2a0e:36c6::/32 maxlen: 32
2a0e:36c6:ff80::/48 maxlen: 48
2a0e:36c7::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:9c:ab:83:52:de:04:78:4b:30:7a:c8:b3:b5:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b6d178f13851306b5634df159716319f4d82478
Validity
Not Before: Jan 2 07:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e18d8d6e8d7f6ba201abc0a5d080df1b02823ff3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:7b:80:db:9f:77:d5:34:2e:49:fb:d1:cc:da:
bf:2b:99:b5:2d:98:66:cd:c3:57:db:ad:b4:3e:4c:
9e:fb:b5:bf:21:bf:f9:3e:3e:c1:17:56:0f:d1:44:
b1:3c:f0:de:7e:17:80:26:d1:2a:e5:40:c5:c4:92:
10:78:fe:fa:5e:0d:c0:95:78:c4:bc:23:54:77:f5:
b6:dc:a2:21:96:e7:0f:45:12:4c:9a:eb:07:4c:ea:
1a:0f:8a:04:32:b5:87:e1:90:e1:aa:bc:e1:f9:9b:
93:4a:97:51:57:01:b5:b2:8e:a4:ee:04:92:1b:40:
66:e2:01:89:48:35:a6:7f:57:ab:bd:fa:03:35:72:
2f:0a:71:5b:32:d8:f4:42:a7:ac:55:49:d9:f3:5c:
0a:27:c5:b1:31:cb:cc:39:af:a8:69:04:d9:da:9e:
c5:3c:34:d1:1d:52:bf:c5:58:ab:d4:fe:23:55:50:
d9:af:7b:56:bd:c1:2e:05:87:f5:59:fc:38:0c:55:
35:32:26:80:11:04:fc:ff:de:2b:83:86:be:cd:c2:
52:44:f0:eb:66:5e:a6:80:e0:d1:f4:1a:54:fb:74:
cf:a5:cc:65:74:78:29:5a:f0:a6:4b:d8:26:64:e5:
c3:b4:2b:e8:dd:2b:5e:c6:d0:86:47:30:c6:bd:3a:
7e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:8D:8D:6E:8D:7F:6B:A2:01:AB:C0:A5:D0:80:DF:1B:02:82:3F:F3
X509v3 Authority Key Identifier:
keyid:5B:6D:17:8F:13:85:13:06:B5:63:4D:F1:59:71:63:19:F4:D8:24:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W20XjxOFEwa1Y03xWXFjGfTYJHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a1c6ec-c260-4ca2-887b-4bb94cbc2e73/1/4Y2Nbo1_a6IBq8Cl0IDfGwKCP_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a1c6ec-c260-4ca2-887b-4bb94cbc2e73/1/W20XjxOFEwa1Y03xWXFjGfTYJHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.254.0/23
91.217.119.0/24
193.31.117.0/24
213.142.132.0-213.142.134.255
213.142.149.0-213.142.150.255
213.142.156.0/24
IPv6:
2a0e:36c0::/29
Signature Algorithm: sha256WithRSAEncryption
2f:61:76:7d:fa:aa:65:5e:38:23:e0:2f:53:d8:11:ff:58:1f:
9c:07:d4:d7:73:ab:1c:04:8a:d9:8b:97:46:e8:0a:90:ef:95:
5f:ca:43:a5:2f:ae:ed:cb:30:fe:0f:75:4c:ac:db:61:c5:72:
c2:20:b8:c2:b5:b8:aa:b8:03:a9:1b:49:95:b4:e3:74:2b:97:
df:2f:92:42:80:c3:40:c7:0f:e3:bf:25:f5:99:97:f9:29:14:
e0:5b:79:2a:bc:d7:29:0a:71:8f:65:48:98:71:35:6b:3d:ac:
50:fc:b7:64:2f:9c:26:ec:67:b2:2a:42:2b:69:54:66:b0:9e:
67:61:cb:b5:b5:79:51:08:84:3a:6c:a4:bd:7f:90:ca:b3:2a:
06:86:af:28:9f:48:21:e3:c4:5e:1c:9a:b4:8d:05:f0:e2:14:
08:85:9b:65:24:95:62:32:4a:93:4b:86:a4:42:26:e6:e5:6d:
77:00:d3:3c:20:63:f3:b8:7c:67:73:3e:1c:67:a7:cc:3c:b8:
8f:63:77:19:77:d6:8e:4c:9e:e9:88:68:1c:55:05:0a:7b:2d:
b8:81:4f:e1:db:b9:a3:60:82:0b:09:ae:fe:0e:7b:62:65:e3:
e1:54:59:4c:0e:d8:01:be:ed:56:a0:a5:92:91:07:2f:fd:1e:
50:af:58:3f
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAZQl/Zyrg1LeBHhLMHrIs7UCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNmQxNzhmMTM4NTEzMDZiNTYzNGRmMTU5NzE2MzE5ZjRk
ODI0NzgwHhcNMjUwMTAyMDc0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMThkOGQ2ZThkN2Y2YmEyMDFhYmMwYTVkMDgwZGYxYjAyODIzZmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHuA25931TQuSfvRzNq/K5m1LZhm
zcNX2620Pkye+7W/Ib/5Pj7BF1YP0USxPPDefheAJtEq5UDFxJIQeP76Xg3AlXjE
vCNUd/W23KIhlucPRRJMmusHTOoaD4oEMrWH4ZDhqrzh+ZuTSpdRVwG1so6k7gSS
G0Bm4gGJSDWmf1ervfoDNXIvCnFbMtj0QqesVUnZ81wKJ8WxMcvMOa+oaQTZ2p7F
PDTRHVK/xVir1P4jVVDZr3tWvcEuBYf1Wfw4DFU1MiaAEQT8/94rg4a+zcJSRPDr
Zl6mgODR9BpU+3TPpcxldHgpWvCmS9gmZOXDtCvo3StextCGRzDGvTp+AwIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFOGNjW6Nf2uiAavApdCA3xsCgj/zMB8GA1UdIwQY
MBaAFFttF48ThRMGtWNN8VlxYxn02CR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzIwWGp4T0ZFd2ExWTAzeFdYRmpHZlRZSkhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9hMWM2ZWMtYzI2MC00Y2EyLTg4N2It
NGJiOTRjYmMyZTczLzEvNFkyTmJvMV9hNklCcThDbDBJRGZHd0tDUF9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9hMWM2ZWMtYzI2MC00Y2EyLTg4N2ItNGJiOTRjYmMyZTcz
LzEvVzIwWGp4T0ZFd2ExWTAzeFdYRmpHZlRZSkhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzA6BAIAATA0AwQBUP3+AwQA
W9l3AwQAwR91MAwDBALVjoQDBADVjoYwDAMEANWOlQMEANWOlgMEANWOnDANBAIA
AjAHAwUDKg42wDANBgkqhkiG9w0BAQsFAAOCAQEAL2F2ffqqZV44I+AvU9gR/1gf
nAfU13OrHASK2YuXRugKkO+VX8pDpS+u7csw/g91TKzbYcVywiC4wrW4qrgDqRtJ
lbTjdCuX3y+SQoDDQMcP478l9ZmX+SkU4Ft5KrzXKQpxj2VImHE1az2sUPy3ZC+c
JuxnsipCK2lUZrCeZ2HLtbV5UQiEOmykvX+QyrMqBoavKJ9IIePEXhyatI0F8OIU
CIWbZSSVYjJKk0uGpEIm5uVtdwDTPCBj87h8Z3M+HGenzDy4j2N3GXfWjkye6Yho
HFUFCnstuIFP4du5o2CCCwmu/g57YmXj4VRZTA7YAb7tVqClkpEHL/0eUK9YPw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:37:37 2025 by rpki-client