Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/cc1d62-ae53-48b7-ac79-641d456283c4/1/0TN8GbA_0te4LvZwiVGOjxWVyyI.roa
File: 0TN8GbA_0te4LvZwiVGOjxWVyyI.roa (raw, json)
Hash identifier: r7htGnYfYSEvlu71tGptm+rLAL8pN7TnQ6e7cOorBgk=
Subject key identifier: D1:33:7C:19:B0:3F:D2:D7:B8:2E:F6:70:89:51:8E:8F:15:95:CB:22
Certificate issuer: /CN=a60e42d7cbafc9dd3205d247d662d85afdd9a186
Certificate serial: 019425FC44C91E1F3037FECA7FACB1D786D2
Authority key identifier: A6:0E:42:D7:CB:AF:C9:DD:32:05:D2:47:D6:62:D8:5A:FD:D9:A1:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pg5C18uvyd0yBdJH1mLYWv3ZoYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/cc1d62-ae53-48b7-ac79-641d456283c4/1/0TN8GbA_0te4LvZwiVGOjxWVyyI.roa
Signing time: Thu 02 Jan 2025 07:47:57 +0000
ROA not before: Thu 02 Jan 2025 07:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61172
IP address blocks: 194.146.32.0/24 maxlen: 24
194.146.33.0/24 maxlen: 24
194.146.34.0/24 maxlen: 24
194.146.35.0/24 maxlen: 24
2a0f:9540::/32 maxlen: 32
2a0f:9541::/32 maxlen: 32
2a0f:9542::/32 maxlen: 32
2a0f:9543::/32 maxlen: 32
2a0f:9544::/32 maxlen: 32
2a0f:9545::/32 maxlen: 32
2a0f:9546::/32 maxlen: 32
2a0f:9547::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:44:c9:1e:1f:30:37:fe:ca:7f:ac:b1:d7:86:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a60e42d7cbafc9dd3205d247d662d85afdd9a186
Validity
Not Before: Jan 2 07:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d1337c19b03fd2d7b82ef67089518e8f1595cb22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ce:78:da:9c:19:11:88:d8:51:45:3f:42:19:
18:db:e5:af:fc:75:e5:f9:be:6c:a1:57:f2:2c:c2:
f2:bb:12:bb:0c:d3:f1:f0:ee:4c:91:9f:95:c9:90:
1b:35:6e:b5:4c:78:20:8b:f2:d7:84:13:a8:fc:dc:
c2:fb:a8:00:5d:ec:e9:38:d1:64:97:cb:02:9f:a0:
9c:b5:a8:54:0d:c6:22:52:20:65:c9:98:b8:37:41:
f7:e6:62:e3:9c:5f:7c:f1:49:04:fd:46:2e:54:01:
c2:c4:62:f5:73:80:3f:4d:e3:a4:77:d4:17:63:36:
e9:72:cb:f3:4e:c0:9f:80:1f:df:c6:93:e7:1f:af:
c5:dd:fe:dd:36:66:36:15:90:47:5c:bd:2c:c3:8b:
c9:d0:80:5e:01:d6:3e:82:d6:f1:b2:0b:ac:74:25:
f8:d6:74:8e:2f:0b:24:22:88:38:91:a7:b8:03:99:
b8:85:18:c2:c3:07:d1:68:79:68:a0:c1:62:65:d3:
71:51:9b:65:54:f2:9d:6c:f2:24:6d:c1:2f:7b:2a:
88:12:32:c2:b0:5b:4d:19:9b:75:f7:26:13:17:7f:
9d:d7:2e:c9:05:f0:b5:d6:8b:b4:bf:6f:1a:3a:99:
df:08:a1:9e:b2:5e:2c:08:2a:c4:3a:ba:00:85:b6:
41:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:33:7C:19:B0:3F:D2:D7:B8:2E:F6:70:89:51:8E:8F:15:95:CB:22
X509v3 Authority Key Identifier:
keyid:A6:0E:42:D7:CB:AF:C9:DD:32:05:D2:47:D6:62:D8:5A:FD:D9:A1:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pg5C18uvyd0yBdJH1mLYWv3ZoYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/cc1d62-ae53-48b7-ac79-641d456283c4/1/0TN8GbA_0te4LvZwiVGOjxWVyyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/cc1d62-ae53-48b7-ac79-641d456283c4/1/pg5C18uvyd0yBdJH1mLYWv3ZoYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.146.32.0/22
IPv6:
2a0f:9540::/29
Signature Algorithm: sha256WithRSAEncryption
0f:a8:49:30:d3:3a:55:8a:34:da:60:c8:14:dd:95:f0:8c:bc:
ed:29:44:7c:6f:2e:b8:a8:09:ca:c5:35:8e:3a:57:82:0a:49:
1e:86:04:ce:20:95:2d:c2:e0:3f:c2:6d:14:7f:d5:06:24:03:
78:3c:88:40:09:60:66:ea:e8:9a:97:4f:cf:f1:7a:69:58:24:
48:db:4c:56:f5:5c:00:8f:db:8b:5c:24:30:fb:4b:f6:19:bf:
ed:28:5e:94:7b:f8:ec:aa:86:15:f3:30:80:2e:8d:45:02:4e:
85:ac:c4:2c:a7:be:cf:ff:ee:ac:e9:ad:a2:d7:1f:74:15:c0:
aa:9c:d7:b8:9f:bf:01:89:cd:2f:b9:aa:36:aa:08:88:1d:52:
3d:b6:48:ef:52:c5:a5:de:10:25:4d:aa:78:0d:bd:48:d7:90:
30:34:e3:11:48:12:f3:66:36:14:fe:c7:97:40:a1:87:fa:32:
0b:8f:4e:e1:d3:cb:fe:86:74:bc:33:52:f7:f0:d6:6b:f7:bd:
03:0d:62:23:82:98:85:ac:0a:ad:4a:1d:ad:1a:8f:5d:22:67:
8e:81:38:10:47:e4:e5:2f:85:e9:fb:69:27:0a:b9:11:ec:b0:
77:d8:fb:e5:2e:fc:a4:61:b8:ca:0b:b8:b7:a8:f3:b6:ae:19:
ab:69:6c:ae
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQl/ETJHh8wN/7Kf6yx14bSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MGU0MmQ3Y2JhZmM5ZGQzMjA1ZDI0N2Q2NjJkODVhZmRk
OWExODYwHhcNMjUwMTAyMDc0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTMzN2MxOWIwM2ZkMmQ3YjgyZWY2NzA4OTUxOGU4ZjE1OTVjYjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApM542pwZEYjYUUU/QhkY2+Wv/HXl
+b5soVfyLMLyuxK7DNPx8O5MkZ+VyZAbNW61THggi/LXhBOo/NzC+6gAXezpONFk
l8sCn6CctahUDcYiUiBlyZi4N0H35mLjnF988UkE/UYuVAHCxGL1c4A/TeOkd9QX
YzbpcsvzTsCfgB/fxpPnH6/F3f7dNmY2FZBHXL0sw4vJ0IBeAdY+gtbxsgusdCX4
1nSOLwskIog4kae4A5m4hRjCwwfRaHlooMFiZdNxUZtlVPKdbPIkbcEveyqIEjLC
sFtNGZt19yYTF3+d1y7JBfC11ou0v28aOpnfCKGesl4sCCrEOroAhbZBAQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNEzfBmwP9LXuC72cIlRjo8VlcsiMB8GA1UdIwQY
MBaAFKYOQtfLr8ndMgXSR9Zi2Fr92aGGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGc1QzE4dXZ5ZDB5QmRKSDFtTFlXdjNab1lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9jYzFkNjItYWU1My00OGI3LWFjNzkt
NjQxZDQ1NjI4M2M0LzEvMFROOEdiQV8wdGU0THZad2lWR09qeFdWeXlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9jYzFkNjItYWU1My00OGI3LWFjNzktNjQxZDQ1NjI4M2M0
LzEvcGc1QzE4dXZ5ZDB5QmRKSDFtTFlXdjNab1lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwpIgMA0E
AgACMAcDBQMqD5VAMA0GCSqGSIb3DQEBCwUAA4IBAQAPqEkw0zpVijTaYMgU3ZXw
jLztKUR8by64qAnKxTWOOleCCkkehgTOIJUtwuA/wm0Uf9UGJAN4PIhACWBm6uia
l0/P8XppWCRI20xW9VwAj9uLXCQw+0v2Gb/tKF6Ue/jsqoYV8zCALo1FAk6FrMQs
p77P/+6s6a2i1x90FcCqnNe4n78Bic0vuao2qgiIHVI9tkjvUsWl3hAlTap4Db1I
15AwNOMRSBLzZjYU/seXQKGH+jILj07h08v+hnS8M1L38NZr970DDWIjgpiFrAqt
Sh2tGo9dImeOgTgQR+TlL4Xp+2knCrkR7LB32PvlLvykYbjKC7i3qPO2rhmraWyu
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:09:21 2025 by rpki-client