Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/Ak10uTUSg69QOqHNTxAGC2TpELw.roa
File: Ak10uTUSg69QOqHNTxAGC2TpELw.roa (raw, json)
Hash identifier: oiP7bM32K+80IzA18mDaKDk6EfugV2T17VUBPXEcrEs=
Subject key identifier: 02:4D:74:B9:35:12:83:AF:50:3A:A1:CD:4F:10:06:0B:64:E9:10:BC
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 018FA93DE742B7F26BDF2252E64863E69522
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/Ak10uTUSg69QOqHNTxAGC2TpELw.roa
Signing time: Fri 24 May 2024 06:15:57 +0000
ROA not before: Fri 24 May 2024 06:15:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 194.64.89.0/24 maxlen: 24
194.163.68.0/24 maxlen: 24
194.163.92.0/24 maxlen: 24
194.233.31.0/24 maxlen: 24
194.233.148.0/24 maxlen: 24
194.233.149.0/24 maxlen: 24
194.233.151.0/24 maxlen: 24
195.180.128.0/22 maxlen: 24
195.252.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a9:3d:e7:42:b7:f2:6b:df:22:52:e6:48:63:e6:95:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: May 24 06:15:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=024d74b9351283af503aa1cd4f10060b64e910bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:da:cb:7e:c1:f9:5f:6d:14:8b:dd:72:da:a3:
97:bf:9f:89:3a:63:66:82:e7:72:36:55:7e:3d:9e:
a4:63:cc:8d:91:c5:d2:c1:cc:34:1c:25:26:bc:27:
76:8d:fb:8b:43:46:68:ed:ca:1e:c7:25:67:9a:53:
94:92:fe:20:94:e7:dc:10:e1:3c:b2:1f:08:e2:67:
9c:53:1b:3f:73:16:dd:3e:24:d0:2a:4a:da:65:d4:
80:b8:ac:d5:ba:a4:c2:86:ff:32:17:22:cb:81:ff:
4e:76:af:43:96:92:69:a2:38:20:6d:87:50:31:f9:
81:6c:e0:ce:a4:dc:da:8e:66:64:0e:3d:b5:82:30:
d8:93:08:b3:8e:37:43:51:de:03:b9:bf:8a:75:59:
fd:76:a7:cb:be:5d:ac:64:41:eb:51:b4:11:a6:ec:
3e:50:d5:84:75:32:85:b7:49:cf:e9:45:df:ec:44:
d6:aa:e3:97:ad:7f:22:07:1c:cf:ba:92:f7:26:f7:
3a:1b:e6:10:2e:bc:ad:f1:4b:3b:f0:5a:2a:8c:03:
47:be:98:81:7f:15:63:46:ff:ae:12:4c:53:cf:db:
f7:51:40:25:a2:48:f8:42:aa:2b:ff:23:72:bf:13:
eb:cf:b2:9c:7c:32:fa:9c:9d:20:e3:94:69:dd:29:
4b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:4D:74:B9:35:12:83:AF:50:3A:A1:CD:4F:10:06:0B:64:E9:10:BC
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/Ak10uTUSg69QOqHNTxAGC2TpELw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.64.89.0/24
194.163.68.0/24
194.163.92.0/24
194.233.31.0/24
194.233.148.0/23
194.233.151.0/24
195.180.128.0/22
195.252.175.0/24
Signature Algorithm: sha256WithRSAEncryption
53:bb:27:38:be:9c:da:b4:67:c3:ad:33:b7:0d:b6:d9:ea:bf:
a9:79:90:cd:67:c4:15:a2:04:86:42:de:e3:87:0b:d9:45:53:
9c:bc:10:dd:51:1b:bf:41:2b:a6:8b:0b:f4:9c:13:7b:af:4e:
9a:f7:86:56:9d:44:9b:f2:f9:63:84:f9:10:21:31:34:e2:94:
c3:10:6c:80:d2:62:fe:79:6f:6b:ca:11:6f:28:a1:64:85:86:
77:3b:47:0e:48:a8:da:5d:7e:e5:f7:be:0a:7e:42:ea:1a:17:
64:1c:c8:13:07:c0:5d:ec:49:a3:d8:5a:d5:73:71:ee:0b:fc:
d1:8b:df:d0:19:71:7a:78:93:b4:9a:dc:ab:b2:96:6a:59:7b:
37:06:77:c7:bd:0f:3e:96:67:06:fb:30:66:2e:bf:d1:79:39:
99:96:c4:2e:bc:1e:01:ad:42:45:a7:8a:67:69:0c:e8:e8:31:
1b:a2:88:be:f2:7f:5a:a7:62:ed:e8:bc:72:42:26:ad:b5:86:
8d:6d:91:2d:b0:57:ba:c8:dd:7e:00:01:07:1b:13:74:fa:d3:
c5:6a:c8:13:a7:6f:6a:9b:1d:d4:01:28:ad:d5:34:ef:ac:6c:
31:5b:32:e7:9f:75:2b:69:ba:d7:7d:08:7b:6a:8a:37:56:0e:
3f:d8:c1:82
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY+pPedCt/Jr3yJS5khj5pUiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjQwNTI0MDYxNTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjRkNzRiOTM1MTI4M2FmNTAzYWExY2Q0ZjEwMDYwYjY0ZTkxMGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptrLfsH5X20Ui91y2qOXv5+JOmNm
gudyNlV+PZ6kY8yNkcXSwcw0HCUmvCd2jfuLQ0Zo7coexyVnmlOUkv4glOfcEOE8
sh8I4mecUxs/cxbdPiTQKkraZdSAuKzVuqTChv8yFyLLgf9Odq9DlpJpojggbYdQ
MfmBbODOpNzajmZkDj21gjDYkwizjjdDUd4Dub+KdVn9dqfLvl2sZEHrUbQRpuw+
UNWEdTKFt0nP6UXf7ETWquOXrX8iBxzPupL3Jvc6G+YQLryt8Us78FoqjANHvpiB
fxVjRv+uEkxTz9v3UUAlokj4Qqor/yNyvxPrz7KcfDL6nJ0g45Rp3SlLwwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFAJNdLk1EoOvUDqhzU8QBgtk6RC8MB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEvQWsxMHVUVVNnNjlRT3FITlR4QUdDMlRwRUx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAwkBZAwQA
wqNEAwQAwqNcAwQAwukfAwQBwumUAwQAwumXAwQCw7SAAwQAw/yvMA0GCSqGSIb3
DQEBCwUAA4IBAQBTuyc4vpzatGfDrTO3DbbZ6r+peZDNZ8QVogSGQt7jhwvZRVOc
vBDdURu/QSumiwv0nBN7r06a94ZWnUSb8vljhPkQITE04pTDEGyA0mL+eW9ryhFv
KKFkhYZ3O0cOSKjaXX7l974KfkLqGhdkHMgTB8Bd7Emj2FrVc3HuC/zRi9/QGXF6
eJO0mtyrspZqWXs3BnfHvQ8+lmcG+zBmLr/ReTmZlsQuvB4BrUJFp4pnaQzo6DEb
ooi+8n9ap2Lt6LxyQiattYaNbZEtsFe6yN1+AAEHGxN0+tPFasgTp29qmx3UASit
1TTvrGwxWzLnn3UrabrXfQh7aoo3Vg4/2MGC
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:07 2025 by rpki-client