Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/9pK-UIM-H6tNfktNjnY3n3eplHo.roa
File: 9pK-UIM-H6tNfktNjnY3n3eplHo.roa (raw, json)
Hash identifier: uVmuFNCMVIRszRB0UyxXgi1VNyC51j94Uds90LHBjSU=
Subject key identifier: F6:92:BE:50:83:3E:1F:AB:4D:7E:4B:4D:8E:76:37:9F:77:A9:94:7A
Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial: 01942825502579CF8FE82B9B6AD07241D033
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/9pK-UIM-H6tNfktNjnY3n3eplHo.roa
Signing time: Thu 02 Jan 2025 17:52:01 +0000
ROA not before: Thu 02 Jan 2025 17:52:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136038
IP address blocks: 2.59.152.0/22 maxlen: 22
2.59.154.0/24 maxlen: 24
2.59.155.0/24 maxlen: 24
45.91.226.0/24 maxlen: 24
45.91.227.0/24 maxlen: 24
45.142.152.0/24 maxlen: 24
45.142.155.0/24 maxlen: 24
185.202.103.0/24 maxlen: 24
193.239.150.0/24 maxlen: 24
193.239.154.0/24 maxlen: 24
194.126.202.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:50:25:79:cf:8f:e8:2b:9b:6a:d0:72:41:d0:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
Validity
Not Before: Jan 2 17:52:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f692be50833e1fab4d7e4b4d8e76379f77a9947a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:41:5e:62:08:47:71:09:ac:6c:91:e3:89:a7:
dd:28:4b:9d:5a:8d:af:6a:3c:c0:09:09:45:95:ab:
17:2f:e8:76:1b:be:1b:89:9d:0a:fb:22:93:40:62:
ef:d0:f2:f2:24:8e:61:1f:88:64:b3:aa:f4:c1:17:
61:b9:2d:4e:fe:80:92:d6:5f:ba:47:07:1c:e4:9f:
db:e5:65:2a:34:94:7e:08:63:ca:c8:11:b1:22:7c:
3a:64:07:c7:01:3e:0a:9c:be:21:45:8f:b3:fa:c8:
25:49:2c:2d:56:b5:00:29:46:9a:9b:01:2e:1f:12:
01:b9:93:d6:15:fe:f1:ed:77:e1:53:33:17:c9:bc:
8e:c8:b4:28:35:07:14:52:8b:cd:1f:ae:a8:75:09:
72:15:2a:e4:47:72:85:70:08:76:cd:77:2f:de:64:
66:29:cf:05:95:7d:9a:9c:8d:8b:9e:5b:20:08:c6:
ae:d8:1e:59:f7:f2:d6:d7:00:5e:74:e2:aa:01:5e:
02:ac:e6:44:c9:c0:7d:db:cc:b4:fb:3e:ac:ec:d3:
11:14:8f:a3:d5:c6:94:ec:b6:0e:d6:3a:c7:fa:3f:
6b:96:47:3e:84:93:48:81:3d:66:14:43:cc:d0:b9:
c6:66:70:39:40:ac:2a:95:fa:9a:3f:65:cf:3a:de:
3c:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:92:BE:50:83:3E:1F:AB:4D:7E:4B:4D:8E:76:37:9F:77:A9:94:7A
X509v3 Authority Key Identifier:
keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/9pK-UIM-H6tNfktNjnY3n3eplHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.152.0/22
45.91.226.0/23
45.142.152.0/24
45.142.155.0/24
185.202.103.0/24
193.239.150.0/24
193.239.154.0/24
194.126.202.0/24
Signature Algorithm: sha256WithRSAEncryption
41:c0:b1:37:bc:9a:73:4f:81:f4:9b:1f:df:ac:c5:e5:d2:7d:
1a:a4:4d:fc:a7:93:2f:7b:7e:56:6b:16:46:69:78:52:4e:61:
68:8a:93:62:9e:16:09:7b:33:7a:03:74:4b:45:f8:d6:ed:41:
a2:55:29:29:db:20:93:2b:a8:bb:78:41:60:cb:bf:3f:92:d0:
b3:df:bd:cb:55:33:82:ab:86:9f:1d:a4:84:48:c8:9b:fb:08:
51:b5:28:14:48:f6:7e:64:8b:ea:a1:a3:16:e7:f3:33:f0:f6:
e4:74:17:67:dd:2b:90:53:f7:7a:94:cf:02:71:6d:95:1e:d8:
be:31:ba:06:21:f8:d4:6f:85:92:b9:5b:7b:e5:8c:c1:d4:db:
f5:67:86:d5:b6:d3:cc:35:b0:48:c8:b1:ae:5b:8a:da:d6:26:
1e:f1:e9:85:7f:6d:d1:76:88:21:bc:89:6b:fd:da:eb:69:fb:
70:8e:98:71:96:36:47:0a:ad:74:7e:8a:b4:ba:95:ba:e7:c0:
7c:74:e4:20:8e:8c:69:45:b6:13:70:66:1f:a9:20:a1:38:4c:
68:a6:c5:93:ed:3d:7f:1c:12:93:3f:9d:2a:0b:54:cb:3f:d0:
90:6e:4b:aa:2a:9f:e5:9e:77:a0:e6:d9:a8:73:b1:3a:59:34:
1b:64:8a:82
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQoJVAlec+P6CubatByQdAzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjUwMTAyMTc1MjAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjkyYmU1MDgzM2UxZmFiNGQ3ZTRiNGQ4ZTc2Mzc5Zjc3YTk5NDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUFeYghHcQmsbJHjiafdKEudWo2v
ajzACQlFlasXL+h2G74biZ0K+yKTQGLv0PLyJI5hH4hks6r0wRdhuS1O/oCS1l+6
Rwcc5J/b5WUqNJR+CGPKyBGxInw6ZAfHAT4KnL4hRY+z+sglSSwtVrUAKUaamwEu
HxIBuZPWFf7x7XfhUzMXybyOyLQoNQcUUovNH66odQlyFSrkR3KFcAh2zXcv3mRm
Kc8FlX2anI2LnlsgCMau2B5Z9/LW1wBedOKqAV4CrOZEycB928y0+z6s7NMRFI+j
1caU7LYO1jrH+j9rlkc+hJNIgT1mFEPM0LnGZnA5QKwqlfqaP2XPOt48dQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFPaSvlCDPh+rTX5LTY52N593qZR6MB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvOXBLLVVJTS1INnROZmt0TmpuWTNuM2VwbEhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCAjuYAwQB
LVviAwQALY6YAwQALY6bAwQAucpnAwQAwe+WAwQAwe+aAwQAwn7KMA0GCSqGSIb3
DQEBCwUAA4IBAQBBwLE3vJpzT4H0mx/frMXl0n0apE38p5Mve35WaxZGaXhSTmFo
ipNinhYJezN6A3RLRfjW7UGiVSkp2yCTK6i7eEFgy78/ktCz373LVTOCq4afHaSE
SMib+whRtSgUSPZ+ZIvqoaMW5/Mz8PbkdBdn3SuQU/d6lM8CcW2VHti+MboGIfjU
b4WSuVt75YzB1Nv1Z4bVttPMNbBIyLGuW4ra1iYe8emFf23RdoghvIlr/drraftw
jphxljZHCq10foq0upW658B8dOQgjoxpRbYTcGYfqSChOExopsWT7T1/HBKTP50q
C1TLP9CQbkuqKp/lnneg5tmoc7E6WTQbZIqC
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:36:34 2025 by rpki-client