Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/bel6Fk2PBFF8iK4X4dPcB_YL-p8.roa
File: bel6Fk2PBFF8iK4X4dPcB_YL-p8.roa (raw, json)
Hash identifier: whSoMvRfcwg1zlxaNwdPk6EU1wdOECDElkdNcqQV/CE=
Subject key identifier: 6D:E9:7A:16:4D:8F:04:51:7C:88:AE:17:E1:D3:DC:07:F6:0B:FA:9F
Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial: 0194282550F2A64242E1BFA6C61864AA521B
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/bel6Fk2PBFF8iK4X4dPcB_YL-p8.roa
Signing time: Thu 02 Jan 2025 17:52:01 +0000
ROA not before: Thu 02 Jan 2025 17:52:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137427
IP address blocks: 2.59.153.0/24 maxlen: 24
45.91.225.0/24 maxlen: 24
91.204.224.0/24 maxlen: 24
91.204.225.0/24 maxlen: 24
91.204.226.0/24 maxlen: 24
91.204.227.0/24 maxlen: 24
185.202.101.0/24 maxlen: 24
193.239.151.0/24 maxlen: 24
194.126.215.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:50:f2:a6:42:42:e1:bf:a6:c6:18:64:aa:52:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
Validity
Not Before: Jan 2 17:52:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6de97a164d8f04517c88ae17e1d3dc07f60bfa9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f9:ec:99:ce:45:01:48:1e:3c:20:c1:87:35:
df:b6:df:df:cf:d9:9f:d0:62:30:52:7b:8b:c6:79:
7c:79:ab:2e:91:3c:60:3f:ab:d6:90:04:f5:5f:1d:
6c:0b:30:44:9f:52:d3:1f:14:8f:87:84:00:f8:ab:
da:20:23:d6:65:d9:39:8f:47:67:15:4b:08:27:5e:
e7:5c:d5:e8:67:5d:fb:7c:4d:fd:7a:92:0d:d3:5e:
02:09:47:ae:31:2f:68:40:d5:69:fe:2c:8b:fd:b6:
b0:e3:58:9d:22:63:c7:c2:92:d7:35:4a:8f:e6:d1:
19:0f:de:a0:7e:ae:ce:f6:9e:04:64:76:42:d8:9b:
7d:98:d8:a8:c6:3d:de:3b:cc:fc:3e:bd:af:bb:1d:
72:ce:17:bf:9a:a3:8a:33:34:a4:0a:1d:6b:39:d1:
f9:0a:23:ba:f6:d5:85:b0:c4:ef:d5:66:70:37:c7:
70:34:d1:eb:f7:b8:9a:d2:46:d3:8d:d4:4e:29:8f:
ef:b9:98:d3:93:d2:4d:18:9f:ee:48:b8:90:16:44:
b7:c9:94:6c:79:29:e3:49:6a:a2:fc:ff:aa:c3:5d:
c6:d9:cf:76:36:c9:3b:35:cc:12:58:ae:b8:88:e5:
dd:d1:66:74:9a:09:f1:6a:37:84:6b:a4:2a:3b:bf:
45:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:E9:7A:16:4D:8F:04:51:7C:88:AE:17:E1:D3:DC:07:F6:0B:FA:9F
X509v3 Authority Key Identifier:
keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/bel6Fk2PBFF8iK4X4dPcB_YL-p8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.153.0/24
45.91.225.0/24
91.204.224.0/22
185.202.101.0/24
193.239.151.0/24
194.126.215.0/24
Signature Algorithm: sha256WithRSAEncryption
62:4f:25:4a:17:63:2d:5b:65:1d:27:8c:49:96:1c:27:e9:c7:
f3:18:54:ce:a9:9f:8f:39:71:46:4c:c0:e1:25:35:50:ed:09:
52:1e:bb:07:df:f6:ac:c2:7d:47:ef:86:fb:ec:0e:cc:2f:5c:
c9:84:65:fc:9b:03:64:24:6e:fa:91:8a:02:45:83:a3:0e:19:
e3:a6:0d:8d:67:5e:2b:59:f0:f1:12:6b:9a:5b:b6:f0:9f:1a:
33:6f:39:19:df:cf:56:fc:a9:0d:4a:18:c2:67:81:5a:ad:15:
58:09:a2:0f:6f:f7:ae:c6:e6:80:f8:1b:23:d6:99:0c:41:8f:
21:25:b8:24:31:b2:05:2a:b5:11:cc:f0:f1:54:d2:5d:93:a3:
c2:d4:a4:04:d7:28:36:2a:cf:97:c7:c0:9a:1e:76:bc:cd:08:
51:53:87:96:d0:67:ec:2c:70:0f:52:eb:1d:36:55:25:45:80:
51:d4:84:22:fb:b6:c0:44:b3:82:a7:ca:fe:a6:4a:17:59:f3:
bc:30:63:2b:9c:3d:76:47:20:66:50:16:8d:66:28:68:da:0f:
d3:ff:0a:6d:ee:ac:ac:7a:0e:78:cb:87:b2:29:59:24:ec:ed:
30:62:78:23:e4:41:3f:f7:b8:9a:b8:cc:4f:0c:c1:ca:35:cc:
dc:a2:9d:8b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQoJVDypkJC4b+mxhhkqlIbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjUwMTAyMTc1MjAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGU5N2ExNjRkOGYwNDUxN2M4OGFlMTdlMWQzZGMwN2Y2MGJmYTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfnsmc5FAUgePCDBhzXftt/fz9mf
0GIwUnuLxnl8easukTxgP6vWkAT1Xx1sCzBEn1LTHxSPh4QA+KvaICPWZdk5j0dn
FUsIJ17nXNXoZ137fE39epIN014CCUeuMS9oQNVp/iyL/baw41idImPHwpLXNUqP
5tEZD96gfq7O9p4EZHZC2Jt9mNioxj3eO8z8Pr2vux1yzhe/mqOKMzSkCh1rOdH5
CiO69tWFsMTv1WZwN8dwNNHr97ia0kbTjdROKY/vuZjTk9JNGJ/uSLiQFkS3yZRs
eSnjSWqi/P+qw13G2c92Nsk7NcwSWK64iOXd0WZ0mgnxajeEa6QqO79FRQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFG3pehZNjwRRfIiuF+HT3Af2C/qfMB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvYmVsNkZrMlBCRkY4aUs0WDRkUGNCX1lMLXA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAAjuZAwQA
LVvhAwQCW8zgAwQAucplAwQAwe+XAwQAwn7XMA0GCSqGSIb3DQEBCwUAA4IBAQBi
TyVKF2MtW2UdJ4xJlhwn6cfzGFTOqZ+POXFGTMDhJTVQ7QlSHrsH3/aswn1H74b7
7A7ML1zJhGX8mwNkJG76kYoCRYOjDhnjpg2NZ14rWfDxEmuaW7bwnxozbzkZ389W
/KkNShjCZ4FarRVYCaIPb/euxuaA+Bsj1pkMQY8hJbgkMbIFKrURzPDxVNJdk6PC
1KQE1yg2Ks+Xx8CaHna8zQhRU4eW0GfsLHAPUusdNlUlRYBR1IQi+7bARLOCp8r+
pkoXWfO8MGMrnD12RyBmUBaNZiho2g/T/wpt7qyseg54y4eyKVkk7O0wYngj5EE/
97iauMxPDMHKNczcop2L
-----END CERTIFICATE-----
Generated at Fri Apr 11 13:20:59 2025 by rpki-client