Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/13DoNZ6OFM2E7tYB2bhb6nmFWSE.roa
File: 13DoNZ6OFM2E7tYB2bhb6nmFWSE.roa (raw, json)
Hash identifier: ddIDrUfKxzwAA11a8lGXPDSlMHNMs7szQrcYAz5cL38=
Subject key identifier: D7:70:E8:35:9E:8E:14:CD:84:EE:D6:01:D9:B8:5B:EA:79:85:59:21
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 01944109A8AAC54AEC720ED63A90AB550655
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/13DoNZ6OFM2E7tYB2bhb6nmFWSE.roa
Signing time: Tue 07 Jan 2025 13:52:19 +0000
ROA not before: Tue 07 Jan 2025 13:52:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6762
IP address blocks: 2.16.19.0/24 maxlen: 24
2.16.70.0/23 maxlen: 23
2.16.146.0/23 maxlen: 23
2.16.220.0/22 maxlen: 22
2.18.0.0/22 maxlen: 22
2.18.31.0/24 maxlen: 24
2.19.16.0/20 maxlen: 20
2.20.4.0/22 maxlen: 22
2.20.47.0/24 maxlen: 24
2.20.109.0/24 maxlen: 24
2.20.112.0/22 maxlen: 22
2.20.252.0/24 maxlen: 24
2.21.2.0/24 maxlen: 24
2.21.14.0/24 maxlen: 24
2.21.100.0/22 maxlen: 22
2.22.216.0/22 maxlen: 22
2.22.234.0/24 maxlen: 24
88.221.28.0/22 maxlen: 22
88.221.100.0/22 maxlen: 22
92.122.68.0/22 maxlen: 22
92.122.225.0/24 maxlen: 24
92.122.248.0/22 maxlen: 22
92.123.48.0/24 maxlen: 24
92.123.106.0/24 maxlen: 24
92.123.208.0/22 maxlen: 22
95.100.136.0/22 maxlen: 22
95.101.35.0/24 maxlen: 24
95.101.68.0/22 maxlen: 22
95.101.114.0/24 maxlen: 24
95.101.156.0/22 maxlen: 22
2a02:26f0:b00::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:41:09:a8:aa:c5:4a:ec:72:0e:d6:3a:90:ab:55:06:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Jan 7 13:52:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d770e8359e8e14cd84eed601d9b85bea79855921
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:af:14:09:de:6d:ba:77:94:42:55:d7:d0:9f:
d8:bf:f8:4d:fc:9f:4c:f1:d8:40:3d:33:94:19:0d:
ff:3b:78:5c:c2:b8:83:29:4c:02:24:03:f9:e8:2f:
eb:0b:ea:22:3d:29:19:53:1a:1f:56:24:0a:3f:15:
9b:b9:cb:fe:d8:95:c6:35:6d:d2:bd:c2:2e:da:07:
d6:e6:9e:54:17:52:4e:7a:93:8b:31:56:5f:a4:08:
49:71:04:de:41:91:8e:2c:3d:71:2a:81:4c:1a:3d:
1d:eb:e2:57:90:4f:a1:f1:7a:65:ff:ed:7f:4c:03:
50:ed:40:3a:7c:de:c3:77:84:d3:32:d6:22:db:29:
68:e4:83:ed:c9:8b:28:c5:9a:65:fd:30:ed:bb:64:
46:7c:d5:f1:68:3d:f7:3d:85:9c:bb:66:80:37:7c:
c9:06:9c:06:63:5f:0e:1c:1b:de:66:07:96:e2:47:
21:cf:c8:f6:75:77:a6:6a:e7:62:11:59:46:a9:6e:
2b:3b:a0:fe:60:c7:24:70:3c:3e:60:77:06:78:2e:
53:68:34:c4:27:39:4c:9b:10:73:82:06:4f:85:71:
bc:ae:af:cf:af:07:89:86:f1:97:63:1d:8e:28:2b:
88:62:3c:ad:b9:76:d4:dc:00:47:7b:e8:2e:2c:27:
14:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:70:E8:35:9E:8E:14:CD:84:EE:D6:01:D9:B8:5B:EA:79:85:59:21
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/13DoNZ6OFM2E7tYB2bhb6nmFWSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.16.19.0/24
2.16.70.0/23
2.16.146.0/23
2.16.220.0/22
2.18.0.0/22
2.18.31.0/24
2.19.16.0/20
2.20.4.0/22
2.20.47.0/24
2.20.109.0/24
2.20.112.0/22
2.20.252.0/24
2.21.2.0/24
2.21.14.0/24
2.21.100.0/22
2.22.216.0/22
2.22.234.0/24
88.221.28.0/22
88.221.100.0/22
92.122.68.0/22
92.122.225.0/24
92.122.248.0/22
92.123.48.0/24
92.123.106.0/24
92.123.208.0/22
95.100.136.0/22
95.101.35.0/24
95.101.68.0/22
95.101.114.0/24
95.101.156.0/22
IPv6:
2a02:26f0:b00::/48
Signature Algorithm: sha256WithRSAEncryption
6e:51:9c:7a:3a:d2:8c:a2:35:ea:1a:28:0b:6c:a4:01:40:4e:
56:5f:ef:0e:73:9c:4f:0b:b6:4c:6e:cd:21:7d:d4:45:fd:ca:
09:a8:f7:4c:c3:03:81:7d:b5:d8:62:2d:ed:bd:19:d2:d5:1b:
69:eb:7a:a9:ff:29:17:4d:a3:f3:67:26:1c:64:2e:b5:eb:91:
64:21:ed:41:3d:ea:8a:73:a2:18:9f:61:74:b8:91:f8:fd:84:
f6:b7:e4:ee:71:1a:b5:68:64:39:29:81:a8:34:39:ac:09:56:
b7:a9:2e:a4:d6:0b:5e:54:6e:82:34:8c:d5:65:08:e0:12:77:
1f:2f:5d:8f:b9:43:0f:d0:ef:87:b5:04:cd:a3:da:b6:aa:ac:
ba:7d:fc:88:62:ca:78:c1:9e:27:b2:87:2a:34:d5:0e:1b:2d:
82:df:11:ec:0c:50:a3:f6:72:c2:41:fc:fc:51:7e:8e:b0:f2:
fc:13:2e:b0:6b:7a:ea:52:6a:c7:4a:56:ed:01:86:ec:60:45:
c9:b6:fd:b8:d0:17:95:32:b0:79:58:e0:5c:ab:9b:9b:e2:9e:
c7:a6:9e:b1:ed:08:7c:b6:83:97:6b:5a:c1:8b:ce:51:0d:d1:
0c:59:3a:67:c3:3f:1f:7a:d8:18:9b:07:73:04:57:87:f6:54:
30:30:ea:eb
-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgISAZRBCaiqxUrscg7WOpCrVQZVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjUwMTA3MTM1MjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzcwZTgzNTllOGUxNGNkODRlZWQ2MDFkOWI4NWJlYTc5ODU1OTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5q8UCd5tuneUQlXX0J/Yv/hN/J9M
8dhAPTOUGQ3/O3hcwriDKUwCJAP56C/rC+oiPSkZUxofViQKPxWbucv+2JXGNW3S
vcIu2gfW5p5UF1JOepOLMVZfpAhJcQTeQZGOLD1xKoFMGj0d6+JXkE+h8Xpl/+1/
TANQ7UA6fN7Dd4TTMtYi2ylo5IPtyYsoxZpl/TDtu2RGfNXxaD33PYWcu2aAN3zJ
BpwGY18OHBveZgeW4kchz8j2dXemaudiEVlGqW4rO6D+YMckcDw+YHcGeC5TaDTE
JzlMmxBzggZPhXG8rq/PrweJhvGXYx2OKCuIYjytuXbU3ABHe+guLCcUqwIDAQAB
o4ICzTCCAskwHQYDVR0OBBYEFNdw6DWejhTNhO7WAdm4W+p5hVkhMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvMTNEb05aNk9GTTJFN3RZQjJiaGI2bm1GV1NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHiBggrBgEFBQcBBwEB/wSB0jCBzzCBuwQCAAEwgbQDBAAC
EBMDBAECEEYDBAECEJIDBAICENwDBAICEgADBAACEh8DBAQCExADBAICFAQDBAAC
FC8DBAACFG0DBAICFHADBAACFPwDBAACFQIDBAACFQ4DBAICFWQDBAICFtgDBAAC
FuoDBAJY3RwDBAJY3WQDBAJcekQDBABceuEDBAJcevgDBABcezADBABce2oDBAJc
e9ADBAJfZIgDBABfZSMDBAJfZUQDBABfZXIDBAJfZZwwDwQCAAIwCQMHACoCJvAL
ADANBgkqhkiG9w0BAQsFAAOCAQEAblGcejrSjKI16hooC2ykAUBOVl/vDnOcTwu2
TG7NIX3URf3KCaj3TMMDgX212GIt7b0Z0tUbaet6qf8pF02j82cmHGQuteuRZCHt
QT3qinOiGJ9hdLiR+P2E9rfk7nEatWhkOSmBqDQ5rAlWt6kupNYLXlRugjSM1WUI
4BJ3Hy9dj7lDD9Dvh7UEzaPatqqsun38iGLKeMGeJ7KHKjTVDhstgt8R7AxQo/Zy
wkH8/FF+jrDy/BMusGt66lJqx0pW7QGG7GBFybb9uNAXlTKweVjgXKubm+Kex6ae
se0IfLaDl2tawYvOUQ3RDFk6Z8M/H3rYGJsHcwRXh/ZUMDDq6w==
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:12:44 2025 by rpki-client