Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/G4iCR1wPXdV4ssSgPa78wnE4JKc.roa
File: G4iCR1wPXdV4ssSgPa78wnE4JKc.roa (raw, json)
Hash identifier: tuXzO7FFVN702+Aeb8IJf3VKsUY0XM7DFYMvHxWqFKA=
Subject key identifier: 1B:88:82:47:5C:0F:5D:D5:78:B2:C4:A0:3D:AE:FC:C2:71:38:24:A7
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0194ACDA4D6D622CF5FBC552146F679B173E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/G4iCR1wPXdV4ssSgPa78wnE4JKc.roa
Signing time: Tue 28 Jan 2025 12:19:35 +0000
ROA not before: Tue 28 Jan 2025 12:19:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58061
IP address blocks: 192.124.191.0/24 maxlen: 24
193.124.5.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.32.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.88.0/24 maxlen: 24
194.87.89.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.142.0/24 maxlen: 24
194.87.150.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.185.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.29.0/24 maxlen: 24
195.133.42.0/24 maxlen: 24
195.133.43.0/24 maxlen: 24
195.133.72.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
212.193.14.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ac:da:4d:6d:62:2c:f5:fb:c5:52:14:6f:67:9b:17:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 28 12:19:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b8882475c0f5dd578b2c4a03daefcc2713824a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:2d:50:56:82:8b:42:92:57:e9:b0:19:fa:f5:
7c:0e:c4:ce:09:ad:68:e1:2c:8d:84:0d:a5:91:3c:
a9:ea:37:26:21:86:7d:3f:17:25:ce:ad:b4:dc:10:
81:1b:72:bf:64:e2:ae:55:ed:00:2c:aa:51:17:89:
f5:91:3d:94:34:d5:85:63:0d:b8:86:28:e8:72:15:
c0:fe:ce:b5:e8:56:ac:d2:da:b2:b2:46:a4:fc:33:
8a:37:56:f3:5e:a5:ef:2b:78:72:f9:ed:39:54:f1:
7a:b6:e4:99:3e:de:75:9f:77:06:44:5c:85:d4:e7:
71:2a:05:87:b9:86:f8:b6:50:07:22:a7:0d:c0:7c:
4b:6a:e3:4b:44:99:93:77:94:43:2a:56:a9:0c:81:
3f:c6:48:2d:18:c3:41:1e:47:1c:12:0e:e9:02:07:
34:3c:8a:5b:dc:5d:79:03:4a:46:86:a7:15:fd:d6:
ea:ae:21:92:a6:b0:78:bf:7c:3c:6a:81:e2:13:46:
23:23:26:a0:8c:0c:6d:4d:8c:50:60:78:8d:75:09:
ff:a1:24:ab:d9:e9:a3:ce:c6:08:d4:32:be:8d:bb:
95:1a:22:9a:cd:28:82:d7:62:db:96:2f:0c:0e:3d:
97:29:56:94:30:10:2b:82:a5:63:ad:7c:ad:7d:32:
8e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:88:82:47:5C:0F:5D:D5:78:B2:C4:A0:3D:AE:FC:C2:71:38:24:A7
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/G4iCR1wPXdV4ssSgPa78wnE4JKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.191.0/24
193.124.5.0/24
194.87.12.0/24
194.87.22.0/24
194.87.32.0/24
194.87.40.0/24
194.87.88.0/23
194.87.124.0/24
194.87.136.0/24
194.87.142.0/24
194.87.150.0/24
194.87.169.0/24
194.87.185.0/24
195.133.6.0/24
195.133.29.0/24
195.133.42.0/23
195.133.72.0/24
195.133.85.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:4f:1e:1e:62:59:7d:d9:bc:10:28:47:05:6e:36:96:83:17:
26:89:e1:08:b3:dd:60:c7:d4:d6:c7:a9:ff:bd:59:b5:01:8b:
19:cb:a0:98:2c:05:a5:b7:0c:56:9a:c6:a5:bd:a6:74:45:69:
3d:61:3a:0f:f3:5b:58:71:94:29:2e:e7:f9:b1:b4:51:81:bf:
c0:08:72:b2:87:69:af:c4:47:b9:11:2b:b8:58:2e:8c:85:0b:
18:ef:19:95:23:a1:73:91:62:6b:df:a5:c2:b7:0e:b1:22:81:
4c:ad:82:9d:00:48:31:c4:89:c9:be:c7:0e:32:80:35:9b:4f:
51:60:75:9d:45:4b:41:22:c2:99:d4:cc:a6:4d:2c:4c:13:eb:
a2:a3:15:55:36:19:ce:49:e8:f5:db:e0:c0:db:9b:10:ed:c0:
7d:34:b3:b2:19:81:3c:b3:f7:a0:22:f4:c0:4c:00:84:d2:8a:
63:3b:00:9b:56:ce:92:a9:23:96:9c:79:39:82:11:53:eb:43:
02:d0:96:84:b5:4d:88:3b:88:c3:b5:59:ab:e5:8c:fc:be:f6:
60:7c:40:93:66:2f:70:4f:09:f5:ec:3c:10:96:b2:39:26:eb:
07:a2:b2:92:b9:4e:b4:0e:ef:57:73:66:92:78:d5:74:aa:5b:
1b:42:3d:66
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZSs2k1tYiz1+8VSFG9nmxc+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMTI4MTIxOTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjg4ODI0NzVjMGY1ZGQ1NzhiMmM0YTAzZGFlZmNjMjcxMzgyNGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0i1QVoKLQpJX6bAZ+vV8DsTOCa1o
4SyNhA2lkTyp6jcmIYZ9Pxclzq203BCBG3K/ZOKuVe0ALKpRF4n1kT2UNNWFYw24
hijochXA/s616Fas0tqyskak/DOKN1bzXqXvK3hy+e05VPF6tuSZPt51n3cGRFyF
1OdxKgWHuYb4tlAHIqcNwHxLauNLRJmTd5RDKlapDIE/xkgtGMNBHkccEg7pAgc0
PIpb3F15A0pGhqcV/dbqriGSprB4v3w8aoHiE0YjIyagjAxtTYxQYHiNdQn/oSSr
2emjzsYI1DK+jbuVGiKazSiC12Lbli8MDj2XKVaUMBArgqVjrXytfTKOLQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFBuIgkdcD13VeLLEoD2u/MJxOCSnMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRzRpQ1Ixd1BYZFY0c3NTZ1BhNzh3bkU0SktjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAMB8vwME
AMF8BQMEAMJXDAMEAMJXFgMEAMJXIAMEAMJXKAMEAcJXWAMEAMJXfAMEAMJXiAME
AMJXjgMEAMJXlgMEAMJXqQMEAMJXuQMEAMOFBgMEAMOFHQMEAcOFKgMEAMOFSAME
AMOFVQMEANTBDjANBgkqhkiG9w0BAQsFAAOCAQEALU8eHmJZfdm8EChHBW42loMX
JonhCLPdYMfU1sep/71ZtQGLGcugmCwFpbcMVprGpb2mdEVpPWE6D/NbWHGUKS7n
+bG0UYG/wAhysodpr8RHuREruFgujIULGO8ZlSOhc5Fia9+lwrcOsSKBTK2CnQBI
McSJyb7HDjKANZtPUWB1nUVLQSLCmdTMpk0sTBProqMVVTYZzkno9dvgwNubEO3A
fTSzshmBPLP3oCL0wEwAhNKKYzsAm1bOkqkjlpx5OYIRU+tDAtCWhLVNiDuIw7VZ
q+WM/L72YHxAk2YvcE8J9ew8EJayOSbrB6KykrlOtA7vV3NmknjVdKpbG0I9Zg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:03:18 2025 by rpki-client