Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/42f275-68b7-448d-b956-35bb2e6d0606/1/4kR89sLAqkPwhn_ralqMLx5vnmw.roa
File: 4kR89sLAqkPwhn_ralqMLx5vnmw.roa (raw, json)
Hash identifier: aW/S/miakzFOlENse9MXKWvU/sKShiO+PJNe9e/OxYg=
Subject key identifier: E2:44:7C:F6:C2:C0:AA:43:F0:86:7F:EB:6A:5A:8C:2F:1E:6F:9E:6C
Certificate issuer: /CN=839b7e1615a001a5bcb96e154a71af9a0b45b5d7
Certificate serial: 01941F8C5A023A6953A5061AE13AC8914075
Authority key identifier: 83:9B:7E:16:15:A0:01:A5:BC:B9:6E:15:4A:71:AF:9A:0B:45:B5:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g5t-FhWgAaW8uW4VSnGvmgtFtdc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/42f275-68b7-448d-b956-35bb2e6d0606/1/4kR89sLAqkPwhn_ralqMLx5vnmw.roa
Signing time: Wed 01 Jan 2025 01:47:58 +0000
ROA not before: Wed 01 Jan 2025 01:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41959
IP address blocks: 91.206.96.0/23 maxlen: 23
185.79.32.0/22 maxlen: 22
193.242.146.0/23 maxlen: 23
194.126.229.0/24 maxlen: 24
194.140.250.0/24 maxlen: 24
195.80.229.0/24 maxlen: 24
195.93.142.0/23 maxlen: 23
195.226.207.0/24 maxlen: 24
195.245.204.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:5a:02:3a:69:53:a5:06:1a:e1:3a:c8:91:40:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=839b7e1615a001a5bcb96e154a71af9a0b45b5d7
Validity
Not Before: Jan 1 01:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e2447cf6c2c0aa43f0867feb6a5a8c2f1e6f9e6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:95:20:a1:54:cd:80:57:20:bd:56:a6:55:98:
93:01:0b:a2:e7:94:53:fb:4f:65:fd:36:8d:74:cd:
81:54:ab:fa:fc:f6:49:7b:37:c9:ab:6f:e5:5e:55:
1c:e0:aa:ea:fd:dd:1e:87:e4:ab:b5:d0:7e:bc:47:
c3:0d:40:fb:b5:9a:2d:36:4f:f4:ff:6d:63:de:23:
64:f4:bd:30:84:e2:52:f2:3f:92:fd:6f:f3:85:57:
b6:5d:9f:c9:8d:a0:3a:eb:bc:58:3e:d3:4a:26:bf:
d5:5f:58:7b:7a:ff:45:74:bd:e2:4e:38:0c:2b:b0:
f4:a9:24:75:8a:48:c0:d0:ee:20:12:f3:79:26:54:
36:37:69:7c:34:0e:b2:f4:15:d7:15:66:ac:76:c0:
4d:4e:3f:66:e5:68:a8:29:a4:92:9f:b5:2f:7b:61:
c2:b0:87:c3:a7:14:25:e1:3c:51:3a:f7:b2:a2:01:
22:bc:45:27:f5:ed:2a:0e:a3:89:16:b8:99:7c:fc:
cc:49:22:d0:48:85:08:fe:fb:5c:fb:35:43:05:96:
24:d5:bc:46:d7:30:2a:af:1a:26:df:33:be:6c:8e:
33:15:68:85:dd:89:f6:3c:9b:00:78:63:e7:8e:d2:
05:d6:3e:57:98:74:23:c2:74:f7:db:95:5e:a3:71:
43:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:44:7C:F6:C2:C0:AA:43:F0:86:7F:EB:6A:5A:8C:2F:1E:6F:9E:6C
X509v3 Authority Key Identifier:
keyid:83:9B:7E:16:15:A0:01:A5:BC:B9:6E:15:4A:71:AF:9A:0B:45:B5:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g5t-FhWgAaW8uW4VSnGvmgtFtdc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/42f275-68b7-448d-b956-35bb2e6d0606/1/4kR89sLAqkPwhn_ralqMLx5vnmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/42f275-68b7-448d-b956-35bb2e6d0606/1/g5t-FhWgAaW8uW4VSnGvmgtFtdc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.96.0/23
185.79.32.0/22
193.242.146.0/23
194.126.229.0/24
194.140.250.0/24
195.80.229.0/24
195.93.142.0/23
195.226.207.0/24
195.245.204.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:00:67:b5:ac:c1:89:76:81:f0:41:f3:23:0f:87:af:43:3d:
8e:1c:65:72:41:7e:5f:d9:6e:d7:f7:fe:a1:bc:e4:90:5b:6b:
52:18:2c:98:66:72:4f:36:6d:d7:0a:6e:bd:13:67:26:bf:91:
74:3c:d8:f8:ca:4f:c5:b3:4a:51:d5:45:4b:b9:b3:6c:7c:64:
62:fd:2c:49:87:6d:5c:fb:4d:7c:15:21:75:3c:cc:08:ce:ba:
e6:82:9c:08:9f:02:65:d8:12:dd:77:c6:06:41:40:83:1d:81:
58:a0:00:0c:c5:e4:ef:20:35:d4:d2:74:f9:d2:16:15:eb:6d:
b0:9f:d9:18:01:21:8b:d0:79:5a:9c:2b:f5:bc:bf:a8:3a:e4:
26:ee:93:c5:44:58:a7:cf:31:9a:7b:d5:1b:ed:cf:ec:18:63:
a6:75:b6:c5:f7:fa:b3:7d:9b:c4:e5:99:a4:dd:8e:47:9c:f5:
86:72:b0:60:be:25:0e:b3:52:65:52:97:77:7a:bd:19:a3:23:
a1:93:38:14:c3:f0:9e:ea:cf:51:38:b8:b4:32:e9:2b:c6:22:
e7:22:42:f0:53:4b:ee:4c:c7:75:81:64:8e:ca:93:0f:02:93:
4c:bc:f9:b1:05:9b:29:25:bb:11:c0:93:12:5d:58:f7:f6:fa:
19:98:17:a9
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQfjFoCOmlTpQYa4TrIkUB1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzOWI3ZTE2MTVhMDAxYTViY2I5NmUxNTRhNzFhZjlhMGI0
NWI1ZDcwHhcNMjUwMTAxMDE0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjQ0N2NmNmMyYzBhYTQzZjA4NjdmZWI2YTVhOGMyZjFlNmY5ZTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppUgoVTNgFcgvVamVZiTAQui55RT
+09l/TaNdM2BVKv6/PZJezfJq2/lXlUc4Krq/d0eh+SrtdB+vEfDDUD7tZotNk/0
/21j3iNk9L0whOJS8j+S/W/zhVe2XZ/JjaA667xYPtNKJr/VX1h7ev9FdL3iTjgM
K7D0qSR1ikjA0O4gEvN5JlQ2N2l8NA6y9BXXFWasdsBNTj9m5WioKaSSn7Uve2HC
sIfDpxQl4TxROveyogEivEUn9e0qDqOJFriZfPzMSSLQSIUI/vtc+zVDBZYk1bxG
1zAqrxom3zO+bI4zFWiF3Yn2PJsAeGPnjtIF1j5XmHQjwnT325Veo3FDUQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFOJEfPbCwKpD8IZ/62pajC8eb55sMB8GA1UdIwQY
MBaAFIObfhYVoAGlvLluFUpxr5oLRbXXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzV0LUZoV2dBYVc4dVc0VlNuR3ZtZ3RGdGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi80MmYyNzUtNjhiNy00NDhkLWI5NTYt
MzViYjJlNmQwNjA2LzEvNGtSODlzTEFxa1B3aG5fcmFscU1MeDV2bm13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi80MmYyNzUtNjhiNy00NDhkLWI5NTYtMzViYjJlNmQwNjA2
LzEvZzV0LUZoV2dBYVc4dVc0VlNuR3ZtZ3RGdGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBW85gAwQC
uU8gAwQBwfKSAwQAwn7lAwQAwoz6AwQAw1DlAwQBw12OAwQAw+LPAwQAw/XMMA0G
CSqGSIb3DQEBCwUAA4IBAQB/AGe1rMGJdoHwQfMjD4evQz2OHGVyQX5f2W7X9/6h
vOSQW2tSGCyYZnJPNm3XCm69E2cmv5F0PNj4yk/Fs0pR1UVLubNsfGRi/SxJh21c
+018FSF1PMwIzrrmgpwInwJl2BLdd8YGQUCDHYFYoAAMxeTvIDXU0nT50hYV622w
n9kYASGL0HlanCv1vL+oOuQm7pPFRFinzzGae9Ub7c/sGGOmdbbF9/qzfZvE5Zmk
3Y5HnPWGcrBgviUOs1JlUpd3er0ZoyOhkzgUw/Ce6s9ROLi0MukrxiLnIkLwU0vu
TMd1gWSOypMPApNMvPmxBZspJbsRwJMSXVj39voZmBep
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:41 2025 by rpki-client