Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/0187d6-8bfc-4c59-a6c4-6ad3252a1427/1/THjGQAeNJPBtPCUTy4-J94YQkPc.roa
File: THjGQAeNJPBtPCUTy4-J94YQkPc.roa (raw, json)
Hash identifier: F+YBL5AUhg2W6omBaT2Kp3w7xlj8utNYDQNQuh7FdXU=
Subject key identifier: 4C:78:C6:40:07:8D:24:F0:6D:3C:25:13:CB:8F:89:F7:86:10:90:F7
Certificate issuer: /CN=588cabf6f523f26e267db03b524347841aaaa465
Certificate serial: 019426D86AFEA26EA0E8AF2F0CC49C1555DF
Authority key identifier: 58:8C:AB:F6:F5:23:F2:6E:26:7D:B0:3B:52:43:47:84:1A:AA:A4:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIyr9vUj8m4mfbA7UkNHhBqqpGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/0187d6-8bfc-4c59-a6c4-6ad3252a1427/1/THjGQAeNJPBtPCUTy4-J94YQkPc.roa
Signing time: Thu 02 Jan 2025 11:48:24 +0000
ROA not before: Thu 02 Jan 2025 11:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48635
IP address blocks: 62.221.192.0/19 maxlen: 24
86.109.16.0/22 maxlen: 24
94.126.32.0/22 maxlen: 24
109.237.208.0/20 maxlen: 20
185.21.240.0/22 maxlen: 22
185.21.240.0/24 maxlen: 24
185.21.241.0/24 maxlen: 24
185.21.242.0/24 maxlen: 24
185.21.243.0/24 maxlen: 24
185.87.248.0/22 maxlen: 24
2001:1460::/32 maxlen: 48
2a04:1cc0::/29 maxlen: 48
2a05:c4c0::/29 maxlen: 48
2a0d:7980::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:6a:fe:a2:6e:a0:e8:af:2f:0c:c4:9c:15:55:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=588cabf6f523f26e267db03b524347841aaaa465
Validity
Not Before: Jan 2 11:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c78c640078d24f06d3c2513cb8f89f7861090f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:35:d9:1d:f2:79:9e:31:6f:72:87:06:13:67:
b4:7a:fb:ec:c7:c7:6b:10:17:7f:17:d5:15:7e:3e:
2b:14:bb:ed:e4:af:46:01:fd:c1:97:8a:05:de:c0:
05:13:70:b8:2a:eb:66:93:24:66:ff:a1:dc:5d:3a:
f4:6a:9a:49:fc:07:d9:79:08:2a:cd:0c:d7:48:2e:
47:98:0d:07:91:7a:ab:ce:c0:6b:8d:9f:c1:90:73:
57:c2:4e:2a:76:c7:02:17:7b:73:22:d5:7d:57:35:
75:87:ac:be:1b:5e:fa:fc:9d:ea:41:ba:15:e4:a9:
d9:ff:bd:8e:19:9a:a5:99:e2:42:66:57:df:9d:b6:
66:24:99:c1:e3:52:6c:03:bf:46:d5:2e:5a:de:73:
12:1a:4b:ea:97:92:8a:0e:1a:a5:3b:da:98:50:24:
96:83:70:85:c0:9d:02:36:ae:dc:fe:ff:56:45:88:
c4:62:c9:11:a9:59:f5:96:71:28:27:5b:2d:11:99:
10:24:3b:a5:e4:b5:40:5e:a4:10:3b:36:cb:77:ac:
1b:36:79:ef:3e:03:b8:3c:f9:e6:a3:f0:b7:64:77:
ce:48:cd:0b:0b:91:0e:b3:33:04:5d:8d:53:41:b7:
d0:b2:e4:da:73:c5:33:e0:b7:01:5c:f8:db:5b:19:
a6:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:78:C6:40:07:8D:24:F0:6D:3C:25:13:CB:8F:89:F7:86:10:90:F7
X509v3 Authority Key Identifier:
keyid:58:8C:AB:F6:F5:23:F2:6E:26:7D:B0:3B:52:43:47:84:1A:AA:A4:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIyr9vUj8m4mfbA7UkNHhBqqpGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0187d6-8bfc-4c59-a6c4-6ad3252a1427/1/THjGQAeNJPBtPCUTy4-J94YQkPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0187d6-8bfc-4c59-a6c4-6ad3252a1427/1/WIyr9vUj8m4mfbA7UkNHhBqqpGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.221.192.0/19
86.109.16.0/22
94.126.32.0/22
109.237.208.0/20
185.21.240.0/22
185.87.248.0/22
IPv6:
2001:1460::/32
2a04:1cc0::/29
2a05:c4c0::/29
2a0d:7980::/32
Signature Algorithm: sha256WithRSAEncryption
77:73:2c:3b:ad:20:36:e4:ef:9e:83:c3:76:83:8a:fd:22:8c:
04:d5:89:cd:56:9e:8c:9b:14:7a:fe:86:54:e4:c6:db:61:86:
09:a5:99:cc:04:31:e5:fc:f4:bf:1e:49:03:0b:ff:2e:fd:54:
82:9e:68:d4:85:46:0a:68:49:b8:99:5d:66:54:08:1e:ee:7f:
f9:0b:0b:68:f4:55:a9:04:d0:ff:08:85:15:92:1b:e9:17:37:
39:3b:c5:9f:86:97:ae:40:01:e2:32:12:41:30:4b:42:99:bc:
d8:40:41:cb:80:43:a8:27:c2:bc:01:9d:e5:7b:61:30:40:1d:
5d:e0:eb:fa:6d:2b:a8:9d:51:46:80:3f:95:5c:57:d9:a5:b5:
09:44:87:2a:bd:28:98:d2:be:64:24:6a:39:c3:c0:24:1a:df:
b3:02:92:60:1b:7a:77:42:ec:1c:2e:28:99:76:c5:fd:73:dd:
aa:fa:ee:5c:41:51:70:e0:dc:82:51:31:81:43:b2:3d:6c:93:
b5:69:2d:c0:87:ef:17:41:3b:52:ff:0d:71:04:3b:7f:d1:bd:
08:16:11:c7:74:a0:a1:2a:9d:be:be:c4:3e:cc:ee:2e:19:77:
e6:9a:26:90:88:be:d0:fe:50:02:03:3b:d5:7e:2b:fd:bc:bc:
2d:fd:61:fc
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZQm2Gr+om6g6K8vDMScFVXfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4OGNhYmY2ZjUyM2YyNmUyNjdkYjAzYjUyNDM0Nzg0MWFh
YWE0NjUwHhcNMjUwMTAyMTE0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yzc4YzY0MDA3OGQyNGYwNmQzYzI1MTNjYjhmODlmNzg2MTA5MGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjXZHfJ5njFvcocGE2e0evvsx8dr
EBd/F9UVfj4rFLvt5K9GAf3Bl4oF3sAFE3C4KutmkyRm/6HcXTr0appJ/AfZeQgq
zQzXSC5HmA0HkXqrzsBrjZ/BkHNXwk4qdscCF3tzItV9VzV1h6y+G176/J3qQboV
5KnZ/72OGZqlmeJCZlffnbZmJJnB41JsA79G1S5a3nMSGkvql5KKDhqlO9qYUCSW
g3CFwJ0CNq7c/v9WRYjEYskRqVn1lnEoJ1stEZkQJDul5LVAXqQQOzbLd6wbNnnv
PgO4PPnmo/C3ZHfOSM0LC5EOszMEXY1TQbfQsuTac8Uz4LcBXPjbWxmmlwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFEx4xkAHjSTwbTwlE8uPifeGEJD3MB8GA1UdIwQY
MBaAFFiMq/b1I/JuJn2wO1JDR4QaqqRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0l5cjl2VWo4bTRtZmJBN1VrTkhoQnFxcEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wMTg3ZDYtOGJmYy00YzU5LWE2YzQt
NmFkMzI1MmExNDI3LzEvVEhqR1FBZU5KUEJ0UENVVHk0LUo5NFlRa1BjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wMTg3ZDYtOGJmYy00YzU5LWE2YzQtNmFkMzI1MmExNDI3
LzEvV0l5cjl2VWo4bTRtZmJBN1VrTkhoQnFxcEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDAqBAIAATAkAwQFPt3AAwQC
Vm0QAwQCXn4gAwQEbe3QAwQCuRXwAwQCuVf4MCIEAgACMBwDBQAgARRgAwUDKgQc
wAMFAyoFxMADBQAqDXmAMA0GCSqGSIb3DQEBCwUAA4IBAQB3cyw7rSA25O+eg8N2
g4r9IowE1YnNVp6MmxR6/oZU5MbbYYYJpZnMBDHl/PS/HkkDC/8u/VSCnmjUhUYK
aEm4mV1mVAge7n/5Cwto9FWpBND/CIUVkhvpFzc5O8WfhpeuQAHiMhJBMEtCmbzY
QEHLgEOoJ8K8AZ3le2EwQB1d4Ov6bSuonVFGgD+VXFfZpbUJRIcqvSiY0r5kJGo5
w8AkGt+zApJgG3p3QuwcLiiZdsX9c92q+u5cQVFw4NyCUTGBQ7I9bJO1aS3Ah+8X
QTtS/w1xBDt/0b0IFhHHdKChKp2+vsQ+zO4uGXfmmiaQiL7Q/lACAzvVfiv9vLwt
/WH8
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:47:51 2025 by rpki-client