Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/vQwx6cGSIAT7m9K8R35GzUVPtvc.roa
File: vQwx6cGSIAT7m9K8R35GzUVPtvc.roa (raw, json)
Hash identifier: zbCFg7Xh1dqpHRv2DApSfzHkCmAjvg9jJtigoE/GHhk=
Subject key identifier: BD:0C:31:E9:C1:92:20:04:FB:9B:D2:BC:47:7E:46:CD:45:4F:B6:F7
Certificate issuer: /CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Certificate serial: 01942669E2AB862FB8A9D6F8CF9324B851F7
Authority key identifier: 30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/vQwx6cGSIAT7m9K8R35GzUVPtvc.roa
Signing time: Thu 02 Jan 2025 09:47:41 +0000
ROA not before: Thu 02 Jan 2025 09:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 91.198.117.0/24 maxlen: 24
185.109.132.0/24 maxlen: 24
185.109.133.0/24 maxlen: 24
185.109.134.0/24 maxlen: 24
185.109.135.0/24 maxlen: 24
185.146.152.0/24 maxlen: 24
185.146.154.0/24 maxlen: 24
185.146.155.0/24 maxlen: 24
2a07:4f80::/44 maxlen: 44
2a07:4f80::/48 maxlen: 48
2a07:4f80:10::/44 maxlen: 44
2a07:4f80:20::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:69:e2:ab:86:2f:b8:a9:d6:f8:cf:93:24:b8:51:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Validity
Not Before: Jan 2 09:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd0c31e9c1922004fb9bd2bc477e46cd454fb6f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:db:35:cc:73:0e:5c:66:7c:ee:41:64:57:06:
5c:0e:ef:22:f0:9e:cf:38:5a:05:69:f4:37:0a:e8:
8b:f3:ae:25:07:96:df:89:ea:8a:89:58:25:e3:3d:
1f:39:9a:4c:10:19:b9:d4:33:e0:53:21:bd:ce:a1:
29:5f:95:f7:a3:22:1f:c8:e0:a2:4b:61:e1:86:64:
2e:52:3d:5a:90:d4:a7:f0:07:5f:e1:a4:e2:09:18:
0b:35:29:8e:34:54:67:9d:c0:ba:4a:44:b1:2e:d2:
c8:cc:8f:7b:4f:f7:dc:8e:7a:97:6c:2c:5f:df:2c:
00:bb:dc:e0:d6:76:98:44:6f:af:bd:2c:cf:96:fa:
5f:d8:c6:ce:ed:3a:28:b9:0b:d7:97:8a:f4:dd:08:
12:fb:a3:fc:b1:4b:c5:82:46:9e:36:c7:15:4b:37:
02:ab:b0:bc:6e:b4:81:bb:27:6f:dc:56:f5:d7:2e:
c0:75:1a:34:dd:4a:3b:20:2c:0d:97:04:ca:f7:4d:
5b:0f:99:47:9b:0f:22:64:f7:a5:01:8b:a6:96:20:
f0:da:5f:f3:b9:5a:7d:e1:a1:d0:69:8b:e2:56:98:
38:04:5d:8c:d5:23:41:03:7d:c8:0c:a0:80:e1:a2:
ba:e4:30:fd:6d:ee:0a:00:bf:0c:9b:b9:fd:1d:2c:
5c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:0C:31:E9:C1:92:20:04:FB:9B:D2:BC:47:7E:46:CD:45:4F:B6:F7
X509v3 Authority Key Identifier:
keyid:30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/vQwx6cGSIAT7m9K8R35GzUVPtvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/MAVrA3XYlLk8sOJtm01koIxYNx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.117.0/24
185.109.132.0/22
185.146.152.0/24
185.146.154.0/23
IPv6:
2a07:4f80::-2a07:4f80:20:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0d:1d:1e:59:89:83:c3:eb:45:63:10:57:03:ae:4f:30:dd:66:
1b:d4:99:9b:6a:fa:33:fd:1e:1f:39:a1:52:42:48:0a:d5:40:
9f:55:38:0c:bd:78:ab:e6:8c:1a:ac:f1:9b:9e:ca:ad:0a:8a:
bc:cf:29:47:3f:ac:38:e2:a9:e0:ba:2f:a1:2b:b1:a7:0d:7d:
a5:fc:14:3b:45:d5:e7:1c:cd:a7:1f:fb:86:81:2a:6e:81:40:
35:cd:b9:36:c8:6d:66:50:cf:9b:0e:98:78:74:e9:0e:fe:4e:
f5:d2:42:07:e8:bc:31:1b:98:5c:fb:02:02:a9:f6:98:09:35:
ee:1b:34:85:85:b9:f0:7a:1b:43:f8:07:80:50:d8:1b:0e:8d:
93:f5:ee:9f:ac:4f:d7:48:b6:30:05:04:06:f9:2c:c4:97:4b:
27:13:30:f7:05:b3:e3:35:11:b2:68:ba:e2:b0:f7:4c:07:b5:
39:60:9b:03:a0:38:1a:57:65:60:48:40:60:73:ad:e0:3e:43:
9d:3d:e3:d0:91:52:00:f8:99:02:e6:e0:f6:3e:7c:ba:7d:73:
02:e6:42:78:1c:78:5f:5c:75:40:27:55:c8:9e:6d:06:51:f9:
e6:fc:18:40:11:f4:11:82:6d:2c:86:ac:5e:61:5a:79:52:c3:
74:6a:4f:41
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZQmaeKrhi+4qdb4z5MkuFH3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMDU2YjAzNzVkODk0YjkzY2IwZTI2ZDliNGQ2NGEwOGM1
ODM3MWUwHhcNMjUwMTAyMDk0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDBjMzFlOWMxOTIyMDA0ZmI5YmQyYmM0NzdlNDZjZDQ1NGZiNmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9s1zHMOXGZ87kFkVwZcDu8i8J7P
OFoFafQ3CuiL864lB5bfieqKiVgl4z0fOZpMEBm51DPgUyG9zqEpX5X3oyIfyOCi
S2HhhmQuUj1akNSn8Adf4aTiCRgLNSmONFRnncC6SkSxLtLIzI97T/fcjnqXbCxf
3ywAu9zg1naYRG+vvSzPlvpf2MbO7ToouQvXl4r03QgS+6P8sUvFgkaeNscVSzcC
q7C8brSBuydv3Fb11y7AdRo03Uo7ICwNlwTK901bD5lHmw8iZPelAYumliDw2l/z
uVp94aHQaYviVpg4BF2M1SNBA33IDKCA4aK65DD9be4KAL8Mm7n9HSxc3wIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFL0MMenBkiAE+5vSvEd+Rs1FT7b3MB8GA1UdIwQY
MBaAFDAFawN12JS5PLDibZtNZKCMWDceMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEt
MTFiNGFmYmVkZTE5LzEvdlF3eDZjR1NJQVQ3bTlLOFIzNUd6VVZQdHZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEtMTFiNGFmYmVkZTE5
LzEvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAeBAIAATAYAwQAW8Z1AwQC
uW2EAwQAuZKYAwQBuZKaMBgEAgACMBIwEAMFByoHT4ADBwAqB0+AACAwDQYJKoZI
hvcNAQELBQADggEBAA0dHlmJg8PrRWMQVwOuTzDdZhvUmZtq+jP9Hh85oVJCSArV
QJ9VOAy9eKvmjBqs8Zueyq0KirzPKUc/rDjiqeC6L6ErsacNfaX8FDtF1ecczacf
+4aBKm6BQDXNuTbIbWZQz5sOmHh06Q7+TvXSQgfovDEbmFz7AgKp9pgJNe4bNIWF
ufB6G0P4B4BQ2BsOjZP17p+sT9dItjAFBAb5LMSXSycTMPcFs+M1EbJouuKw90wH
tTlgmwOgOBpXZWBIQGBzreA+Q50949CRUgD4mQLm4PY+fLp9cwLmQngceF9cdUAn
VciebQZR+eb8GEAR9BGCbSyGrF5hWnlSw3RqT0E=
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:42:04 2025 by rpki-client