Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/0a3fff-1a42-4044-ae8f-7354a73bda7e/1/Jzi6jJ9SZ3rViS6uZE0u8bf720A.roa
File: Jzi6jJ9SZ3rViS6uZE0u8bf720A.roa (raw, json)
Hash identifier: eJjmExeoetRrFmsV6X8Y7xVRrkNxyQjjkQ/pmteWEY0=
Subject key identifier: 27:38:BA:8C:9F:52:67:7A:D5:89:2E:AE:64:4D:2E:F1:B7:FB:DB:40
Certificate issuer: /CN=9f6fb7954179a9666b4cb6afe346d1e21ec30e45
Certificate serial: 019426D8962073F4BFBCCE456441848427CC
Authority key identifier: 9F:6F:B7:95:41:79:A9:66:6B:4C:B6:AF:E3:46:D1:E2:1E:C3:0E:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n2-3lUF5qWZrTLav40bR4h7DDkU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/0a3fff-1a42-4044-ae8f-7354a73bda7e/1/Jzi6jJ9SZ3rViS6uZE0u8bf720A.roa
Signing time: Thu 02 Jan 2025 11:48:35 +0000
ROA not before: Thu 02 Jan 2025 11:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1200
IP address blocks: 91.200.16.0/22 maxlen: 22
91.236.189.0/24 maxlen: 24
185.55.136.0/22 maxlen: 22
185.55.136.0/24 maxlen: 24
185.55.137.0/24 maxlen: 24
185.55.138.0/24 maxlen: 24
185.55.139.0/24 maxlen: 24
193.105.101.0/24 maxlen: 24
195.60.82.128/26 maxlen: 26
195.69.144.0/22 maxlen: 22
195.69.145.0/24 maxlen: 24
2001:67c:1a8::/48 maxlen: 48
2001:7f8:1::/48 maxlen: 48
2a02:4b60::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:96:20:73:f4:bf:bc:ce:45:64:41:84:84:27:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f6fb7954179a9666b4cb6afe346d1e21ec30e45
Validity
Not Before: Jan 2 11:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2738ba8c9f52677ad5892eae644d2ef1b7fbdb40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:8e:63:43:75:7c:61:19:eb:03:7b:6c:79:79:
9a:03:f5:eb:61:22:6c:65:47:60:24:65:ee:57:39:
76:e4:b5:a9:7b:19:06:c4:81:52:1a:af:cd:89:19:
1e:91:4a:20:18:3c:78:13:07:b7:0b:6e:c4:05:66:
fb:f2:26:32:e8:32:d3:86:85:c0:53:b6:ac:df:d2:
aa:9c:81:64:14:ba:5d:75:ac:9d:1d:50:9f:a8:ab:
a9:ad:3d:2f:e9:3b:7a:ed:bc:f5:f7:50:25:4b:43:
8f:a5:ec:0f:a9:c3:ca:94:ba:6e:17:e7:93:dd:4b:
b9:75:01:b3:6b:af:8d:cb:a7:bd:08:d5:5f:55:53:
ab:81:ac:18:12:01:58:9d:13:0e:43:f9:c5:3c:b0:
fc:62:b3:c2:fa:f7:a0:65:b4:26:7a:a3:8a:a1:0f:
20:c5:6e:03:4e:95:6e:b2:1a:99:59:84:4d:8a:29:
ca:4a:c4:c8:51:45:0b:1e:cc:aa:36:9c:d9:61:9d:
bf:96:16:02:23:31:40:18:5a:1d:97:06:1a:54:ed:
c9:88:14:24:c3:49:ed:ba:53:d5:a8:16:8d:d0:99:
f1:08:2f:a5:57:c1:61:1a:5c:15:f5:99:30:2e:76:
8a:a5:0a:ca:10:b7:85:e3:8c:4b:8a:35:5e:96:52:
51:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:38:BA:8C:9F:52:67:7A:D5:89:2E:AE:64:4D:2E:F1:B7:FB:DB:40
X509v3 Authority Key Identifier:
keyid:9F:6F:B7:95:41:79:A9:66:6B:4C:B6:AF:E3:46:D1:E2:1E:C3:0E:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n2-3lUF5qWZrTLav40bR4h7DDkU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/0a3fff-1a42-4044-ae8f-7354a73bda7e/1/Jzi6jJ9SZ3rViS6uZE0u8bf720A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/0a3fff-1a42-4044-ae8f-7354a73bda7e/1/n2-3lUF5qWZrTLav40bR4h7DDkU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.16.0/22
91.236.189.0/24
185.55.136.0/22
193.105.101.0/24
195.60.82.128/26
195.69.144.0/22
IPv6:
2001:67c:1a8::/48
2001:7f8:1::/48
2a02:4b60::/32
Signature Algorithm: sha256WithRSAEncryption
5d:57:92:67:0d:48:96:e8:10:a9:65:37:c1:72:00:cc:fe:80:
3b:97:81:bb:58:36:bf:43:43:9a:ce:4b:2b:79:76:41:4c:42:
a8:70:9e:4b:44:b6:e2:75:e6:6d:1d:03:f9:fb:00:42:a0:ac:
fa:bb:ba:6b:aa:1f:fd:14:5b:ca:9f:dc:0a:e6:f1:6d:ff:7a:
be:ea:e6:e6:0c:c9:8c:bf:57:7c:4f:b4:a2:ed:94:ac:2c:94:
34:0c:05:22:e3:10:3f:d6:b9:a0:f1:20:7e:98:1c:47:8d:ce:
6c:fb:82:8a:07:e3:21:ed:51:61:ba:88:aa:89:e2:ec:b3:16:
64:45:b7:90:0b:d0:8b:2c:c5:21:c9:86:d1:b2:1a:c7:f6:d8:
05:39:a7:25:42:0f:e1:98:6f:0b:9e:26:b4:d7:e9:86:ef:f8:
a3:c2:41:a2:94:39:36:90:41:19:c2:17:fe:14:71:fa:10:25:
3d:c2:ad:82:20:cf:bd:c5:12:50:10:cb:db:8b:ff:6b:89:6b:
36:f6:24:d2:c8:74:39:42:03:ae:70:d0:19:a7:50:f0:ff:09:
b8:f9:0a:11:7b:c9:d5:98:a5:43:7b:7e:71:fb:66:b6:6f:aa:
cd:f2:35:c2:3c:84:3f:99:06:2c:c3:d7:11:97:04:c9:05:92:
93:5c:69:93
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZQm2JYgc/S/vM5FZEGEhCfMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNmZiNzk1NDE3OWE5NjY2YjRjYjZhZmUzNDZkMWUyMWVj
MzBlNDUwHhcNMjUwMTAyMTE0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzM4YmE4YzlmNTI2NzdhZDU4OTJlYWU2NDRkMmVmMWI3ZmJkYjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqo5jQ3V8YRnrA3tseXmaA/XrYSJs
ZUdgJGXuVzl25LWpexkGxIFSGq/NiRkekUogGDx4Ewe3C27EBWb78iYy6DLThoXA
U7as39KqnIFkFLpddaydHVCfqKuprT0v6Tt67bz191AlS0OPpewPqcPKlLpuF+eT
3Uu5dQGza6+Ny6e9CNVfVVOrgawYEgFYnRMOQ/nFPLD8YrPC+vegZbQmeqOKoQ8g
xW4DTpVushqZWYRNiinKSsTIUUULHsyqNpzZYZ2/lhYCIzFAGFodlwYaVO3JiBQk
w0ntulPVqBaN0JnxCC+lV8FhGlwV9ZkwLnaKpQrKELeF44xLijVellJRowIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFCc4uoyfUmd61YkurmRNLvG3+9tAMB8GA1UdIwQY
MBaAFJ9vt5VBealma0y2r+NG0eIeww5FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjItM2xVRjVxV1pyVExhdjQwYlI0aDdERGtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8wYTNmZmYtMWE0Mi00MDQ0LWFlOGYt
NzM1NGE3M2JkYTdlLzEvSnppNmpKOVNaM3JWaVM2dVpFMHU4YmY3MjBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8wYTNmZmYtMWE0Mi00MDQ0LWFlOGYtNzM1NGE3M2JkYTdl
LzEvbjItM2xVRjVxV1pyVExhdjQwYlI0aDdERGtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjArBAIAATAlAwQCW8gQAwQA
W+y9AwQCuTeIAwQAwWllAwUGwzxSgAMEAsNFkDAfBAIAAjAZAwcAIAEGfAGoAwcA
IAEH+AABAwUAKgJLYDANBgkqhkiG9w0BAQsFAAOCAQEAXVeSZw1IlugQqWU3wXIA
zP6AO5eBu1g2v0NDms5LK3l2QUxCqHCeS0S24nXmbR0D+fsAQqCs+ru6a6of/RRb
yp/cCubxbf96vurm5gzJjL9XfE+0ou2UrCyUNAwFIuMQP9a5oPEgfpgcR43ObPuC
igfjIe1RYbqIqoni7LMWZEW3kAvQiyzFIcmG0bIax/bYBTmnJUIP4ZhvC54mtNfp
hu/4o8JBopQ5NpBBGcIX/hRx+hAlPcKtgiDPvcUSUBDL24v/a4lrNvYk0sh0OUID
rnDQGadQ8P8JuPkKEXvJ1ZilQ3t+cftmtm+qzfI1wjyEP5kGLMPXEZcEyQWSk1xp
kw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 01:30:29 2025 by rpki-client