Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/DRufDlLXrJ-OL7jxUMgY47v2K_I.roa
File: DRufDlLXrJ-OL7jxUMgY47v2K_I.roa (raw, json)
Hash identifier: z/VRDRCyQpkJ83Y8M4Bdp3VLdEt9qKTzojqnDcKFBO0=
Subject key identifier: 0D:1B:9F:0E:52:D7:AC:9F:8E:2F:B8:F1:50:C8:18:E3:BB:F6:2B:F2
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 019422FBC4D435CAF073AD00A331D6A0EE90
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/DRufDlLXrJ-OL7jxUMgY47v2K_I.roa
Signing time: Wed 01 Jan 2025 17:48:32 +0000
ROA not before: Wed 01 Jan 2025 17:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 139.28.48.0/23 maxlen: 23
139.28.50.0/23 maxlen: 23
139.28.240.0/23 maxlen: 23
139.28.242.0/23 maxlen: 23
176.53.156.0/23 maxlen: 23
176.53.158.0/23 maxlen: 23
193.32.204.0/23 maxlen: 23
193.32.206.0/23 maxlen: 23
193.38.44.0/23 maxlen: 23
193.38.46.0/23 maxlen: 23
193.187.132.0/23 maxlen: 23
194.93.48.0/23 maxlen: 23
194.93.50.0/23 maxlen: 23
194.93.60.0/23 maxlen: 23
194.93.62.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:c4:d4:35:ca:f0:73:ad:00:a3:31:d6:a0:ee:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Jan 1 17:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d1b9f0e52d7ac9f8e2fb8f150c818e3bbf62bf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:84:54:03:08:2f:ad:32:a5:29:c8:c2:4c:b7:
6a:c5:e0:cb:9b:04:28:26:ad:b5:9e:77:3c:bf:f0:
27:8c:06:bd:c7:67:b4:8e:14:58:4a:fc:ed:86:fe:
b6:87:bf:ca:7e:52:c4:7c:3f:bb:04:5d:65:67:cb:
40:f0:e2:97:5f:76:9e:d0:48:b6:fd:62:d8:33:68:
7a:c9:76:92:a6:bb:9b:b8:ff:ba:ec:84:34:62:40:
a6:5a:b1:7e:47:37:31:9b:49:7b:c2:f7:98:1e:41:
9b:02:0b:2a:cf:01:4a:fa:fa:c0:e7:0d:a0:0f:7e:
47:13:a9:2e:9b:0f:e9:b1:88:f8:42:f4:df:c0:b5:
c0:be:40:4f:79:6a:0a:c4:39:5c:b1:86:f2:56:bf:
c2:5c:50:a7:9b:23:3a:3b:65:74:dd:c5:ee:44:53:
00:11:e0:e1:1d:a4:a5:73:97:a8:5a:be:2d:74:0b:
a7:fe:00:76:68:a0:8b:30:1b:5e:26:08:ca:a0:3e:
63:d9:c5:60:8b:bb:25:9e:d7:a6:fc:64:90:81:5a:
5d:76:78:5c:97:6e:cc:a4:06:40:af:17:80:40:c3:
7b:c1:82:0f:e6:3d:b2:ba:5c:99:7a:21:2e:3d:48:
29:3f:49:8f:1a:b4:d9:a0:b6:71:fa:7d:38:46:d4:
ae:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:1B:9F:0E:52:D7:AC:9F:8E:2F:B8:F1:50:C8:18:E3:BB:F6:2B:F2
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/DRufDlLXrJ-OL7jxUMgY47v2K_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.48.0/22
139.28.240.0/22
176.53.156.0/22
193.32.204.0/22
193.38.44.0/22
193.187.132.0/23
194.93.48.0/22
194.93.60.0/22
Signature Algorithm: sha256WithRSAEncryption
38:84:85:8d:5a:75:ff:ce:84:f3:a7:5e:46:07:0b:b7:5d:bc:
af:d4:b1:99:26:42:ea:a8:79:c6:b4:e9:28:b4:bb:34:c0:ab:
98:7d:cc:2c:e7:92:54:a0:34:6b:c9:4e:3d:67:31:2b:b5:9f:
78:e8:c1:bb:6d:e7:f2:5e:b7:ca:00:c8:01:3b:b9:f6:5b:6a:
05:e4:0b:00:3a:10:ba:de:9e:db:fd:dc:da:2d:0f:5f:c8:7d:
87:4f:99:73:82:da:a4:b0:8a:63:36:91:0f:25:b8:a0:97:4a:
08:71:0b:3d:6c:37:19:d2:7a:6b:ac:0f:74:9e:16:f1:ad:f5:
02:d4:82:e3:0d:fd:8d:70:72:af:72:5c:71:d0:1f:b8:31:84:
ca:b0:1f:bd:3c:f4:b8:3a:40:85:47:71:89:c1:cf:5b:f2:db:
8a:ad:13:1d:7e:2c:7b:82:d2:f2:35:76:c3:87:73:65:b1:6b:
5c:0d:d7:4f:25:74:94:6b:37:6a:39:1e:10:9a:3e:80:98:90:
2f:57:7c:37:58:eb:82:a8:80:da:72:a8:7a:5c:8d:fa:91:40:
9a:ea:05:15:28:c3:c8:ba:77:01:0b:4f:65:18:69:29:f2:d6:
2b:4b:49:56:ef:e8:b9:e7:d6:e4:df:c7:0b:ed:35:0c:d1:f4:
86:31:cb:8c
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQi+8TUNcrwc60AozHWoO6QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjUwMTAxMTc0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDFiOWYwZTUyZDdhYzlmOGUyZmI4ZjE1MGM4MThlM2JiZjYyYmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoRUAwgvrTKlKcjCTLdqxeDLmwQo
Jq21nnc8v/AnjAa9x2e0jhRYSvzthv62h7/KflLEfD+7BF1lZ8tA8OKXX3ae0Ei2
/WLYM2h6yXaSprubuP+67IQ0YkCmWrF+Rzcxm0l7wveYHkGbAgsqzwFK+vrA5w2g
D35HE6kumw/psYj4QvTfwLXAvkBPeWoKxDlcsYbyVr/CXFCnmyM6O2V03cXuRFMA
EeDhHaSlc5eoWr4tdAun/gB2aKCLMBteJgjKoD5j2cVgi7slntem/GSQgVpddnhc
l27MpAZArxeAQMN7wYIP5j2yulyZeiEuPUgpP0mPGrTZoLZx+n04RtSuDQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFA0bnw5S16yfji+48VDIGOO79ivyMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvRFJ1ZkRsTFhySi1PTDdqeFVNZ1k0N3YyS19JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCixwwAwQC
ixzwAwQCsDWcAwQCwSDMAwQCwSYsAwQBwbuEAwQCwl0wAwQCwl08MA0GCSqGSIb3
DQEBCwUAA4IBAQA4hIWNWnX/zoTzp15GBwu3Xbyv1LGZJkLqqHnGtOkotLs0wKuY
fcws55JUoDRryU49ZzErtZ946MG7befyXrfKAMgBO7n2W2oF5AsAOhC63p7b/dza
LQ9fyH2HT5lzgtqksIpjNpEPJbigl0oIcQs9bDcZ0nprrA90nhbxrfUC1ILjDf2N
cHKvclxx0B+4MYTKsB+9PPS4OkCFR3GJwc9b8tuKrRMdfix7gtLyNXbDh3NlsWtc
DddPJXSUazdqOR4Qmj6AmJAvV3w3WOuCqIDacqh6XI36kUCa6gUVKMPIuncBC09l
GGkp8tYrS0lW7+i559bk38cL7TUM0fSGMcuM
-----END CERTIFICATE-----
Generated at Fri Apr 18 12:27:40 2025 by rpki-client