Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/rAmx9XjxCuYGvxfSf71xhihe3BI.roa
File: rAmx9XjxCuYGvxfSf71xhihe3BI.roa (raw, json)
Hash identifier: 1+sd9v6vR4AcZCeDXzjtwTFpg6Wsz3Cp03jN1aXFFo4=
Subject key identifier: AC:09:B1:F5:78:F1:0A:E6:06:BF:17:D2:7F:BD:71:86:28:5E:DC:12
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 0194180BE01B7CB62660239F163F522481E8
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/rAmx9XjxCuYGvxfSf71xhihe3BI.roa
Signing time: Mon 30 Dec 2024 14:50:18 +0000
ROA not before: Mon 30 Dec 2024 14:50:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 139.28.48.0/23 maxlen: 23
139.28.50.0/23 maxlen: 23
139.28.240.0/23 maxlen: 23
139.28.242.0/23 maxlen: 23
176.53.156.0/23 maxlen: 23
176.53.158.0/23 maxlen: 23
193.32.204.0/23 maxlen: 23
193.32.206.0/23 maxlen: 23
193.38.44.0/23 maxlen: 23
193.38.46.0/23 maxlen: 23
193.187.132.0/23 maxlen: 23
194.93.48.0/23 maxlen: 23
194.93.50.0/23 maxlen: 23
194.93.60.0/23 maxlen: 23
194.93.62.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:18:0b:e0:1b:7c:b6:26:60:23:9f:16:3f:52:24:81:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Dec 30 14:50:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac09b1f578f10ae606bf17d27fbd7186285edc12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:3f:69:95:f4:b4:f0:5c:6d:eb:ef:27:e1:71:
a8:72:dc:45:f1:8d:6b:21:c1:6a:45:b9:e7:32:a7:
a4:2f:76:ce:f4:7e:be:5d:1d:ed:52:a4:b0:28:1c:
3f:26:70:0f:18:0f:79:00:07:68:50:fc:85:7c:f8:
e2:76:2c:b5:fd:0f:e4:b1:f0:9d:bf:62:8b:79:55:
08:60:dc:a5:41:bc:8d:2e:4e:02:41:44:48:a0:54:
8b:b8:9e:aa:03:9a:b2:06:8e:9e:a1:ed:4e:37:b4:
3a:0b:17:55:d3:94:66:aa:69:69:63:df:22:b3:31:
0e:e5:5a:7d:ce:11:15:9a:9d:d1:62:a3:ac:52:34:
7f:59:85:4f:3c:52:14:2f:dd:8d:ee:cb:20:28:64:
f8:c9:6e:4b:84:cc:94:96:e0:9d:8f:ca:bf:00:77:
fe:ee:10:c8:57:c3:ef:c5:30:10:89:f7:cb:ae:24:
73:e9:84:c4:bf:6c:b4:42:0f:51:5e:54:2c:eb:38:
71:f9:4a:f5:99:8c:17:a9:39:6b:a9:7b:d4:27:d4:
ea:e8:a9:94:a2:37:b9:fa:d4:7e:c4:70:33:28:a1:
7b:9b:a0:73:2b:a5:c8:53:1f:59:fd:83:7b:16:58:
b0:5b:42:49:15:e2:d6:22:6b:ca:44:c2:24:88:df:
12:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:09:B1:F5:78:F1:0A:E6:06:BF:17:D2:7F:BD:71:86:28:5E:DC:12
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/rAmx9XjxCuYGvxfSf71xhihe3BI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.48.0/22
139.28.240.0/22
176.53.156.0/22
193.32.204.0/22
193.38.44.0/22
193.187.132.0/23
194.93.48.0/22
194.93.60.0/22
Signature Algorithm: sha256WithRSAEncryption
ae:6a:57:e2:2c:d1:98:a9:be:fb:7f:e8:2d:aa:de:94:f3:1e:
e8:44:46:96:75:c5:4a:21:64:68:1b:e0:d7:70:3b:17:53:d7:
50:d9:40:a5:2d:c0:bc:e5:9b:fe:8e:4f:ac:88:a0:0a:1d:bd:
16:4a:8e:19:12:c7:41:ac:24:01:14:18:61:24:4f:79:5d:d6:
3e:48:55:0b:0d:6e:d6:e8:b1:42:7c:a8:0f:bc:cc:ea:8e:df:
48:dc:0f:0e:de:da:d6:c1:f3:97:71:f5:a9:ea:dc:4e:d2:27:
e8:75:8a:d2:72:ef:5e:24:aa:c1:a8:73:bb:7d:d0:f7:ad:42:
10:67:21:f6:f2:4a:27:98:06:5d:6b:5d:f2:ac:33:fe:54:dc:
9a:11:d2:aa:77:92:59:2e:e9:f4:5f:c8:85:bd:c5:7e:c1:1d:
e1:69:db:90:32:b0:6b:e6:15:ba:7e:53:aa:53:3f:65:81:0e:
18:25:94:1d:e4:0f:b7:6e:8f:97:cd:8e:86:4c:1c:8f:69:ef:
cc:8e:1f:e1:e9:45:73:67:51:6c:eb:1e:8e:e7:73:77:41:3c:
96:a6:a1:8b:27:16:1e:70:07:ff:e1:e0:8a:01:1f:94:54:81:
10:4d:78:0a:7e:ad:ee:b3:2d:61:55:fc:ba:bd:68:4c:b0:cc:
cb:83:8e:4e
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQYC+AbfLYmYCOfFj9SJIHoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjQxMjMwMTQ1MDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzA5YjFmNTc4ZjEwYWU2MDZiZjE3ZDI3ZmJkNzE4NjI4NWVkYzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8z9plfS08Fxt6+8n4XGoctxF8Y1r
IcFqRbnnMqekL3bO9H6+XR3tUqSwKBw/JnAPGA95AAdoUPyFfPjidiy1/Q/ksfCd
v2KLeVUIYNylQbyNLk4CQURIoFSLuJ6qA5qyBo6eoe1ON7Q6CxdV05RmqmlpY98i
szEO5Vp9zhEVmp3RYqOsUjR/WYVPPFIUL92N7ssgKGT4yW5LhMyUluCdj8q/AHf+
7hDIV8PvxTAQiffLriRz6YTEv2y0Qg9RXlQs6zhx+Ur1mYwXqTlrqXvUJ9Tq6KmU
oje5+tR+xHAzKKF7m6BzK6XIUx9Z/YN7FliwW0JJFeLWImvKRMIkiN8S5QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFKwJsfV48QrmBr8X0n+9cYYoXtwSMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvckFteDlYanhDdVlHdnhmU2Y3MXhoaWhlM0JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCixwwAwQC
ixzwAwQCsDWcAwQCwSDMAwQCwSYsAwQBwbuEAwQCwl0wAwQCwl08MA0GCSqGSIb3
DQEBCwUAA4IBAQCualfiLNGYqb77f+gtqt6U8x7oREaWdcVKIWRoG+DXcDsXU9dQ
2UClLcC85Zv+jk+siKAKHb0WSo4ZEsdBrCQBFBhhJE95XdY+SFULDW7W6LFCfKgP
vMzqjt9I3A8O3trWwfOXcfWp6txO0ifodYrScu9eJKrBqHO7fdD3rUIQZyH28kon
mAZda13yrDP+VNyaEdKqd5JZLun0X8iFvcV+wR3haduQMrBr5hW6flOqUz9lgQ4Y
JZQd5A+3bo+XzY6GTByPae/Mjh/h6UVzZ1Fs6x6O53N3QTyWpqGLJxYecAf/4eCK
AR+UVIEQTXgKfq3usy1hVfy6vWhMsMzLg45O
-----END CERTIFICATE-----
Generated at Fri Apr 18 12:42:54 2025 by rpki-client