Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3c39f0-7e97-4ef7-8944-5ebd8eaee2c6/1/2eNuQu_p5ginCAZ1GWglFgX2Ois.roa
File: 2eNuQu_p5ginCAZ1GWglFgX2Ois.roa (raw, json)
Hash identifier: w05SWnwARvBa6z4mKj9c93WMw5hgy4MoXYoHU2TqLvA=
Subject key identifier: D9:E3:6E:42:EF:E9:E6:08:A7:08:06:75:19:68:25:16:05:F6:3A:2B
Certificate issuer: /CN=1dad7b9f1c49f8d13e1a67abcf2fba35b0a66d18
Certificate serial: 0194244490EFAA9682EFFD59E58F896FFAEB
Authority key identifier: 1D:AD:7B:9F:1C:49:F8:D1:3E:1A:67:AB:CF:2F:BA:35:B0:A6:6D:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ha17nxxJ-NE-Gmerzy-6NbCmbRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/3c39f0-7e97-4ef7-8944-5ebd8eaee2c6/1/2eNuQu_p5ginCAZ1GWglFgX2Ois.roa
Signing time: Wed 01 Jan 2025 23:47:40 +0000
ROA not before: Wed 01 Jan 2025 23:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50300
IP address blocks: 5.102.168.0/21 maxlen: 24
109.74.240.0/20 maxlen: 24
176.12.104.0/21 maxlen: 24
185.32.72.0/22 maxlen: 24
185.48.164.0/22 maxlen: 24
2a00:1c10::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:90:ef:aa:96:82:ef:fd:59:e5:8f:89:6f:fa:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1dad7b9f1c49f8d13e1a67abcf2fba35b0a66d18
Validity
Not Before: Jan 1 23:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9e36e42efe9e608a70806751968251605f63a2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3d:e4:62:98:75:82:96:07:48:65:94:cd:c2:
ac:ba:22:18:6c:85:93:d1:24:e3:05:0e:ac:36:02:
5a:48:15:d9:d4:32:67:03:43:6c:a3:d6:b4:42:e8:
d0:50:6e:ba:aa:77:b0:e4:a4:c0:3a:e8:fe:98:f5:
11:6f:a3:ec:f5:82:f6:3d:6c:a0:57:fb:32:ee:38:
2b:55:d6:df:82:43:8f:07:95:72:33:e1:17:a8:cd:
2d:c1:15:e6:8b:29:9b:43:c1:d5:a6:82:d9:f6:ec:
b8:5a:e4:8d:00:e8:46:8c:65:61:f5:8d:ff:4f:12:
4a:5d:7b:f6:1a:d0:9b:70:b6:a3:d6:ee:11:89:8e:
e5:c0:7e:ef:62:dd:e3:a8:99:e8:40:01:6a:38:ef:
5d:80:90:44:a7:94:e3:b5:4c:0e:b7:e0:47:27:f8:
24:05:35:13:27:40:70:8d:68:82:66:9d:fd:35:1c:
fe:5b:bf:25:d7:b1:43:f3:ac:c7:f2:06:3e:c1:97:
14:65:e0:ed:d9:82:23:f0:9d:5b:51:cb:3b:de:08:
35:98:fd:53:32:01:18:f6:4f:01:02:f4:c4:be:c0:
9f:c0:34:ec:1e:6a:77:df:50:e4:ae:ea:02:d9:d9:
1b:4e:f6:c1:85:87:43:4f:02:ba:63:3d:ad:c6:36:
24:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:E3:6E:42:EF:E9:E6:08:A7:08:06:75:19:68:25:16:05:F6:3A:2B
X509v3 Authority Key Identifier:
keyid:1D:AD:7B:9F:1C:49:F8:D1:3E:1A:67:AB:CF:2F:BA:35:B0:A6:6D:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ha17nxxJ-NE-Gmerzy-6NbCmbRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3c39f0-7e97-4ef7-8944-5ebd8eaee2c6/1/2eNuQu_p5ginCAZ1GWglFgX2Ois.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3c39f0-7e97-4ef7-8944-5ebd8eaee2c6/1/Ha17nxxJ-NE-Gmerzy-6NbCmbRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.168.0/21
109.74.240.0/20
176.12.104.0/21
185.32.72.0/22
185.48.164.0/22
IPv6:
2a00:1c10::/32
Signature Algorithm: sha256WithRSAEncryption
59:1a:dd:bc:fa:ae:03:49:99:01:3c:1e:39:00:db:68:1c:20:
01:b1:49:03:8d:47:0f:d3:cf:6f:0e:de:7d:a0:d0:3c:a8:89:
34:53:43:6c:4f:15:57:99:c2:f0:f8:38:85:06:a3:37:c4:1b:
4c:dc:1a:58:20:c3:4f:17:1a:d5:31:ca:f4:f8:25:f8:f7:9a:
0b:bf:8c:c6:9d:74:5c:22:8d:05:6a:e1:45:64:79:55:81:6c:
06:8b:2f:88:79:2e:e0:5b:0c:74:1c:2a:a4:59:11:cf:cc:91:
6b:1c:c2:ec:82:87:2e:8d:55:55:45:6d:e6:18:30:e0:5d:82:
54:ec:4c:94:da:6e:1a:a1:87:c0:2c:f0:ef:91:65:06:d3:f3:
d5:2b:f4:0b:29:36:66:7d:d4:6f:2b:28:d1:92:e8:9d:84:f5:
ef:b8:7b:16:be:52:3b:2e:24:da:59:ff:e9:e8:9a:fc:1a:7a:
86:fc:96:4e:1f:6a:bd:28:5d:37:b8:61:fd:99:65:d6:03:c1:
9f:32:32:71:9b:57:6c:8b:23:4f:21:d8:d9:23:c8:ca:01:f6:
c8:a4:2d:f0:bf:de:8b:f9:b9:f1:79:c8:80:34:be:89:1a:43:
66:3a:ce:bd:67:48:04:72:83:2a:99:a6:61:1f:d4:ac:69:21:
63:5f:a3:63
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQkRJDvqpaC7/1Z5Y+Jb/rrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYWQ3YjlmMWM0OWY4ZDEzZTFhNjdhYmNmMmZiYTM1YjBh
NjZkMTgwHhcNMjUwMTAxMjM0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWUzNmU0MmVmZTllNjA4YTcwODA2NzUxOTY4MjUxNjA1ZjYzYTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvD3kYph1gpYHSGWUzcKsuiIYbIWT
0STjBQ6sNgJaSBXZ1DJnA0Nso9a0QujQUG66qnew5KTAOuj+mPURb6Ps9YL2PWyg
V/sy7jgrVdbfgkOPB5VyM+EXqM0twRXmiymbQ8HVpoLZ9uy4WuSNAOhGjGVh9Y3/
TxJKXXv2GtCbcLaj1u4RiY7lwH7vYt3jqJnoQAFqOO9dgJBEp5TjtUwOt+BHJ/gk
BTUTJ0BwjWiCZp39NRz+W78l17FD86zH8gY+wZcUZeDt2YIj8J1bUcs73gg1mP1T
MgEY9k8BAvTEvsCfwDTsHmp331DkruoC2dkbTvbBhYdDTwK6Yz2txjYkWQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNnjbkLv6eYIpwgGdRloJRYF9jorMB8GA1UdIwQY
MBaAFB2te58cSfjRPhpnq88vujWwpm0YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGExN254eEotTkUtR21lcnp5LTZOYkNtYlJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zYzM5ZjAtN2U5Ny00ZWY3LTg5NDQt
NWViZDhlYWVlMmM2LzEvMmVOdVF1X3A1Z2luQ0FaMUdXZ2xGZ1gyT2lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zYzM5ZjAtN2U5Ny00ZWY3LTg5NDQtNWViZDhlYWVlMmM2
LzEvSGExN254eEotTkUtR21lcnp5LTZOYkNtYlJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDBWaoAwQE
bUrwAwQDsAxoAwQCuSBIAwQCuTCkMA0EAgACMAcDBQAqABwQMA0GCSqGSIb3DQEB
CwUAA4IBAQBZGt28+q4DSZkBPB45ANtoHCABsUkDjUcP089vDt59oNA8qIk0U0Ns
TxVXmcLw+DiFBqM3xBtM3BpYIMNPFxrVMcr0+CX495oLv4zGnXRcIo0FauFFZHlV
gWwGiy+IeS7gWwx0HCqkWRHPzJFrHMLsgocujVVVRW3mGDDgXYJU7EyU2m4aoYfA
LPDvkWUG0/PVK/QLKTZmfdRvKyjRkuidhPXvuHsWvlI7LiTaWf/p6Jr8GnqG/JZO
H2q9KF03uGH9mWXWA8GfMjJxm1dsiyNPIdjZI8jKAfbIpC3wv96L+bnxeciANL6J
GkNmOs69Z0gEcoMqmaZhH9SsaSFjX6Nj
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:33:33 2025 by rpki-client