Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/aRxTrgemq4hRFH_HS8qBjpNV8EE.roa
File: aRxTrgemq4hRFH_HS8qBjpNV8EE.roa (raw, json)
Hash identifier: SaGgbJM9Gc7pVylouQfh0fSoGpMnHPtzmOswAQ4aFm8=
Subject key identifier: 69:1C:53:AE:07:A6:AB:88:51:14:7F:C7:4B:CA:81:8E:93:55:F0:41
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 0194244510844A7F60D7E3F3A752C49AE093
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/aRxTrgemq4hRFH_HS8qBjpNV8EE.roa
Signing time: Wed 01 Jan 2025 23:48:13 +0000
ROA not before: Wed 01 Jan 2025 23:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26548
IP address blocks: 91.198.230.0/24 maxlen: 24
91.199.3.0/24 maxlen: 24
193.33.66.0/24 maxlen: 24
193.37.133.0/24 maxlen: 24
193.109.221.0/24 maxlen: 24
193.135.13.0/24 maxlen: 24
193.176.237.0/24 maxlen: 24
193.193.164.0/24 maxlen: 24
194.56.255.0/24 maxlen: 24
194.107.125.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:10:84:4a:7f:60:d7:e3:f3:a7:52:c4:9a:e0:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Jan 1 23:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=691c53ae07a6ab8851147fc74bca818e9355f041
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e3:cc:30:fd:03:b9:5c:09:e7:4b:65:81:33:
7b:01:3a:7b:8e:3c:83:2e:b4:b2:38:af:8e:2c:dd:
a8:15:97:dc:0b:5b:fd:e8:74:19:28:c0:4f:9c:8d:
0d:37:af:f6:6f:45:44:2c:3a:97:b8:f1:dd:9c:ec:
90:01:74:3f:5b:40:78:41:90:49:ae:a5:b2:c3:ff:
1c:f5:15:c9:a5:03:94:ca:15:c5:d2:0c:c8:20:6b:
f2:b7:6e:6c:85:4c:67:72:93:77:1c:3d:75:9c:32:
5b:f9:5c:0d:88:5e:d1:36:58:2f:98:ed:42:09:5e:
e9:bc:98:1a:9a:84:78:cf:c3:fc:92:43:af:31:4e:
10:c9:77:5d:a3:d7:38:b2:23:ef:25:dc:7b:71:67:
fd:21:1e:dc:fc:01:82:94:da:34:66:8a:6f:a9:42:
1c:58:66:b5:35:eb:ec:ce:a4:81:c9:df:df:87:11:
1e:f3:2e:4f:06:6d:f9:f7:db:be:4a:ec:6b:81:f7:
8e:aa:5d:8f:5f:54:65:32:50:9e:e2:2d:ba:da:e7:
0b:b2:01:82:5b:6d:5a:1d:a0:99:93:fb:75:b3:21:
26:cb:f3:87:9f:26:dd:11:df:09:e3:4e:08:0d:5a:
8f:96:50:8f:89:81:79:ec:95:ca:e4:51:29:94:80:
3d:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:1C:53:AE:07:A6:AB:88:51:14:7F:C7:4B:CA:81:8E:93:55:F0:41
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/aRxTrgemq4hRFH_HS8qBjpNV8EE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.230.0/24
91.199.3.0/24
193.33.66.0/24
193.37.133.0/24
193.109.221.0/24
193.135.13.0/24
193.176.237.0/24
193.193.164.0/24
194.56.255.0/24
194.107.125.0/24
Signature Algorithm: sha256WithRSAEncryption
14:4f:83:0c:89:24:c2:68:69:75:ea:87:f8:42:a7:fa:72:40:
82:81:c8:ed:b0:70:17:c2:b4:23:99:2a:0f:ab:d0:2a:c8:b0:
07:37:09:08:7e:5c:4d:d5:6b:db:b1:c2:07:a6:99:9b:07:a2:
12:44:85:40:52:c4:74:ac:02:4b:fa:ed:14:f1:81:bb:29:cb:
47:bb:90:1e:28:7c:44:f6:c6:d5:e4:5d:d5:b1:22:bf:58:b5:
8d:bc:91:cd:a9:fd:e3:f0:77:db:a8:1c:f8:60:12:9d:d5:33:
b8:a7:99:38:da:08:de:ba:a6:6d:f5:81:4b:a9:72:b4:1b:1d:
50:72:db:e6:6d:78:43:ba:74:63:5d:29:11:66:52:08:8d:c6:
b9:fd:b9:15:ce:e8:a6:9b:24:06:ad:72:42:28:51:64:6d:15:
2d:47:bd:55:b3:26:46:20:0d:65:ff:a9:34:65:73:db:7c:d1:
64:fc:92:e7:69:c6:05:a1:d3:7e:92:2e:b4:3a:29:86:f3:33:
c1:17:fb:28:74:a4:24:57:de:f3:64:ad:77:d4:78:e2:2e:91:
ac:87:77:26:3c:55:04:44:d6:8d:4b:a9:93:38:91:6b:43:c2:
eb:9b:e6:89:f7:e4:38:1b:09:78:a8:5c:0c:e7:37:d6:33:48:
34:23:d9:af
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZQkRRCESn9g1+Pzp1LEmuCTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjUwMTAxMjM0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTFjNTNhZTA3YTZhYjg4NTExNDdmYzc0YmNhODE4ZTkzNTVmMDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouPMMP0DuVwJ50tlgTN7ATp7jjyD
LrSyOK+OLN2oFZfcC1v96HQZKMBPnI0NN6/2b0VELDqXuPHdnOyQAXQ/W0B4QZBJ
rqWyw/8c9RXJpQOUyhXF0gzIIGvyt25shUxncpN3HD11nDJb+VwNiF7RNlgvmO1C
CV7pvJgamoR4z8P8kkOvMU4QyXddo9c4siPvJdx7cWf9IR7c/AGClNo0ZopvqUIc
WGa1NevszqSByd/fhxEe8y5PBm3599u+SuxrgfeOql2PX1RlMlCe4i262ucLsgGC
W21aHaCZk/t1syEmy/OHnybdEd8J404IDVqPllCPiYF57JXK5FEplIA9YQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFGkcU64HpquIURR/x0vKgY6TVfBBMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvYVJ4VHJnZW1xNGhSRkhfSFM4cUJqcE5WOEVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAW8bmAwQA
W8cDAwQAwSFCAwQAwSWFAwQAwW3dAwQAwYcNAwQAwbDtAwQAwcGkAwQAwjj/AwQA
wmt9MA0GCSqGSIb3DQEBCwUAA4IBAQAUT4MMiSTCaGl16of4Qqf6ckCCgcjtsHAX
wrQjmSoPq9AqyLAHNwkIflxN1WvbscIHppmbB6ISRIVAUsR0rAJL+u0U8YG7KctH
u5AeKHxE9sbV5F3VsSK/WLWNvJHNqf3j8HfbqBz4YBKd1TO4p5k42gjeuqZt9YFL
qXK0Gx1QctvmbXhDunRjXSkRZlIIjca5/bkVzuimmyQGrXJCKFFkbRUtR71VsyZG
IA1l/6k0ZXPbfNFk/JLnacYFodN+ki60OimG8zPBF/sodKQkV97zZK131HjiLpGs
h3cmPFUERNaNS6mTOJFrQ8Lrm+aJ9+Q4Gwl4qFwM5zfWM0g0I9mv
-----END CERTIFICATE-----
Generated at Sat Apr 12 04:49:14 2025 by rpki-client