Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/5BljUjMfEvc5wP2pAdzMiYGcnio.roa
File: 5BljUjMfEvc5wP2pAdzMiYGcnio.roa (raw, json)
Hash identifier: XDpfRWDDIZrOkVRDCOz9LBMiBouL10+cWzvFma4AwzQ=
Subject key identifier: E4:19:63:52:33:1F:12:F7:39:C0:FD:A9:01:DC:CC:89:81:9C:9E:2A
Certificate issuer: /CN=60fcd55b9130858d8ea583c0987dad00f614db39
Certificate serial: 0193F9288FDFB02F9A70C46CFEB580403138
Authority key identifier: 60:FC:D5:5B:91:30:85:8D:8E:A5:83:C0:98:7D:AD:00:F6:14:DB:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YPzVW5EwhY2OpYPAmH2tAPYU2zk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/5BljUjMfEvc5wP2pAdzMiYGcnio.roa
Signing time: Tue 24 Dec 2024 14:53:25 +0000
ROA not before: Tue 24 Dec 2024 14:53:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398464
IP address blocks: 195.64.122.0/24 maxlen: 24
2a10:d501::/32 maxlen: 32
2a14:2500::/29 maxlen: 29
2a14:2700::/29 maxlen: 29
2a14:2b00::/29 maxlen: 29
2a14:2d00::/29 maxlen: 29
2a14:2f00::/29 maxlen: 29
2a14:3300::/29 maxlen: 29
2a14:3500::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f9:28:8f:df:b0:2f:9a:70:c4:6c:fe:b5:80:40:31:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60fcd55b9130858d8ea583c0987dad00f614db39
Validity
Not Before: Dec 24 14:53:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4196352331f12f739c0fda901dccc89819c9e2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a2:94:d1:3c:f8:00:f0:84:fe:90:f5:d2:a1:
0a:c1:fd:09:67:33:60:74:db:f6:87:e6:2c:68:a3:
3a:0b:00:6f:6a:8e:b2:43:21:bb:65:f6:23:e9:6e:
b2:ca:44:78:fe:b9:d1:39:df:8f:0a:a6:87:87:3f:
77:33:7a:24:74:5b:eb:b9:34:76:b1:5d:2e:43:59:
6a:e6:4a:ca:5f:78:67:cf:5b:dc:1f:38:d0:e0:2a:
47:96:b8:55:5d:f0:1d:86:29:4f:8a:8e:56:b1:59:
ce:f1:05:e9:87:0e:4a:c2:07:25:16:45:c8:6e:29:
86:12:7a:68:1b:22:dc:23:f5:8d:ec:13:77:fe:8f:
6d:7a:ec:9c:c5:e4:85:5b:69:6c:92:97:69:e5:ff:
25:8f:e2:9b:7a:f0:d3:16:34:0c:96:10:f5:96:73:
32:9a:8e:dd:2b:f3:1d:01:63:61:00:58:bb:a6:94:
de:02:6c:70:e1:a8:08:05:71:a1:b8:57:32:a2:47:
14:38:15:30:55:da:8f:88:96:de:20:94:1d:bb:bd:
bd:15:eb:c2:fd:ca:f0:dd:27:36:36:55:21:90:d4:
0b:6a:d4:f1:dc:e0:52:5a:59:67:cb:ba:ad:d6:7c:
2a:78:69:bf:20:2c:d4:f1:d2:f2:0a:84:86:32:b6:
31:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:19:63:52:33:1F:12:F7:39:C0:FD:A9:01:DC:CC:89:81:9C:9E:2A
X509v3 Authority Key Identifier:
keyid:60:FC:D5:5B:91:30:85:8D:8E:A5:83:C0:98:7D:AD:00:F6:14:DB:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YPzVW5EwhY2OpYPAmH2tAPYU2zk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/5BljUjMfEvc5wP2pAdzMiYGcnio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/YPzVW5EwhY2OpYPAmH2tAPYU2zk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.64.122.0/24
IPv6:
2a10:d501::/32
2a14:2500::/29
2a14:2700::/29
2a14:2b00::/29
2a14:2d00::/29
2a14:2f00::/29
2a14:3300::/29
2a14:3500::/29
Signature Algorithm: sha256WithRSAEncryption
98:96:98:38:ca:3d:0d:11:92:0d:d4:8e:f7:98:91:eb:04:15:
7c:d8:4d:8e:7d:5c:1a:8c:be:33:62:fd:1a:a3:cd:1b:23:df:
36:8d:e3:a7:3b:93:6a:61:db:9f:92:1b:e6:50:91:b9:6c:82:
8f:e7:b7:34:98:7a:36:ef:20:7d:61:43:84:b5:07:5a:fa:a6:
46:f3:b5:df:c9:16:1e:7e:cc:c3:d2:d1:91:4c:a4:cd:cc:37:
5b:f3:d3:e3:c9:d8:41:ea:47:77:87:f9:74:be:dc:3a:de:d6:
e8:40:14:ad:56:c2:b3:dd:29:a3:bf:b5:8d:7f:49:bd:c3:a1:
91:f3:dd:64:d6:f4:ef:64:b8:15:44:1b:f2:da:75:27:b7:a4:
41:b9:2b:3b:28:62:bc:9d:87:f2:30:03:d7:64:83:61:7b:c7:
ca:a8:e6:03:d4:75:d7:9e:cd:5d:30:a0:ee:6c:96:4d:a5:63:
86:43:e3:3b:90:c7:47:e9:61:8b:e7:69:ad:3f:e0:a4:2f:90:
ac:55:6a:5d:7d:24:ac:1b:45:92:07:74:0f:60:48:dd:a6:57:
2a:3b:0d:b2:05:03:a9:56:d2:71:6b:cd:59:f5:f4:45:50:22:
d4:39:91:29:39:aa:29:e9:41:0e:7f:8c:b3:cf:a1:d9:d6:52:
7a:a5:5f:3f
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZP5KI/fsC+acMRs/rWAQDE4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZmNkNTViOTEzMDg1OGQ4ZWE1ODNjMDk4N2RhZDAwZjYx
NGRiMzkwHhcNMjQxMjI0MTQ1MzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDE5NjM1MjMzMWYxMmY3MzljMGZkYTkwMWRjY2M4OTgxOWM5ZTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6KU0Tz4APCE/pD10qEKwf0JZzNg
dNv2h+YsaKM6CwBvao6yQyG7ZfYj6W6yykR4/rnROd+PCqaHhz93M3okdFvruTR2
sV0uQ1lq5krKX3hnz1vcHzjQ4CpHlrhVXfAdhilPio5WsVnO8QXphw5KwgclFkXI
bimGEnpoGyLcI/WN7BN3/o9teuycxeSFW2lskpdp5f8lj+KbevDTFjQMlhD1lnMy
mo7dK/MdAWNhAFi7ppTeAmxw4agIBXGhuFcyokcUOBUwVdqPiJbeIJQdu729FevC
/crw3Sc2NlUhkNQLatTx3OBSWllny7qt1nwqeGm/ICzU8dLyCoSGMrYxrwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFOQZY1IzHxL3OcD9qQHczImBnJ4qMB8GA1UdIwQY
MBaAFGD81VuRMIWNjqWDwJh9rQD2FNs5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVB6Vlc1RXdoWTJPcFlQQW1IMnRBUFlVMnprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84MjIzM2QtZWMwNy00MmZiLTg3OTkt
ZWQzMGI5YmIxMmQ1LzEvNUJsalVqTWZFdmM1d1AycEFkek1pWUdjbmlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84MjIzM2QtZWMwNy00MmZiLTg3OTktZWQzMGI5YmIxMmQ1
LzEvWVB6Vlc1RXdoWTJPcFlQQW1IMnRBUFlVMnprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAMBAIAATAGAwQAw0B6MD4E
AgACMDgDBQAqENUBAwUDKhQlAAMFAyoUJwADBQMqFCsAAwUDKhQtAAMFAyoULwAD
BQMqFDMAAwUDKhQ1ADANBgkqhkiG9w0BAQsFAAOCAQEAmJaYOMo9DRGSDdSO95iR
6wQVfNhNjn1cGoy+M2L9GqPNGyPfNo3jpzuTamHbn5Ib5lCRuWyCj+e3NJh6Nu8g
fWFDhLUHWvqmRvO138kWHn7Mw9LRkUykzcw3W/PT48nYQepHd4f5dL7cOt7W6EAU
rVbCs90po7+1jX9JvcOhkfPdZNb072S4FUQb8tp1J7ekQbkrOyhivJ2H8jAD12SD
YXvHyqjmA9R1157NXTCg7myWTaVjhkPjO5DHR+lhi+dprT/gpC+QrFVqXX0krBtF
kgd0D2BI3aZXKjsNsgUDqVbScWvNWfX0RVAi1DmRKTmqKelBDn+Ms8+h2dZSeqVf
Pw==
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:02:14 2025 by rpki-client