Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/f891c4-19ac-437c-b782-e1487a54c1e5/1/dYkQua5WhbFXO1rro2ZBTmTi5ak.roa
File: dYkQua5WhbFXO1rro2ZBTmTi5ak.roa (raw, json)
Hash identifier: 7+ifBlco706sKWOweWSkXcCzg5XIlet661PdjQ3A/uE=
Subject key identifier: 75:89:10:B9:AE:56:85:B1:57:3B:5A:EB:A3:66:41:4E:64:E2:E5:A9
Certificate issuer: /CN=94a32e445c24ded9b85212d479b88008165ebdba
Certificate serial: 0194228E22AC030830C2FC98D49A5BFBD28C
Authority key identifier: 94:A3:2E:44:5C:24:DE:D9:B8:52:12:D4:79:B8:80:08:16:5E:BD:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lKMuRFwk3tm4UhLUebiACBZevbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/f891c4-19ac-437c-b782-e1487a54c1e5/1/dYkQua5WhbFXO1rro2ZBTmTi5ak.roa
Signing time: Wed 01 Jan 2025 15:48:47 +0000
ROA not before: Wed 01 Jan 2025 15:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29608
IP address blocks: 37.60.152.0/21 maxlen: 21
79.143.240.0/20 maxlen: 20
178.20.64.0/21 maxlen: 21
185.101.208.0/22 maxlen: 22
185.152.24.0/22 maxlen: 22
185.152.24.0/23 maxlen: 23
185.152.26.0/23 maxlen: 23
185.170.80.0/22 maxlen: 22
185.226.48.0/22 maxlen: 22
193.30.224.0/22 maxlen: 22
193.46.252.0/24 maxlen: 24
193.47.70.0/24 maxlen: 24
193.47.75.0/24 maxlen: 24
193.47.86.0/24 maxlen: 24
193.239.192.0/23 maxlen: 23
2a01:678::/29 maxlen: 29
2a01:40c0::/29 maxlen: 29
2a07:81c0::/29 maxlen: 29
2a0f:8340::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:22:ac:03:08:30:c2:fc:98:d4:9a:5b:fb:d2:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94a32e445c24ded9b85212d479b88008165ebdba
Validity
Not Before: Jan 1 15:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=758910b9ae5685b1573b5aeba366414e64e2e5a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:c6:4b:59:bd:4d:75:f6:52:32:37:8f:51:f8:
27:5f:a9:19:a3:ec:95:a3:5a:c1:43:d5:26:e7:3c:
af:83:72:b7:12:c7:2c:49:15:c8:0d:0b:68:8c:63:
c3:94:1e:0e:8b:4c:e6:52:8d:5d:54:d8:89:08:00:
e9:c8:5d:ef:7d:51:54:e9:0c:f3:8b:d6:49:fe:30:
72:3b:6f:f0:de:d0:fb:2b:ac:78:03:a7:88:b2:0b:
97:ef:05:5e:41:8f:36:8e:a1:9d:b3:12:cd:e1:4c:
7e:87:eb:14:11:ac:25:6a:8e:12:cb:4c:9f:59:7f:
3f:68:ea:51:11:5e:2e:6b:2b:bc:ba:3d:27:75:f1:
53:4b:ae:16:9e:32:16:4d:f6:30:63:5b:5a:8a:e9:
08:d8:62:96:cb:1f:0f:3d:94:ce:72:2d:7d:aa:17:
cd:5d:81:2c:8f:1f:e8:ba:3d:c2:f0:a9:9a:92:3b:
83:da:01:ea:ee:97:e5:5a:98:37:6e:26:c2:83:fb:
a1:2e:61:e7:c0:aa:1c:1e:59:07:51:d9:d2:97:00:
f2:16:46:e9:9e:12:8b:84:63:e1:e3:d8:36:f5:78:
df:74:47:24:8b:e2:6b:b4:b0:e2:c0:d9:72:a4:3b:
88:2b:9b:f6:b6:aa:d5:bc:27:7c:77:e1:9a:0d:21:
3a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:89:10:B9:AE:56:85:B1:57:3B:5A:EB:A3:66:41:4E:64:E2:E5:A9
X509v3 Authority Key Identifier:
keyid:94:A3:2E:44:5C:24:DE:D9:B8:52:12:D4:79:B8:80:08:16:5E:BD:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lKMuRFwk3tm4UhLUebiACBZevbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f891c4-19ac-437c-b782-e1487a54c1e5/1/dYkQua5WhbFXO1rro2ZBTmTi5ak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f891c4-19ac-437c-b782-e1487a54c1e5/1/lKMuRFwk3tm4UhLUebiACBZevbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.60.152.0/21
79.143.240.0/20
178.20.64.0/21
185.101.208.0/22
185.152.24.0/22
185.170.80.0/22
185.226.48.0/22
193.30.224.0/22
193.46.252.0/24
193.47.70.0/24
193.47.75.0/24
193.47.86.0/24
193.239.192.0/23
IPv6:
2a01:678::/29
2a01:40c0::/29
2a07:81c0::/29
2a0f:8340::/29
Signature Algorithm: sha256WithRSAEncryption
65:14:52:54:92:b9:1c:13:85:cb:76:99:ee:86:f0:c3:7e:09:
69:f6:65:b1:b0:3d:21:94:9d:ba:70:65:15:cf:d2:04:1d:1d:
11:24:e4:c3:0f:67:cb:49:96:08:32:21:bd:62:e0:2f:82:dd:
cb:f6:8e:b5:d8:cc:f3:9d:0f:17:2f:0f:33:ba:49:20:e0:74:
eb:5c:cf:9c:ee:ca:71:f1:35:79:49:a8:20:ce:56:27:6a:b0:
fb:c1:9c:59:e6:ae:9c:61:0f:d8:e1:8d:44:72:7a:d9:34:5d:
97:50:52:90:0b:0f:3b:59:bd:00:2d:ad:8d:f1:4e:de:f6:7c:
79:5f:0e:3f:40:7f:63:c3:18:2e:63:5d:36:eb:2d:87:34:e4:
9f:b9:2a:ed:af:a6:d0:76:e2:55:55:6a:a9:10:e1:e8:ed:0e:
f6:9f:7c:c0:0f:b6:ca:9a:62:d9:0c:c2:08:a1:91:6a:66:77:
35:0b:7d:00:b4:b2:31:cd:44:93:b4:98:8e:c1:f0:33:a5:6f:
d8:c0:dd:47:14:5a:90:45:03:7d:25:f5:23:c8:85:a0:e5:fb:
7f:50:e9:33:5b:3e:cc:b1:28:47:6e:c2:8c:ba:f3:88:93:d1:
ef:1a:95:e8:1c:0b:81:33:cf:5e:c1:0a:30:97:ff:28:b4:93:
51:a0:8f:09
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZQijiKsAwgwwvyY1Jpb+9KMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0YTMyZTQ0NWMyNGRlZDliODUyMTJkNDc5Yjg4MDA4MTY1
ZWJkYmEwHhcNMjUwMTAxMTU0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTg5MTBiOWFlNTY4NWIxNTczYjVhZWJhMzY2NDE0ZTY0ZTJlNWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksZLWb1NdfZSMjePUfgnX6kZo+yV
o1rBQ9Um5zyvg3K3EscsSRXIDQtojGPDlB4Oi0zmUo1dVNiJCADpyF3vfVFU6Qzz
i9ZJ/jByO2/w3tD7K6x4A6eIsguX7wVeQY82jqGdsxLN4Ux+h+sUEawlao4Sy0yf
WX8/aOpREV4uayu8uj0ndfFTS64WnjIWTfYwY1taiukI2GKWyx8PPZTOci19qhfN
XYEsjx/ouj3C8KmakjuD2gHq7pflWpg3bibCg/uhLmHnwKocHlkHUdnSlwDyFkbp
nhKLhGPh49g29XjfdEcki+JrtLDiwNlypDuIK5v2tqrVvCd8d+GaDSE6vwIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFHWJELmuVoWxVzta66NmQU5k4uWpMB8GA1UdIwQY
MBaAFJSjLkRcJN7ZuFIS1Hm4gAgWXr26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEtNdVJGd2szdG00VWhMVWViaUFDQlpldmJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9mODkxYzQtMTlhYy00MzdjLWI3ODIt
ZTE0ODdhNTRjMWU1LzEvZFlrUXVhNVdoYkZYTzFycm8yWkJUbVRpNWFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9mODkxYzQtMTlhYy00MzdjLWI3ODItZTE0ODdhNTRjMWU1
LzEvbEtNdVJGd2szdG00VWhMVWViaUFDQlpldmJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHowVAQCAAEwTgMEAyU8mAME
BE+P8AMEA7IUQAMEArll0AMEArmYGAMEArmqUAMEArniMAMEAsEe4AMEAMEu/AME
AMEvRgMEAMEvSwMEAMEvVgMEAcHvwDAiBAIAAjAcAwUDKgEGeAMFAyoBQMADBQMq
B4HAAwUDKg+DQDANBgkqhkiG9w0BAQsFAAOCAQEAZRRSVJK5HBOFy3aZ7obww34J
afZlsbA9IZSdunBlFc/SBB0dESTkww9ny0mWCDIhvWLgL4Ldy/aOtdjM850PFy8P
M7pJIOB061zPnO7KcfE1eUmoIM5WJ2qw+8GcWeaunGEP2OGNRHJ62TRdl1BSkAsP
O1m9AC2tjfFO3vZ8eV8OP0B/Y8MYLmNdNusthzTkn7kq7a+m0HbiVVVqqRDh6O0O
9p98wA+2yppi2QzCCKGRamZ3NQt9ALSyMc1Ek7SYjsHwM6Vv2MDdRxRakEUDfSX1
I8iFoOX7f1DpM1s+zLEoR27CjLrziJPR7xqV6BwLgTPPXsEKMJf/KLSTUaCPCQ==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:54:18 2025 by rpki-client