Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/SXWEcE2XbrcPPSq_txwH-dhLRP4.roa
File: SXWEcE2XbrcPPSq_txwH-dhLRP4.roa (raw, json)
Hash identifier: MJLQrELuRN6vp47hGJfIoqEMDBs7OUbbkLLrje5j/0I=
Subject key identifier: 49:75:84:70:4D:97:6E:B7:0F:3D:2A:BF:B7:1C:07:F9:D8:4B:44:FE
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 019427472AA9DA54A100A274EF6C50A568E7
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/SXWEcE2XbrcPPSq_txwH-dhLRP4.roa
Signing time: Thu 02 Jan 2025 13:49:22 +0000
ROA not before: Thu 02 Jan 2025 13:49:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47952
IP address blocks: 91.106.216.0/24 maxlen: 24
91.106.217.0/24 maxlen: 24
91.106.218.0/24 maxlen: 24
91.106.219.0/24 maxlen: 24
185.185.235.0/24 maxlen: 24
193.35.204.0/24 maxlen: 24
193.35.205.0/24 maxlen: 24
193.35.206.0/24 maxlen: 24
193.35.207.0/24 maxlen: 24
194.127.116.0/24 maxlen: 24
194.127.117.0/24 maxlen: 24
194.127.118.0/24 maxlen: 24
194.127.119.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:2a:a9:da:54:a1:00:a2:74:ef:6c:50:a5:68:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 2 13:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=497584704d976eb70f3d2abfb71c07f9d84b44fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e1:2f:8f:fa:67:c4:fc:45:f4:40:71:d3:07:
e3:54:40:c7:d6:b7:d0:be:67:e8:5e:b3:08:c4:e1:
d2:c4:db:24:19:1e:f3:f1:a8:cc:ea:3a:11:48:91:
45:35:5c:23:c9:bf:30:7e:3d:2f:31:7b:b3:40:6a:
71:ae:f9:35:03:96:30:52:fc:da:c4:38:ca:09:11:
f5:8e:21:ee:09:0c:12:22:06:02:a4:ca:ad:d5:84:
ed:21:c2:ee:16:41:4c:51:c3:c4:34:cc:8a:5b:b5:
55:cd:a7:ac:e2:0b:c6:07:7c:2b:c7:be:cd:dd:fe:
9e:1d:48:d3:3a:05:98:d7:85:69:42:54:af:e1:8f:
1c:b3:27:4a:45:29:27:db:5a:fd:a9:2d:89:f1:9b:
c4:ec:0b:9f:01:9e:41:22:22:95:af:e0:c4:9d:42:
99:58:d9:6c:fb:73:79:3e:38:f8:cb:c1:6c:e3:1d:
bf:b4:3e:b5:a6:ab:b1:32:6c:be:df:cd:22:4c:39:
fa:67:6c:d9:61:6c:bd:70:09:30:c2:bf:d3:b6:b7:
27:9d:22:7b:f5:64:05:2b:f4:9d:c9:f8:8a:11:2d:
04:6d:53:f4:fa:4d:dd:10:77:45:88:21:2f:56:16:
7d:9b:c2:a0:a4:fd:47:9c:86:4e:7d:be:33:aa:21:
fb:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:75:84:70:4D:97:6E:B7:0F:3D:2A:BF:B7:1C:07:F9:D8:4B:44:FE
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/SXWEcE2XbrcPPSq_txwH-dhLRP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.216.0/22
185.185.235.0/24
193.35.204.0/22
194.127.116.0/22
Signature Algorithm: sha256WithRSAEncryption
27:d4:82:0e:e9:e7:db:8d:c3:07:9c:36:85:ab:ba:ae:21:b9:
b6:ef:4f:a6:d3:29:60:ea:d6:2c:45:e7:9d:be:8a:73:b5:9a:
da:d1:a9:59:3b:fd:83:48:d2:a7:b1:b6:79:2b:75:93:87:1d:
df:2f:12:bc:9e:45:a5:56:2f:b9:df:0a:74:98:41:cb:9b:fb:
a9:da:36:15:12:0d:4c:49:5e:dd:e1:c0:56:3b:24:d9:4a:dc:
3f:5e:79:83:a5:a6:9b:0b:a2:0f:a1:e0:b6:16:41:56:54:bf:
91:18:e4:c7:32:64:76:ee:d7:74:ff:5f:9c:a3:8b:58:06:50:
46:f9:de:05:e1:47:dd:7d:c1:d4:77:f2:92:32:89:52:08:07:
2c:ef:cd:fa:1e:ad:83:5e:b7:b1:73:c1:11:4a:45:76:e5:b4:
a8:19:1c:eb:1a:b8:82:ef:51:16:21:e1:47:aa:ad:2e:bb:82:
70:1d:e2:44:75:f2:47:9e:36:58:ab:9f:5b:83:a3:0d:83:d5:
99:fb:e7:14:3f:8f:93:31:cb:2d:03:cf:cc:3e:0f:a2:a0:e0:
66:4b:48:56:78:cd:35:43:ca:7d:8f:a6:68:6e:2c:7b:b0:d1:
7e:69:7c:0d:b8:03:ae:99:fb:a4:8c:f8:2a:b7:8e:98:48:06:
94:dc:62:c8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQnRyqp2lShAKJ072xQpWjnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwMTAyMTM0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTc1ODQ3MDRkOTc2ZWI3MGYzZDJhYmZiNzFjMDdmOWQ4NGI0NGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+Evj/pnxPxF9EBx0wfjVEDH1rfQ
vmfoXrMIxOHSxNskGR7z8ajM6joRSJFFNVwjyb8wfj0vMXuzQGpxrvk1A5YwUvza
xDjKCRH1jiHuCQwSIgYCpMqt1YTtIcLuFkFMUcPENMyKW7VVzaes4gvGB3wrx77N
3f6eHUjTOgWY14VpQlSv4Y8csydKRSkn21r9qS2J8ZvE7AufAZ5BIiKVr+DEnUKZ
WNls+3N5Pjj4y8Fs4x2/tD61pquxMmy+380iTDn6Z2zZYWy9cAkwwr/TtrcnnSJ7
9WQFK/SdyfiKES0EbVP0+k3dEHdFiCEvVhZ9m8KgpP1HnIZOfb4zqiH7/wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEl1hHBNl263Dz0qv7ccB/nYS0T+MB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvU1hXRWNFMlhicmNQUFNxX3R4d0gtZGhMUlA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW2rYAwQA
ubnrAwQCwSPMAwQCwn90MA0GCSqGSIb3DQEBCwUAA4IBAQAn1IIO6efbjcMHnDaF
q7quIbm270+m0ylg6tYsReedvopztZra0alZO/2DSNKnsbZ5K3WThx3fLxK8nkWl
Vi+53wp0mEHLm/up2jYVEg1MSV7d4cBWOyTZStw/XnmDpaabC6IPoeC2FkFWVL+R
GOTHMmR27td0/1+co4tYBlBG+d4F4UfdfcHUd/KSMolSCAcs7836Hq2DXrexc8ER
SkV25bSoGRzrGriC71EWIeFHqq0uu4JwHeJEdfJHnjZYq59bg6MNg9WZ++cUP4+T
McstA8/MPg+ioOBmS0hWeM01Q8p9j6Zobix7sNF+aXwNuAOumfukjPgqt46YSAaU
3GLI
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:13:51 2025 by rpki-client