Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/sWZRdmMpBHz2idbF4HSTGiq_F6c.roa
File: sWZRdmMpBHz2idbF4HSTGiq_F6c.roa (raw, json)
Hash identifier: JrXlhxc1uz6mNYBDe5zpugF3LjBZ1wrKrP0rHydNq08=
Subject key identifier: B1:66:51:76:63:29:04:7C:F6:89:D6:C5:E0:74:93:1A:2A:BF:17:A7
Certificate issuer: /CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Certificate serial: 0193DE868D139643FF55C2EEF24BFE068BB5
Authority key identifier: 0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/sWZRdmMpBHz2idbF4HSTGiq_F6c.roa
Signing time: Thu 19 Dec 2024 10:46:20 +0000
ROA not before: Thu 19 Dec 2024 10:46:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58289
IP address blocks: 91.147.111.0/24 maxlen: 24
92.240.243.0/24 maxlen: 24
185.162.234.0/24 maxlen: 24
193.43.251.0/24 maxlen: 24
194.31.133.0/24 maxlen: 24
194.31.135.0/24 maxlen: 24
212.108.87.0/24 maxlen: 24
2a0e:6600::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:de:86:8d:13:96:43:ff:55:c2:ee:f2:4b:fe:06:8b:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Validity
Not Before: Dec 19 10:46:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b16651766329047cf689d6c5e074931a2abf17a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:63:80:db:a6:5c:15:86:8e:b4:b9:47:d5:dc:
01:45:49:44:36:83:d2:90:0b:78:ca:73:17:24:a7:
af:98:32:6c:6c:37:7f:7b:64:fb:65:34:25:ea:b4:
fe:eb:b5:31:ba:e4:f0:7e:88:3b:7e:e4:3a:a1:71:
d1:59:25:74:f1:21:2e:35:69:14:55:6d:a6:4b:ab:
45:e7:a3:f3:7d:95:51:1b:e2:95:e6:71:67:38:bd:
1f:84:b1:9f:0b:06:bd:a3:49:03:97:4b:d9:c4:8e:
09:8c:b3:9d:60:19:18:ec:1b:99:ab:47:5d:ce:3f:
6a:78:b0:6f:e0:61:0d:16:d5:ca:f2:9b:73:6c:9c:
7a:44:2f:7b:55:3e:ba:78:60:71:45:6d:a8:2b:cf:
52:42:85:62:76:90:7c:ca:c9:78:04:4a:28:cc:a8:
01:13:07:ab:84:82:87:0a:08:d6:73:18:a2:3a:8a:
d2:d6:46:72:9b:00:1c:84:94:0e:2e:d6:a6:27:11:
ee:a7:b5:59:b3:43:cd:c4:72:23:03:c2:25:06:85:
6f:50:1c:ad:1e:74:99:5d:85:b1:a0:bc:ae:22:f3:
de:ce:40:2f:5d:29:07:4d:85:1f:40:0c:bf:8b:56:
62:d5:a4:79:4e:a4:02:a9:4f:12:8e:f5:24:b2:e1:
56:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:66:51:76:63:29:04:7C:F6:89:D6:C5:E0:74:93:1A:2A:BF:17:A7
X509v3 Authority Key Identifier:
keyid:0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/sWZRdmMpBHz2idbF4HSTGiq_F6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.111.0/24
92.240.243.0/24
185.162.234.0/24
193.43.251.0/24
194.31.133.0/24
194.31.135.0/24
212.108.87.0/24
IPv6:
2a0e:6600::/48
Signature Algorithm: sha256WithRSAEncryption
3a:0a:f0:44:5b:90:45:f2:4c:98:f9:43:cb:bd:ce:05:9d:31:
1f:48:79:92:f7:c3:c4:f2:13:33:08:27:38:a4:cd:d1:ad:f6:
d3:9f:7e:d0:46:5e:ae:fb:79:7b:76:71:0c:68:13:04:46:72:
f7:50:16:47:00:0e:36:77:7e:9c:9c:84:0a:7e:07:02:6e:83:
6f:6a:33:c9:3a:02:8c:56:f7:68:a6:83:d0:b5:ed:29:5e:57:
94:79:8a:88:64:f7:60:1e:9d:be:04:d0:81:f3:4a:d1:7a:74:
a6:d7:03:8a:a9:78:9f:41:94:7b:95:de:bd:1c:c9:0c:66:18:
10:94:72:f8:34:e2:7d:6f:77:27:2d:a0:d9:5a:d6:90:f5:e4:
07:93:05:9c:eb:e2:e9:b6:90:48:89:49:ef:e8:69:12:27:b6:
6c:1b:f4:1d:1d:2b:3e:5c:62:16:3a:15:7a:89:76:ea:09:c8:
4e:e1:6a:22:97:9b:e2:fc:b9:04:23:fa:d2:80:42:18:61:bd:
05:79:49:f6:13:00:dc:58:6e:f0:ff:b9:79:e3:6b:96:b3:e1:
4e:19:5e:bc:d8:21:16:00:56:61:fd:a4:56:d1:78:64:44:01:
5c:0f:d6:e7:70:e1:76:94:17:13:13:80:cd:46:f1:be:47:ea:
53:5a:95:ed
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZPeho0TlkP/VcLu8kv+Bou1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNzMyNzgwNWRmMjBmYjVjMWQ2ZjRlODkwNzQ3NDNjYWVi
MjRhZjcwHhcNMjQxMjE5MTA0NjIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTY2NTE3NjYzMjkwNDdjZjY4OWQ2YzVlMDc0OTMxYTJhYmYxN2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmOA26ZcFYaOtLlH1dwBRUlENoPS
kAt4ynMXJKevmDJsbDd/e2T7ZTQl6rT+67UxuuTwfog7fuQ6oXHRWSV08SEuNWkU
VW2mS6tF56PzfZVRG+KV5nFnOL0fhLGfCwa9o0kDl0vZxI4JjLOdYBkY7BuZq0dd
zj9qeLBv4GENFtXK8ptzbJx6RC97VT66eGBxRW2oK89SQoVidpB8ysl4BEoozKgB
EwerhIKHCgjWcxiiOorS1kZymwAchJQOLtamJxHup7VZs0PNxHIjA8IlBoVvUByt
HnSZXYWxoLyuIvPezkAvXSkHTYUfQAy/i1Zi1aR5TqQCqU8SjvUksuFWVwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFLFmUXZjKQR89onWxeB0kxoqvxenMB8GA1UdIwQY
MBaAFApzJ4Bd8g+1wdb06JB0dDyuskr3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEt
MTBiYjQ1NzlkNTI4LzEvc1daUmRtTXBCSHoyaWRiRjRIU1RHaXFfRjZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEtMTBiYjQ1NzlkNTI4
LzEvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAwBAIAATAqAwQAW5NvAwQA
XPDzAwQAuaLqAwQAwSv7AwQAwh+FAwQAwh+HAwQA1GxXMA8EAgACMAkDBwAqDmYA
AAAwDQYJKoZIhvcNAQELBQADggEBADoK8ERbkEXyTJj5Q8u9zgWdMR9IeZL3w8Ty
EzMIJzikzdGt9tOfftBGXq77eXt2cQxoEwRGcvdQFkcADjZ3fpychAp+BwJug29q
M8k6AoxW92img9C17SleV5R5iohk92Aenb4E0IHzStF6dKbXA4qpeJ9BlHuV3r0c
yQxmGBCUcvg04n1vdyctoNla1pD15AeTBZzr4um2kEiJSe/oaRIntmwb9B0dKz5c
YhY6FXqJduoJyE7haiKXm+L8uQQj+tKAQhhhvQV5SfYTANxYbvD/uXnja5az4U4Z
XrzYIRYAVmH9pFbReGREAVwP1udw4XaUFxMTgM1G8b5H6lNale0=
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:49:30 2025 by rpki-client