Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/lQEp2HEPrjUkaRZ-il1Gf6X7PHU.roa
File: lQEp2HEPrjUkaRZ-il1Gf6X7PHU.roa (raw, json)
Hash identifier: PheSrwo5NFiJAe3nUdpliJZNFxZCoiuaGVE5hHJgo+U=
Subject key identifier: 95:01:29:D8:71:0F:AE:35:24:69:16:7E:8A:5D:46:7F:A5:FB:3C:75
Certificate issuer: /CN=5d39d15bd2fcc84771ba6aa29aa54428b21cef60
Certificate serial: 0194C67E73E092BB163509764A9198E3C6C4
Authority key identifier: 5D:39:D1:5B:D2:FC:C8:47:71:BA:6A:A2:9A:A5:44:28:B2:1C:EF:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTnRW9L8yEdxumqimqVEKLIc72A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/lQEp2HEPrjUkaRZ-il1Gf6X7PHU.roa
Signing time: Sun 02 Feb 2025 11:49:23 +0000
ROA not before: Sun 02 Feb 2025 11:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34093
IP address blocks: 46.231.72.0/21 maxlen: 21
88.81.64.0/19 maxlen: 19
91.187.32.0/19 maxlen: 19
92.61.80.0/20 maxlen: 20
185.82.236.0/22 maxlen: 22
193.42.128.0/22 maxlen: 22
217.197.144.0/20 maxlen: 20
2a03:1600::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c6:7e:73:e0:92:bb:16:35:09:76:4a:91:98:e3:c6:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d39d15bd2fcc84771ba6aa29aa54428b21cef60
Validity
Not Before: Feb 2 11:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=950129d8710fae352469167e8a5d467fa5fb3c75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:96:ac:54:36:0f:f3:1b:be:a0:88:21:1a:82:
a2:7f:1a:55:c6:88:40:f3:cd:d2:91:ef:22:da:a3:
b5:53:6a:0e:86:dc:ac:5c:61:ba:96:fc:62:a3:8b:
51:ee:4b:6c:a4:5d:0a:2a:a7:a9:f9:47:6e:de:dd:
5f:ba:29:1c:b6:f5:58:48:6a:bf:b4:84:b2:0e:4c:
39:9e:bc:63:fa:24:6d:93:9c:5d:55:25:65:31:ae:
02:49:22:a4:ea:9a:00:21:8e:17:5d:2d:f4:24:89:
4f:a7:b3:12:99:14:c8:7c:9b:18:92:8f:31:31:19:
a2:d6:a4:0b:d2:b4:01:a4:4d:ec:69:fd:0b:ab:68:
00:d9:bd:98:f0:fa:e0:30:3e:06:5f:ad:c9:bb:30:
85:af:22:c6:82:0e:53:9c:45:5e:7a:8d:d4:99:a0:
86:ad:04:d9:b8:a9:6a:2e:a9:99:23:61:52:fa:d2:
bb:2c:07:42:25:80:b0:bc:1d:5d:1b:c1:a6:2e:21:
60:16:8d:a7:2d:02:3a:8e:39:c0:c5:8e:59:7a:4a:
0d:78:9d:36:db:30:4f:74:2f:42:d8:c8:bc:13:8f:
ad:cb:9d:2c:de:6c:70:84:05:92:0e:b1:12:b8:c4:
fe:91:ef:db:65:16:08:1e:3d:2d:39:0c:8a:99:bc:
a4:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:01:29:D8:71:0F:AE:35:24:69:16:7E:8A:5D:46:7F:A5:FB:3C:75
X509v3 Authority Key Identifier:
keyid:5D:39:D1:5B:D2:FC:C8:47:71:BA:6A:A2:9A:A5:44:28:B2:1C:EF:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTnRW9L8yEdxumqimqVEKLIc72A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/lQEp2HEPrjUkaRZ-il1Gf6X7PHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/XTnRW9L8yEdxumqimqVEKLIc72A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.231.72.0/21
88.81.64.0/19
91.187.32.0/19
92.61.80.0/20
185.82.236.0/22
193.42.128.0/22
217.197.144.0/20
IPv6:
2a03:1600::/32
Signature Algorithm: sha256WithRSAEncryption
97:b7:64:81:3d:6a:5c:f1:68:61:90:9f:8b:d0:37:d6:f1:a0:
8d:2c:40:a8:45:a8:eb:80:0d:2d:42:09:88:cf:48:b2:64:a4:
dc:c9:f7:dd:4f:d0:fb:cb:52:1a:84:cd:d8:86:59:09:cd:b0:
9e:7e:87:45:a6:b9:bc:51:7b:4e:44:fc:a5:51:21:4f:ed:47:
f7:94:1c:32:3b:e2:ab:95:e9:bd:52:0e:56:4d:1b:53:70:88:
7a:ab:85:0d:05:76:53:d1:5d:c8:c7:be:51:90:dc:36:b5:1e:
c1:69:d8:5d:34:77:4a:0b:7f:2f:d7:e3:56:3f:05:0b:4b:41:
ef:d8:4e:30:52:5d:50:77:a9:db:0e:c1:a2:57:11:c2:bc:ee:
b9:21:0e:15:be:b7:d8:be:73:80:98:f6:98:2d:c1:fd:e1:a2:
7e:2a:5e:80:b9:9f:a9:05:77:18:ce:4b:a8:9b:8e:21:0c:63:
6a:a7:cd:09:41:57:52:41:fe:e1:6f:5e:ae:24:1b:6a:ce:63:
b2:49:87:71:47:5f:ea:70:5c:e3:09:8b:c0:75:58:35:79:dc:
62:ae:93:88:79:c2:1a:76:12:5b:75:79:d1:69:23:8a:98:a4:
d4:27:41:db:fb:0f:a7:6c:4b:d4:c4:d8:28:17:b7:1b:38:72:
08:4a:ff:d3
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZTGfnPgkrsWNQl2SpGY48bEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzlkMTViZDJmY2M4NDc3MWJhNmFhMjlhYTU0NDI4YjIx
Y2VmNjAwHhcNMjUwMjAyMTE0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTAxMjlkODcxMGZhZTM1MjQ2OTE2N2U4YTVkNDY3ZmE1ZmIzYzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZasVDYP8xu+oIghGoKifxpVxohA
883Ske8i2qO1U2oOhtysXGG6lvxio4tR7ktspF0KKqep+Udu3t1fuikctvVYSGq/
tISyDkw5nrxj+iRtk5xdVSVlMa4CSSKk6poAIY4XXS30JIlPp7MSmRTIfJsYko8x
MRmi1qQL0rQBpE3saf0Lq2gA2b2Y8PrgMD4GX63JuzCFryLGgg5TnEVeeo3UmaCG
rQTZuKlqLqmZI2FS+tK7LAdCJYCwvB1dG8GmLiFgFo2nLQI6jjnAxY5ZekoNeJ02
2zBPdC9C2Mi8E4+ty50s3mxwhAWSDrESuMT+ke/bZRYIHj0tOQyKmbyk+wIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFJUBKdhxD641JGkWfopdRn+l+zx1MB8GA1UdIwQY
MBaAFF050VvS/MhHcbpqopqlRCiyHO9gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRuUlc5TDh5RWR4dW1xaW1xVkVLTEljNzJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jODA5MmUtOWY4Yy00NzE4LWI3NzAt
YzI5YjQ0ZGU1M2E4LzEvbFFFcDJIRVByalVrYVJaLWlsMUdmNlg3UEhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9jODA5MmUtOWY4Yy00NzE4LWI3NzAtYzI5YjQ0ZGU1M2E4
LzEvWFRuUlc5TDh5RWR4dW1xaW1xVkVLTEljNzJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDLudIAwQF
WFFAAwQFW7sgAwQEXD1QAwQCuVLsAwQCwSqAAwQE2cWQMA0EAgACMAcDBQAqAxYA
MA0GCSqGSIb3DQEBCwUAA4IBAQCXt2SBPWpc8WhhkJ+L0DfW8aCNLECoRajrgA0t
QgmIz0iyZKTcyffdT9D7y1IahM3YhlkJzbCefodFprm8UXtORPylUSFP7Uf3lBwy
O+Krlem9Ug5WTRtTcIh6q4UNBXZT0V3Ix75RkNw2tR7BadhdNHdKC38v1+NWPwUL
S0Hv2E4wUl1Qd6nbDsGiVxHCvO65IQ4VvrfYvnOAmPaYLcH94aJ+Kl6AuZ+pBXcY
zkuom44hDGNqp80JQVdSQf7hb16uJBtqzmOySYdxR1/qcFzjCYvAdVg1edxirpOI
ecIadhJbdXnRaSOKmKTUJ0Hb+w+nbEvUxNgoF7cbOHIISv/T
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:01:10 2025 by rpki-client