Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/c6MH5AINwv2Apr4LoOVLjE2ibzg.roa
File: c6MH5AINwv2Apr4LoOVLjE2ibzg.roa (raw, json)
Hash identifier: DqMyX9SYq3vTPIAcJ2rH66kK5gcECNKtal3m+se09Aw=
Subject key identifier: 73:A3:07:E4:02:0D:C2:FD:80:A6:BE:0B:A0:E5:4B:8C:4D:A2:6F:38
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0195D2F9168B6E1231E4E8D2229C8DF5DABE
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/c6MH5AINwv2Apr4LoOVLjE2ibzg.roa
Signing time: Wed 26 Mar 2025 15:01:34 +0000
ROA not before: Wed 26 Mar 2025 15:01:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61312
IP address blocks: 31.148.25.0/24 maxlen: 24
93.170.55.0/24 maxlen: 24
93.170.175.0/24 maxlen: 24
93.171.152.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d2:f9:16:8b:6e:12:31:e4:e8:d2:22:9c:8d:f5:da:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Mar 26 15:01:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=73a307e4020dc2fd80a6be0ba0e54b8c4da26f38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:9e:f3:39:66:fc:6e:50:0a:eb:b1:a4:e4:78:
14:aa:67:85:ce:51:6a:ff:84:9a:5c:99:20:56:0d:
65:66:a7:38:b4:a0:eb:b3:7d:09:51:37:7c:66:e9:
84:b9:ce:58:96:04:57:00:01:8d:49:1a:31:3b:e9:
4a:d0:04:4e:e4:c7:22:66:48:00:bc:15:0a:cc:15:
53:58:07:a2:a0:e5:6e:af:79:45:b6:94:64:9e:c9:
38:9c:22:62:18:e4:e0:2c:e5:1a:61:a2:df:f2:6c:
14:3d:3a:50:ae:5c:f6:b8:05:d3:0a:e1:68:46:28:
7a:e5:7d:a9:a1:6b:8e:68:27:b9:ca:6d:6c:fe:04:
64:8a:06:c9:0b:d0:cc:01:c1:c5:be:76:4e:13:19:
9f:45:45:62:b4:28:e6:df:fd:ed:a2:a5:f1:17:68:
5c:82:53:7d:eb:e1:04:da:76:0d:be:9c:c3:9a:9b:
2d:0c:b8:24:04:97:c7:a2:21:1c:d6:29:c3:55:70:
3f:1a:f2:e5:27:b5:e0:ea:11:10:ac:1f:80:ec:fd:
9a:5e:90:44:c3:26:04:11:d4:f8:ea:3c:79:2f:ba:
20:d7:bd:f9:e3:f1:eb:94:ed:bf:a2:e9:91:e3:02:
e0:f7:db:e9:31:72:3b:ca:d1:88:2f:74:04:ef:80:
0d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:A3:07:E4:02:0D:C2:FD:80:A6:BE:0B:A0:E5:4B:8C:4D:A2:6F:38
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/c6MH5AINwv2Apr4LoOVLjE2ibzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.25.0/24
93.170.55.0/24
93.170.175.0/24
93.171.152.0/24
Signature Algorithm: sha256WithRSAEncryption
19:e4:08:ac:ef:39:b9:18:1c:fb:6e:f8:1d:bf:2a:0d:d9:d7:
14:40:de:56:5a:5d:04:5b:a8:9e:07:16:26:73:60:93:f4:40:
63:d6:cd:c3:4d:66:8a:fa:ed:99:d7:7e:35:eb:9c:03:39:24:
38:71:4a:31:7a:82:73:e9:8c:70:03:cf:1c:d0:dc:40:3b:27:
c2:30:72:cf:ec:b1:d2:b6:1d:3d:67:b1:72:c0:4b:d7:68:97:
aa:bc:c1:ea:2b:85:44:55:3d:df:8c:45:cf:86:67:78:1b:e0:
a4:89:cb:3c:b0:6b:58:12:15:dc:a2:22:ef:eb:33:9d:5d:19:
91:8d:8d:9d:31:2e:25:05:8d:a2:3f:0c:6a:72:3e:c0:bd:bc:
42:98:2b:ad:ce:92:a3:03:27:39:2d:93:41:fe:e3:c7:7c:ef:
6e:52:1e:a1:ec:9d:c9:e4:66:24:44:9b:91:03:92:a2:d0:bd:
1f:f3:40:11:a9:42:00:3b:7c:0c:ad:ef:d0:3f:09:17:5e:d5:
53:6b:90:88:3e:4a:7f:b6:44:3e:c9:a6:ed:fc:61:8a:9e:4e:
7b:9e:a8:0e:1e:c1:09:35:88:00:14:71:4e:cf:96:7f:a7:1f:
af:29:3b:17:e1:73:7a:b6:ee:36:ef:51:2e:3a:d6:6f:f4:72:
9e:d1:3e:8d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZXS+RaLbhIx5OjSIpyN9dq+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMzI2MTUwMTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2EzMDdlNDAyMGRjMmZkODBhNmJlMGJhMGU1NGI4YzRkYTI2ZjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlp7zOWb8blAK67Gk5HgUqmeFzlFq
/4SaXJkgVg1lZqc4tKDrs30JUTd8ZumEuc5YlgRXAAGNSRoxO+lK0ARO5MciZkgA
vBUKzBVTWAeioOVur3lFtpRknsk4nCJiGOTgLOUaYaLf8mwUPTpQrlz2uAXTCuFo
Rih65X2poWuOaCe5ym1s/gRkigbJC9DMAcHFvnZOExmfRUVitCjm3/3toqXxF2hc
glN96+EE2nYNvpzDmpstDLgkBJfHoiEc1inDVXA/GvLlJ7Xg6hEQrB+A7P2aXpBE
wyYEEdT46jx5L7og17354/HrlO2/oumR4wLg99vpMXI7ytGIL3QE74ANjwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHOjB+QCDcL9gKa+C6DlS4xNom84MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvYzZNSDVBSU53djJBcHI0TG9PVkxqRTJpYnpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAH5QZAwQA
Xao3AwQAXaqvAwQAXauYMA0GCSqGSIb3DQEBCwUAA4IBAQAZ5Ais7zm5GBz7bvgd
vyoN2dcUQN5WWl0EW6ieBxYmc2CT9EBj1s3DTWaK+u2Z134165wDOSQ4cUoxeoJz
6YxwA88c0NxAOyfCMHLP7LHSth09Z7FywEvXaJeqvMHqK4VEVT3fjEXPhmd4G+Ck
ics8sGtYEhXcoiLv6zOdXRmRjY2dMS4lBY2iPwxqcj7AvbxCmCutzpKjAyc5LZNB
/uPHfO9uUh6h7J3J5GYkRJuRA5Ki0L0f80ARqUIAO3wMre/QPwkXXtVTa5CIPkp/
tkQ+yabt/GGKnk57nqgOHsEJNYgAFHFOz5Z/px+vKTsX4XN6tu4271EuOtZv9HKe
0T6N
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:27:23 2025 by rpki-client