Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/U3FGMgcx33zABNd6WUQZ6FgIXMg.roa
File: U3FGMgcx33zABNd6WUQZ6FgIXMg.roa (raw, json)
Hash identifier: Wpl9P0cBekHap/iywSD8clsCi8JMACpk0Rm1bx3lrQQ=
Subject key identifier: 53:71:46:32:07:31:DF:7C:C0:04:D7:7A:59:44:19:E8:58:08:5C:C8
Certificate issuer: /CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Certificate serial: 01942368D0FAAC096111D208AFFF49EA4B03
Authority key identifier: 37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/U3FGMgcx33zABNd6WUQZ6FgIXMg.roa
Signing time: Wed 01 Jan 2025 19:47:39 +0000
ROA not before: Wed 01 Jan 2025 19:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47820
IP address blocks: 91.205.116.0/22 maxlen: 24
109.234.0.0/21 maxlen: 24
185.148.224.0/22 maxlen: 24
185.232.192.0/22 maxlen: 24
193.242.174.0/23 maxlen: 24
2a07:6200::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:d0:fa:ac:09:61:11:d2:08:af:ff:49:ea:4b:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Validity
Not Before: Jan 1 19:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=537146320731df7cc004d77a594419e858085cc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e8:16:fc:cb:ab:a7:8f:dd:29:cd:cd:c4:ef:
fd:31:e7:ee:11:93:dc:ab:72:f5:e2:87:98:1b:44:
70:af:93:d2:6a:bb:74:05:f2:55:4e:ee:b3:31:8c:
87:2d:ac:c2:3e:c4:c3:05:74:f3:d2:9c:4f:f8:a4:
92:3d:c1:71:d7:3c:e5:1d:67:2b:2b:1f:7a:85:ad:
05:8d:a7:48:70:9a:e2:a9:59:5b:b8:29:7a:d3:fb:
64:d5:d8:02:c8:98:f6:45:9d:74:31:71:9c:e3:a8:
02:38:38:0c:42:9b:1c:de:69:4e:8e:0c:b8:f8:ad:
9e:16:c1:63:f8:51:ce:ce:d7:5b:41:2a:cf:a9:51:
15:7a:00:c9:d0:70:f7:95:96:97:5b:44:51:da:6d:
0b:48:c1:7a:99:d8:3c:e7:6d:e1:24:69:7c:ed:6e:
b2:a0:e1:2d:31:c7:36:5b:cc:58:82:0f:ef:da:7e:
e9:e7:34:2e:91:25:c4:88:04:55:1d:e0:f4:43:fc:
cc:27:c2:df:4b:ea:bf:98:51:a8:7e:ef:a6:1c:cd:
ed:38:b9:c2:a4:97:63:c0:ad:3f:09:4c:2d:e3:6d:
0d:47:fb:0e:42:70:69:9d:4f:80:7c:c1:5e:fa:8b:
1a:8e:7e:de:b4:55:8a:08:17:d3:6d:10:b4:7f:cb:
0f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:71:46:32:07:31:DF:7C:C0:04:D7:7A:59:44:19:E8:58:08:5C:C8
X509v3 Authority Key Identifier:
keyid:37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/U3FGMgcx33zABNd6WUQZ6FgIXMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.116.0/22
109.234.0.0/21
185.148.224.0/22
185.232.192.0/22
193.242.174.0/23
IPv6:
2a07:6200::/29
Signature Algorithm: sha256WithRSAEncryption
bb:92:0a:e2:21:5c:8c:07:eb:c3:29:79:9b:23:cf:4d:dc:7f:
51:22:79:8e:54:28:70:59:28:ba:98:bd:6c:92:5c:0b:97:14:
25:ab:3d:f4:c8:51:72:c5:2a:d8:7e:8b:d3:7a:c5:8c:28:45:
0d:7c:f9:3d:9a:8a:c8:32:d8:1b:3a:3e:46:8f:9e:ea:88:25:
d4:0b:17:7f:30:07:d3:98:b7:bd:af:4f:73:ea:e8:f6:3d:f9:
e2:1a:8b:03:4d:49:ae:92:27:bc:5f:f2:14:47:26:5c:8a:e6:
43:c1:1c:0a:8c:b5:df:78:45:eb:98:1b:95:92:9a:a1:6c:1f:
7d:4e:09:2b:8d:46:b4:a7:f8:73:69:e4:5d:de:a0:01:12:b8:
f8:25:12:7e:11:62:54:e0:56:70:9c:6c:fb:07:06:70:27:4b:
f4:00:ed:4e:92:46:41:c1:3f:3d:69:d8:8e:07:64:88:3d:cf:
c2:0e:aa:dc:b0:ec:24:78:c0:b0:4a:8d:f9:16:b0:4d:a7:a2:
6f:8d:43:62:93:95:58:30:b5:a9:e2:9e:87:d3:77:fb:0c:99:
b5:84:08:7d:00:a6:30:b6:36:64:cc:98:ac:a6:d7:6d:69:fc:
2a:0f:71:89:da:aa:84:ec:5f:63:f1:02:04:5e:34:23:cc:c0:
96:ac:12:c0
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQjaND6rAlhEdIIr/9J6ksDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3OTQ5YWM4NGQwYjg2OTEwZjRmZDNjZjU5NjI5MjdkODM0
NTBhZWIwHhcNMjUwMTAxMTk0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzcxNDYzMjA3MzFkZjdjYzAwNGQ3N2E1OTQ0MTllODU4MDg1Y2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+gW/Murp4/dKc3NxO/9MefuEZPc
q3L14oeYG0Rwr5PSart0BfJVTu6zMYyHLazCPsTDBXTz0pxP+KSSPcFx1zzlHWcr
Kx96ha0FjadIcJriqVlbuCl60/tk1dgCyJj2RZ10MXGc46gCODgMQpsc3mlOjgy4
+K2eFsFj+FHOztdbQSrPqVEVegDJ0HD3lZaXW0RR2m0LSMF6mdg8523hJGl87W6y
oOEtMcc2W8xYgg/v2n7p5zQukSXEiARVHeD0Q/zMJ8LfS+q/mFGofu+mHM3tOLnC
pJdjwK0/CUwt420NR/sOQnBpnU+AfMFe+osajn7etFWKCBfTbRC0f8sPxwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFFNxRjIHMd98wATXellEGehYCFzIMB8GA1UdIwQY
MBaAFDeUmshNC4aRD0/Tz1likn2DRQrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgt
YTRkYjM5NmM4OTg3LzEvVTNGR01nY3gzM3pBQk5kNldVUVo2RmdJWE1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgtYTRkYjM5NmM4OTg3
LzEvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCW810AwQD
beoAAwQCuZTgAwQCuejAAwQBwfKuMA0EAgACMAcDBQMqB2IAMA0GCSqGSIb3DQEB
CwUAA4IBAQC7kgriIVyMB+vDKXmbI89N3H9RInmOVChwWSi6mL1sklwLlxQlqz30
yFFyxSrYfovTesWMKEUNfPk9morIMtgbOj5Gj57qiCXUCxd/MAfTmLe9r09z6uj2
PfniGosDTUmukie8X/IURyZciuZDwRwKjLXfeEXrmBuVkpqhbB99TgkrjUa0p/hz
aeRd3qABErj4JRJ+EWJU4FZwnGz7BwZwJ0v0AO1OkkZBwT89adiOB2SIPc/CDqrc
sOwkeMCwSo35FrBNp6JvjUNik5VYMLWp4p6H03f7DJm1hAh9AKYwtjZkzJisptdt
afwqD3GJ2qqE7F9j8QIEXjQjzMCWrBLA
-----END CERTIFICATE-----
Generated at Thu Apr 10 05:45:04 2025 by rpki-client