Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/ag6Uw2WZeIksxGOXDr4DgUkmA5c.roa
File: ag6Uw2WZeIksxGOXDr4DgUkmA5c.roa (raw, json)
Hash identifier: Dv4MeWf6ZNTTsICz0sxMh5s96US2ndB/BMpQt263Gn0=
Subject key identifier: 6A:0E:94:C3:65:99:78:89:2C:C4:63:97:0E:BE:03:81:49:26:03:97
Certificate issuer: /CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Certificate serial: 01942368CFB5CE1AA6882641AB4E1BDACFA2
Authority key identifier: 37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/ag6Uw2WZeIksxGOXDr4DgUkmA5c.roa
Signing time: Wed 01 Jan 2025 19:47:38 +0000
ROA not before: Wed 01 Jan 2025 19:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203
IP address blocks: 91.205.116.0/22 maxlen: 24
109.234.0.0/21 maxlen: 24
185.148.224.0/22 maxlen: 24
193.242.174.0/23 maxlen: 24
2a07:6200:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:cf:b5:ce:1a:a6:88:26:41:ab:4e:1b:da:cf:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Validity
Not Before: Jan 1 19:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a0e94c3659978892cc463970ebe038149260397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:8e:e0:b7:7b:80:fb:84:92:e1:d7:79:9c:d9:
c1:b6:d5:d2:55:78:8a:e2:7e:48:ae:1d:7f:25:5c:
80:51:76:12:aa:6c:f0:62:b3:ab:9e:1a:43:3b:d8:
74:44:cc:0e:dd:33:00:9a:3a:94:ee:59:6a:3f:a6:
a0:36:4c:bb:a8:09:83:4e:0f:8f:04:47:0d:f6:c8:
55:81:93:b9:b9:45:16:b1:ea:14:73:ab:0f:82:fc:
c9:c8:60:d0:3e:11:4b:bb:6c:6a:64:08:91:35:05:
d9:e8:0f:c5:42:0f:9f:22:6d:18:0a:d8:2c:69:85:
59:e9:01:22:25:71:05:d7:fc:ef:34:da:5b:4f:3d:
f8:da:df:a6:dc:7f:68:6e:86:dd:b2:be:37:58:a9:
c0:ff:3a:1d:93:f5:cc:5b:57:b0:dd:97:e2:06:64:
61:7f:ad:29:8e:55:54:c2:5f:63:62:9a:55:75:d1:
62:7e:26:d9:42:98:02:ad:18:9f:46:3e:3c:42:28:
4b:23:b4:38:eb:84:16:cd:9f:f6:10:18:94:bc:10:
42:58:8c:61:fa:bf:32:94:4d:7e:fe:ec:f2:e7:9c:
01:ff:9d:80:5e:ac:a5:6f:f7:ea:c0:be:8b:b4:8e:
8e:3a:be:32:0b:63:c0:f0:43:63:ef:75:2f:5c:2c:
23:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:0E:94:C3:65:99:78:89:2C:C4:63:97:0E:BE:03:81:49:26:03:97
X509v3 Authority Key Identifier:
keyid:37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/ag6Uw2WZeIksxGOXDr4DgUkmA5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.116.0/22
109.234.0.0/21
185.148.224.0/22
193.242.174.0/23
IPv6:
2a07:6200:1::/48
Signature Algorithm: sha256WithRSAEncryption
79:e2:4f:b5:47:d4:a6:57:90:0d:ac:14:a6:b3:9b:f3:c2:08:
2d:f1:7b:65:27:58:73:e8:b3:21:47:3b:bb:6f:97:1b:0f:ae:
05:db:9b:36:d6:59:0b:a2:66:4e:14:88:65:c8:88:19:bc:93:
8c:f9:be:0d:2d:26:a8:3e:6e:6c:89:18:0b:4f:dc:83:c4:cc:
15:df:7d:a5:22:8d:1e:be:df:47:be:ae:7a:54:be:43:44:44:
2a:5e:45:9f:d2:a3:ee:14:40:25:bd:f1:15:97:19:56:61:d8:
4c:fc:ce:7a:95:f3:ae:7a:a2:64:bc:a7:10:db:11:81:f8:43:
29:c4:75:68:d6:36:15:64:f5:e3:bb:3e:be:ff:e8:58:b2:e0:
e6:2e:44:00:69:e1:d3:01:cd:57:1f:fe:e6:fa:f4:91:46:36:
85:b7:78:55:1c:06:27:b8:2e:f1:ce:9d:bb:f5:fb:a5:8c:37:
0a:09:17:cf:10:bf:60:ed:83:02:4b:a6:d9:4a:86:ff:46:78:
9c:60:07:8a:10:d1:8f:20:9c:6e:59:c2:2f:5a:7e:33:85:df:
19:3d:43:c4:a8:50:4a:8e:95:cd:c5:10:9e:22:21:dc:f3:de:
db:96:6c:9e:99:3d:04:18:51:2d:0f:56:64:5a:98:2e:85:17:
be:ea:1d:94
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQjaM+1zhqmiCZBq04b2s+iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3OTQ5YWM4NGQwYjg2OTEwZjRmZDNjZjU5NjI5MjdkODM0
NTBhZWIwHhcNMjUwMTAxMTk0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTBlOTRjMzY1OTk3ODg5MmNjNDYzOTcwZWJlMDM4MTQ5MjYwMzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqY7gt3uA+4SS4dd5nNnBttXSVXiK
4n5Irh1/JVyAUXYSqmzwYrOrnhpDO9h0RMwO3TMAmjqU7llqP6agNky7qAmDTg+P
BEcN9shVgZO5uUUWseoUc6sPgvzJyGDQPhFLu2xqZAiRNQXZ6A/FQg+fIm0YCtgs
aYVZ6QEiJXEF1/zvNNpbTz342t+m3H9obobdsr43WKnA/zodk/XMW1ew3ZfiBmRh
f60pjlVUwl9jYppVddFifibZQpgCrRifRj48QihLI7Q464QWzZ/2EBiUvBBCWIxh
+r8ylE1+/uzy55wB/52AXqylb/fqwL6LtI6OOr4yC2PA8ENj73UvXCwjOQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFGoOlMNlmXiJLMRjlw6+A4FJJgOXMB8GA1UdIwQY
MBaAFDeUmshNC4aRD0/Tz1likn2DRQrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgt
YTRkYjM5NmM4OTg3LzEvYWc2VXcyV1plSWtzeEdPWERyNERnVWttQTVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgtYTRkYjM5NmM4OTg3
LzEvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQCW810AwQD
beoAAwQCuZTgAwQBwfKuMA8EAgACMAkDBwAqB2IAAAEwDQYJKoZIhvcNAQELBQAD
ggEBAHniT7VH1KZXkA2sFKazm/PCCC3xe2UnWHPosyFHO7tvlxsPrgXbmzbWWQui
Zk4UiGXIiBm8k4z5vg0tJqg+bmyJGAtP3IPEzBXffaUijR6+30e+rnpUvkNERCpe
RZ/So+4UQCW98RWXGVZh2Ez8znqV8656omS8pxDbEYH4QynEdWjWNhVk9eO7Pr7/
6Fiy4OYuRABp4dMBzVcf/ub69JFGNoW3eFUcBie4LvHOnbv1+6WMNwoJF88Qv2Dt
gwJLptlKhv9GeJxgB4oQ0Y8gnG5Zwi9afjOF3xk9Q8SoUEqOlc3FEJ4iIdzz3tuW
bJ6ZPQQYUS0PVmRamC6FF77qHZQ=
-----END CERTIFICATE-----
Generated at Thu Apr 10 05:45:04 2025 by rpki-client