Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/GJ7X3NXNPspZEiv4IaMeRbRsKjQ.roa
File: GJ7X3NXNPspZEiv4IaMeRbRsKjQ.roa (raw, json)
Hash identifier: +RNCIDZL3jBzsc6WtooEau4eUrswSESksvuz73mPQ2Q=
Subject key identifier: 18:9E:D7:DC:D5:CD:3E:CA:59:12:2B:F8:21:A3:1E:45:B4:6C:2A:34
Certificate issuer: /CN=2e4bd4edca29d4e72be86ced0b7ad652c7d261c9
Certificate serial: 0194236A44C311DF62659B70443A065D821E
Authority key identifier: 2E:4B:D4:ED:CA:29:D4:E7:2B:E8:6C:ED:0B:7A:D6:52:C7:D2:61:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LkvU7cop1Ocr6GztC3rWUsfSYck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/GJ7X3NXNPspZEiv4IaMeRbRsKjQ.roa
Signing time: Wed 01 Jan 2025 19:49:14 +0000
ROA not before: Wed 01 Jan 2025 19:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 185.93.228.0/24 maxlen: 24
193.19.224.0/22 maxlen: 24
2a02:fe80:13::/48 maxlen: 48
2a02:fe80:1010::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:44:c3:11:df:62:65:9b:70:44:3a:06:5d:82:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e4bd4edca29d4e72be86ced0b7ad652c7d261c9
Validity
Not Before: Jan 1 19:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=189ed7dcd5cd3eca59122bf821a31e45b46c2a34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:da:1f:67:95:c5:ae:aa:be:dd:f8:c4:8d:c2:
3a:9d:dd:a3:38:00:98:6c:c6:67:5c:83:f9:15:cb:
bf:56:57:39:f1:0e:ee:d9:3d:66:26:65:dc:c9:31:
f3:97:ed:1f:e6:11:f6:76:32:a0:b0:61:b3:85:42:
b6:98:d8:77:7e:6a:65:11:3b:aa:2f:23:8a:6e:fd:
2e:ae:5d:f2:10:94:65:ea:54:b9:59:8d:32:94:95:
d9:51:25:f8:78:07:2f:0a:00:7d:26:f4:24:11:ff:
47:23:c4:1f:54:80:2c:55:fe:57:80:1b:c3:71:02:
97:18:63:59:33:5c:1a:d1:9f:6c:11:0f:62:50:02:
ef:d8:54:bb:cb:85:f7:99:1d:ad:7a:9f:27:b7:8e:
72:03:66:7e:76:78:82:c1:0a:33:f4:3c:c8:5f:59:
73:cf:ac:ad:8c:8e:a3:60:70:3b:36:92:8f:7a:0f:
4e:90:10:b3:1c:58:e2:f0:62:d1:aa:3f:50:0c:bd:
2d:c4:d1:5b:4e:b6:9e:18:3b:42:f0:48:fd:96:80:
fa:b1:c3:e2:23:09:0b:30:21:fc:70:44:2b:73:c6:
53:01:9b:54:b5:a9:97:f4:50:fa:87:d9:9f:83:95:
2a:97:49:6f:91:e5:fa:ce:d8:89:98:db:c3:db:48:
71:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:9E:D7:DC:D5:CD:3E:CA:59:12:2B:F8:21:A3:1E:45:B4:6C:2A:34
X509v3 Authority Key Identifier:
keyid:2E:4B:D4:ED:CA:29:D4:E7:2B:E8:6C:ED:0B:7A:D6:52:C7:D2:61:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LkvU7cop1Ocr6GztC3rWUsfSYck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/GJ7X3NXNPspZEiv4IaMeRbRsKjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/LkvU7cop1Ocr6GztC3rWUsfSYck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.228.0/24
193.19.224.0/22
IPv6:
2a02:fe80:13::/48
2a02:fe80:1010::/48
Signature Algorithm: sha256WithRSAEncryption
8f:fe:de:3f:72:a5:da:43:70:7e:63:1c:74:3d:1c:b1:c7:3b:
b4:fc:4a:db:a1:d4:0d:bc:23:f5:ab:1a:cb:67:72:a5:95:d8:
70:92:d3:93:a8:c3:06:5e:2d:05:16:04:df:c1:aa:70:03:1a:
be:ce:85:d0:6a:66:bf:27:29:48:0a:8a:20:71:24:13:09:66:
02:25:98:f2:4e:e3:79:e7:52:8f:41:b8:39:c2:47:c0:dc:ce:
2a:4e:0d:53:90:b6:0c:3e:4a:57:99:d7:13:f8:bb:ea:af:97:
48:e3:f7:cf:8c:fd:ba:aa:41:c0:e9:18:e4:4c:e7:34:e6:4a:
3e:fa:96:1d:b1:49:69:95:16:ee:59:19:84:e6:12:fd:0f:18:
a2:70:a0:c9:6b:64:c1:0b:8d:7f:2e:de:f6:4d:4b:37:df:4c:
54:0f:35:85:12:54:7c:38:de:7d:c7:6e:bf:c7:3c:8b:1f:5f:
7e:ba:79:64:f2:bb:6e:2b:ff:21:1e:e7:f9:16:f4:11:ad:94:
a6:f7:eb:cf:4a:8e:90:98:ed:0f:fa:1f:e1:58:f8:32:93:07:
24:fb:56:be:cd:5b:d8:b9:9d:7d:9a:50:ea:2a:69:0d:20:6b:
89:f4:05:6c:0f:5d:28:95:8a:1f:7e:1a:b3:f5:ae:fc:57:40:
1b:63:53:1e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQjakTDEd9iZZtwRDoGXYIeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNGJkNGVkY2EyOWQ0ZTcyYmU4NmNlZDBiN2FkNjUyYzdk
MjYxYzkwHhcNMjUwMTAxMTk0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODllZDdkY2Q1Y2QzZWNhNTkxMjJiZjgyMWEzMWU0NWI0NmMyYTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutofZ5XFrqq+3fjEjcI6nd2jOACY
bMZnXIP5Fcu/Vlc58Q7u2T1mJmXcyTHzl+0f5hH2djKgsGGzhUK2mNh3fmplETuq
LyOKbv0url3yEJRl6lS5WY0ylJXZUSX4eAcvCgB9JvQkEf9HI8QfVIAsVf5XgBvD
cQKXGGNZM1wa0Z9sEQ9iUALv2FS7y4X3mR2tep8nt45yA2Z+dniCwQoz9DzIX1lz
z6ytjI6jYHA7NpKPeg9OkBCzHFji8GLRqj9QDL0txNFbTraeGDtC8Ej9loD6scPi
IwkLMCH8cEQrc8ZTAZtUtamX9FD6h9mfg5Uql0lvkeX6ztiJmNvD20hxuwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFBie19zVzT7KWRIr+CGjHkW0bCo0MB8GA1UdIwQY
MBaAFC5L1O3KKdTnK+hs7Qt61lLH0mHJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGt2VTdjb3AxT2NyNkd6dEMzcldVc2ZTWWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9hNTNiYjYtNjZjMC00ODYxLWIyODgt
MmE2MzcyZTA1NGQyLzEvR0o3WDNOWE5Qc3BaRWl2NElhTWVSYlJzS2pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9hNTNiYjYtNjZjMC00ODYxLWIyODgtMmE2MzcyZTA1NGQy
LzEvTGt2VTdjb3AxT2NyNkd6dEMzcldVc2ZTWWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAuV3kAwQC
wRPgMBgEAgACMBIDBwAqAv6AABMDBwAqAv6AEBAwDQYJKoZIhvcNAQELBQADggEB
AI/+3j9ypdpDcH5jHHQ9HLHHO7T8Stuh1A28I/WrGstncqWV2HCS05OowwZeLQUW
BN/BqnADGr7OhdBqZr8nKUgKiiBxJBMJZgIlmPJO43nnUo9BuDnCR8DczipODVOQ
tgw+SleZ1xP4u+qvl0jj98+M/bqqQcDpGORM5zTmSj76lh2xSWmVFu5ZGYTmEv0P
GKJwoMlrZMELjX8u3vZNSzffTFQPNYUSVHw43n3Hbr/HPIsfX366eWTyu24r/yEe
5/kW9BGtlKb3689KjpCY7Q/6H+FY+DKTByT7Vr7NW9i5nX2aUOoqaQ0ga4n0BWwP
XSiVih9+GrP1rvxXQBtjUx4=
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:16:58 2025 by rpki-client