Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/g2LuFjEhsXOpJYmb2qeJVNKQyUw.roa
File: g2LuFjEhsXOpJYmb2qeJVNKQyUw.roa (raw, json)
Hash identifier: gXxbZRZ22rqSRTpziJlqNBg77T4+7Pe2wPiUn7l87EQ=
Subject key identifier: 83:62:EE:16:31:21:B1:73:A9:25:89:9B:DA:A7:89:54:D2:90:C9:4C
Certificate issuer: /CN=2e4bd4edca29d4e72be86ced0b7ad652c7d261c9
Certificate serial: 0194236A45A5305A1E9013BA9D29DB560836
Authority key identifier: 2E:4B:D4:ED:CA:29:D4:E7:2B:E8:6C:ED:0B:7A:D6:52:C7:D2:61:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LkvU7cop1Ocr6GztC3rWUsfSYck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/g2LuFjEhsXOpJYmb2qeJVNKQyUw.roa
Signing time: Wed 01 Jan 2025 19:49:14 +0000
ROA not before: Wed 01 Jan 2025 19:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 185.93.228.0/24 maxlen: 24
193.19.224.0/22 maxlen: 24
2a02:fe80:13::/48 maxlen: 48
2a02:fe80:1010::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:45:a5:30:5a:1e:90:13:ba:9d:29:db:56:08:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e4bd4edca29d4e72be86ced0b7ad652c7d261c9
Validity
Not Before: Jan 1 19:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8362ee163121b173a925899bdaa78954d290c94c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:54:e1:f7:3f:8e:ae:fc:fe:2d:05:bb:81:a7:
24:cc:94:d6:c7:c4:04:c1:96:01:23:b6:88:30:88:
e4:83:3d:60:aa:ea:96:4c:38:74:6d:ea:df:ca:a5:
50:b5:89:9c:76:eb:76:74:f4:df:eb:11:e7:cb:3e:
b3:26:ad:a3:31:c4:b3:6e:cf:9c:8c:6f:c2:80:d4:
7d:d4:ea:a3:f6:61:c8:0c:fa:98:cd:df:ad:1f:66:
3d:ea:82:c6:16:08:d9:4f:46:ad:8a:9c:2b:8c:dd:
50:0c:2f:e2:b6:b6:52:5a:56:9a:20:cc:e6:fb:63:
86:65:f0:11:ec:19:86:45:ab:31:34:bc:80:9e:1c:
cc:11:d2:0b:07:62:b7:96:de:5b:a5:df:65:a4:aa:
f4:a3:9e:47:5a:8e:ab:09:63:67:31:74:dc:95:a7:
89:1d:57:44:cf:54:e1:b0:4c:e6:ec:0b:26:fb:07:
89:63:c5:48:33:19:f2:2f:80:e4:65:f8:c4:d2:ef:
61:2c:31:fa:f1:70:a3:5d:62:b5:86:04:bb:ca:c5:
01:11:9d:dc:bc:93:95:61:5d:ed:db:e3:e0:08:b0:
99:eb:df:a6:89:95:c3:60:22:cf:6f:89:8c:18:38:
d2:40:36:b9:c6:e9:02:74:64:95:26:a3:1a:60:99:
86:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:62:EE:16:31:21:B1:73:A9:25:89:9B:DA:A7:89:54:D2:90:C9:4C
X509v3 Authority Key Identifier:
keyid:2E:4B:D4:ED:CA:29:D4:E7:2B:E8:6C:ED:0B:7A:D6:52:C7:D2:61:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LkvU7cop1Ocr6GztC3rWUsfSYck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/g2LuFjEhsXOpJYmb2qeJVNKQyUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/LkvU7cop1Ocr6GztC3rWUsfSYck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.228.0/24
193.19.224.0/22
IPv6:
2a02:fe80:13::/48
2a02:fe80:1010::/48
Signature Algorithm: sha256WithRSAEncryption
8a:0d:9e:f3:59:00:96:e9:54:02:cd:01:c0:b9:4b:c1:34:f5:
88:7c:a9:64:c9:28:28:93:27:2c:48:9a:d8:54:17:43:f3:a4:
ae:64:40:68:3b:e0:50:a9:06:5b:ce:29:64:c0:5c:69:84:33:
0d:00:58:c0:56:fa:9d:ef:28:48:44:f4:c5:e6:2a:51:c8:28:
ff:c3:a3:30:82:84:a9:5b:3c:b3:26:6c:42:c7:79:88:54:6a:
95:2c:66:94:c0:5d:98:de:e3:fc:fb:38:90:51:3d:c5:d0:7c:
64:c8:5f:28:18:56:a1:12:81:bf:09:82:7c:8e:41:09:0a:93:
e5:9a:a0:92:4d:1a:19:7b:47:f0:98:41:95:17:53:b7:35:95:
41:60:91:0b:e4:89:9f:66:60:ee:f9:0d:6e:ce:c7:67:05:a8:
75:3a:c4:38:65:54:ad:9f:2d:1e:d6:59:4c:a6:92:cc:45:93:
7f:85:a4:2d:8c:69:46:fa:ed:69:8d:00:19:98:1c:14:a8:28:
3a:65:2c:93:ec:39:81:59:eb:67:16:f4:a7:ef:e9:46:1c:4c:
04:5c:21:9a:d7:9c:61:77:6c:b6:15:55:6c:3d:11:93:89:3d:
3c:b4:a5:c4:32:cc:23:48:60:02:16:84:75:6e:5f:2a:0c:29:
86:6c:fb:3d
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQjakWlMFoekBO6nSnbVgg2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNGJkNGVkY2EyOWQ0ZTcyYmU4NmNlZDBiN2FkNjUyYzdk
MjYxYzkwHhcNMjUwMTAxMTk0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzYyZWUxNjMxMjFiMTczYTkyNTg5OWJkYWE3ODk1NGQyOTBjOTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFTh9z+Orvz+LQW7gackzJTWx8QE
wZYBI7aIMIjkgz1gquqWTDh0berfyqVQtYmcdut2dPTf6xHnyz6zJq2jMcSzbs+c
jG/CgNR91Oqj9mHIDPqYzd+tH2Y96oLGFgjZT0atipwrjN1QDC/itrZSWlaaIMzm
+2OGZfAR7BmGRasxNLyAnhzMEdILB2K3lt5bpd9lpKr0o55HWo6rCWNnMXTclaeJ
HVdEz1ThsEzm7Asm+weJY8VIMxnyL4DkZfjE0u9hLDH68XCjXWK1hgS7ysUBEZ3c
vJOVYV3t2+PgCLCZ69+miZXDYCLPb4mMGDjSQDa5xukCdGSVJqMaYJmGgQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFINi7hYxIbFzqSWJm9qniVTSkMlMMB8GA1UdIwQY
MBaAFC5L1O3KKdTnK+hs7Qt61lLH0mHJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGt2VTdjb3AxT2NyNkd6dEMzcldVc2ZTWWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9hNTNiYjYtNjZjMC00ODYxLWIyODgt
MmE2MzcyZTA1NGQyLzEvZzJMdUZqRWhzWE9wSlltYjJxZUpWTktReVV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9hNTNiYjYtNjZjMC00ODYxLWIyODgtMmE2MzcyZTA1NGQy
LzEvTGt2VTdjb3AxT2NyNkd6dEMzcldVc2ZTWWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAuV3kAwQC
wRPgMBgEAgACMBIDBwAqAv6AABMDBwAqAv6AEBAwDQYJKoZIhvcNAQELBQADggEB
AIoNnvNZAJbpVALNAcC5S8E09Yh8qWTJKCiTJyxImthUF0PzpK5kQGg74FCpBlvO
KWTAXGmEMw0AWMBW+p3vKEhE9MXmKlHIKP/DozCChKlbPLMmbELHeYhUapUsZpTA
XZje4/z7OJBRPcXQfGTIXygYVqESgb8JgnyOQQkKk+WaoJJNGhl7R/CYQZUXU7c1
lUFgkQvkiZ9mYO75DW7Ox2cFqHU6xDhlVK2fLR7WWUymksxFk3+FpC2MaUb67WmN
ABmYHBSoKDplLJPsOYFZ62cW9Kfv6UYcTARcIZrXnGF3bLYVVWw9EZOJPTy0pcQy
zCNIYAIWhHVuXyoMKYZs+z0=
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:18:36 2025 by rpki-client