Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/6q6FLG-2ZJcy2qtBGLLT9uAzw2c.roa
File: 6q6FLG-2ZJcy2qtBGLLT9uAzw2c.roa (raw, json)
Hash identifier: oVwEucWsa7TZNTeplgA+o+3W7wahOwussgTwPTA0w/g=
Subject key identifier: EA:AE:85:2C:6F:B6:64:97:32:DA:AB:41:18:B2:D3:F6:E0:33:C3:67
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 019421B2132433E45CBBCF2BE58212EBA961
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/6q6FLG-2ZJcy2qtBGLLT9uAzw2c.roa
Signing time: Wed 01 Jan 2025 11:48:25 +0000
ROA not before: Wed 01 Jan 2025 11:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35115
IP address blocks: 195.136.68.0/23 maxlen: 23
195.136.74.0/23 maxlen: 23
195.136.80.0/22 maxlen: 24
195.136.80.0/23 maxlen: 23
195.136.96.0/22 maxlen: 22
195.136.188.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:13:24:33:e4:5c:bb:cf:2b:e5:82:12:eb:a9:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 1 11:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eaae852c6fb6649732daab4118b2d3f6e033c367
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:18:d1:2c:aa:cf:6f:b2:65:c9:a1:05:a5:36:
89:3f:8f:5d:f2:15:33:11:d1:24:bb:29:6c:68:10:
5a:95:19:65:fa:38:96:0c:74:72:e7:fd:7f:53:45:
7c:df:90:87:3e:88:82:4e:ec:26:fe:cf:56:59:9e:
2f:34:86:84:f2:4e:32:0f:d0:66:e6:eb:51:52:78:
0a:cf:3f:d4:1b:06:42:f0:05:77:ec:73:a8:32:ad:
b6:cd:a5:97:26:c4:f9:4d:61:6d:f5:14:de:f3:4f:
38:7c:f3:f2:68:be:5c:7b:e3:34:d5:ce:0b:8b:fe:
b0:0b:30:79:ba:3c:08:2b:8d:db:a3:e6:9e:f9:9a:
5d:5b:0d:fc:4b:ba:b9:fd:f3:09:98:31:71:d6:c5:
5b:a8:b0:cb:82:97:38:d3:56:1f:b3:8f:57:5c:b2:
03:20:8a:98:f4:58:48:37:71:29:63:f0:2d:ce:a7:
3f:9e:fc:22:de:93:7c:44:ab:f1:05:ad:53:c6:b5:
93:fd:40:9c:0a:75:f9:3a:da:04:97:7d:2c:97:7f:
e9:a4:2b:01:de:67:a8:27:5d:65:08:56:5a:39:8d:
21:37:c6:f2:bb:bd:98:3b:8d:20:b2:e8:c7:38:19:
4c:1f:dd:c2:70:35:8f:fb:eb:bc:74:be:76:c5:96:
7b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:AE:85:2C:6F:B6:64:97:32:DA:AB:41:18:B2:D3:F6:E0:33:C3:67
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/6q6FLG-2ZJcy2qtBGLLT9uAzw2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.136.68.0/23
195.136.74.0/23
195.136.80.0/22
195.136.96.0/22
195.136.188.0/23
Signature Algorithm: sha256WithRSAEncryption
40:e4:9a:c4:f8:38:79:cc:16:7c:dd:f2:19:67:3b:5d:2d:82:
70:7c:79:fa:8e:3b:71:32:9a:40:93:54:33:7f:06:51:8b:38:
61:f5:c3:64:4c:d1:97:97:e3:ff:6d:e9:70:6b:6f:cb:60:6a:
41:db:9b:fb:d3:93:d9:7e:b5:a3:2d:e1:0d:25:c1:28:09:2a:
79:de:2f:67:bf:c4:e9:76:fd:3b:91:ed:9c:99:9e:70:2b:17:
7c:5f:35:d3:91:bc:e9:e8:4d:da:07:0a:25:00:69:e5:7c:7f:
09:c9:7c:89:60:1f:4e:7a:aa:cd:ab:8e:e6:2e:8b:74:c9:bd:
9a:53:99:6a:73:c6:55:9a:b4:8d:73:1f:28:ff:2d:e2:0e:f4:
00:98:a7:80:7e:b1:4d:e7:7b:13:8c:7d:30:2e:51:ef:0f:5b:
e6:75:e8:42:0a:76:6c:fa:7d:ed:0a:c3:78:42:cd:73:28:48:
bc:2f:99:92:24:0d:23:29:a0:5d:37:d5:93:2c:49:26:3d:7b:
c5:fc:74:72:40:0f:38:08:54:78:17:3c:86:40:fc:78:7b:c6:
fb:77:08:d5:35:dd:d7:fa:b2:8b:4d:be:38:97:9c:c1:30:3b:
1a:8e:eb:0a:d4:a0:50:c4:2f:35:cd:fd:ea:5f:ef:68:1c:8b:
8f:67:e0:46
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQhshMkM+Rcu88r5YIS66lhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjUwMTAxMTE0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWFlODUyYzZmYjY2NDk3MzJkYWFiNDExOGIyZDNmNmUwMzNjMzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRjRLKrPb7JlyaEFpTaJP49d8hUz
EdEkuylsaBBalRll+jiWDHRy5/1/U0V835CHPoiCTuwm/s9WWZ4vNIaE8k4yD9Bm
5utRUngKzz/UGwZC8AV37HOoMq22zaWXJsT5TWFt9RTe8084fPPyaL5ce+M01c4L
i/6wCzB5ujwIK43bo+ae+ZpdWw38S7q5/fMJmDFx1sVbqLDLgpc401Yfs49XXLID
IIqY9FhIN3EpY/Atzqc/nvwi3pN8RKvxBa1TxrWT/UCcCnX5OtoEl30sl3/ppCsB
3meoJ11lCFZaOY0hN8byu72YO40gsujHOBlMH93CcDWP++u8dL52xZZ7LQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOquhSxvtmSXMtqrQRiy0/bgM8NnMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvNnE2RkxHLTJaSmN5MnF0QkdMTFQ5dUF6dzJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBw4hEAwQB
w4hKAwQCw4hQAwQCw4hgAwQBw4i8MA0GCSqGSIb3DQEBCwUAA4IBAQBA5JrE+Dh5
zBZ83fIZZztdLYJwfHn6jjtxMppAk1QzfwZRizhh9cNkTNGXl+P/belwa2/LYGpB
25v705PZfrWjLeENJcEoCSp53i9nv8Tpdv07ke2cmZ5wKxd8XzXTkbzp6E3aBwol
AGnlfH8JyXyJYB9OeqrNq47mLot0yb2aU5lqc8ZVmrSNcx8o/y3iDvQAmKeAfrFN
53sTjH0wLlHvD1vmdehCCnZs+n3tCsN4Qs1zKEi8L5mSJA0jKaBdN9WTLEkmPXvF
/HRyQA84CFR4FzyGQPx4e8b7dwjVNd3X+rKLTb44l5zBMDsajusK1KBQxC81zf3q
X+9oHIuPZ+BG
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:09 2025 by rpki-client