Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/mVdLl1pEjtZTqo0xnHD_tY40TJw.roa
File: mVdLl1pEjtZTqo0xnHD_tY40TJw.roa (raw, json)
Hash identifier: cNAgQiMCU2y7VV4PtVvtorfQNNxojLmFLeT0RppmDwA=
Subject key identifier: 99:57:4B:97:5A:44:8E:D6:53:AA:8D:31:9C:70:FF:B5:8E:34:4C:9C
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 019420D5B7FD3B1CB659EDC1AD8522EA28C8
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/mVdLl1pEjtZTqo0xnHD_tY40TJw.roa
Signing time: Wed 01 Jan 2025 07:47:44 +0000
ROA not before: Wed 01 Jan 2025 07:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199233
IP address blocks: 90.85.39.0/24 maxlen: 24
194.2.130.0/23 maxlen: 24
194.2.131.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:b7:fd:3b:1c:b6:59:ed:c1:ad:85:22:ea:28:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 07:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=99574b975a448ed653aa8d319c70ffb58e344c9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d4:cf:fe:d1:46:aa:b8:96:8b:a0:00:ba:02:
27:fc:69:3c:0d:6e:81:7c:ec:38:1d:c9:5d:d0:75:
ba:b7:eb:13:ea:87:e1:fb:4b:25:07:76:52:38:ea:
2c:c4:ad:4f:cf:fe:aa:dc:26:2c:99:28:0e:bf:18:
0f:93:98:51:0e:c0:26:76:9b:4e:aa:f2:20:46:f4:
9f:0c:1d:eb:b6:1e:16:4e:9d:42:8d:cc:60:69:4b:
85:44:74:5e:cc:d6:f3:a5:93:eb:42:01:4e:a6:58:
b3:3a:6a:f2:ed:63:f8:8c:93:9c:36:2d:4c:a8:ab:
75:8d:84:76:3f:3f:34:ff:a1:2a:7d:3d:4a:3f:ae:
69:99:2c:76:aa:f8:0b:be:6a:fa:2e:1c:a0:94:fd:
69:c0:0d:47:21:d8:b5:9c:23:d5:b2:3b:2e:e2:79:
d3:14:28:ca:88:c3:a2:2c:68:b5:6a:99:d6:e1:43:
27:86:a4:1d:65:a9:05:d9:d5:a6:8a:ec:ac:a2:f0:
82:de:bd:5f:a2:61:0b:d0:1e:bd:c4:88:0f:44:4a:
79:f0:52:1f:56:fd:7f:2a:86:aa:1a:a7:4e:29:7e:
17:aa:23:ff:3e:9f:33:40:10:9b:38:85:44:84:42:
97:58:c0:c0:58:f9:9d:b4:80:1f:f6:83:c3:70:b7:
e4:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:57:4B:97:5A:44:8E:D6:53:AA:8D:31:9C:70:FF:B5:8E:34:4C:9C
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/mVdLl1pEjtZTqo0xnHD_tY40TJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.85.39.0/24
194.2.130.0/23
Signature Algorithm: sha256WithRSAEncryption
04:81:94:a1:54:bb:a3:42:4f:be:18:8d:18:f5:83:a9:2b:e8:
10:7c:43:d2:fc:e4:8d:a3:05:5d:53:0d:2a:94:bf:61:6f:de:
ce:7b:3e:bc:87:cb:81:2e:75:9c:b6:bf:fc:c3:63:2b:14:df:
f1:7f:91:bf:3a:f8:a6:f0:d1:d1:02:f9:c9:df:ea:6c:5d:66:
5f:18:7e:97:ed:e2:76:01:0d:b9:52:99:bf:29:dd:bb:57:99:
2f:4b:76:c9:8a:d1:44:66:11:32:c8:4f:fe:06:ae:90:61:b1:
9f:74:e5:b1:49:14:9b:07:40:39:3b:ea:bd:2d:e8:ea:7e:86:
e3:f8:6d:9c:e0:bf:ff:1c:e3:8f:85:59:94:cf:fe:02:2c:e4:
4a:93:65:ff:74:ee:15:63:9e:6b:f9:42:89:91:26:29:ac:20:
be:58:6d:36:4e:9a:7e:1c:39:5f:64:48:26:bf:e3:c4:1d:68:
6b:ff:b8:09:83:95:3e:46:aa:ec:81:fe:0a:e7:83:e7:31:c0:
34:7a:11:39:b7:f4:3a:24:11:c3:23:ce:10:ed:c4:c7:a0:23:
11:d2:9c:2e:b2:a3:32:b7:e5:d8:64:f7:eb:0b:66:83:e6:c4:
d2:73:d1:0d:f5:ab:7f:be:0a:c5:6e:31:4e:1d:4d:ac:4b:be:
f1:85:62:5d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQg1bf9Oxy2We3BrYUi6ijIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjUwMTAxMDc0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTU3NGI5NzVhNDQ4ZWQ2NTNhYThkMzE5YzcwZmZiNThlMzQ0YzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNTP/tFGqriWi6AAugIn/Gk8DW6B
fOw4Hcld0HW6t+sT6ofh+0slB3ZSOOosxK1Pz/6q3CYsmSgOvxgPk5hRDsAmdptO
qvIgRvSfDB3rth4WTp1CjcxgaUuFRHRezNbzpZPrQgFOplizOmry7WP4jJOcNi1M
qKt1jYR2Pz80/6EqfT1KP65pmSx2qvgLvmr6LhyglP1pwA1HIdi1nCPVsjsu4nnT
FCjKiMOiLGi1apnW4UMnhqQdZakF2dWmiuysovCC3r1fomEL0B69xIgPREp58FIf
Vv1/KoaqGqdOKX4XqiP/Pp8zQBCbOIVEhEKXWMDAWPmdtIAf9oPDcLfk1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJlXS5daRI7WU6qNMZxw/7WONEycMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvbVZkTGwxcEVqdFpUcW8weG5IRF90WTQwVEp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWlUnAwQB
wgKCMA0GCSqGSIb3DQEBCwUAA4IBAQAEgZShVLujQk++GI0Y9YOpK+gQfEPS/OSN
owVdUw0qlL9hb97Oez68h8uBLnWctr/8w2MrFN/xf5G/Ovim8NHRAvnJ3+psXWZf
GH6X7eJ2AQ25Upm/Kd27V5kvS3bJitFEZhEyyE/+Bq6QYbGfdOWxSRSbB0A5O+q9
Lejqfobj+G2c4L//HOOPhVmUz/4CLORKk2X/dO4VY55r+UKJkSYprCC+WG02Tpp+
HDlfZEgmv+PEHWhr/7gJg5U+Rqrsgf4K54PnMcA0ehE5t/Q6JBHDI84Q7cTHoCMR
0pwusqMyt+XYZPfrC2aD5sTSc9EN9at/vgrFbjFOHU2sS77xhWJd
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:52:35 2025 by rpki-client