Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/7a9f0c-5888-4fd8-bd90-683384b19ea3/1/3slyfZXxVcWO-rhXLBn1z60ShoQ.roa
File: 3slyfZXxVcWO-rhXLBn1z60ShoQ.roa (raw, json)
Hash identifier: aD+13qB77l1eWjcaYEDaoeBPF19MIy6v6JQPzBT88zc=
Subject key identifier: DE:C9:72:7D:95:F1:55:C5:8E:FA:B8:57:2C:19:F5:CF:AD:12:86:84
Certificate issuer: /CN=a48a87c45d9720464905b6a6b0933f7c3951192d
Certificate serial: 019422FB6AA968E4FAFCD05EFA581D7EB967
Authority key identifier: A4:8A:87:C4:5D:97:20:46:49:05:B6:A6:B0:93:3F:7C:39:51:19:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pIqHxF2XIEZJBbamsJM_fDlRGS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/7a9f0c-5888-4fd8-bd90-683384b19ea3/1/3slyfZXxVcWO-rhXLBn1z60ShoQ.roa
Signing time: Wed 01 Jan 2025 17:48:09 +0000
ROA not before: Wed 01 Jan 2025 17:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39542
IP address blocks: 91.213.242.0/24 maxlen: 24
185.43.60.0/22 maxlen: 22
185.137.252.0/23 maxlen: 24
193.201.35.0/24 maxlen: 24
193.201.37.0/24 maxlen: 24
193.201.38.0/24 maxlen: 24
193.201.43.0/24 maxlen: 24
194.50.39.0/24 maxlen: 24
2a01:6960::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:6a:a9:68:e4:fa:fc:d0:5e:fa:58:1d:7e:b9:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a48a87c45d9720464905b6a6b0933f7c3951192d
Validity
Not Before: Jan 1 17:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dec9727d95f155c58efab8572c19f5cfad128684
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ff:55:19:3e:c3:1f:00:c9:9d:5b:8a:95:d5:
f5:c6:b1:3e:14:36:3d:85:2f:d9:57:57:30:c5:f8:
59:34:cf:10:ad:35:6c:52:7a:73:6c:16:56:9d:6b:
24:3a:d6:97:4e:2f:e5:93:86:83:91:31:c5:f1:92:
5f:c1:3c:d7:ba:d9:81:db:69:ff:82:d5:41:b7:d7:
07:4d:b4:ce:6e:e6:fe:d9:77:74:27:a7:e7:eb:db:
cd:0c:cd:44:3e:64:18:f0:80:6e:1a:36:4c:76:3f:
9b:da:04:53:18:6a:34:55:68:3c:a3:48:33:a2:e4:
d6:3f:3d:51:5f:59:33:c0:4a:75:0b:c0:a5:e3:f1:
b6:e4:99:af:13:96:0f:10:94:d2:d9:9d:06:ef:6b:
01:1f:b2:d1:2e:f7:21:ba:b3:92:6f:d0:c4:6b:8c:
02:84:37:1c:c3:08:99:ab:e8:6d:e3:81:32:7c:dc:
de:5d:01:16:df:cd:35:be:71:33:7d:dc:70:27:98:
c2:ee:0f:27:a3:62:9a:6c:99:0a:5a:a7:af:4e:8f:
37:07:46:1a:9b:4e:1a:8b:9b:b3:9f:df:ac:ad:67:
fb:4c:96:aa:1b:cd:2c:89:61:a0:c7:26:bf:09:6f:
20:68:fa:b3:ef:80:8d:96:d0:6b:5a:f1:83:58:fe:
e8:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:C9:72:7D:95:F1:55:C5:8E:FA:B8:57:2C:19:F5:CF:AD:12:86:84
X509v3 Authority Key Identifier:
keyid:A4:8A:87:C4:5D:97:20:46:49:05:B6:A6:B0:93:3F:7C:39:51:19:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pIqHxF2XIEZJBbamsJM_fDlRGS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/7a9f0c-5888-4fd8-bd90-683384b19ea3/1/3slyfZXxVcWO-rhXLBn1z60ShoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/7a9f0c-5888-4fd8-bd90-683384b19ea3/1/pIqHxF2XIEZJBbamsJM_fDlRGS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.242.0/24
185.43.60.0/22
185.137.252.0/23
193.201.35.0/24
193.201.37.0-193.201.38.255
193.201.43.0/24
194.50.39.0/24
IPv6:
2a01:6960::/32
Signature Algorithm: sha256WithRSAEncryption
31:fb:5d:58:d8:71:c7:c0:3a:5d:1f:76:5e:4c:e7:19:18:b5:
a6:ee:82:78:13:70:89:e4:e7:18:96:17:41:e1:78:1c:26:e8:
26:7f:82:b9:e7:61:95:92:cc:f7:96:29:3f:11:20:d9:7c:66:
a5:4a:58:1a:1a:c9:d5:a7:7d:6d:7d:ba:09:77:85:af:9f:b1:
43:c4:63:4e:2b:03:15:ac:43:36:12:0e:41:5e:bb:b8:23:77:
c2:9f:bb:1e:f2:c9:bc:01:8e:1a:88:93:21:28:d5:e9:2d:52:
40:af:67:cd:a4:57:f0:ed:df:fe:1b:3d:3e:8a:1b:8f:6e:7d:
57:b6:9d:91:82:8f:a0:65:c7:03:74:62:f3:fd:7e:3c:6a:6c:
6d:8f:80:79:16:77:86:f5:87:d0:87:26:03:02:61:9a:45:dd:
4e:65:6b:f0:7a:65:91:03:d8:14:13:fa:11:ff:ae:5c:8e:5a:
bb:60:01:a2:a1:d8:5e:f3:cc:81:85:83:36:49:5d:7e:c6:22:
83:f1:54:d0:df:c0:6f:a4:e9:38:6f:95:42:63:21:8d:3f:33:
fd:28:6d:a9:84:29:b6:6a:27:67:8b:ff:1e:cf:a9:79:9c:92:
c5:7f:0c:bc:63:81:55:6a:ed:e3:ce:69:ff:45:ac:5c:12:82:
90:33:a9:39
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZQi+2qpaOT6/NBe+lgdfrlnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0OGE4N2M0NWQ5NzIwNDY0OTA1YjZhNmIwOTMzZjdjMzk1
MTE5MmQwHhcNMjUwMTAxMTc0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWM5NzI3ZDk1ZjE1NWM1OGVmYWI4NTcyYzE5ZjVjZmFkMTI4Njg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqf9VGT7DHwDJnVuKldX1xrE+FDY9
hS/ZV1cwxfhZNM8QrTVsUnpzbBZWnWskOtaXTi/lk4aDkTHF8ZJfwTzXutmB22n/
gtVBt9cHTbTObub+2Xd0J6fn69vNDM1EPmQY8IBuGjZMdj+b2gRTGGo0VWg8o0gz
ouTWPz1RX1kzwEp1C8Cl4/G25JmvE5YPEJTS2Z0G72sBH7LRLvchurOSb9DEa4wC
hDccwwiZq+ht44EyfNzeXQEW3801vnEzfdxwJ5jC7g8no2KabJkKWqevTo83B0Ya
m04ai5uzn9+srWf7TJaqG80siWGgxya/CW8gaPqz74CNltBrWvGDWP7o5wIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFN7Jcn2V8VXFjvq4VywZ9c+tEoaEMB8GA1UdIwQY
MBaAFKSKh8RdlyBGSQW2prCTP3w5URktMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcElxSHhGMlhJRVpKQmJhbXNKTV9mRGxSR1MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi83YTlmMGMtNTg4OC00ZmQ4LWJkOTAt
NjgzMzg0YjE5ZWEzLzEvM3NseWZaWHhWY1dPLXJoWExCbjF6NjBTaG9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi83YTlmMGMtNTg4OC00ZmQ4LWJkOTAtNjgzMzg0YjE5ZWEz
LzEvcElxSHhGMlhJRVpKQmJhbXNKTV9mRGxSR1MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyAwQAW9XyAwQC
uSs8AwQBuYn8AwQAwckjMAwDBADBySUDBADBySYDBADBySsDBADCMicwDQQCAAIw
BwMFACoBaWAwDQYJKoZIhvcNAQELBQADggEBADH7XVjYccfAOl0fdl5M5xkYtabu
gngTcInk5xiWF0HheBwm6CZ/grnnYZWSzPeWKT8RINl8ZqVKWBoaydWnfW19ugl3
ha+fsUPEY04rAxWsQzYSDkFeu7gjd8Kfux7yybwBjhqIkyEo1ektUkCvZ82kV/Dt
3/4bPT6KG49ufVe2nZGCj6BlxwN0YvP9fjxqbG2PgHkWd4b1h9CHJgMCYZpF3U5l
a/B6ZZED2BQT+hH/rlyOWrtgAaKh2F7zzIGFgzZJXX7GIoPxVNDfwG+k6ThvlUJj
IY0/M/0obamEKbZqJ2eL/x7PqXmcksV/DLxjgVVq7ePOaf9FrFwSgpAzqTk=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:51 2025 by rpki-client