Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/1-wnHFiYjnB24GxLV0meyzqsLFuM.roa
File: 1-wnHFiYjnB24GxLV0meyzqsLFuM.roa (raw, json)
Hash identifier: LOVK3lUPwn84ZhS3ik+53n7gRvihYYPhPwXZjIMuf0A=
Subject key identifier: FB:09:C7:16:26:23:9C:1D:B8:1B:12:D5:D2:67:B2:CE:AB:0B:16:E3
Certificate issuer: /CN=943e3f4856dac2a005c3a52347114dec453934b8
Certificate serial: 019423D6BB4462BE6E68501734137356AA3B
Authority key identifier: 94:3E:3F:48:56:DA:C2:A0:05:C3:A5:23:47:11:4D:EC:45:39:34:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lD4_SFbawqAFw6UjRxFN7EU5NLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/1-wnHFiYjnB24GxLV0meyzqsLFuM.roa
Signing time: Wed 01 Jan 2025 21:47:42 +0000
ROA not before: Wed 01 Jan 2025 21:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3303
IP address blocks: 46.14.0.0/16 maxlen: 24
62.202.0.0/15 maxlen: 24
81.62.0.0/15 maxlen: 24
83.76.0.0/14 maxlen: 24
83.173.192.0/18 maxlen: 24
84.253.0.0/18 maxlen: 24
85.0.0.0/13 maxlen: 24
92.104.0.0/14 maxlen: 24
95.152.64.0/18 maxlen: 24
109.164.128.0/17 maxlen: 24
146.4.0.0/16 maxlen: 24
170.17.128.0/17 maxlen: 24
170.205.64.0/18 maxlen: 24
176.127.0.0/16 maxlen: 24
178.174.0.0/18 maxlen: 24
178.174.64.0/19 maxlen: 24
178.192.0.0/13 maxlen: 24
185.105.132.0/22 maxlen: 24
185.105.144.0/22 maxlen: 24
188.60.0.0/14 maxlen: 24
195.186.0.0/16 maxlen: 24
212.41.192.0/19 maxlen: 24
212.90.192.0/19 maxlen: 24
213.3.0.0/16 maxlen: 24
213.180.160.0/19 maxlen: 24
213.200.192.0/18 maxlen: 24
217.11.32.0/20 maxlen: 24
2001:4d98::/33 maxlen: 48
2a02:1200::/27 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:bb:44:62:be:6e:68:50:17:34:13:73:56:aa:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=943e3f4856dac2a005c3a52347114dec453934b8
Validity
Not Before: Jan 1 21:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fb09c71626239c1db81b12d5d267b2ceab0b16e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:65:5b:54:94:cb:8a:cb:2f:75:18:e9:9b:44:
17:8a:a4:39:44:d7:40:99:af:eb:6c:4b:3d:e7:39:
6b:1d:95:71:be:4a:87:46:f9:3d:d7:c6:61:d3:d7:
36:28:e5:80:87:3a:a0:a9:90:4f:8f:bf:aa:c9:e3:
73:56:6a:da:65:2b:d1:09:38:e2:0d:36:9e:97:61:
35:ad:bc:61:ce:27:9d:5e:cb:f7:f5:c5:fb:de:1f:
fb:7d:15:1a:bc:3f:3d:9a:eb:81:bd:56:65:e9:a9:
a0:52:8e:e0:d3:c2:2a:91:d4:54:73:ca:4d:15:7c:
17:1c:1d:ca:e9:3f:fc:91:90:80:63:54:07:e8:55:
1d:36:20:a2:a0:7e:e1:74:53:5e:36:9f:ae:b6:dd:
ec:26:d0:15:8b:94:b4:40:f9:42:72:6d:ca:ad:e8:
06:1f:d6:b7:08:8c:e7:8b:c2:53:a3:ab:51:43:01:
3e:19:b5:af:38:2c:29:8b:da:1c:c1:c5:a5:aa:32:
20:3b:12:cb:0f:f6:2d:a4:7f:b5:4e:9d:ca:fc:c0:
91:89:fe:9e:a9:7b:30:e1:5f:d5:a2:d6:f3:7f:c4:
57:59:b0:c8:77:ce:18:32:c2:46:e8:c2:d3:9d:f7:
04:22:7b:fa:49:a5:32:77:25:e4:ed:35:27:cd:b6:
28:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:09:C7:16:26:23:9C:1D:B8:1B:12:D5:D2:67:B2:CE:AB:0B:16:E3
X509v3 Authority Key Identifier:
keyid:94:3E:3F:48:56:DA:C2:A0:05:C3:A5:23:47:11:4D:EC:45:39:34:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lD4_SFbawqAFw6UjRxFN7EU5NLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/1-wnHFiYjnB24GxLV0meyzqsLFuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/lD4_SFbawqAFw6UjRxFN7EU5NLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.14.0.0/16
62.202.0.0/15
81.62.0.0/15
83.76.0.0/14
83.173.192.0/18
84.253.0.0/18
85.0.0.0/13
92.104.0.0/14
95.152.64.0/18
109.164.128.0/17
146.4.0.0/16
170.17.128.0/17
170.205.64.0/18
176.127.0.0/16
178.174.0.0-178.174.95.255
178.192.0.0/13
185.105.132.0/22
185.105.144.0/22
188.60.0.0/14
195.186.0.0/16
212.41.192.0/19
212.90.192.0/19
213.3.0.0/16
213.180.160.0/19
213.200.192.0/18
217.11.32.0/20
IPv6:
2001:4d98::/33
2a02:1200::/27
Signature Algorithm: sha256WithRSAEncryption
42:bc:41:02:cc:eb:cf:0a:0a:54:12:a4:ac:dd:20:db:03:09:
26:98:de:24:3f:c1:6a:6f:14:0c:10:68:3d:f7:8f:32:5d:ce:
3b:7b:79:64:af:11:6f:9c:6e:c7:d3:6b:b9:9d:41:53:37:df:
5d:7b:f3:80:a7:b9:5c:07:30:84:6e:7c:37:a0:85:3d:46:86:
db:cf:0d:44:54:dd:c6:c5:e7:7b:7a:c7:44:c3:b1:8f:f3:4f:
9b:b0:1b:6a:a8:ed:26:bb:fc:db:13:ed:d9:a1:19:2e:cd:7d:
62:98:42:d3:7f:82:fc:1d:1d:d2:e4:19:55:8b:65:48:86:58:
0c:3e:4e:93:3d:65:38:8d:8f:10:f5:d1:c5:82:cc:c6:c0:37:
36:38:e1:86:da:f0:76:2d:8d:43:c3:57:43:7c:e6:f2:af:43:
60:e9:2c:f2:df:9b:0a:07:91:98:f6:ee:9d:4f:96:10:da:69:
85:f5:f2:ee:94:14:5c:0b:91:30:05:78:6f:89:07:a5:18:bd:
6f:e7:34:69:c9:f0:d6:82:68:ff:6b:f8:b0:4c:7c:56:e4:0b:
a6:57:0a:91:f7:43:86:0a:68:ce:cd:c2:5f:20:77:06:80:14:
62:d0:9a:fb:48:04:4c:3d:01:2e:bc:a9:17:c2:4f:c5:98:03:
a8:5c:f7:c9
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgISAZQj1rtEYr5uaFAXNBNzVqo7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0M2UzZjQ4NTZkYWMyYTAwNWMzYTUyMzQ3MTE0ZGVjNDUz
OTM0YjgwHhcNMjUwMTAxMjE0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjA5YzcxNjI2MjM5YzFkYjgxYjEyZDVkMjY3YjJjZWFiMGIxNmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmVbVJTLissvdRjpm0QXiqQ5RNdA
ma/rbEs95zlrHZVxvkqHRvk918Zh09c2KOWAhzqgqZBPj7+qyeNzVmraZSvRCTji
DTael2E1rbxhziedXsv39cX73h/7fRUavD89muuBvVZl6amgUo7g08IqkdRUc8pN
FXwXHB3K6T/8kZCAY1QH6FUdNiCioH7hdFNeNp+utt3sJtAVi5S0QPlCcm3KregG
H9a3CIzni8JTo6tRQwE+GbWvOCwpi9ocwcWlqjIgOxLLD/YtpH+1Tp3K/MCRif6e
qXsw4V/Votbzf8RXWbDId84YMsJG6MLTnfcEInv6SaUydyXk7TUnzbYo5wIDAQAB
o4ICtzCCArMwHQYDVR0OBBYEFPsJxxYmI5wduBsS1dJnss6rCxbjMB8GA1UdIwQY
MBaAFJQ+P0hW2sKgBcOlI0cRTexFOTS4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEQ0X1NGYmF3cUFGdzZValJ4Rk43RVU1TkxnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy84YzE1NDQtN2NmMi00ODcxLWExZGYt
MDI1M2QwNGZiOGZmLzEvMS13bkhGaVlqbkIyNEd4TFYwbWV5enFzTEZ1TS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNmMvOGMxNTQ0LTdjZjItNDg3MS1hMWRmLTAyNTNkMDRmYjhm
Zi8xL2xENF9TRmJhd3FBRnc2VWpSeEZON0VVNU5MZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBywYIKwYBBQUHAQcBAf8EgbswgbgwgZ4EAgABMIGXAwMA
Lg4DAwE+ygMDAVE+AwMCU0wDBAZTrcADBAZU/QADAwNVAAMDAlxoAwQGX5hAAwQH
baSAAwMAkgQDBAeqEYADBAaqzUADAwCwfzALAwMBsq4DBAWyrkADAwOywAMEArlp
hAMEArlpkAMDArw8AwMAw7oDBAXUKcADBAXUWsADAwDVAwMEBdW0oAMEBtXIwAME
BNkLIDAVBAIAAjAPAwYHIAFNmAADBQUqAhIAMA0GCSqGSIb3DQEBCwUAA4IBAQBC
vEECzOvPCgpUEqSs3SDbAwkmmN4kP8FqbxQMEGg9948yXc47e3lkrxFvnG7H02u5
nUFTN99de/OAp7lcBzCEbnw3oIU9Robbzw1EVN3Gxed7esdEw7GP80+bsBtqqO0m
u/zbE+3ZoRkuzX1imELTf4L8HR3S5BlVi2VIhlgMPk6TPWU4jY8Q9dHFgszGwDc2
OOGG2vB2LY1Dw1dDfObyr0Ng6Szy35sKB5GY9u6dT5YQ2mmF9fLulBRcC5EwBXhv
iQelGL1v5zRpyfDWgmj/a/iwTHxW5AumVwqR90OGCmjOzcJfIHcGgBRi0Jr7SARM
PQEuvKkXwk/FmAOoXPfJ
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:47:07 2025 by rpki-client