Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/poQ9sY-40mE5OkfYNESkcevxBo8.roa
File: poQ9sY-40mE5OkfYNESkcevxBo8.roa (raw, json)
Hash identifier: t3e6WnaTkGCDqI4QgZzs43WxvQ36SKjt1xL670t+gp8=
Subject key identifier: A6:84:3D:B1:8F:B8:D2:61:39:3A:47:D8:34:44:A4:71:EB:F1:06:8F
Certificate issuer: /CN=89a6cd9f4beb7b0c04d31ffe5c674a87a7739d21
Certificate serial: 01942143AF004AF80DC3647F2CF914B63885
Authority key identifier: 89:A6:CD:9F:4B:EB:7B:0C:04:D3:1F:FE:5C:67:4A:87:A7:73:9D:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/poQ9sY-40mE5OkfYNESkcevxBo8.roa
Signing time: Wed 01 Jan 2025 09:47:51 +0000
ROA not before: Wed 01 Jan 2025 09:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13000
IP address blocks: 62.182.224.0/21 maxlen: 21
87.101.64.0/20 maxlen: 24
87.239.192.0/21 maxlen: 21
89.200.224.0/21 maxlen: 24
91.195.134.0/23 maxlen: 23
91.195.158.0/23 maxlen: 23
91.195.190.0/23 maxlen: 23
91.200.24.0/22 maxlen: 22
91.214.24.0/22 maxlen: 22
95.131.32.0/21 maxlen: 24
188.137.0.0/17 maxlen: 24
193.34.112.0/22 maxlen: 22
193.93.92.0/22 maxlen: 24
193.150.36.0/23 maxlen: 23
195.3.200.0/22 maxlen: 22
195.3.203.0/24 maxlen: 24
195.66.73.0/24 maxlen: 24
2a02:c40::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:af:00:4a:f8:0d:c3:64:7f:2c:f9:14:b6:38:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89a6cd9f4beb7b0c04d31ffe5c674a87a7739d21
Validity
Not Before: Jan 1 09:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6843db18fb8d261393a47d83444a471ebf1068f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:59:4b:48:07:93:e4:b7:97:89:de:66:c2:7b:
7c:d6:cb:e0:52:23:b4:39:9a:70:03:79:03:a0:f1:
73:2f:eb:10:db:5f:2a:ff:5d:86:38:8c:87:bb:0f:
0a:59:4c:a3:b7:88:be:ec:13:36:6a:cf:ba:a6:f4:
bb:6b:d3:c2:b1:48:f3:61:39:d5:84:cb:8d:b2:72:
aa:26:11:48:47:23:15:cd:29:21:4b:07:89:f0:ba:
f2:d9:60:88:f9:51:b8:37:75:5c:b4:37:66:5e:00:
75:c3:74:65:f0:cf:1e:b7:d2:a7:d5:e2:b3:a1:77:
a1:74:f4:70:cb:00:d0:4b:96:e4:1e:f3:e0:39:a3:
45:36:11:f0:9e:5e:f7:ee:76:bb:ce:08:43:23:8b:
7a:37:a4:a3:3d:45:03:03:fc:fd:15:5c:30:5f:a1:
55:41:7d:5f:59:4a:8b:4a:75:64:8a:6f:b9:3c:bc:
70:42:83:c5:7f:37:03:6f:1c:bc:4b:15:ec:2d:c1:
f0:c6:19:82:fc:0c:f9:e1:b4:d7:a5:fb:41:4a:51:
9b:36:fc:59:44:7d:74:91:08:9a:21:53:f4:70:34:
98:d1:01:40:16:f2:72:d4:dc:a9:c9:73:89:be:ef:
0b:b8:5e:ae:f5:41:f3:9f:83:28:23:2b:31:4a:7f:
ad:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:84:3D:B1:8F:B8:D2:61:39:3A:47:D8:34:44:A4:71:EB:F1:06:8F
X509v3 Authority Key Identifier:
keyid:89:A6:CD:9F:4B:EB:7B:0C:04:D3:1F:FE:5C:67:4A:87:A7:73:9D:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/poQ9sY-40mE5OkfYNESkcevxBo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/iabNn0vrewwE0x_-XGdKh6dznSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.224.0/21
87.101.64.0/20
87.239.192.0/21
89.200.224.0/21
91.195.134.0/23
91.195.158.0/23
91.195.190.0/23
91.200.24.0/22
91.214.24.0/22
95.131.32.0/21
188.137.0.0/17
193.34.112.0/22
193.93.92.0/22
193.150.36.0/23
195.3.200.0/22
195.66.73.0/24
IPv6:
2a02:c40::/32
Signature Algorithm: sha256WithRSAEncryption
1a:9b:4d:e5:5d:b1:8d:2d:5f:21:b6:04:50:5d:3e:c9:71:47:
bb:e7:25:3e:25:dd:40:1d:f0:67:9b:e0:41:92:1b:c3:bb:40:
d7:a1:4f:96:aa:6d:c4:dd:03:e1:04:9d:99:63:ab:80:3d:76:
65:7d:fe:f2:4e:a2:78:75:bb:e0:79:3c:14:9a:41:f9:99:8a:
08:6e:d7:7a:fb:22:8e:0f:3b:09:19:b6:24:12:2d:73:30:16:
ae:67:0b:af:62:0e:13:ba:9d:e6:6d:c7:bd:ab:e8:bf:ed:f6:
90:d0:88:58:ec:f5:5a:5c:34:16:6b:b8:50:78:2a:8a:d0:8a:
37:0a:d4:6a:09:45:71:18:e0:e8:97:fa:6c:bc:56:eb:40:c7:
b0:9d:a8:7f:e2:f9:ff:8a:bb:cc:9f:9e:6f:5f:21:db:9e:17:
3a:8d:15:41:e8:aa:a5:bd:cf:50:61:2a:dd:09:87:21:b5:06:
63:0f:9a:cb:ea:4d:05:7e:2a:ca:af:7a:db:cb:9d:1a:9a:0f:
52:6d:12:4d:e2:e6:c1:77:cf:eb:9f:84:ca:6d:e1:80:c0:1a:
15:3e:e4:3d:7f:65:37:a4:16:02:67:29:e3:20:2d:36:b8:c2:
08:12:f4:c6:81:e3:e8:3e:80:fd:25:42:97:69:81:fc:bf:95:
cb:05:f4:d0
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAZQhQ68ASvgNw2R/LPkUtjiFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YTZjZDlmNGJlYjdiMGMwNGQzMWZmZTVjNjc0YTg3YTc3
MzlkMjEwHhcNMjUwMTAxMDk0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjg0M2RiMThmYjhkMjYxMzkzYTQ3ZDgzNDQ0YTQ3MWViZjEwNjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFlLSAeT5LeXid5mwnt81svgUiO0
OZpwA3kDoPFzL+sQ218q/12GOIyHuw8KWUyjt4i+7BM2as+6pvS7a9PCsUjzYTnV
hMuNsnKqJhFIRyMVzSkhSweJ8Lry2WCI+VG4N3VctDdmXgB1w3Rl8M8et9Kn1eKz
oXehdPRwywDQS5bkHvPgOaNFNhHwnl737na7zghDI4t6N6SjPUUDA/z9FVwwX6FV
QX1fWUqLSnVkim+5PLxwQoPFfzcDbxy8SxXsLcHwxhmC/Az54bTXpftBSlGbNvxZ
RH10kQiaIVP0cDSY0QFAFvJy1NypyXOJvu8LuF6u9UHzn4MoIysxSn+tRwIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFKaEPbGPuNJhOTpH2DREpHHr8QaPMB8GA1UdIwQY
MBaAFImmzZ9L63sMBNMf/lxnSoenc50hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWFiTm4wdnJld3dFMHhfLVhHZEtoNmR6blNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni85OWE0Y2MtNDcyMC00YTY0LWFhMDYt
MWY5MjQ0OTVmY2RkLzEvcG9ROXNZLTQwbUU1T2tmWU5FU2tjZXZ4Qm84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni85OWE0Y2MtNDcyMC00YTY0LWFhMDYtMWY5MjQ0OTVmY2Rk
LzEvaWFiTm4wdnJld3dFMHhfLVhHZEtoNmR6blNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwZgQCAAEwYAMEAz624AME
BFdlQAMEA1fvwAMEA1nI4AMEAVvDhgMEAVvDngMEAVvDvgMEAlvIGAMEAlvWGAME
A1+DIAMEB7yJAAMEAsEicAMEAsFdXAMEAcGWJAMEAsMDyAMEAMNCSTANBAIAAjAH
AwUAKgIMQDANBgkqhkiG9w0BAQsFAAOCAQEAGptN5V2xjS1fIbYEUF0+yXFHu+cl
PiXdQB3wZ5vgQZIbw7tA16FPlqptxN0D4QSdmWOrgD12ZX3+8k6ieHW74Hk8FJpB
+ZmKCG7Xevsijg87CRm2JBItczAWrmcLr2IOE7qd5m3Hvavov+32kNCIWOz1Wlw0
Fmu4UHgqitCKNwrUaglFcRjg6Jf6bLxW60DHsJ2of+L5/4q7zJ+eb18h254XOo0V
Qeiqpb3PUGEq3QmHIbUGYw+ay+pNBX4qyq9628udGpoPUm0STeLmwXfP65+Eym3h
gMAaFT7kPX9lN6QWAmcp4yAtNrjCCBL0xoHj6D6A/SVCl2mB/L+VywX00A==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:40 2025 by rpki-client