Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/852140-a27f-449b-b5ff-223742ee4375/1/s16mVGMvOS6RJrynlu0d_REW5Zs.roa
File: s16mVGMvOS6RJrynlu0d_REW5Zs.roa (raw, json)
Hash identifier: j/aWuoQALlqWDBLsVXTmRNxIfJ4QTkyYvmGyM3pUd8Q=
Subject key identifier: B3:5E:A6:54:63:2F:39:2E:91:26:BC:A7:96:ED:1D:FD:11:16:E5:9B
Certificate issuer: /CN=cfd6e161dcfb7b72775149d435b79ba9d56d1417
Certificate serial: 0194D056A406C5BF8203F27C8DA87B6B64B6
Authority key identifier: CF:D6:E1:61:DC:FB:7B:72:77:51:49:D4:35:B7:9B:A9:D5:6D:14:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z9bhYdz7e3J3UUnUNbebqdVtFBc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/852140-a27f-449b-b5ff-223742ee4375/1/s16mVGMvOS6RJrynlu0d_REW5Zs.roa
Signing time: Tue 04 Feb 2025 09:42:06 +0000
ROA not before: Tue 04 Feb 2025 09:42:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2856
IP address blocks: 5.80.0.0/15 maxlen: 15
5.81.0.0/16 maxlen: 16
31.48.0.0/13 maxlen: 13
62.6.0.0/16 maxlen: 16
62.7.0.0/16 maxlen: 16
86.128.0.0/10 maxlen: 10
86.128.0.0/11 maxlen: 11
86.128.0.0/12 maxlen: 12
109.144.0.0/12 maxlen: 12
194.79.48.0/22 maxlen: 22
195.171.0.0/16 maxlen: 16
213.120.0.0/14 maxlen: 14
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d0:56:a4:06:c5:bf:82:03:f2:7c:8d:a8:7b:6b:64:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfd6e161dcfb7b72775149d435b79ba9d56d1417
Validity
Not Before: Feb 4 09:42:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b35ea654632f392e9126bca796ed1dfd1116e59b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a5:af:d8:f6:ca:a1:cc:27:57:a4:e7:75:a5:
dc:e3:f0:d2:91:08:09:5b:ce:93:69:d2:fe:2f:1e:
7d:72:90:ab:e4:87:0f:0e:35:ca:54:00:ef:cf:fd:
aa:89:cb:57:f7:ac:35:ed:e5:39:a3:6b:9d:47:a1:
9a:7a:40:de:50:9b:81:41:01:36:69:bc:fe:d4:9f:
e9:da:e2:3c:1a:d1:ce:7e:43:57:60:c6:6d:36:cf:
f9:6d:49:4d:de:56:d3:0f:c4:59:ad:4c:57:ef:c6:
46:89:59:66:ff:68:42:d8:53:ed:a5:32:8c:e5:1c:
1d:2d:7e:f3:51:57:71:f4:7a:ad:66:24:4a:5a:2d:
5c:98:10:bc:03:9a:8b:d0:af:56:4d:60:9c:74:d3:
e6:49:eb:d8:9c:0d:02:65:0e:ff:02:ec:d6:8d:c2:
73:2f:09:30:fa:bb:ea:7d:e6:95:84:93:72:a1:d1:
fc:fb:84:22:14:e1:ff:09:7a:e1:13:18:86:e1:19:
bd:83:c6:41:d8:d9:11:a6:4e:3b:34:b2:01:83:0b:
e6:39:89:41:34:8b:2a:c4:06:36:f3:ed:a2:10:ec:
6f:1a:4a:83:6d:e4:a2:5c:98:16:17:68:d3:04:ac:
b9:23:bc:f1:b1:a8:bd:7f:1c:5b:54:8a:d5:76:93:
8a:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:5E:A6:54:63:2F:39:2E:91:26:BC:A7:96:ED:1D:FD:11:16:E5:9B
X509v3 Authority Key Identifier:
keyid:CF:D6:E1:61:DC:FB:7B:72:77:51:49:D4:35:B7:9B:A9:D5:6D:14:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z9bhYdz7e3J3UUnUNbebqdVtFBc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/852140-a27f-449b-b5ff-223742ee4375/1/s16mVGMvOS6RJrynlu0d_REW5Zs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/852140-a27f-449b-b5ff-223742ee4375/1/z9bhYdz7e3J3UUnUNbebqdVtFBc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.80.0.0/15
31.48.0.0/13
62.6.0.0/15
86.128.0.0/10
109.144.0.0/12
194.79.48.0/22
195.171.0.0/16
213.120.0.0/14
Signature Algorithm: sha256WithRSAEncryption
36:3f:39:ee:f6:66:09:e1:9e:74:64:27:6e:88:69:8c:f9:5b:
9d:c8:c2:98:07:51:18:3a:69:db:5f:de:00:49:11:48:97:4a:
40:8e:07:c7:4a:1e:9b:e9:ab:38:3d:d2:89:b7:2b:8d:17:dd:
87:3c:2e:d5:36:77:70:a2:ec:a2:1f:06:cd:31:49:f2:01:6e:
2f:87:05:71:07:8e:82:29:5c:6f:3d:a2:0c:6f:cb:c6:dd:1d:
63:60:33:cc:d9:82:8d:fe:08:1d:f0:10:7f:b3:36:31:ea:6e:
b8:e5:39:fc:5c:db:12:b5:7a:82:e6:b5:53:90:f4:6d:9e:6a:
7c:bf:52:4c:16:51:d9:c4:79:83:f6:d5:eb:f3:e0:f6:be:40:
a8:7b:4d:10:b7:e6:26:4b:dd:1d:51:4d:55:2c:db:3b:8a:94:
8b:7e:8b:f2:d9:1b:7e:f7:94:46:bd:0f:cf:83:d1:8f:8e:9e:
a4:84:5e:e6:80:ac:e2:00:12:c0:74:eb:f7:94:ab:a6:fc:77:
80:1b:0c:e0:1f:05:23:e2:ff:fb:c3:b1:a2:fb:1f:d5:40:ca:
96:ec:78:a6:f6:e8:ef:89:13:b6:ac:7c:e7:7a:38:f1:8e:69:
08:e2:81:4b:e9:8f:5b:0f:58:2d:a6:d9:cb:b5:71:f6:d3:9f:
2d:00:89:70
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZTQVqQGxb+CA/J8jah7a2S2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZDZlMTYxZGNmYjdiNzI3NzUxNDlkNDM1Yjc5YmE5ZDU2
ZDE0MTcwHhcNMjUwMjA0MDk0MjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzVlYTY1NDYzMmYzOTJlOTEyNmJjYTc5NmVkMWRmZDExMTZlNTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqWv2PbKocwnV6TndaXc4/DSkQgJ
W86TadL+Lx59cpCr5IcPDjXKVADvz/2qictX96w17eU5o2udR6GaekDeUJuBQQE2
abz+1J/p2uI8GtHOfkNXYMZtNs/5bUlN3lbTD8RZrUxX78ZGiVlm/2hC2FPtpTKM
5RwdLX7zUVdx9HqtZiRKWi1cmBC8A5qL0K9WTWCcdNPmSevYnA0CZQ7/AuzWjcJz
Lwkw+rvqfeaVhJNyodH8+4QiFOH/CXrhExiG4Rm9g8ZB2NkRpk47NLIBgwvmOYlB
NIsqxAY28+2iEOxvGkqDbeSiXJgWF2jTBKy5I7zxsai9fxxbVIrVdpOK7wIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFLNeplRjLzkukSa8p5btHf0RFuWbMB8GA1UdIwQY
MBaAFM/W4WHc+3tyd1FJ1DW3m6nVbRQXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejliaFlkejdlM0ozVVVuVU5iZWJxZFZ0RkJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS84NTIxNDAtYTI3Zi00NDliLWI1ZmYt
MjIzNzQyZWU0Mzc1LzEvczE2bVZHTXZPUzZSSnJ5bmx1MGRfUkVXNVpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS84NTIxNDAtYTI3Zi00NDliLWI1ZmYtMjIzNzQyZWU0Mzc1
LzEvejliaFlkejdlM0ozVVVuVU5iZWJxZFZ0RkJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAvBAIAATApAwMBBVADAwMf
MAMDAT4GAwMGVoADAwRtkAMEAsJPMAMDAMOrAwMC1XgwDQYJKoZIhvcNAQELBQAD
ggEBADY/Oe72ZgnhnnRkJ26IaYz5W53IwpgHURg6adtf3gBJEUiXSkCOB8dKHpvp
qzg90om3K40X3Yc8LtU2d3Ci7KIfBs0xSfIBbi+HBXEHjoIpXG89ogxvy8bdHWNg
M8zZgo3+CB3wEH+zNjHqbrjlOfxc2xK1eoLmtVOQ9G2eany/UkwWUdnEeYP21evz
4Pa+QKh7TRC35iZL3R1RTVUs2zuKlIt+i/LZG373lEa9D8+D0Y+OnqSEXuaArOIA
EsB06/eUq6b8d4AbDOAfBSPi//vDsaL7H9VAypbseKb26O+JE7asfOd6OPGOaQji
gUvpj1sPWC2m2cu1cfbTny0AiXA=
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:10:17 2025 by rpki-client