Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/v3O2rk8WaR7VhMc1DaSHWT3Xzz8.roa
File: v3O2rk8WaR7VhMc1DaSHWT3Xzz8.roa (raw, json)
Hash identifier: QkMQyvC3sEpgXeZ6lU5JRmWJPmKhWgedStjiN3opkDY=
Subject key identifier: BF:73:B6:AE:4F:16:69:1E:D5:84:C7:35:0D:A4:87:59:3D:D7:CF:3F
Certificate issuer: /CN=c1098a1905bbd3381533828f6b7fd227170431ef
Certificate serial: 0194221FE539BC5648158FD2CF884DF1F00D
Authority key identifier: C1:09:8A:19:05:BB:D3:38:15:33:82:8F:6B:7F:D2:27:17:04:31:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQmKGQW70zgVM4KPa3_SJxcEMe8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/v3O2rk8WaR7VhMc1DaSHWT3Xzz8.roa
Signing time: Wed 01 Jan 2025 13:48:23 +0000
ROA not before: Wed 01 Jan 2025 13:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57324
IP address blocks: 79.132.195.0/24 maxlen: 24
79.132.196.0/24 maxlen: 24
79.132.197.0/24 maxlen: 24
79.132.198.0/24 maxlen: 24
79.132.199.0/24 maxlen: 24
86.111.144.0/24 maxlen: 24
86.111.145.0/24 maxlen: 24
86.111.146.0/24 maxlen: 24
86.111.147.0/24 maxlen: 24
109.230.112.0/24 maxlen: 24
109.230.114.0/24 maxlen: 24
109.230.115.0/24 maxlen: 24
109.230.120.0/24 maxlen: 24
109.230.123.0/24 maxlen: 24
109.230.126.0/24 maxlen: 24
122.102.116.0/24 maxlen: 24
122.102.117.0/24 maxlen: 24
122.102.118.0/24 maxlen: 24
185.113.105.0/24 maxlen: 24
185.113.107.0/24 maxlen: 24
202.164.192.0/24 maxlen: 24
202.164.193.0/24 maxlen: 24
202.164.194.0/24 maxlen: 24
202.164.195.0/24 maxlen: 24
202.164.197.0/24 maxlen: 24
202.164.198.0/24 maxlen: 24
202.164.199.0/24 maxlen: 24
202.164.200.0/24 maxlen: 24
202.164.201.0/24 maxlen: 24
202.164.202.0/24 maxlen: 24
202.164.203.0/24 maxlen: 24
202.164.204.0/24 maxlen: 24
202.164.205.0/24 maxlen: 24
2a03:c340::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:e5:39:bc:56:48:15:8f:d2:cf:88:4d:f1:f0:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1098a1905bbd3381533828f6b7fd227170431ef
Validity
Not Before: Jan 1 13:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf73b6ae4f16691ed584c7350da487593dd7cf3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:ee:90:2d:e4:50:c0:6f:c1:7c:a9:8c:71:eb:
35:68:79:aa:e8:34:78:89:85:70:dc:6f:84:88:f2:
de:0c:2d:47:af:cd:2b:1a:c9:94:f1:b2:68:00:bc:
5a:f2:4f:9c:7c:4d:d9:97:5f:a1:e0:35:32:e4:34:
af:c0:53:37:0a:b8:9f:d9:f5:2b:74:cc:df:c9:76:
4b:85:aa:cc:cb:ea:f2:a1:9e:68:88:5c:a2:79:77:
d8:6e:b4:2f:03:2d:ee:1a:cc:5a:b7:24:df:ee:ae:
ea:f7:1d:86:b0:a0:61:41:2e:6a:ca:cf:24:4f:67:
75:f8:9c:16:52:ea:2c:c7:f6:e2:2f:28:80:c8:bc:
81:8c:08:ba:d3:65:07:0c:42:cf:13:ac:59:4a:c7:
4c:a0:cb:0d:19:0d:98:f5:7b:b2:d2:a4:3d:dc:68:
35:cf:2c:b3:71:e1:8b:73:75:24:38:97:69:23:ca:
ff:9d:29:20:f4:93:91:52:70:9d:4a:95:32:9e:58:
91:68:d3:18:59:2f:84:27:1b:37:7d:8d:4f:ff:3f:
77:aa:a4:56:c3:9d:e9:04:0a:a4:c7:82:c1:ce:e0:
13:86:ef:98:6f:f8:86:ee:58:b9:b1:c8:21:48:a6:
87:6f:e5:50:ee:9f:b3:d2:c6:6f:16:3a:a9:85:8f:
6d:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:73:B6:AE:4F:16:69:1E:D5:84:C7:35:0D:A4:87:59:3D:D7:CF:3F
X509v3 Authority Key Identifier:
keyid:C1:09:8A:19:05:BB:D3:38:15:33:82:8F:6B:7F:D2:27:17:04:31:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQmKGQW70zgVM4KPa3_SJxcEMe8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/v3O2rk8WaR7VhMc1DaSHWT3Xzz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/wQmKGQW70zgVM4KPa3_SJxcEMe8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.132.195.0-79.132.199.255
86.111.144.0/22
109.230.112.0/24
109.230.114.0/23
109.230.120.0/24
109.230.123.0/24
109.230.126.0/24
122.102.116.0-122.102.118.255
185.113.105.0/24
185.113.107.0/24
202.164.192.0/22
202.164.197.0-202.164.205.255
IPv6:
2a03:c340::/32
Signature Algorithm: sha256WithRSAEncryption
9a:0f:2c:2c:44:dd:0e:5c:98:0f:14:cd:6e:25:d3:b1:53:e2:
a1:a6:88:62:fb:17:f2:00:8d:3c:bc:51:f5:93:45:6d:c9:2c:
6b:e3:68:e1:c6:a3:df:92:d5:17:de:77:ba:dd:02:72:bc:b1:
35:1e:66:86:dc:f3:67:b3:9b:84:e3:a3:0f:80:10:60:86:3e:
8b:d8:a0:5e:c9:7c:17:69:2f:3a:f3:db:93:f8:70:8e:07:e0:
d5:8f:cc:ef:6d:c1:8c:d4:38:17:5e:4e:a1:6c:97:0c:17:96:
9e:e6:79:a7:5e:44:de:a3:48:ed:a4:af:fa:c4:b0:6a:98:e6:
e7:8d:99:9b:f4:08:5c:88:10:be:ab:00:40:44:54:64:92:7a:
2f:ed:af:69:ee:c1:5e:f6:f1:63:05:aa:3f:98:78:22:7f:37:
e3:c5:50:1f:7c:1d:01:d4:e2:84:b1:10:84:ba:33:c0:d3:04:
e8:72:53:d5:ce:08:be:d4:61:3a:3c:80:d0:8b:e2:93:e4:d7:
8f:69:e8:c6:0a:cf:a4:e5:c1:2e:85:f5:8b:31:f1:7a:1f:a6:
8a:4e:ed:d6:c3:6f:26:aa:fa:4f:8f:87:14:94:65:01:9d:04:
da:78:d8:ce:78:2c:50:60:06:86:ad:03:5f:a9:c2:92:d3:05:
e3:55:01:19
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAZQiH+U5vFZIFY/Sz4hN8fANMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDk4YTE5MDViYmQzMzgxNTMzODI4ZjZiN2ZkMjI3MTcw
NDMxZWYwHhcNMjUwMTAxMTM0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjczYjZhZTRmMTY2OTFlZDU4NGM3MzUwZGE0ODc1OTNkZDdjZjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4e6QLeRQwG/BfKmMces1aHmq6DR4
iYVw3G+EiPLeDC1Hr80rGsmU8bJoALxa8k+cfE3Zl1+h4DUy5DSvwFM3Crif2fUr
dMzfyXZLharMy+ryoZ5oiFyieXfYbrQvAy3uGsxatyTf7q7q9x2GsKBhQS5qys8k
T2d1+JwWUuosx/biLyiAyLyBjAi602UHDELPE6xZSsdMoMsNGQ2Y9Xuy0qQ93Gg1
zyyzceGLc3UkOJdpI8r/nSkg9JORUnCdSpUynliRaNMYWS+EJxs3fY1P/z93qqRW
w53pBAqkx4LBzuAThu+Yb/iG7li5scghSKaHb+VQ7p+z0sZvFjqphY9tqwIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFL9ztq5PFmke1YTHNQ2kh1k9188/MB8GA1UdIwQY
MBaAFMEJihkFu9M4FTOCj2t/0icXBDHvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FtS0dRVzcwemdWTTRLUGEzX1NKeGNFTWU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yZWVkNzEtNDY2NS00OTQ4LWEzYzUt
YjJhNzEzZDJlYWIyLzEvdjNPMnJrOFdhUjdWaE1jMURhU0hXVDNYeno4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yZWVkNzEtNDY2NS00OTQ4LWEzYzUtYjJhNzEzZDJlYWIy
LzEvd1FtS0dRVzcwemdWTTRLUGEzX1NKeGNFTWU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwZgQCAAEwYDAMAwQAT4TD
AwQDT4TAAwQCVm+QAwQAbeZwAwQBbeZyAwQAbeZ4AwQAbeZ7AwQAbeZ+MAwDBAJ6
ZnQDBAB6ZnYDBAC5cWkDBAC5cWsDBALKpMAwDAMEAMqkxQMEAcqkzDANBAIAAjAH
AwUAKgPDQDANBgkqhkiG9w0BAQsFAAOCAQEAmg8sLETdDlyYDxTNbiXTsVPioaaI
YvsX8gCNPLxR9ZNFbcksa+No4caj35LVF953ut0CcryxNR5mhtzzZ7ObhOOjD4AQ
YIY+i9igXsl8F2kvOvPbk/hwjgfg1Y/M723BjNQ4F15OoWyXDBeWnuZ5p15E3qNI
7aSv+sSwapjm542Zm/QIXIgQvqsAQERUZJJ6L+2vae7BXvbxYwWqP5h4In8348VQ
H3wdAdTihLEQhLozwNME6HJT1c4IvtRhOjyA0Ivik+TXj2noxgrPpOXBLoX1izHx
eh+mik7t1sNvJqr6T4+HFJRlAZ0E2njYzngsUGAGhq0DX6nCktMF41UBGQ==
-----END CERTIFICATE-----
Generated at Fri Apr 11 14:40:08 2025 by rpki-client