Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/_9fGoXdUtf3h1sGm3_jz-hRkmA4.roa
File: _9fGoXdUtf3h1sGm3_jz-hRkmA4.roa (raw, json)
Hash identifier: iYD3EnySU+/I/rle90/wIty/qQkrvagRy6feN6MCUKs=
Subject key identifier: FF:D7:C6:A1:77:54:B5:FD:E1:D6:C1:A6:DF:F8:F3:FA:14:64:98:0E
Certificate issuer: /CN=99d5bfad45d7c65a6e343028509fd1892e97b9d0
Certificate serial: 0194282319068DBB5044AC8B394522F071EA
Authority key identifier: 99:D5:BF:AD:45:D7:C6:5A:6E:34:30:28:50:9F:D1:89:2E:97:B9:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/_9fGoXdUtf3h1sGm3_jz-hRkmA4.roa
Signing time: Thu 02 Jan 2025 17:49:36 +0000
ROA not before: Thu 02 Jan 2025 17:49:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 132892
IP address blocks: 141.101.88.0/24 maxlen: 24
141.101.89.0/24 maxlen: 24
2a06:98c0:3600::/48 maxlen: 48
2a06:98c0:3601::/48 maxlen: 48
2a06:98c0:3602::/48 maxlen: 48
2a06:98c0:3603::/48 maxlen: 48
2a06:98c0:3604::/48 maxlen: 48
2a06:98c0:3605::/48 maxlen: 48
2a06:98c0:3606::/48 maxlen: 48
2a06:98c0:3607::/48 maxlen: 48
2a06:98c0:3608::/48 maxlen: 48
2a06:98c0:3609::/48 maxlen: 48
2a06:98c0:360a::/48 maxlen: 48
2a06:98c0:360b::/48 maxlen: 48
2a06:98c0:360c::/48 maxlen: 48
2a06:98c0:360d::/48 maxlen: 48
2a06:98c0:360f::/48 maxlen: 48
2a06:98c0:3610::/48 maxlen: 48
2a06:98c0:3611::/48 maxlen: 48
2a06:98c0:3613::/48 maxlen: 48
2a06:98c0:3614::/48 maxlen: 48
2a06:98c0:3615::/48 maxlen: 48
2a06:98c0:361c::/48 maxlen: 48
2a06:98c0:361d::/48 maxlen: 48
2a06:98c0:361f::/48 maxlen: 48
2a06:98c0:3620::/48 maxlen: 48
2a06:98c0:3621::/48 maxlen: 48
2a06:98c0:3622::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:19:06:8d:bb:50:44:ac:8b:39:45:22:f0:71:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99d5bfad45d7c65a6e343028509fd1892e97b9d0
Validity
Not Before: Jan 2 17:49:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ffd7c6a17754b5fde1d6c1a6dff8f3fa1464980e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:fa:d0:68:43:1c:9a:eb:ed:7a:81:45:ec:a7:
07:14:e1:82:ac:38:a5:30:fc:80:e4:ad:b5:ee:ab:
75:50:cc:ff:86:1a:5b:a4:fb:88:d7:ef:69:76:01:
b7:f7:d0:d3:65:49:7c:2b:9c:43:f4:66:f2:08:bf:
4f:1c:b8:5d:e8:f9:15:78:99:35:fc:f8:70:a2:06:
35:40:fc:ad:4c:71:5d:fe:e2:69:17:5a:30:c1:9e:
ef:8f:9c:b1:d8:d2:e0:6d:00:f0:4e:7f:ca:ff:8f:
60:ff:9e:2c:af:86:3c:04:f4:07:22:4e:32:6e:74:
e5:a4:26:06:ea:4b:10:ec:8f:8a:d6:93:4d:45:0c:
2d:98:df:bb:d6:f9:46:62:d8:b5:cf:a6:fe:24:26:
23:e3:ed:17:cf:8d:1b:5b:78:51:e8:35:5b:bc:a8:
e4:62:81:62:fb:a0:7a:f5:58:59:4e:0a:14:6b:83:
92:5b:55:9c:b5:d8:b2:d2:86:1d:03:3d:f5:51:83:
57:89:e0:a8:55:a4:d1:6b:07:4d:e1:58:bf:67:0e:
f1:2b:40:3e:03:1f:97:43:53:4e:5c:5f:e4:60:eb:
f9:60:f6:a9:b2:7b:d2:66:66:0e:a8:6f:2b:f3:b3:
64:ad:9f:c8:17:3a:62:b1:56:15:62:65:94:15:6b:
a3:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:D7:C6:A1:77:54:B5:FD:E1:D6:C1:A6:DF:F8:F3:FA:14:64:98:0E
X509v3 Authority Key Identifier:
keyid:99:D5:BF:AD:45:D7:C6:5A:6E:34:30:28:50:9F:D1:89:2E:97:B9:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/_9fGoXdUtf3h1sGm3_jz-hRkmA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/mdW_rUXXxlpuNDAoUJ_RiS6XudA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.101.88.0/23
IPv6:
2a06:98c0:3600::-2a06:98c0:360d:ffff:ffff:ffff:ffff:ffff
2a06:98c0:360f::-2a06:98c0:3611:ffff:ffff:ffff:ffff:ffff
2a06:98c0:3613::-2a06:98c0:3615:ffff:ffff:ffff:ffff:ffff
2a06:98c0:361c::/47
2a06:98c0:361f::-2a06:98c0:3622:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
61:b8:9c:0f:2f:70:a5:4e:df:67:73:2e:27:ea:64:a2:2c:6d:
e5:50:dd:4a:c8:80:87:9d:1f:f2:5c:bb:57:ab:77:b4:7b:a0:
c1:fb:3f:e1:75:d2:1d:d6:9a:94:34:8e:59:7a:7f:2d:8f:30:
13:1f:7c:1e:7b:7f:58:92:dc:1c:e9:44:15:63:92:9a:4e:9d:
50:b7:ca:0d:f0:5b:db:93:ef:bf:3e:13:e2:f8:97:ef:f3:11:
42:a4:42:5e:21:72:a3:5a:17:ac:59:16:06:18:e5:a7:1c:94:
8d:81:d8:9d:79:82:01:b7:8f:63:d1:aa:be:e3:a7:a4:05:9d:
cd:9e:3e:32:9d:a8:6e:51:52:2c:b4:c6:8d:4a:ef:f9:17:c1:
cf:6f:25:6a:22:97:02:74:0d:17:3d:65:f1:07:80:d7:07:62:
08:bb:b6:97:32:35:bd:6e:d6:d6:0e:1d:b3:17:cc:44:82:21:
e1:4a:30:04:ca:d2:df:e2:f9:5f:e9:10:ef:27:85:b1:a2:5e:
1c:55:0e:d8:06:78:34:d0:45:75:0f:98:59:b3:a0:13:b5:5d:
e4:fa:2d:54:9a:1c:20:55:16:4d:6a:f3:73:13:c7:d8:31:b2:
2b:ca:df:ed:6d:b2:b5:33:e5:86:f0:69:96:a7:31:00:be:39:
8e:e2:67:6c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZQoIxkGjbtQRKyLOUUi8HHqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZDViZmFkNDVkN2M2NWE2ZTM0MzAyODUwOWZkMTg5MmU5
N2I5ZDAwHhcNMjUwMTAyMTc0OTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmQ3YzZhMTc3NTRiNWZkZTFkNmMxYTZkZmY4ZjNmYTE0NjQ5ODBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPrQaEMcmuvteoFF7KcHFOGCrDil
MPyA5K217qt1UMz/hhpbpPuI1+9pdgG399DTZUl8K5xD9GbyCL9PHLhd6PkVeJk1
/PhwogY1QPytTHFd/uJpF1owwZ7vj5yx2NLgbQDwTn/K/49g/54sr4Y8BPQHIk4y
bnTlpCYG6ksQ7I+K1pNNRQwtmN+71vlGYti1z6b+JCYj4+0Xz40bW3hR6DVbvKjk
YoFi+6B69VhZTgoUa4OSW1Wctdiy0oYdAz31UYNXieCoVaTRawdN4Vi/Zw7xK0A+
Ax+XQ1NOXF/kYOv5YPapsnvSZmYOqG8r87NkrZ/IFzpisVYVYmWUFWujBQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFP/XxqF3VLX94dbBpt/48/oUZJgOMB8GA1UdIwQY
MBaAFJnVv61F18ZabjQwKFCf0Ykul7nQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWRXX3JVWFh4bHB1TkRBb1VKX1JpUzZYdWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC84MTcxZTMtMmQyOS00Y2I2LThhOTQt
NzU1MTgwOWNiNzMxLzEvXzlmR29YZFV0ZjNoMXNHbTNfanotaFJrbUE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC84MTcxZTMtMmQyOS00Y2I2LThhOTQtNzU1MTgwOWNiNzMx
LzEvbWRXX3JVWFh4bHB1TkRBb1VKX1JpUzZYdWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjAMBAIAATAGAwQBjWVYMF4E
AgACMFgwEQMGASoGmMA2AwcBKgaYwDYMMBIDBwAqBpjANg8DBwEqBpjANhAwEgMH
ACoGmMA2EwMHASoGmMA2FAMHASoGmMA2HDASAwcAKgaYwDYfAwcAKgaYwDYiMA0G
CSqGSIb3DQEBCwUAA4IBAQBhuJwPL3ClTt9ncy4n6mSiLG3lUN1KyICHnR/yXLtX
q3e0e6DB+z/hddId1pqUNI5Zen8tjzATH3wee39Yktwc6UQVY5KaTp1Qt8oN8Fvb
k++/PhPi+Jfv8xFCpEJeIXKjWhesWRYGGOWnHJSNgdideYIBt49j0aq+46ekBZ3N
nj4ynahuUVIstMaNSu/5F8HPbyVqIpcCdA0XPWXxB4DXB2IIu7aXMjW9btbWDh2z
F8xEgiHhSjAEytLf4vlf6RDvJ4Wxol4cVQ7YBng00EV1D5hZs6ATtV3k+i1Umhwg
VRZNavNzE8fYMbIryt/tbbK1M+WG8GmWpzEAvjmO4mds
-----END CERTIFICATE-----
Generated at Fri Apr 11 07:12:55 2025 by rpki-client