Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/304aaa-4ce5-4065-b073-26c3365153af/1/DrD2EGGK8WeukKhW_YJ8LCGTR78.roa
File: DrD2EGGK8WeukKhW_YJ8LCGTR78.roa (raw, json)
Hash identifier: b5xoiz2oFHur8HWu35m6ElddpxbfSrT/Y2/iqOY1S6Y=
Subject key identifier: 0E:B0:F6:10:61:8A:F1:67:AE:90:A8:56:FD:82:7C:2C:21:93:47:BF
Certificate issuer: /CN=4074a1c0383ad5eb0f0588e4c3394ba34010a621
Certificate serial: 0194258F850FB61C2D810AEE5293F48E09BF
Authority key identifier: 40:74:A1:C0:38:3A:D5:EB:0F:05:88:E4:C3:39:4B:A3:40:10:A6:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QHShwDg61esPBYjkwzlLo0AQpiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/304aaa-4ce5-4065-b073-26c3365153af/1/DrD2EGGK8WeukKhW_YJ8LCGTR78.roa
Signing time: Thu 02 Jan 2025 05:49:10 +0000
ROA not before: Thu 02 Jan 2025 05:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6453
IP address blocks: 91.197.46.0/24 maxlen: 24
91.197.47.0/24 maxlen: 24
91.232.100.0/24 maxlen: 24
91.232.101.0/24 maxlen: 24
185.81.140.0/24 maxlen: 24
185.81.141.0/24 maxlen: 24
185.81.142.0/24 maxlen: 24
185.81.143.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:85:0f:b6:1c:2d:81:0a:ee:52:93:f4:8e:09:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4074a1c0383ad5eb0f0588e4c3394ba34010a621
Validity
Not Before: Jan 2 05:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0eb0f610618af167ae90a856fd827c2c219347bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:61:6e:a9:20:9c:ea:95:03:00:86:7d:9f:10:
15:a9:d8:b5:94:4a:b7:7e:0b:2a:43:92:9a:73:f8:
fc:a9:c2:6b:48:88:86:88:72:5e:c0:d9:2e:d8:f6:
2d:57:bd:3f:ed:a5:65:a1:47:68:72:4b:6a:c1:10:
6f:2c:fc:51:1c:72:e9:30:d5:06:bb:55:58:54:3e:
7e:c9:dc:4c:14:0c:28:06:d5:9d:d1:a4:96:99:ec:
f0:f9:3f:2d:9c:9d:ab:11:a2:4e:70:e3:a7:f6:18:
40:bf:38:77:7c:9d:c8:2a:56:4c:a0:75:89:c6:1a:
fc:ab:18:b4:17:91:af:0a:99:be:2d:29:ec:7b:f1:
8f:1f:4a:85:e3:f0:9b:04:73:d6:58:be:01:66:1b:
65:f2:8e:84:3f:d2:61:09:5f:fb:e3:a2:1e:c0:af:
5f:c3:78:18:3c:b3:97:12:39:9f:60:67:6c:f1:61:
30:ee:44:ca:3c:e9:25:58:14:b2:ea:28:d3:39:0c:
17:9f:f6:1c:00:31:e0:7e:dd:36:05:95:3b:fe:17:
9f:00:be:1a:bf:8d:5e:6c:5c:48:51:b2:e0:0c:1a:
bf:fb:a0:68:f3:6a:46:c9:d2:a3:49:53:4f:cb:81:
f4:74:89:20:cc:96:a6:ea:db:41:b7:1c:6c:cb:e9:
a6:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:B0:F6:10:61:8A:F1:67:AE:90:A8:56:FD:82:7C:2C:21:93:47:BF
X509v3 Authority Key Identifier:
keyid:40:74:A1:C0:38:3A:D5:EB:0F:05:88:E4:C3:39:4B:A3:40:10:A6:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHShwDg61esPBYjkwzlLo0AQpiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/304aaa-4ce5-4065-b073-26c3365153af/1/DrD2EGGK8WeukKhW_YJ8LCGTR78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/304aaa-4ce5-4065-b073-26c3365153af/1/QHShwDg61esPBYjkwzlLo0AQpiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.46.0/23
91.232.100.0/23
185.81.140.0/22
Signature Algorithm: sha256WithRSAEncryption
27:34:34:64:e1:ba:67:d5:76:a3:ed:33:c9:47:1d:c5:99:b5:
ac:fb:82:d5:25:af:b9:b2:70:1e:45:52:b8:19:61:08:3b:e6:
c0:82:ea:d5:f7:53:7b:3c:d8:8d:08:54:de:d2:42:b9:27:a8:
5e:fd:ce:29:80:79:c1:b8:e4:97:28:24:7d:f9:0b:ac:c0:66:
cf:f4:24:5c:64:70:26:0d:41:81:08:f0:bb:f5:7a:9f:f3:ab:
57:75:69:62:0c:59:29:17:8a:9d:20:e3:5e:86:03:66:a8:80:
95:2d:3e:3f:de:e4:d0:95:84:0b:d7:ab:4b:98:0b:1f:b3:9c:
6a:c9:76:d5:42:35:41:e1:ce:c9:52:29:70:53:8e:ea:c1:ba:
c6:60:05:84:de:f1:d3:2a:1d:a9:30:f2:3c:27:d5:11:1b:98:
8b:a4:5a:f1:d2:54:fe:ad:0a:61:0f:5b:29:20:bc:0b:ae:5c:
65:4b:4c:ef:4a:27:d5:f0:ec:63:4c:e1:d2:95:54:dc:39:35:
3e:8b:97:07:64:ac:34:14:b9:2e:18:58:dc:7a:88:e0:c7:33:
fb:c3:6b:a2:e5:6e:04:19:ed:2a:63:13:32:a4:0f:b5:69:15:
42:29:d4:0d:5d:5a:42:af:db:f0:9e:bd:04:e5:18:c5:76:94:
03:5c:c7:8b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQlj4UPthwtgQruUpP0jgm/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNzRhMWMwMzgzYWQ1ZWIwZjA1ODhlNGMzMzk0YmEzNDAx
MGE2MjEwHhcNMjUwMTAyMDU0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWIwZjYxMDYxOGFmMTY3YWU5MGE4NTZmZDgyN2MyYzIxOTM0N2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0GFuqSCc6pUDAIZ9nxAVqdi1lEq3
fgsqQ5Kac/j8qcJrSIiGiHJewNku2PYtV70/7aVloUdocktqwRBvLPxRHHLpMNUG
u1VYVD5+ydxMFAwoBtWd0aSWmezw+T8tnJ2rEaJOcOOn9hhAvzh3fJ3IKlZMoHWJ
xhr8qxi0F5GvCpm+LSnse/GPH0qF4/CbBHPWWL4BZhtl8o6EP9JhCV/746IewK9f
w3gYPLOXEjmfYGds8WEw7kTKPOklWBSy6ijTOQwXn/YcADHgft02BZU7/hefAL4a
v41ebFxIUbLgDBq/+6Bo82pGydKjSVNPy4H0dIkgzJam6ttBtxxsy+mmYwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA6w9hBhivFnrpCoVv2CfCwhk0e/MB8GA1UdIwQY
MBaAFEB0ocA4OtXrDwWI5MM5S6NAEKYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUhTaHdEZzYxZXNQQllqa3d6bExvMEFRcGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8zMDRhYWEtNGNlNS00MDY1LWIwNzMt
MjZjMzM2NTE1M2FmLzEvRHJEMkVHR0s4V2V1a0toV19ZSjhMQ0dUUjc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8zMDRhYWEtNGNlNS00MDY1LWIwNzMtMjZjMzM2NTE1M2Fm
LzEvUUhTaHdEZzYxZXNQQllqa3d6bExvMEFRcGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW8UuAwQB
W+hkAwQCuVGMMA0GCSqGSIb3DQEBCwUAA4IBAQAnNDRk4bpn1Xaj7TPJRx3FmbWs
+4LVJa+5snAeRVK4GWEIO+bAgurV91N7PNiNCFTe0kK5J6he/c4pgHnBuOSXKCR9
+QuswGbP9CRcZHAmDUGBCPC79Xqf86tXdWliDFkpF4qdIONehgNmqICVLT4/3uTQ
lYQL16tLmAsfs5xqyXbVQjVB4c7JUilwU47qwbrGYAWE3vHTKh2pMPI8J9URG5iL
pFrx0lT+rQphD1spILwLrlxlS0zvSifV8OxjTOHSlVTcOTU+i5cHZKw0FLkuGFjc
eojgxzP7w2ui5W4EGe0qYxMypA+1aRVCKdQNXVpCr9vwnr0E5RjFdpQDXMeL
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:39:53 2025 by rpki-client