Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/60jG5Ay8pKNRLAaYiabGAbMAWcU.roa
File: 60jG5Ay8pKNRLAaYiabGAbMAWcU.roa (raw, json)
Hash identifier: mGDjXdclRD6cM00fzezmu8njPZGu0i86EMmzQCWdsaI=
Subject key identifier: EB:48:C6:E4:0C:BC:A4:A3:51:2C:06:98:89:A6:C6:01:B3:00:59:C5
Certificate issuer: /CN=b0b5a80a7106e0a4b8545c8150bb72c699fcc9a0
Certificate serial: 019425214247305967E8DC956839F674C0FA
Authority key identifier: B0:B5:A8:0A:71:06:E0:A4:B8:54:5C:81:50:BB:72:C6:99:FC:C9:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sLWoCnEG4KS4VFyBULtyxpn8yaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/60jG5Ay8pKNRLAaYiabGAbMAWcU.roa
Signing time: Thu 02 Jan 2025 03:48:44 +0000
ROA not before: Thu 02 Jan 2025 03:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 93.177.102.0/24 maxlen: 24
185.93.68.0/24 maxlen: 24
185.93.70.0/24 maxlen: 24
193.164.4.0/24 maxlen: 24
193.164.6.0/24 maxlen: 24
193.164.7.0/24 maxlen: 24
2a05:f7c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:42:47:30:59:67:e8:dc:95:68:39:f6:74:c0:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0b5a80a7106e0a4b8545c8150bb72c699fcc9a0
Validity
Not Before: Jan 2 03:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb48c6e40cbca4a3512c069889a6c601b30059c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:73:13:55:e1:3c:91:85:39:74:5d:9b:94:09:
ed:8c:fb:3b:64:86:3a:7d:4f:2a:9c:fc:0b:00:66:
7a:6e:4e:b2:97:e1:4d:47:80:32:5b:18:1e:11:f0:
c6:cf:52:5d:e9:f8:1b:d7:d8:c7:5d:1f:f6:63:c2:
0d:e5:7f:08:22:cf:db:0b:aa:2a:c2:42:20:27:58:
07:b5:85:fa:bc:26:f2:7b:28:80:4c:6b:8a:76:0f:
0d:51:1a:84:fa:b6:a3:53:79:88:84:c7:2b:92:b7:
6a:cf:07:55:62:be:e6:f7:14:b8:44:ec:2a:6a:4b:
ac:9d:91:83:0b:81:80:98:7e:d1:56:6b:60:74:e8:
35:ee:4d:97:03:77:0f:96:46:05:23:df:a8:71:db:
ac:9b:d1:f1:09:89:3b:94:68:35:df:5b:05:75:fe:
ce:01:fe:5f:97:6c:59:d7:4c:a8:60:20:a8:35:9c:
e8:c5:32:f2:44:08:ab:89:07:c9:cd:39:88:94:6a:
1b:0c:e1:f5:74:73:99:e7:1c:d2:53:3e:a8:12:4f:
b9:a7:77:2b:bd:42:a5:82:01:48:9b:63:f0:fc:a4:
f9:af:ae:e5:83:0c:ef:29:13:9b:23:0e:ef:ae:13:
6b:62:64:90:d2:55:c4:a6:6b:16:d2:27:fd:b8:0a:
d2:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:48:C6:E4:0C:BC:A4:A3:51:2C:06:98:89:A6:C6:01:B3:00:59:C5
X509v3 Authority Key Identifier:
keyid:B0:B5:A8:0A:71:06:E0:A4:B8:54:5C:81:50:BB:72:C6:99:FC:C9:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sLWoCnEG4KS4VFyBULtyxpn8yaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/60jG5Ay8pKNRLAaYiabGAbMAWcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/sLWoCnEG4KS4VFyBULtyxpn8yaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.177.102.0/24
185.93.68.0/24
185.93.70.0/24
193.164.4.0/24
193.164.6.0/23
IPv6:
2a05:f7c0::/29
Signature Algorithm: sha256WithRSAEncryption
a3:a9:c3:ae:25:d2:6f:96:96:62:65:15:11:49:4d:96:e7:ad:
a0:ce:6d:49:a7:c3:d9:a0:68:21:4a:e6:c2:4b:36:eb:14:18:
dd:99:88:4d:af:24:d9:9b:94:c9:30:44:89:d7:26:05:05:07:
10:2b:d3:df:3c:51:34:1d:41:d3:05:34:52:dc:d7:7c:8f:a6:
bb:93:6c:f8:fc:70:8d:54:52:97:bf:21:77:af:e8:8f:7a:75:
0e:a4:30:97:c5:52:23:35:00:7a:cb:e1:43:f8:a9:ec:64:68:
48:c1:e1:1c:52:34:e8:7b:4e:1e:b6:33:07:09:b5:d7:db:66:
cb:61:a9:0b:d7:e4:26:ff:fc:27:37:63:31:38:b3:2b:b7:23:
00:cc:7e:56:cc:b4:b1:16:9f:67:60:2a:54:02:5e:97:9d:65:
25:27:fc:10:69:27:78:06:b0:61:f2:bb:b5:d8:8c:1d:43:25:
97:0d:a0:f2:4c:32:75:8a:95:a9:43:79:76:66:99:eb:ce:46:
5e:99:fa:ae:85:48:b5:0b:e5:45:9f:8e:a8:ad:de:ab:c7:7e:
f7:77:36:9a:54:57:58:9b:c4:9f:49:5d:f1:ee:00:6a:36:46:
29:ea:34:e9:64:52:86:6a:e2:f3:91:aa:51:ba:96:53:c1:d2:
24:d2:ad:1e
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQlIUJHMFln6NyVaDn2dMD6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYjVhODBhNzEwNmUwYTRiODU0NWM4MTUwYmI3MmM2OTlm
Y2M5YTAwHhcNMjUwMTAyMDM0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjQ4YzZlNDBjYmNhNGEzNTEyYzA2OTg4OWE2YzYwMWIzMDA1OWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3XMTVeE8kYU5dF2blAntjPs7ZIY6
fU8qnPwLAGZ6bk6yl+FNR4AyWxgeEfDGz1Jd6fgb19jHXR/2Y8IN5X8IIs/bC6oq
wkIgJ1gHtYX6vCbyeyiATGuKdg8NURqE+rajU3mIhMcrkrdqzwdVYr7m9xS4ROwq
akusnZGDC4GAmH7RVmtgdOg17k2XA3cPlkYFI9+ocdusm9HxCYk7lGg131sFdf7O
Af5fl2xZ10yoYCCoNZzoxTLyRAiriQfJzTmIlGobDOH1dHOZ5xzSUz6oEk+5p3cr
vUKlggFIm2Pw/KT5r67lgwzvKRObIw7vrhNrYmSQ0lXEpmsW0if9uArSoQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFOtIxuQMvKSjUSwGmImmxgGzAFnFMB8GA1UdIwQY
MBaAFLC1qApxBuCkuFRcgVC7csaZ/MmgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0xXb0NuRUc0S1M0VkZ5QlVMdHl4cG44eWFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9mMTUzZGMtY2JmYi00YTRmLTgwZDIt
NzQ1ZTA4ZmU1OGM2LzEvNjBqRzVBeThwS05STEFhWWlhYkdBYk1BV2NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9mMTUzZGMtY2JmYi00YTRmLTgwZDItNzQ1ZTA4ZmU1OGM2
LzEvc0xXb0NuRUc0S1M0VkZ5QlVMdHl4cG44eWFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAXbFmAwQA
uV1EAwQAuV1GAwQAwaQEAwQBwaQGMA0EAgACMAcDBQMqBffAMA0GCSqGSIb3DQEB
CwUAA4IBAQCjqcOuJdJvlpZiZRURSU2W562gzm1Jp8PZoGghSubCSzbrFBjdmYhN
ryTZm5TJMESJ1yYFBQcQK9PfPFE0HUHTBTRS3Nd8j6a7k2z4/HCNVFKXvyF3r+iP
enUOpDCXxVIjNQB6y+FD+KnsZGhIweEcUjToe04etjMHCbXX22bLYakL1+Qm//wn
N2MxOLMrtyMAzH5WzLSxFp9nYCpUAl6XnWUlJ/wQaSd4BrBh8ru12IwdQyWXDaDy
TDJ1ipWpQ3l2ZpnrzkZemfquhUi1C+VFn46ord6rx373dzaaVFdYm8SfSV3x7gBq
NkYp6jTpZFKGauLzkapRupZTwdIk0q0e
-----END CERTIFICATE-----
Generated at Tue Apr 8 21:33:42 2025 by rpki-client