Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/1582e8-0698-4baf-9028-df02b13e2e4a/1/z81aD-MDwzkjF_KOvhdaxj86KX4.roa
File: z81aD-MDwzkjF_KOvhdaxj86KX4.roa (raw, json)
Hash identifier: E1FgG/yobviIZfsUKtsw9yD/n1PK8j1TNBK/5+kRW/k=
Subject key identifier: CF:CD:5A:0F:E3:03:C3:39:23:17:F2:8E:BE:17:5A:C6:3F:3A:29:7E
Certificate issuer: /CN=087aac674e4e57960201a34c2c0424861a7fb077
Certificate serial: 0194221F97CE85C952B81D5B43A326314E4A
Authority key identifier: 08:7A:AC:67:4E:4E:57:96:02:01:A3:4C:2C:04:24:86:1A:7F:B0:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CHqsZ05OV5YCAaNMLAQkhhp_sHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/1582e8-0698-4baf-9028-df02b13e2e4a/1/z81aD-MDwzkjF_KOvhdaxj86KX4.roa
Signing time: Wed 01 Jan 2025 13:48:03 +0000
ROA not before: Wed 01 Jan 2025 13:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51960
IP address blocks: 64.190.141.0/24 maxlen: 24
91.222.24.0/22 maxlen: 22
185.78.72.0/24 maxlen: 24
185.78.73.0/24 maxlen: 24
185.78.74.0/24 maxlen: 24
185.78.75.0/24 maxlen: 24
193.9.123.0/24 maxlen: 24
193.84.1.0/24 maxlen: 24
193.84.6.0/24 maxlen: 24
193.84.11.0/24 maxlen: 24
193.84.16.0/24 maxlen: 24
193.104.5.0/24 maxlen: 24
194.106.198.0/24 maxlen: 24
195.206.116.0/22 maxlen: 22
195.242.108.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:97:ce:85:c9:52:b8:1d:5b:43:a3:26:31:4e:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=087aac674e4e57960201a34c2c0424861a7fb077
Validity
Not Before: Jan 1 13:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cfcd5a0fe303c3392317f28ebe175ac63f3a297e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:2a:a2:29:35:7b:72:5c:f2:b2:85:f6:c8:7d:
4e:de:1b:f7:ff:f7:60:cc:c0:73:0c:cc:7b:2b:72:
72:05:be:ce:c6:20:05:39:16:c9:b8:40:18:39:74:
64:be:e4:50:ee:8c:95:28:9a:6e:01:08:2e:28:23:
5a:fe:fa:da:db:b7:b7:9d:8a:3e:ae:74:48:50:60:
26:d2:51:7e:94:89:63:c1:84:9a:fb:be:10:e9:df:
16:b6:e0:6b:4f:ef:5d:09:3a:f7:a0:88:9e:b2:11:
f4:ad:71:94:a8:bf:7e:12:e2:98:de:17:b1:78:bd:
26:18:b2:ea:e1:89:6c:27:a1:f9:7e:d5:22:32:e2:
fa:b0:99:1d:a2:4a:0e:19:ef:d1:e2:bc:c6:d0:31:
21:91:1b:b9:f2:92:52:a3:d9:d8:e2:07:54:4f:e4:
99:cb:a1:ce:87:06:d1:f7:51:27:3a:64:cb:a9:fe:
28:17:af:77:9b:f3:0c:ec:f2:6e:db:df:50:12:0f:
0a:54:19:ec:9a:1d:55:d6:ca:ac:7f:0b:0b:90:61:
70:8a:08:a6:d9:be:b5:f1:7c:09:29:ef:38:2a:3a:
e6:9d:ad:e1:e9:99:b8:f5:56:4d:b7:e0:75:f5:72:
ed:7a:dc:24:6a:4a:06:c5:1b:ac:a4:fb:0e:7b:27:
38:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:CD:5A:0F:E3:03:C3:39:23:17:F2:8E:BE:17:5A:C6:3F:3A:29:7E
X509v3 Authority Key Identifier:
keyid:08:7A:AC:67:4E:4E:57:96:02:01:A3:4C:2C:04:24:86:1A:7F:B0:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CHqsZ05OV5YCAaNMLAQkhhp_sHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/1582e8-0698-4baf-9028-df02b13e2e4a/1/z81aD-MDwzkjF_KOvhdaxj86KX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/1582e8-0698-4baf-9028-df02b13e2e4a/1/CHqsZ05OV5YCAaNMLAQkhhp_sHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.190.141.0/24
91.222.24.0/22
185.78.72.0/22
193.9.123.0/24
193.84.1.0/24
193.84.6.0/24
193.84.11.0/24
193.84.16.0/24
193.104.5.0/24
194.106.198.0/24
195.206.116.0/22
195.242.108.0/23
Signature Algorithm: sha256WithRSAEncryption
cd:f6:65:87:90:ba:d0:aa:50:21:34:5d:6d:73:cd:24:71:06:
20:c5:9a:22:7f:a5:6f:31:08:4d:f7:ee:22:98:1b:30:60:80:
82:6e:d5:5f:48:79:2e:82:23:eb:23:18:19:b4:d7:bb:00:c3:
51:76:f8:28:1d:f0:e3:0f:75:55:fc:a5:f3:72:33:2d:fe:e9:
c1:1d:9e:b8:7d:31:a6:fe:3d:a1:08:b2:f3:76:71:1f:c7:71:
fc:45:fa:4c:53:c5:68:26:09:55:1c:9c:82:b5:a5:ff:74:7e:
0e:b5:c9:ea:43:5e:79:98:d9:80:bc:9e:6b:0e:6d:9c:b7:b9:
a5:df:fd:5f:1c:28:c7:25:81:8d:32:3c:3e:2f:18:f4:a7:7f:
08:b0:38:ab:34:de:2e:07:cf:35:ca:ab:26:37:67:33:a4:98:
a1:61:96:08:34:b8:6d:a7:ed:ff:ce:f4:57:fe:38:30:1f:ed:
9e:0a:9b:b9:28:de:0d:8f:00:43:af:90:15:cd:72:99:46:e3:
d2:cd:6e:c9:90:25:40:74:53:7f:b0:2c:73:8d:0f:d8:50:78:
b1:68:7e:5d:6f:0f:12:d2:a9:ae:1a:3c:d4:f6:05:d1:d2:4e:
56:c4:21:51:87:71:47:5e:ed:ea:07:4d:12:04:a2:1f:19:2d:
cd:83:0b:b6
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZQiH5fOhclSuB1bQ6MmMU5KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4N2FhYzY3NGU0ZTU3OTYwMjAxYTM0YzJjMDQyNDg2MWE3
ZmIwNzcwHhcNMjUwMTAxMTM0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmNkNWEwZmUzMDNjMzM5MjMxN2YyOGViZTE3NWFjNjNmM2EyOTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSqiKTV7clzysoX2yH1O3hv3//dg
zMBzDMx7K3JyBb7OxiAFORbJuEAYOXRkvuRQ7oyVKJpuAQguKCNa/vra27e3nYo+
rnRIUGAm0lF+lIljwYSa+74Q6d8WtuBrT+9dCTr3oIieshH0rXGUqL9+EuKY3hex
eL0mGLLq4YlsJ6H5ftUiMuL6sJkdokoOGe/R4rzG0DEhkRu58pJSo9nY4gdUT+SZ
y6HOhwbR91EnOmTLqf4oF693m/MM7PJu299QEg8KVBnsmh1V1sqsfwsLkGFwigim
2b618XwJKe84Kjrmna3h6Zm49VZNt+B19XLtetwkakoGxRuspPsOeyc4dwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFM/NWg/jA8M5Ixfyjr4XWsY/Oil+MB8GA1UdIwQY
MBaAFAh6rGdOTleWAgGjTCwEJIYaf7B3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0hxc1owNU9WNVlDQWFOTUxBUWtoaHBfc0hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8xNTgyZTgtMDY5OC00YmFmLTkwMjgt
ZGYwMmIxM2UyZTRhLzEvejgxYUQtTUR3emtqRl9LT3ZoZGF4ajg2S1g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8xNTgyZTgtMDY5OC00YmFmLTkwMjgtZGYwMmIxM2UyZTRh
LzEvQ0hxc1owNU9WNVlDQWFOTUxBUWtoaHBfc0hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAQL6NAwQC
W94YAwQCuU5IAwQAwQl7AwQAwVQBAwQAwVQGAwQAwVQLAwQAwVQQAwQAwWgFAwQA
wmrGAwQCw850AwQBw/JsMA0GCSqGSIb3DQEBCwUAA4IBAQDN9mWHkLrQqlAhNF1t
c80kcQYgxZoif6VvMQhN9+4imBswYICCbtVfSHkugiPrIxgZtNe7AMNRdvgoHfDj
D3VV/KXzcjMt/unBHZ64fTGm/j2hCLLzdnEfx3H8RfpMU8VoJglVHJyCtaX/dH4O
tcnqQ155mNmAvJ5rDm2ct7ml3/1fHCjHJYGNMjw+Lxj0p38IsDirNN4uB881yqsm
N2czpJihYZYINLhtp+3/zvRX/jgwH+2eCpu5KN4NjwBDr5AVzXKZRuPSzW7JkCVA
dFN/sCxzjQ/YUHixaH5dbw8S0qmuGjzU9gXR0k5WxCFRh3FHXu3qB00SBKIfGS3N
gwu2
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:25 2025 by rpki-client