Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/2zKVxa5ZKGpg1zDrETT8fTyAG8U.roa
File: 2zKVxa5ZKGpg1zDrETT8fTyAG8U.roa (raw, json)
Hash identifier: RUglVoeUy6tdJhM2FiBGFBEjFDwNfOCa0rtIGcZ1G9w=
Subject key identifier: DB:32:95:C5:AE:59:28:6A:60:D7:30:EB:11:34:FC:7D:3C:80:1B:C5
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 0194236A02BFCD3C11C0E6BA34CF8310EC31
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/2zKVxa5ZKGpg1zDrETT8fTyAG8U.roa
Signing time: Wed 01 Jan 2025 19:48:57 +0000
ROA not before: Wed 01 Jan 2025 19:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52000
IP address blocks: 74.119.192.0/24 maxlen: 24
74.119.194.0/24 maxlen: 24
80.92.204.0/24 maxlen: 24
80.92.205.0/24 maxlen: 24
185.250.151.0/24 maxlen: 24
195.149.87.0/24 maxlen: 24
2a09:7c41::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:02:bf:cd:3c:11:c0:e6:ba:34:cf:83:10:ec:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Jan 1 19:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db3295c5ae59286a60d730eb1134fc7d3c801bc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:ae:a0:31:12:e2:f9:17:76:62:3d:f8:91:53:
3b:cf:5c:9e:d2:38:79:fe:ba:e5:c2:c2:7e:7c:aa:
ed:99:e0:c1:ed:e5:f6:8f:95:58:86:b6:21:e0:1d:
d5:09:f7:67:ef:74:34:53:5b:1e:2c:48:71:64:f8:
e2:a4:92:85:7d:87:09:18:18:83:9b:e6:a1:5d:ee:
52:1a:34:b4:2e:ee:f5:d1:2c:de:ad:31:21:62:f2:
ad:05:49:ba:be:4e:46:57:4b:28:dd:38:2e:bd:ba:
ff:78:b3:63:cb:3f:85:51:50:5f:5e:03:fd:04:de:
9c:a4:80:87:d7:70:c6:a9:33:cd:37:90:59:1c:90:
91:00:4d:e9:e5:2e:67:24:94:ce:e9:27:e9:8c:d7:
71:f3:18:cf:7a:a7:d4:5c:0d:20:f7:44:e9:96:db:
c6:da:79:d8:de:2d:b1:af:7f:2a:b7:1d:e1:36:77:
fc:7c:94:74:70:a1:c9:7e:36:09:e5:53:37:e4:f9:
16:80:8f:05:1c:a7:f3:c4:d6:74:72:5a:4c:67:15:
a7:3b:92:60:4b:5f:76:9d:0e:4b:89:3a:6c:b6:6f:
01:59:38:8e:31:cb:7f:9c:07:24:56:bc:ef:04:0d:
5b:2c:d7:ed:aa:2d:90:2e:f2:28:a8:ac:26:7d:0d:
dc:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:32:95:C5:AE:59:28:6A:60:D7:30:EB:11:34:FC:7D:3C:80:1B:C5
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/2zKVxa5ZKGpg1zDrETT8fTyAG8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
74.119.192.0/24
74.119.194.0/24
80.92.204.0/23
185.250.151.0/24
195.149.87.0/24
IPv6:
2a09:7c41::/32
Signature Algorithm: sha256WithRSAEncryption
93:eb:c1:3f:73:d8:71:0c:7e:7a:e8:d4:ef:48:f6:31:ed:59:
49:98:c6:bc:27:a1:50:9e:f4:99:d4:70:09:b3:b1:a7:92:dc:
c2:c9:a3:fb:8c:b4:2b:6e:1a:51:fb:37:4a:ce:b1:73:03:18:
b5:dc:9d:23:92:89:42:d5:9d:45:94:7d:b1:af:1d:4b:28:07:
74:98:21:11:1a:6f:a2:89:31:0e:53:57:dd:82:87:3e:4a:16:
47:eb:34:55:49:41:f8:ef:c1:7f:b8:0b:6e:85:aa:12:ca:05:
71:6c:b8:76:20:60:e6:82:d4:ef:f4:b8:9a:83:e3:c4:f3:3e:
c5:49:d4:bd:f9:0f:9f:3e:52:5f:61:c2:a3:51:24:99:89:05:
69:bb:30:e2:b9:ce:72:c7:43:06:4c:fd:77:15:90:b0:55:53:
9b:24:44:77:c6:8a:43:d5:0a:31:51:04:15:09:14:78:e8:ce:
a7:f8:41:76:8c:09:3e:6e:03:19:7f:d0:77:80:63:0c:ef:c0:
d2:0e:b3:e7:6d:1d:ee:ee:7c:f3:45:a0:b4:21:2e:d3:3e:7e:
4d:98:d7:1f:25:a1:22:9c:16:48:bb:d5:4d:5f:0a:9c:5b:be:
dd:7c:41:ab:7d:5f:e0:6c:ec:eb:2d:ba:b5:12:5d:40:63:cc:
e8:7a:2b:5f
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQjagK/zTwRwOa6NM+DEOwxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjUwMTAxMTk0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjMyOTVjNWFlNTkyODZhNjBkNzMwZWIxMTM0ZmM3ZDNjODAxYmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5q6gMRLi+Rd2Yj34kVM7z1ye0jh5
/rrlwsJ+fKrtmeDB7eX2j5VYhrYh4B3VCfdn73Q0U1seLEhxZPjipJKFfYcJGBiD
m+ahXe5SGjS0Lu710SzerTEhYvKtBUm6vk5GV0so3Tguvbr/eLNjyz+FUVBfXgP9
BN6cpICH13DGqTPNN5BZHJCRAE3p5S5nJJTO6SfpjNdx8xjPeqfUXA0g90TpltvG
2nnY3i2xr38qtx3hNnf8fJR0cKHJfjYJ5VM35PkWgI8FHKfzxNZ0clpMZxWnO5Jg
S192nQ5LiTpstm8BWTiOMct/nAckVrzvBA1bLNftqi2QLvIoqKwmfQ3cTQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNsylcWuWShqYNcw6xE0/H08gBvFMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvMnpLVnhhNVpLR3BnMXpEckVUVDhmVHlBRzhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQASnfAAwQA
SnfCAwQBUFzMAwQAufqXAwQAw5VXMA0EAgACMAcDBQAqCXxBMA0GCSqGSIb3DQEB
CwUAA4IBAQCT68E/c9hxDH566NTvSPYx7VlJmMa8J6FQnvSZ1HAJs7GnktzCyaP7
jLQrbhpR+zdKzrFzAxi13J0jkolC1Z1FlH2xrx1LKAd0mCERGm+iiTEOU1fdgoc+
ShZH6zRVSUH478F/uAtuhaoSygVxbLh2IGDmgtTv9Liag+PE8z7FSdS9+Q+fPlJf
YcKjUSSZiQVpuzDiuc5yx0MGTP13FZCwVVObJER3xopD1QoxUQQVCRR46M6n+EF2
jAk+bgMZf9B3gGMM78DSDrPnbR3u7nzzRaC0IS7TPn5NmNcfJaEinBZIu9VNXwqc
W77dfEGrfV/gbOzrLbq1El1AY8zoeitf
-----END CERTIFICATE-----
Generated at Sun Apr 6 15:00:37 2025 by rpki-client