Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/7b169d-fc09-49bb-9669-c3222474eef1/1/rFHksT2fJAQ7epdh-sMDgGR2SM4.roa
File: rFHksT2fJAQ7epdh-sMDgGR2SM4.roa (raw, json)
Hash identifier: Z/iFpAzmqAm2KrlQVqRFy4X3KTo7SXYWoBA5a7g2HG4=
Subject key identifier: AC:51:E4:B1:3D:9F:24:04:3B:7A:97:61:FA:C3:03:80:64:76:48:CE
Certificate issuer: /CN=b45f5560d79f04a92d7a150f3ed8da4308abea33
Certificate serial: 019421B1F5251B0CB3EA5B00A54400679CC6
Authority key identifier: B4:5F:55:60:D7:9F:04:A9:2D:7A:15:0F:3E:D8:DA:43:08:AB:EA:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tF9VYNefBKktehUPPtjaQwir6jM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/7b169d-fc09-49bb-9669-c3222474eef1/1/rFHksT2fJAQ7epdh-sMDgGR2SM4.roa
Signing time: Wed 01 Jan 2025 11:48:18 +0000
ROA not before: Wed 01 Jan 2025 11:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198317
IP address blocks: 91.200.104.0/22 maxlen: 22
91.200.104.0/23 maxlen: 23
91.200.104.0/24 maxlen: 24
91.200.105.0/24 maxlen: 24
91.200.106.0/23 maxlen: 23
91.200.106.0/24 maxlen: 24
91.200.107.0/24 maxlen: 24
91.239.196.0/22 maxlen: 22
91.239.196.0/23 maxlen: 23
91.239.196.0/24 maxlen: 24
91.239.197.0/24 maxlen: 24
91.239.198.0/23 maxlen: 23
91.239.198.0/24 maxlen: 24
91.239.199.0/24 maxlen: 24
155.133.56.0/22 maxlen: 22
155.133.56.0/23 maxlen: 23
155.133.56.0/24 maxlen: 24
155.133.57.0/24 maxlen: 24
155.133.58.0/23 maxlen: 23
155.133.58.0/24 maxlen: 24
155.133.59.0/24 maxlen: 24
185.96.120.0/22 maxlen: 22
185.96.120.0/23 maxlen: 23
185.96.120.0/24 maxlen: 24
185.96.121.0/24 maxlen: 24
185.96.122.0/23 maxlen: 23
185.96.122.0/24 maxlen: 24
185.96.123.0/24 maxlen: 24
185.235.124.0/22 maxlen: 22
185.235.124.0/23 maxlen: 23
185.235.124.0/24 maxlen: 24
185.235.125.0/24 maxlen: 24
185.235.126.0/23 maxlen: 23
185.235.126.0/24 maxlen: 24
185.235.127.0/24 maxlen: 24
193.106.216.0/22 maxlen: 22
193.106.216.0/23 maxlen: 23
193.106.216.0/24 maxlen: 24
193.106.217.0/24 maxlen: 24
193.106.218.0/23 maxlen: 23
193.106.218.0/24 maxlen: 24
193.106.219.0/24 maxlen: 24
195.88.144.0/23 maxlen: 23
195.88.144.0/24 maxlen: 24
195.88.145.0/24 maxlen: 24
2a05:ffc0::/32 maxlen: 32
2a05:ffc0::/33 maxlen: 33
2a05:ffc0::/34 maxlen: 34
2a05:ffc0::/48 maxlen: 48
2a05:ffc0:4000::/34 maxlen: 34
2a05:ffc0:8000::/33 maxlen: 33
2a05:ffc0:8000::/34 maxlen: 34
2a05:ffc0:c000::/34 maxlen: 34
2a05:ffc1::/32 maxlen: 32
2a05:ffc1::/33 maxlen: 33
2a05:ffc1::/34 maxlen: 34
2a05:ffc1:4000::/34 maxlen: 34
2a05:ffc1:8000::/33 maxlen: 33
2a05:ffc1:8000::/34 maxlen: 34
2a05:ffc1:c000::/34 maxlen: 34
2a05:ffc2::/32 maxlen: 32
2a05:ffc2::/33 maxlen: 33
2a05:ffc2::/34 maxlen: 34
2a05:ffc2:4000::/34 maxlen: 34
2a05:ffc2:8000::/33 maxlen: 33
2a05:ffc2:8000::/34 maxlen: 34
2a05:ffc2:c000::/34 maxlen: 34
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:f5:25:1b:0c:b3:ea:5b:00:a5:44:00:67:9c:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45f5560d79f04a92d7a150f3ed8da4308abea33
Validity
Not Before: Jan 1 11:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac51e4b13d9f24043b7a9761fac30380647648ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:85:ff:e2:39:59:4f:37:ef:4d:16:2b:90:87:
93:34:f4:4d:7c:16:bf:24:fe:3a:a7:6a:0e:36:8a:
8e:93:e0:61:0f:91:d7:78:dc:8f:fd:c5:84:9f:21:
ae:c5:eb:fc:80:a0:8d:62:fb:92:9a:ad:81:00:cc:
fb:65:85:7a:f5:37:a0:7a:41:95:3a:68:f4:c2:b7:
4d:4c:66:cf:7c:b3:98:dc:f2:66:cf:c2:fd:6c:b9:
b5:16:23:2c:63:9e:e2:0a:f9:76:ff:be:cf:39:52:
b7:fe:77:41:bf:56:7b:51:0a:d6:9f:29:e4:da:a2:
0d:2e:77:bd:64:63:2b:27:1c:fe:51:a2:ba:31:76:
d4:28:c9:d8:08:b8:62:f8:ac:eb:d9:5b:54:1f:85:
9c:70:4a:82:18:e5:3a:b6:9f:49:91:e0:63:15:9f:
32:39:2d:fa:25:51:0e:57:ee:45:a9:46:3d:cc:03:
72:07:89:57:ae:8d:46:5a:5d:3b:f8:d8:30:f5:27:
79:94:52:8d:4e:71:7f:67:53:8a:77:e5:36:99:e8:
a5:9a:15:6c:bf:a5:35:b3:cd:3b:66:9c:24:eb:31:
f4:ad:e1:31:33:09:6a:81:c2:c7:60:fc:25:ec:f5:
46:56:1c:fc:6e:f6:a0:76:e8:bb:56:dd:8c:23:eb:
35:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:51:E4:B1:3D:9F:24:04:3B:7A:97:61:FA:C3:03:80:64:76:48:CE
X509v3 Authority Key Identifier:
keyid:B4:5F:55:60:D7:9F:04:A9:2D:7A:15:0F:3E:D8:DA:43:08:AB:EA:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tF9VYNefBKktehUPPtjaQwir6jM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/7b169d-fc09-49bb-9669-c3222474eef1/1/rFHksT2fJAQ7epdh-sMDgGR2SM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/7b169d-fc09-49bb-9669-c3222474eef1/1/tF9VYNefBKktehUPPtjaQwir6jM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.104.0/22
91.239.196.0/22
155.133.56.0/22
185.96.120.0/22
185.235.124.0/22
193.106.216.0/22
195.88.144.0/23
IPv6:
2a05:ffc0::-2a05:ffc2:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5c:4f:4b:ea:4a:38:88:7d:ba:57:08:c7:a2:0c:a0:97:a6:3e:
f4:c5:55:8b:26:79:c7:fc:24:8f:d5:dc:47:63:4d:49:44:80:
54:18:fb:d5:e7:62:ae:1e:ee:71:49:91:4c:b0:6d:fb:8d:7a:
a9:20:59:bf:aa:7c:08:24:f2:e4:ec:bb:23:5b:c2:26:a9:4c:
54:ba:86:6e:60:a6:4a:f1:b9:69:8b:51:9b:89:14:7a:c8:09:
eb:5f:69:ca:3f:a1:e7:8e:09:69:b1:d9:bd:c0:ed:9f:fc:a2:
df:fa:ad:d8:97:b0:ac:d0:48:3a:7a:b2:e1:9f:7d:f9:6b:79:
7e:cd:39:fb:79:b9:44:42:58:f3:91:ba:9e:92:97:3b:cc:75:
92:d3:a6:8a:62:fe:a8:e6:6f:75:4c:c9:1c:ab:57:a8:10:c0:
14:86:cd:43:fa:65:4b:e4:76:f1:8d:f6:c1:02:bb:1b:ab:71:
7f:b9:79:b9:d9:d5:e7:8f:81:15:a7:ea:e1:40:ad:3f:07:70:
da:35:1c:4e:d5:9f:5e:a8:bc:89:f2:98:ea:b8:5e:50:46:2e:
cb:e6:dd:7c:57:d7:03:9b:4e:db:91:f4:c9:f1:03:9d:00:23:
ff:bd:13:55:8f:93:e0:95:ea:b1:0b:8e:31:0e:0b:c0:d0:e4:
be:c2:68:89
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZQhsfUlGwyz6lsApUQAZ5zGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NWY1NTYwZDc5ZjA0YTkyZDdhMTUwZjNlZDhkYTQzMDhh
YmVhMzMwHhcNMjUwMTAxMTE0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzUxZTRiMTNkOWYyNDA0M2I3YTk3NjFmYWMzMDM4MDY0NzY0OGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3YX/4jlZTzfvTRYrkIeTNPRNfBa/
JP46p2oONoqOk+BhD5HXeNyP/cWEnyGuxev8gKCNYvuSmq2BAMz7ZYV69TegekGV
Omj0wrdNTGbPfLOY3PJmz8L9bLm1FiMsY57iCvl2/77POVK3/ndBv1Z7UQrWnynk
2qINLne9ZGMrJxz+UaK6MXbUKMnYCLhi+Kzr2VtUH4WccEqCGOU6tp9JkeBjFZ8y
OS36JVEOV+5FqUY9zANyB4lXro1GWl07+Ngw9Sd5lFKNTnF/Z1OKd+U2meilmhVs
v6U1s807Zpwk6zH0reExMwlqgcLHYPwl7PVGVhz8bvagdui7Vt2MI+s1kQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFKxR5LE9nyQEO3qXYfrDA4BkdkjOMB8GA1UdIwQY
MBaAFLRfVWDXnwSpLXoVDz7Y2kMIq+ozMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEY5VllOZWZCS2t0ZWhVUFB0amFRd2lyNmpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy83YjE2OWQtZmMwOS00OWJiLTk2Njkt
YzMyMjI0NzRlZWYxLzEvckZIa3NUMmZKQVE3ZXBkaC1zTURnR1IyU000LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy83YjE2OWQtZmMwOS00OWJiLTk2NjktYzMyMjI0NzRlZWYx
LzEvdEY5VllOZWZCS2t0ZWhVUFB0amFRd2lyNmpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAwBAIAATAqAwQCW8hoAwQC
W+/EAwQCm4U4AwQCuWB4AwQCuet8AwQCwWrYAwQBw1iQMBYEAgACMBAwDgMFBioF
/8ADBQAqBf/CMA0GCSqGSIb3DQEBCwUAA4IBAQBcT0vqSjiIfbpXCMeiDKCXpj70
xVWLJnnH/CSP1dxHY01JRIBUGPvV52KuHu5xSZFMsG37jXqpIFm/qnwIJPLk7Lsj
W8ImqUxUuoZuYKZK8blpi1GbiRR6yAnrX2nKP6Hnjglpsdm9wO2f/KLf+q3Yl7Cs
0Eg6erLhn335a3l+zTn7eblEQljzkbqekpc7zHWS06aKYv6o5m91TMkcq1eoEMAU
hs1D+mVL5HbxjfbBArsbq3F/uXm52dXnj4EVp+rhQK0/B3DaNRxO1Z9eqLyJ8pjq
uF5QRi7L5t18V9cDm07bkfTJ8QOdACP/vRNVj5PgleqxC44xDgvA0OS+wmiJ
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:24:52 2025 by rpki-client