Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/ae020b-e0d7-451d-bb05-d908faf34ef8/1/N0X6xiVzqXxKq1FAQhtD_X-LptY.roa
File: N0X6xiVzqXxKq1FAQhtD_X-LptY.roa (raw, json)
Hash identifier: /exbdfoldwGhZ8sHg6pfpGAkHOc1ALsLXny1F95l6KY=
Subject key identifier: 37:45:FA:C6:25:73:A9:7C:4A:AB:51:40:42:1B:43:FD:7F:8B:A6:D6
Certificate issuer: /CN=2421ffb68eab97e24a90626d90498be7ed7066f0
Certificate serial: 019422FC0771274F91E83026D8C24BD7E3B9
Authority key identifier: 24:21:FF:B6:8E:AB:97:E2:4A:90:62:6D:90:49:8B:E7:ED:70:66:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JCH_to6rl-JKkGJtkEmL5-1wZvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/ae020b-e0d7-451d-bb05-d908faf34ef8/1/N0X6xiVzqXxKq1FAQhtD_X-LptY.roa
Signing time: Wed 01 Jan 2025 17:48:49 +0000
ROA not before: Wed 01 Jan 2025 17:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1850
IP address blocks: 185.93.156.0/22 maxlen: 22
193.4.58.0/23 maxlen: 23
195.130.211.0/24 maxlen: 24
2001:67c:6c::/48 maxlen: 48
2001:7f8:48::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:07:71:27:4f:91:e8:30:26:d8:c2:4b:d7:e3:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2421ffb68eab97e24a90626d90498be7ed7066f0
Validity
Not Before: Jan 1 17:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3745fac62573a97c4aab5140421b43fd7f8ba6d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a6:d5:bb:ef:6d:b4:ec:57:cf:dd:9e:0e:ab:
60:fb:de:ba:3b:15:2e:0d:b0:5a:a3:a1:8e:f9:09:
7f:3a:29:93:05:d2:0c:35:78:ef:1c:48:a0:cc:79:
1e:e7:13:a3:60:3f:f5:43:d9:80:8e:1a:e4:2f:40:
7f:84:cd:25:ba:f2:4f:bc:94:af:82:ce:0e:e9:37:
fc:96:66:e8:3f:fc:18:e2:43:cc:c3:cd:8d:f2:7a:
ee:f8:7f:ef:7d:93:99:3e:19:29:2c:7d:21:0d:d9:
96:16:40:a2:07:d4:3f:18:ec:b6:aa:3a:e0:a4:33:
47:c8:73:af:81:ec:34:c7:90:0d:5e:4a:4b:57:c9:
86:f9:ea:8e:83:3d:43:17:52:9e:ca:8b:ef:ea:5a:
86:6d:75:47:40:0a:1a:02:10:f9:44:a3:06:63:4e:
24:10:70:3d:40:f7:71:c8:92:dd:36:b7:79:aa:05:
2a:d0:1c:69:db:41:8a:43:35:d3:1c:9e:9d:5c:89:
7d:e2:51:46:bd:73:69:dc:36:9e:38:e0:55:bf:c6:
9b:41:6e:7b:dd:d2:c5:b2:9a:bd:aa:5d:fa:62:cb:
0c:4b:00:3c:68:0d:1c:b6:fb:85:ad:ca:46:f4:f5:
a1:0e:ca:8a:34:ff:1d:6a:8b:30:b2:e6:59:e4:24:
cb:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:45:FA:C6:25:73:A9:7C:4A:AB:51:40:42:1B:43:FD:7F:8B:A6:D6
X509v3 Authority Key Identifier:
keyid:24:21:FF:B6:8E:AB:97:E2:4A:90:62:6D:90:49:8B:E7:ED:70:66:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JCH_to6rl-JKkGJtkEmL5-1wZvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/ae020b-e0d7-451d-bb05-d908faf34ef8/1/N0X6xiVzqXxKq1FAQhtD_X-LptY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/ae020b-e0d7-451d-bb05-d908faf34ef8/1/JCH_to6rl-JKkGJtkEmL5-1wZvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.156.0/22
193.4.58.0/23
195.130.211.0/24
IPv6:
2001:67c:6c::/48
2001:7f8:48::/48
Signature Algorithm: sha256WithRSAEncryption
6f:2e:fa:d8:bb:a3:06:da:74:7d:a1:7e:23:7a:19:ec:62:62:
0d:3c:c1:42:82:60:97:c6:4e:74:5e:26:2d:00:53:18:47:bc:
6b:a2:d5:fe:3d:2f:67:f6:c6:4b:dc:14:68:1d:48:f9:d3:e4:
5c:96:f8:f9:ea:b7:4f:0c:f8:66:4f:2e:b2:d0:59:df:44:e1:
49:75:39:44:e6:2e:0e:dd:ea:ed:8c:e9:30:6b:fb:ad:54:e0:
75:ac:ac:43:8c:53:2c:8f:8c:86:6a:7a:88:3c:1b:71:3a:44:
3f:f4:e4:1e:7c:7b:77:12:6a:44:6c:62:9b:8a:92:c0:a0:05:
22:f7:f3:34:1a:39:7c:bc:ca:3d:51:bc:0f:b3:d7:48:65:39:
dc:06:07:12:c3:5a:19:39:75:a7:bf:3f:43:67:2b:23:75:81:
37:7a:51:72:7e:ce:d9:cc:0c:d1:27:53:95:bc:ce:9a:12:f7:
52:87:db:be:44:fe:87:3b:cb:70:04:7a:de:28:30:77:86:cb:
c5:00:4c:c3:95:e6:a2:0f:7a:8b:64:4b:b7:cb:a4:33:dc:ec:
52:e8:8c:ed:14:12:47:a9:50:c5:55:9f:ef:8d:e9:c3:5e:b4:
5c:56:a7:b8:3c:54:11:df:27:a1:b6:5e:77:b5:6c:ef:ea:c4:
93:57:46:ae
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZQi/AdxJ0+R6DAm2MJL1+O5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MjFmZmI2OGVhYjk3ZTI0YTkwNjI2ZDkwNDk4YmU3ZWQ3
MDY2ZjAwHhcNMjUwMTAxMTc0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzQ1ZmFjNjI1NzNhOTdjNGFhYjUxNDA0MjFiNDNmZDdmOGJhNmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6bVu+9ttOxXz92eDqtg+966OxUu
DbBao6GO+Ql/OimTBdIMNXjvHEigzHke5xOjYD/1Q9mAjhrkL0B/hM0luvJPvJSv
gs4O6Tf8lmboP/wY4kPMw82N8nru+H/vfZOZPhkpLH0hDdmWFkCiB9Q/GOy2qjrg
pDNHyHOvgew0x5ANXkpLV8mG+eqOgz1DF1Keyovv6lqGbXVHQAoaAhD5RKMGY04k
EHA9QPdxyJLdNrd5qgUq0Bxp20GKQzXTHJ6dXIl94lFGvXNp3DaeOOBVv8abQW57
3dLFspq9ql36YssMSwA8aA0ctvuFrcpG9PWhDsqKNP8daoswsuZZ5CTLvQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFDdF+sYlc6l8SqtRQEIbQ/1/i6bWMB8GA1UdIwQY
MBaAFCQh/7aOq5fiSpBibZBJi+ftcGbwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkNIX3RvNnJsLUpLa0dKdGtFbUw1LTF3WnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9hZTAyMGItZTBkNy00NTFkLWJiMDUt
ZDkwOGZhZjM0ZWY4LzEvTjBYNnhpVnpxWHhLcTFGQVFodERfWC1McHRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9hZTAyMGItZTBkNy00NTFkLWJiMDUtZDkwOGZhZjM0ZWY4
LzEvSkNIX3RvNnJsLUpLa0dKdGtFbUw1LTF3WnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQCuV2cAwQB
wQQ6AwQAw4LTMBgEAgACMBIDBwAgAQZ8AGwDBwAgAQf4AEgwDQYJKoZIhvcNAQEL
BQADggEBAG8u+ti7owbadH2hfiN6GexiYg08wUKCYJfGTnReJi0AUxhHvGui1f49
L2f2xkvcFGgdSPnT5FyW+Pnqt08M+GZPLrLQWd9E4Ul1OUTmLg7d6u2M6TBr+61U
4HWsrEOMUyyPjIZqeog8G3E6RD/05B58e3cSakRsYpuKksCgBSL38zQaOXy8yj1R
vA+z10hlOdwGBxLDWhk5dae/P0NnKyN1gTd6UXJ+ztnMDNEnU5W8zpoS91KH275E
/oc7y3AEet4oMHeGy8UATMOV5qIPeotkS7fLpDPc7FLojO0UEkepUMVVn++N6cNe
tFxWp7g8VBHfJ6G2Xne1bO/qxJNXRq4=
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:26:43 2025 by rpki-client