Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/aQlOLPDeolF5uYY7VkMgbIlakC4.roa
File: aQlOLPDeolF5uYY7VkMgbIlakC4.roa (raw, json)
Hash identifier: S5wKpeaQD33X7vEA4AJwuoJHgqZl5CaYGcEVikwgdoI=
Subject key identifier: 69:09:4E:2C:F0:DE:A2:51:79:B9:86:3B:56:43:20:6C:89:5A:90:2E
Certificate issuer: /CN=653f55629121b60fb19c97f99c75dd6f015dd6e8
Certificate serial: 0194222035FCFAB86A68E87DF79CDDB8474B
Authority key identifier: 65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/aQlOLPDeolF5uYY7VkMgbIlakC4.roa
Signing time: Wed 01 Jan 2025 13:48:43 +0000
ROA not before: Wed 01 Jan 2025 13:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4637
IP address blocks: 146.101.0.0/16 maxlen: 24
146.101.64.0/24 maxlen: 24
146.101.65.0/24 maxlen: 24
154.8.0.0/19 maxlen: 24
154.8.32.0/20 maxlen: 24
154.32.0.0/16 maxlen: 24
193.82.96.0/19 maxlen: 24
193.82.128.0/19 maxlen: 24
193.82.159.0/24 maxlen: 24
193.82.192.0/19 maxlen: 24
193.117.32.0/19 maxlen: 24
195.153.19.0/24 maxlen: 24
195.153.74.0/24 maxlen: 24
195.153.108.0/22 maxlen: 22
195.153.124.0/24 maxlen: 24
195.153.216.0/24 maxlen: 24
195.153.217.0/24 maxlen: 24
217.151.32.0/20 maxlen: 24
2a02:1620::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:35:fc:fa:b8:6a:68:e8:7d:f7:9c:dd:b8:47:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=653f55629121b60fb19c97f99c75dd6f015dd6e8
Validity
Not Before: Jan 1 13:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69094e2cf0dea25179b9863b5643206c895a902e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:7d:a8:44:78:12:e9:50:37:1b:25:9a:cc:93:
b6:a6:dc:d3:61:ae:32:7a:e0:7c:0c:c2:3a:31:7f:
e0:cf:1c:9e:e5:ad:a9:04:9c:2c:26:b9:2f:59:bc:
ef:04:0a:23:01:f1:88:85:6c:2f:31:c1:bf:e6:3c:
d3:7b:9d:9d:e1:53:61:a7:dd:12:b4:f2:47:d4:dd:
b2:fa:55:a5:f8:34:cf:dd:e8:93:93:ca:c8:6c:73:
d9:d3:30:c1:3f:33:4e:13:7f:79:b0:47:59:08:39:
87:ae:ea:a9:b0:0b:3c:d3:ed:64:51:b5:fa:e1:e1:
46:a1:40:ee:47:1f:d9:2b:f8:eb:c1:e9:bd:61:96:
ce:ad:81:57:a1:80:1d:94:b4:99:d8:b8:7b:94:10:
f9:8a:9a:28:92:ac:58:06:fb:f8:25:86:02:f9:46:
70:50:8e:c1:a7:c1:3c:4e:62:7f:33:14:fd:92:3d:
b3:c3:06:63:7a:d5:7d:71:ea:4c:21:82:62:ef:0e:
d1:19:04:bb:a0:bd:e3:ab:9c:a9:72:0f:b3:d4:a3:
eb:0b:1c:f4:42:e4:ec:0f:f4:e6:a3:64:66:fa:98:
6a:66:bd:11:cd:64:49:5f:17:82:07:15:21:f4:8a:
3f:c0:e8:0c:3e:12:58:67:c6:60:52:5a:68:7e:1d:
4f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:09:4E:2C:F0:DE:A2:51:79:B9:86:3B:56:43:20:6C:89:5A:90:2E
X509v3 Authority Key Identifier:
keyid:65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/aQlOLPDeolF5uYY7VkMgbIlakC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.101.0.0/16
154.8.0.0-154.8.47.255
154.32.0.0/16
193.82.96.0-193.82.159.255
193.82.192.0/19
193.117.32.0/19
195.153.19.0/24
195.153.74.0/24
195.153.108.0/22
195.153.124.0/24
195.153.216.0/23
217.151.32.0/20
IPv6:
2a02:1620::/32
Signature Algorithm: sha256WithRSAEncryption
7b:2c:dd:cc:d7:ec:80:42:3c:4d:96:66:5f:af:9c:29:56:1a:
9c:a8:3f:4c:0c:f1:91:cb:64:46:81:83:87:62:54:44:9b:7c:
90:41:ee:15:ab:f2:52:57:f0:b1:b9:af:f4:aa:7f:a7:a9:e3:
8e:9d:30:a0:53:6a:ca:88:2e:7a:84:f6:f3:f4:45:3b:19:47:
21:1f:9e:79:ae:b8:bf:8f:8a:89:9d:dd:c4:cf:26:66:89:0c:
41:d3:30:46:14:69:09:40:73:4b:0f:cc:ae:00:6a:b6:25:6c:
e9:04:84:f9:e2:6c:21:38:fb:14:59:4f:70:9b:88:4e:92:a7:
6d:ef:d1:49:2b:ec:2c:76:59:a1:87:4d:e6:ba:2c:15:3e:d8:
d3:9c:f5:a5:98:d0:84:eb:07:fa:a5:9b:0b:7f:96:12:9a:b0:
6d:a2:0c:4b:d3:dc:3f:e7:ac:6d:8a:5d:b7:4e:69:af:85:54:
8d:e6:6a:25:48:bc:44:92:97:b7:d9:be:7a:53:93:37:f8:9e:
00:78:9f:bf:79:63:97:43:e3:b2:eb:7f:a2:22:cc:1d:fa:cd:
fa:75:13:d4:2e:59:12:6d:4b:77:1e:3d:b8:36:af:1a:d2:9e:
49:72:99:d3:5b:41:f6:f2:cc:9f:4a:ee:5e:49:0b:f6:70:5e:
7b:f4:f4:74
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZQiIDX8+rhqaOh995zduEdLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1M2Y1NTYyOTEyMWI2MGZiMTljOTdmOTljNzVkZDZmMDE1
ZGQ2ZTgwHhcNMjUwMTAxMTM0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTA5NGUyY2YwZGVhMjUxNzliOTg2M2I1NjQzMjA2Yzg5NWE5MDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw32oRHgS6VA3GyWazJO2ptzTYa4y
euB8DMI6MX/gzxye5a2pBJwsJrkvWbzvBAojAfGIhWwvMcG/5jzTe52d4VNhp90S
tPJH1N2y+lWl+DTP3eiTk8rIbHPZ0zDBPzNOE395sEdZCDmHruqpsAs80+1kUbX6
4eFGoUDuRx/ZK/jrwem9YZbOrYFXoYAdlLSZ2Lh7lBD5ipookqxYBvv4JYYC+UZw
UI7Bp8E8TmJ/MxT9kj2zwwZjetV9cepMIYJi7w7RGQS7oL3jq5ypcg+z1KPrCxz0
QuTsD/Tmo2Rm+phqZr0RzWRJXxeCBxUh9Io/wOgMPhJYZ8ZgUlpofh1P5wIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFGkJTizw3qJRebmGO1ZDIGyJWpAuMB8GA1UdIwQY
MBaAFGU/VWKRIbYPsZyX+Zx13W8BXdboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlQ5VllwRWh0Zy14bkpmNW5IWGRid0ZkMXVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NGNmM2ItOWY1Yy00ZjVlLTk2YzQt
MjkyNmQyODFiNTE0LzEvYVFsT0xQRGVvbEY1dVlZN1ZrTWdiSWxha0M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NGNmM2ItOWY1Yy00ZjVlLTk2YzQtMjkyNmQyODFiNTE0
LzEvWlQ5VllwRWh0Zy14bkpmNW5IWGRid0ZkMXVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBbBAIAATBVAwMAkmUwCwMD
A5oIAwQEmgggAwMAmiAwDAMEBcFSYAMEBcFSgAMEBcFSwAMEBcF1IAMEAMOZEwME
AMOZSgMEAsOZbAMEAMOZfAMEAcOZ2AMEBNmXIDANBAIAAjAHAwUAKgIWIDANBgkq
hkiG9w0BAQsFAAOCAQEAeyzdzNfsgEI8TZZmX6+cKVYanKg/TAzxkctkRoGDh2JU
RJt8kEHuFavyUlfwsbmv9Kp/p6njjp0woFNqyogueoT28/RFOxlHIR+eea64v4+K
iZ3dxM8mZokMQdMwRhRpCUBzSw/MrgBqtiVs6QSE+eJsITj7FFlPcJuITpKnbe/R
SSvsLHZZoYdN5rosFT7Y05z1pZjQhOsH+qWbC3+WEpqwbaIMS9PcP+esbYpdt05p
r4VUjeZqJUi8RJKXt9m+elOTN/ieAHifv3ljl0Pjsut/oiLMHfrN+nUT1C5ZEm1L
dx49uDavGtKeSXKZ01tB9vLMn0ruXkkL9nBee/T0dA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:24:46 2025 by rpki-client