Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/AvnxlNtMf1mjljF0Z9KN2zVY_1Q.roa
File: AvnxlNtMf1mjljF0Z9KN2zVY_1Q.roa (raw, json)
Hash identifier: b+2KezT5XoOVrcPkpsJoH6QEKr1tioPIOPe6rbXH61o=
Subject key identifier: 02:F9:F1:94:DB:4C:7F:59:A3:96:31:74:67:D2:8D:DB:35:58:FF:54
Certificate issuer: /CN=30f1ba6111c8f1d3f37c1b7c1a5ed737402192f2
Certificate serial: 019422FC13B32D3C6C693926C92B6588D40B
Authority key identifier: 30:F1:BA:61:11:C8:F1:D3:F3:7C:1B:7C:1A:5E:D7:37:40:21:92:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/AvnxlNtMf1mjljF0Z9KN2zVY_1Q.roa
Signing time: Wed 01 Jan 2025 17:48:52 +0000
ROA not before: Wed 01 Jan 2025 17:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203596
IP address blocks: 91.213.223.0/24 maxlen: 24
91.216.15.0/24 maxlen: 24
185.14.176.0/24 maxlen: 24
185.14.178.0/24 maxlen: 24
185.122.100.0/22 maxlen: 24
185.222.88.0/22 maxlen: 24
2a06:a400::/29 maxlen: 29
2a06:a400:20::/44 maxlen: 48
2a06:a400:22::/48 maxlen: 48
2a06:a401::/32 maxlen: 48
2a06:a402::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:13:b3:2d:3c:6c:69:39:26:c9:2b:65:88:d4:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30f1ba6111c8f1d3f37c1b7c1a5ed737402192f2
Validity
Not Before: Jan 1 17:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=02f9f194db4c7f59a396317467d28ddb3558ff54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:20:4e:54:94:30:14:d3:aa:82:3b:ed:cb:ac:
c2:b8:a3:49:92:30:da:45:fd:c6:e7:c2:aa:d8:1a:
d3:52:6e:15:45:9a:85:cc:ba:87:23:c4:f4:0a:e3:
1a:69:64:5b:7f:49:b9:af:89:05:1e:fe:65:85:26:
37:ad:40:4d:8c:4a:be:7a:5d:1a:8c:22:b1:2e:91:
43:ad:cf:6d:3e:5f:22:c3:9b:2f:c5:c8:cb:ba:c5:
06:a9:df:f0:fe:c2:ec:54:d8:44:d6:6f:57:c2:2a:
2f:74:68:29:0b:93:d3:b1:fa:c6:07:22:e7:51:00:
18:31:85:53:d1:97:0c:55:7b:93:f2:5e:ee:c5:48:
39:e1:3b:27:74:43:b5:54:b3:a0:88:e9:b1:a4:58:
53:58:56:17:02:50:da:62:e5:89:39:11:99:f6:53:
51:d1:97:fa:6a:7d:eb:9f:65:94:59:5b:c0:6a:d4:
75:23:55:f3:15:05:46:3b:38:4c:b9:8c:c1:af:b3:
9e:28:10:31:e4:67:45:d7:e2:2f:7a:c3:2c:34:eb:
20:01:8f:49:ac:94:2d:95:42:54:07:cd:ad:dc:0a:
3d:f9:02:47:3b:49:b5:48:75:11:fe:58:12:e4:cc:
80:fa:a8:ee:83:32:a4:79:94:98:71:98:dd:e9:e0:
96:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:F9:F1:94:DB:4C:7F:59:A3:96:31:74:67:D2:8D:DB:35:58:FF:54
X509v3 Authority Key Identifier:
keyid:30:F1:BA:61:11:C8:F1:D3:F3:7C:1B:7C:1A:5E:D7:37:40:21:92:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/AvnxlNtMf1mjljF0Z9KN2zVY_1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.223.0/24
91.216.15.0/24
185.14.176.0/24
185.14.178.0/24
185.122.100.0/22
185.222.88.0/22
IPv6:
2a06:a400::/29
Signature Algorithm: sha256WithRSAEncryption
1a:27:76:0d:15:4b:94:8f:c2:7c:d6:d4:88:de:d1:34:5b:41:
65:a6:ed:97:89:06:45:2e:f5:38:2c:e1:33:71:65:4e:b6:3b:
96:50:eb:2c:7f:2e:88:44:4e:61:7f:84:46:54:36:e6:b3:1d:
84:e3:2f:51:dc:81:3d:c6:71:50:d6:5c:58:11:03:49:fa:04:
5b:27:5a:fb:67:22:5d:b3:42:14:b6:82:31:b1:dc:f5:12:43:
cd:da:91:2c:5f:cf:5e:6b:b7:57:d1:38:7e:49:d0:d5:9a:f7:
25:04:cc:1f:04:04:f5:1d:1c:19:90:e8:23:25:75:f8:44:8c:
63:58:ca:00:ec:8a:1e:d6:eb:15:80:02:db:ba:de:84:23:35:
c5:22:53:00:b0:e9:ff:fc:d5:e5:de:6b:f0:d0:a9:15:d1:2f:
f9:9c:2b:f9:22:d3:43:60:53:0f:fc:71:cb:1e:c2:c8:96:dc:
f0:dc:53:31:f1:cc:7c:c2:2f:b0:d0:00:2e:77:73:9a:e6:e3:
47:e4:eb:be:ed:6c:98:a7:c6:f9:94:2c:e2:f3:cf:10:72:b1:
86:10:91:c4:54:66:73:49:b5:6b:21:f1:63:47:d4:7e:8a:eb:
94:2e:a4:b8:a1:1e:6b:45:31:6e:b2:67:7c:c0:af:46:e6:67:
c2:61:0f:2c
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQi/BOzLTxsaTkmyStliNQLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZjFiYTYxMTFjOGYxZDNmMzdjMWI3YzFhNWVkNzM3NDAy
MTkyZjIwHhcNMjUwMTAxMTc0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmY5ZjE5NGRiNGM3ZjU5YTM5NjMxNzQ2N2QyOGRkYjM1NThmZjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxyBOVJQwFNOqgjvty6zCuKNJkjDa
Rf3G58Kq2BrTUm4VRZqFzLqHI8T0CuMaaWRbf0m5r4kFHv5lhSY3rUBNjEq+el0a
jCKxLpFDrc9tPl8iw5svxcjLusUGqd/w/sLsVNhE1m9XwiovdGgpC5PTsfrGByLn
UQAYMYVT0ZcMVXuT8l7uxUg54TsndEO1VLOgiOmxpFhTWFYXAlDaYuWJORGZ9lNR
0Zf6an3rn2WUWVvAatR1I1XzFQVGOzhMuYzBr7OeKBAx5GdF1+IvesMsNOsgAY9J
rJQtlUJUB82t3Ao9+QJHO0m1SHUR/lgS5MyA+qjugzKkeZSYcZjd6eCW7wIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFAL58ZTbTH9Zo5YxdGfSjds1WP9UMB8GA1UdIwQY
MBaAFDDxumERyPHT83wbfBpe1zdAIZLyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVBHNllSSEk4ZFB6ZkJ0OEdsN1hOMEFoa3ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84ZDdjNTctYmE2NS00N2ZjLWJjYzQt
YzMzMDE4NjMzZDMzLzEvQXZueGxOdE1mMW1qbGpGMFo5S04yelZZXzFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84ZDdjNTctYmE2NS00N2ZjLWJjYzQtYzMzMDE4NjMzZDMz
LzEvTVBHNllSSEk4ZFB6ZkJ0OEdsN1hOMEFoa3ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAW9XfAwQA
W9gPAwQAuQ6wAwQAuQ6yAwQCuXpkAwQCud5YMA0EAgACMAcDBQMqBqQAMA0GCSqG
SIb3DQEBCwUAA4IBAQAaJ3YNFUuUj8J81tSI3tE0W0Flpu2XiQZFLvU4LOEzcWVO
tjuWUOssfy6IRE5hf4RGVDbmsx2E4y9R3IE9xnFQ1lxYEQNJ+gRbJ1r7ZyJds0IU
toIxsdz1EkPN2pEsX89ea7dX0Th+SdDVmvclBMwfBAT1HRwZkOgjJXX4RIxjWMoA
7Ioe1usVgALbut6EIzXFIlMAsOn//NXl3mvw0KkV0S/5nCv5ItNDYFMP/HHLHsLI
ltzw3FMx8cx8wi+w0AAud3Oa5uNH5Ou+7WyYp8b5lCzi888QcrGGEJHEVGZzSbVr
IfFjR9R+iuuULqS4oR5rRTFusmd8wK9G5mfCYQ8s
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:03:31 2025 by rpki-client