Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/IAgL9Rqsax5Ubj9r-wZ6tomx5l4.roa
File: IAgL9Rqsax5Ubj9r-wZ6tomx5l4.roa (raw, json)
Hash identifier: N26/KKGVSMUch7z4T5mn9MTk6NJ1368D+UG3bVNSWBA=
Subject key identifier: 20:08:0B:F5:1A:AC:6B:1E:54:6E:3F:6B:FB:06:7A:B6:89:B1:E6:5E
Certificate issuer: /CN=a86580e18ad6ff8dc942be883c16de8b731f9605
Certificate serial: 019421B18A92432612FB3EE3C2CC2C1D0719
Authority key identifier: A8:65:80:E1:8A:D6:FF:8D:C9:42:BE:88:3C:16:DE:8B:73:1F:96:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGWA4YrW_43JQr6IPBbei3MflgU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/IAgL9Rqsax5Ubj9r-wZ6tomx5l4.roa
Signing time: Wed 01 Jan 2025 11:47:50 +0000
ROA not before: Wed 01 Jan 2025 11:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29396
IP address blocks: 82.148.192.0/19 maxlen: 24
84.53.64.0/18 maxlen: 24
90.145.0.0/16 maxlen: 24
91.194.8.0/23 maxlen: 24
185.41.144.0/22 maxlen: 24
2a01:5620::/29 maxlen: 48
2a02:120::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:8a:92:43:26:12:fb:3e:e3:c2:cc:2c:1d:07:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a86580e18ad6ff8dc942be883c16de8b731f9605
Validity
Not Before: Jan 1 11:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20080bf51aac6b1e546e3f6bfb067ab689b1e65e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:2c:e8:2e:87:cf:e3:92:90:43:06:8c:74:e8:
9b:f4:1e:5e:f9:10:2a:8a:7e:93:9c:c0:6d:39:73:
22:16:dd:38:65:80:c1:1b:21:3b:bf:1f:c0:15:65:
78:03:93:1e:2f:1a:48:3c:98:f9:e1:89:92:04:ca:
3a:72:b1:b6:83:1d:49:e8:d4:46:b4:f9:bc:77:4d:
88:76:7c:80:4d:e4:72:ae:89:32:1e:10:ea:d4:3a:
b6:8c:77:f1:76:9e:44:0b:0e:8f:5a:3b:4c:d6:b3:
b8:ec:ee:57:f6:f8:9e:42:c0:c2:c3:ba:cd:0a:ed:
3d:db:92:9e:9d:89:23:51:07:62:6a:97:54:b2:d0:
d7:e3:df:2a:c4:1c:9d:b8:b3:62:e8:57:4d:13:f7:
71:bc:5a:b4:54:1d:f8:0a:f4:3f:4f:b5:1a:c7:c8:
60:42:52:a3:a5:42:78:77:fc:9d:6e:ad:91:c8:0d:
66:7a:50:52:33:c7:71:65:85:69:73:fe:0c:b6:fa:
b8:f2:c9:32:36:1e:00:5c:d9:18:0f:b0:63:8a:ca:
ac:c2:0b:f1:73:25:41:07:17:a3:72:b5:9c:1b:10:
2c:e2:0e:e1:32:92:4d:09:62:0d:4b:16:b9:ab:74:
50:f4:fc:7d:f6:8e:6f:77:7a:ec:ff:11:58:9e:4a:
fe:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:08:0B:F5:1A:AC:6B:1E:54:6E:3F:6B:FB:06:7A:B6:89:B1:E6:5E
X509v3 Authority Key Identifier:
keyid:A8:65:80:E1:8A:D6:FF:8D:C9:42:BE:88:3C:16:DE:8B:73:1F:96:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGWA4YrW_43JQr6IPBbei3MflgU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/IAgL9Rqsax5Ubj9r-wZ6tomx5l4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/qGWA4YrW_43JQr6IPBbei3MflgU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.148.192.0/19
84.53.64.0/18
90.145.0.0/16
91.194.8.0/23
185.41.144.0/22
IPv6:
2a01:5620::/29
2a02:120::/29
Signature Algorithm: sha256WithRSAEncryption
05:68:09:ba:67:9b:d2:eb:a3:14:7e:73:f8:36:a1:08:9a:24:
e5:23:79:ba:51:4d:8b:9b:d7:39:b0:50:e2:95:ce:6f:a7:93:
31:1b:32:7a:67:7d:78:54:15:4b:1a:08:f5:4e:27:c2:64:33:
ab:85:48:0d:9f:a5:8b:f6:49:20:e4:34:fa:4a:73:18:ba:1e:
2c:40:86:3d:1c:38:76:ff:8e:6b:12:01:6b:ab:2a:ef:d8:80:
99:3c:ea:ad:ea:61:08:57:99:05:de:2f:d5:a6:23:fd:1b:b4:
e4:48:63:75:c1:be:c3:63:4d:07:b6:09:69:50:09:95:60:48:
63:56:57:4d:3c:75:ad:30:f6:8c:46:36:48:87:ed:b6:98:7f:
6c:06:fd:52:11:ef:87:06:8b:56:51:c2:52:f4:1e:6e:85:a4:
e5:10:2f:68:59:10:f5:d4:85:1c:61:0a:6e:f9:66:4a:5a:59:
40:b4:99:56:08:a7:9c:e7:e8:5c:97:26:05:7f:f1:a1:36:b4:
0c:af:8f:67:ba:a8:f2:6b:5f:56:9f:fb:be:8e:4b:d8:6b:75:
20:c7:74:91:cc:af:58:40:f5:f5:a2:5e:7e:ce:6d:59:13:e0:
12:9d:74:bd:db:c0:c8:27:1f:4f:8b:1a:98:06:7b:56:cf:e0:
bf:2d:a5:a2
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQhsYqSQyYS+z7jwswsHQcZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NjU4MGUxOGFkNmZmOGRjOTQyYmU4ODNjMTZkZThiNzMx
Zjk2MDUwHhcNMjUwMTAxMTE0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDA4MGJmNTFhYWM2YjFlNTQ2ZTNmNmJmYjA2N2FiNjg5YjFlNjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2SzoLofP45KQQwaMdOib9B5e+RAq
in6TnMBtOXMiFt04ZYDBGyE7vx/AFWV4A5MeLxpIPJj54YmSBMo6crG2gx1J6NRG
tPm8d02IdnyATeRyrokyHhDq1Dq2jHfxdp5ECw6PWjtM1rO47O5X9vieQsDCw7rN
Cu0925KenYkjUQdiapdUstDX498qxByduLNi6FdNE/dxvFq0VB34CvQ/T7Uax8hg
QlKjpUJ4d/ydbq2RyA1melBSM8dxZYVpc/4Mtvq48skyNh4AXNkYD7Bjisqswgvx
cyVBBxejcrWcGxAs4g7hMpJNCWINSxa5q3RQ9Px99o5vd3rs/xFYnkr+QwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFCAIC/UarGseVG4/a/sGeraJseZeMB8GA1UdIwQY
MBaAFKhlgOGK1v+NyUK+iDwW3otzH5YFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUdXQTRZcldfNDNKUXI2SVBCYmVpM01mbGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9lMjlkY2UtYTE3NC00Yjc3LTg5YWEt
MjM2ZTkyZmM2YTU5LzEvSUFnTDlScXNheDVVYmo5ci13WjZ0b214NWw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9lMjlkY2UtYTE3NC00Yjc3LTg5YWEtMjM2ZTkyZmM2YTU5
LzEvcUdXQTRZcldfNDNKUXI2SVBCYmVpM01mbGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAjBAIAATAdAwQFUpTAAwQG
VDVAAwMAWpEDBAFbwggDBAK5KZAwFAQCAAIwDgMFAyoBViADBQMqAgEgMA0GCSqG
SIb3DQEBCwUAA4IBAQAFaAm6Z5vS66MUfnP4NqEImiTlI3m6UU2Lm9c5sFDilc5v
p5MxGzJ6Z314VBVLGgj1TifCZDOrhUgNn6WL9kkg5DT6SnMYuh4sQIY9HDh2/45r
EgFrqyrv2ICZPOqt6mEIV5kF3i/VpiP9G7TkSGN1wb7DY00HtglpUAmVYEhjVldN
PHWtMPaMRjZIh+22mH9sBv1SEe+HBotWUcJS9B5uhaTlEC9oWRD11IUcYQpu+WZK
WllAtJlWCKec5+hclyYFf/GhNrQMr49nuqjya19Wn/u+jkvYa3Ugx3SRzK9YQPX1
ol5+zm1ZE+ASnXS928DIJx9PixqYBntWz+C/LaWi
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:31:12 2025 by rpki-client