Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/553dc6-12d0-4d4a-a294-97c5d59b0bbf/1/SC2XN_diYt_QukHaap0r8T6Wdak.roa
File: SC2XN_diYt_QukHaap0r8T6Wdak.roa (raw, json)
Hash identifier: 9K19NSoBm7IcK9urRxPzzijH4A8PV0f6iVI/4Q272ew=
Subject key identifier: 48:2D:97:37:F7:62:62:DF:D0:BA:41:DA:6A:9D:2B:F1:3E:96:75:A9
Certificate issuer: /CN=a6ed442b91d4e83a6de39fb67971a1e79c6b1ed5
Certificate serial: 0194274A08999855A3DB97EDCBDEF24053CE
Authority key identifier: A6:ED:44:2B:91:D4:E8:3A:6D:E3:9F:B6:79:71:A1:E7:9C:6B:1E:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pu1EK5HU6Dpt45-2eXGh55xrHtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/553dc6-12d0-4d4a-a294-97c5d59b0bbf/1/SC2XN_diYt_QukHaap0r8T6Wdak.roa
Signing time: Thu 02 Jan 2025 13:52:30 +0000
ROA not before: Thu 02 Jan 2025 13:52:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 91.208.162.0/24 maxlen: 24
91.208.184.0/24 maxlen: 24
91.208.197.0/24 maxlen: 24
91.208.206.0/24 maxlen: 24
2a0f:5f40::/29 maxlen: 48
2a0f:5f40::/48 maxlen: 48
2a0f:5f40:1::/48 maxlen: 48
2a0f:5f40:1000::/48 maxlen: 48
2a0f:5f45::/32 maxlen: 32
2a0f:5f47::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:4a:08:99:98:55:a3:db:97:ed:cb:de:f2:40:53:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6ed442b91d4e83a6de39fb67971a1e79c6b1ed5
Validity
Not Before: Jan 2 13:52:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=482d9737f76262dfd0ba41da6a9d2bf13e9675a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:bd:79:a7:ab:44:c0:6e:c9:b6:86:07:e5:12:
cc:08:70:95:f3:bd:b7:8a:52:ef:1e:d2:db:96:d3:
95:4b:5b:54:0d:8e:21:4b:97:23:f3:67:d2:28:95:
50:48:92:df:18:49:f3:8c:5c:9f:7d:29:52:5d:7c:
04:4a:17:b2:55:83:5a:c3:5e:36:96:cb:c0:10:59:
44:bb:52:ba:57:33:3b:ca:4f:f3:00:df:09:57:24:
5a:bd:c8:14:b2:1e:ac:97:37:70:19:a8:d3:44:40:
6b:51:1e:fd:86:33:1d:94:7e:45:75:52:75:95:b0:
0a:b8:de:76:6a:b4:fa:a3:a1:b0:6d:c0:30:2c:ba:
63:fb:25:49:23:3c:f3:e0:a4:b7:0b:e9:13:c3:09:
87:de:2f:12:c1:c7:5f:3b:06:68:7f:66:09:46:d3:
55:e6:cd:84:83:73:ea:dc:2b:ae:de:d7:ba:6f:69:
55:c6:89:ca:e6:03:d5:d8:a8:c3:f8:04:eb:eb:c4:
c7:0a:07:20:4e:dc:d5:c1:6b:5d:00:0d:0c:06:4d:
22:10:53:22:f1:b8:d0:15:9f:e3:3e:cc:12:2b:3f:
15:2e:c8:fc:61:5e:ef:60:33:1c:dd:49:63:ce:9f:
44:ce:56:d1:06:60:da:56:9f:a6:27:ec:bf:74:8a:
20:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:2D:97:37:F7:62:62:DF:D0:BA:41:DA:6A:9D:2B:F1:3E:96:75:A9
X509v3 Authority Key Identifier:
keyid:A6:ED:44:2B:91:D4:E8:3A:6D:E3:9F:B6:79:71:A1:E7:9C:6B:1E:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pu1EK5HU6Dpt45-2eXGh55xrHtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/553dc6-12d0-4d4a-a294-97c5d59b0bbf/1/SC2XN_diYt_QukHaap0r8T6Wdak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/553dc6-12d0-4d4a-a294-97c5d59b0bbf/1/pu1EK5HU6Dpt45-2eXGh55xrHtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.162.0/24
91.208.184.0/24
91.208.197.0/24
91.208.206.0/24
IPv6:
2a0f:5f40::/29
Signature Algorithm: sha256WithRSAEncryption
a6:ce:83:4a:7f:4f:61:99:7c:56:bd:9f:95:ab:8d:9f:d2:1c:
8f:ac:0b:61:a1:ae:10:9c:c2:26:c3:2b:ec:41:3f:15:39:f5:
05:2a:f8:5d:65:ad:8d:c4:f8:c1:c3:0a:ff:46:3e:bf:19:7e:
ba:8e:78:b6:40:4c:0a:4f:d3:46:ed:a1:33:eb:cf:a9:c5:2c:
bb:da:18:45:2f:ee:ce:96:f8:58:52:c1:b1:f6:dd:4a:14:4e:
39:0e:38:42:d8:a7:15:be:5a:c0:06:3f:d5:9e:24:57:d7:fb:
15:3b:b7:26:2b:ee:de:19:dc:06:b4:18:91:50:1f:30:40:08:
fa:2a:0a:d4:37:2a:75:7c:62:dd:ba:30:4c:88:ad:da:85:15:
a7:1a:20:97:f6:48:7c:b0:44:65:75:e9:f1:35:de:ea:5d:ae:
a3:64:ab:a3:fb:f9:5c:ec:43:2c:78:c0:ed:57:fc:45:b4:65:
00:a3:7b:93:cf:4d:50:64:3d:61:13:f0:4f:77:b3:6e:a9:bd:
64:62:c0:a3:fa:bd:04:5a:f2:30:e3:82:df:0e:52:71:9b:f6:
96:e2:c3:d1:6b:98:81:05:55:ae:7f:5d:e4:9f:8b:7c:17:a0:
61:c6:03:fe:f5:94:50:37:36:38:42:7e:4f:37:7d:fb:6f:6e:
e9:83:e8:71
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQnSgiZmFWj25fty97yQFPOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2ZWQ0NDJiOTFkNGU4M2E2ZGUzOWZiNjc5NzFhMWU3OWM2
YjFlZDUwHhcNMjUwMTAyMTM1MjMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODJkOTczN2Y3NjI2MmRmZDBiYTQxZGE2YTlkMmJmMTNlOTY3NWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwb15p6tEwG7JtoYH5RLMCHCV8723
ilLvHtLbltOVS1tUDY4hS5cj82fSKJVQSJLfGEnzjFyffSlSXXwESheyVYNaw142
lsvAEFlEu1K6VzM7yk/zAN8JVyRavcgUsh6slzdwGajTREBrUR79hjMdlH5FdVJ1
lbAKuN52arT6o6GwbcAwLLpj+yVJIzzz4KS3C+kTwwmH3i8SwcdfOwZof2YJRtNV
5s2Eg3Pq3Cuu3te6b2lVxonK5gPV2KjD+ATr68THCgcgTtzVwWtdAA0MBk0iEFMi
8bjQFZ/jPswSKz8VLsj8YV7vYDMc3Uljzp9EzlbRBmDaVp+mJ+y/dIogJQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFEgtlzf3YmLf0LpB2mqdK/E+lnWpMB8GA1UdIwQY
MBaAFKbtRCuR1Og6beOftnlxoeecax7VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHUxRUs1SFU2RHB0NDUtMmVYR2g1NXhySHRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS81NTNkYzYtMTJkMC00ZDRhLWEyOTQt
OTdjNWQ1OWIwYmJmLzEvU0MyWE5fZGlZdF9RdWtIYWFwMHI4VDZXZGFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS81NTNkYzYtMTJkMC00ZDRhLWEyOTQtOTdjNWQ1OWIwYmJm
LzEvcHUxRUs1SFU2RHB0NDUtMmVYR2g1NXhySHRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW9CiAwQA
W9C4AwQAW9DFAwQAW9DOMA0EAgACMAcDBQMqD19AMA0GCSqGSIb3DQEBCwUAA4IB
AQCmzoNKf09hmXxWvZ+Vq42f0hyPrAthoa4QnMImwyvsQT8VOfUFKvhdZa2NxPjB
wwr/Rj6/GX66jni2QEwKT9NG7aEz68+pxSy72hhFL+7OlvhYUsGx9t1KFE45DjhC
2KcVvlrABj/VniRX1/sVO7cmK+7eGdwGtBiRUB8wQAj6KgrUNyp1fGLdujBMiK3a
hRWnGiCX9kh8sERldenxNd7qXa6jZKuj+/lc7EMseMDtV/xFtGUAo3uTz01QZD1h
E/BPd7Nuqb1kYsCj+r0EWvIw44LfDlJxm/aW4sPRa5iBBVWuf13kn4t8F6BhxgP+
9ZRQNzY4Qn5PN337b27pg+hx
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:11:41 2025 by rpki-client