Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4GV02-XFiHb-NFQWrx5Sefm3x0Y.roa
File: 4GV02-XFiHb-NFQWrx5Sefm3x0Y.roa (raw, json)
Hash identifier: U4R95huJgUw3tR2yWcCp/ViImzJ/b/GvFVbG7a7wFEY=
Subject key identifier: E0:65:74:DB:E5:C5:88:76:FE:34:54:16:AF:1E:52:79:F9:B7:C7:46
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0194BB49DA82FDADCDC0B6EBEF46F77CECA3
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4GV02-XFiHb-NFQWrx5Sefm3x0Y.roa
Signing time: Fri 31 Jan 2025 07:36:06 +0000
ROA not before: Fri 31 Jan 2025 07:36:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29066
IP address blocks: 2.56.102.0/24 maxlen: 24
2.59.23.0/24 maxlen: 24
45.152.203.0/24 maxlen: 24
185.99.98.0/24 maxlen: 24
185.99.99.0/24 maxlen: 24
185.126.67.0/24 maxlen: 24
193.39.244.0/24 maxlen: 24
2a0f:4a00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bb:49:da:82:fd:ad:cd:c0:b6:eb:ef:46:f7:7c:ec:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 31 07:36:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e06574dbe5c58876fe345416af1e5279f9b7c746
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:5e:5f:e7:e5:47:6d:70:58:56:3b:72:44:17:
94:e2:d5:36:3a:1f:ef:30:ef:a6:11:8d:30:c0:20:
c5:39:98:dd:f6:f3:09:e4:00:81:04:83:90:4f:76:
44:d3:9f:57:ce:8d:86:90:4d:57:c7:fa:04:c9:80:
a9:ae:db:3c:19:f7:32:e3:2f:a1:aa:7a:3d:b0:7d:
3a:97:92:27:dd:c6:6e:cb:d0:aa:f6:f1:a6:f8:72:
05:f4:2f:1d:ba:b2:c2:fa:bd:ba:16:40:06:4d:a9:
58:b1:a2:d4:05:01:a5:eb:d3:bd:57:9b:3c:6a:f8:
f5:9a:75:97:09:3a:d6:b9:41:76:e6:9b:a0:b8:89:
b3:fa:b9:23:e6:fb:98:02:e5:49:a6:63:b2:76:78:
df:cc:78:29:89:3d:2a:0f:5f:3e:66:ed:a8:9e:f0:
5a:f5:10:4a:17:15:a2:d4:d8:97:71:a1:e8:0f:54:
8f:a9:bd:d5:04:a2:44:26:fd:d0:ef:6e:51:1f:96:
98:f6:d3:0c:f2:3e:4d:b4:3d:97:e1:a7:aa:7f:bd:
39:45:75:3e:55:07:14:df:63:5e:1f:8c:c7:08:7f:
3b:bf:7a:22:02:23:9d:be:2e:30:ba:87:55:e5:b4:
5c:1d:38:3a:2a:21:86:23:01:8d:ff:93:c4:88:3e:
e6:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:65:74:DB:E5:C5:88:76:FE:34:54:16:AF:1E:52:79:F9:B7:C7:46
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4GV02-XFiHb-NFQWrx5Sefm3x0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.102.0/24
2.59.23.0/24
45.152.203.0/24
185.99.98.0/23
185.126.67.0/24
193.39.244.0/24
IPv6:
2a0f:4a00::/29
Signature Algorithm: sha256WithRSAEncryption
b8:8b:55:1f:99:74:29:2f:5d:39:4e:53:04:94:08:d9:29:28:
c6:28:3d:25:8a:dc:54:71:4a:57:89:47:8d:d4:a1:33:c1:6f:
9e:a8:13:e9:98:c0:ff:3f:3c:81:7f:fb:1b:c3:d0:59:cc:41:
60:33:c4:93:dc:dd:32:5d:70:c9:84:d8:89:75:3b:71:94:5e:
d8:c5:ed:8e:63:83:f3:23:fc:c9:10:1e:22:20:39:c1:c4:93:
07:76:14:3d:2c:27:2e:db:59:53:12:bc:ee:9a:06:07:c2:fc:
f1:ee:87:61:35:86:0c:da:20:d1:f8:1d:e1:01:dd:dc:e3:b1:
a0:b2:21:8d:c6:a0:91:e6:90:22:ad:77:bc:5a:4b:3e:4d:fb:
ef:4c:77:92:7d:69:99:17:d0:71:96:51:cb:3e:6b:f8:55:6c:
c9:e6:97:af:79:68:0b:94:e9:d8:4f:da:6c:6d:9f:b6:ac:1f:
7d:0b:d1:ad:8d:97:35:ac:8c:58:97:16:84:bf:d2:af:30:d9:
8e:a3:2b:ac:50:14:62:a2:bb:ed:a0:89:bb:62:6d:39:ed:54:
08:23:f1:76:3b:ba:26:e2:c4:d0:ee:35:00:87:d2:7c:66:60:
da:c7:7d:90:42:e8:6f:b0:eb:b4:c5:eb:37:20:92:3d:6a:a6:
12:17:42:f0
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZS7SdqC/a3NwLbr70b3fOyjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMTMxMDczNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDY1NzRkYmU1YzU4ODc2ZmUzNDU0MTZhZjFlNTI3OWY5YjdjNzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA415f5+VHbXBYVjtyRBeU4tU2Oh/v
MO+mEY0wwCDFOZjd9vMJ5ACBBIOQT3ZE059Xzo2GkE1Xx/oEyYCprts8Gfcy4y+h
qno9sH06l5In3cZuy9Cq9vGm+HIF9C8durLC+r26FkAGTalYsaLUBQGl69O9V5s8
avj1mnWXCTrWuUF25puguImz+rkj5vuYAuVJpmOydnjfzHgpiT0qD18+Zu2onvBa
9RBKFxWi1NiXcaHoD1SPqb3VBKJEJv3Q725RH5aY9tMM8j5NtD2X4aeqf705RXU+
VQcU32NeH4zHCH87v3oiAiOdvi4wuodV5bRcHTg6KiGGIwGN/5PEiD7mIwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFOBldNvlxYh2/jRUFq8eUnn5t8dGMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvNEdWMDItWEZpSGItTkZRV3J4NVNlZm0zeDBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAAjhmAwQA
AjsXAwQALZjLAwQBuWNiAwQAuX5DAwQAwSf0MA0EAgACMAcDBQMqD0oAMA0GCSqG
SIb3DQEBCwUAA4IBAQC4i1UfmXQpL105TlMElAjZKSjGKD0litxUcUpXiUeN1KEz
wW+eqBPpmMD/PzyBf/sbw9BZzEFgM8ST3N0yXXDJhNiJdTtxlF7Yxe2OY4PzI/zJ
EB4iIDnBxJMHdhQ9LCcu21lTErzumgYHwvzx7odhNYYM2iDR+B3hAd3c47GgsiGN
xqCR5pAirXe8Wks+TfvvTHeSfWmZF9BxllHLPmv4VWzJ5peveWgLlOnYT9psbZ+2
rB99C9GtjZc1rIxYlxaEv9KvMNmOoyusUBRiorvtoIm7Ym057VQII/F2O7om4sTQ
7jUAh9J8ZmDax32QQuhvsOu0xes3IJI9aqYSF0Lw
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:41:54 2025 by rpki-client