Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/3cc848-7861-4ce1-870d-84b67b470b04/1/RGqdJBDPEJ4NHCF91EROwq2LZhE.roa
File: RGqdJBDPEJ4NHCF91EROwq2LZhE.roa (raw, json)
Hash identifier: Hlulf3Fm39IzIDGq4R3bEURkvT1bInO2vsqwAXSwJiE=
Subject key identifier: 44:6A:9D:24:10:CF:10:9E:0D:1C:21:7D:D4:44:4E:C2:AD:8B:66:11
Certificate issuer: /CN=ad367bc19f066996490a206674c8da8f5ed2cd0e
Certificate serial: 019423D7CA2B1D353030733054B754225044
Authority key identifier: AD:36:7B:C1:9F:06:69:96:49:0A:20:66:74:C8:DA:8F:5E:D2:CD:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rTZ7wZ8GaZZJCiBmdMjaj17SzQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/3cc848-7861-4ce1-870d-84b67b470b04/1/RGqdJBDPEJ4NHCF91EROwq2LZhE.roa
Signing time: Wed 01 Jan 2025 21:48:51 +0000
ROA not before: Wed 01 Jan 2025 21:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56322
IP address blocks: 91.219.236.0/22 maxlen: 22
91.219.236.0/24 maxlen: 24
91.219.237.0/24 maxlen: 24
91.219.238.0/24 maxlen: 24
91.219.239.0/24 maxlen: 24
185.163.204.0/24 maxlen: 24
2a10:c800::/48 maxlen: 48
2a10:c800:1::/48 maxlen: 48
2a10:c800:400::/48 maxlen: 48
2a10:c800:401::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:ca:2b:1d:35:30:30:73:30:54:b7:54:22:50:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad367bc19f066996490a206674c8da8f5ed2cd0e
Validity
Not Before: Jan 1 21:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=446a9d2410cf109e0d1c217dd4444ec2ad8b6611
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:04:70:d0:99:c0:15:33:fd:7d:e4:93:d7:1d:
08:e2:a2:4e:9f:8c:3b:97:d2:02:96:f0:36:b5:4a:
e8:7a:6f:cc:a4:a9:0c:b2:be:d8:5a:84:ce:60:ed:
a1:30:bf:49:7c:65:16:5d:90:73:77:e3:31:10:38:
b7:07:83:86:69:cb:05:75:9d:e3:a2:98:4d:7c:9c:
af:c9:25:76:5b:48:0d:1a:20:e9:86:9e:97:e8:3e:
97:e6:72:67:24:3e:9f:ab:13:fa:a3:b3:8e:94:80:
f8:96:84:cd:c2:f4:f3:d4:dc:fe:2f:5c:2b:67:47:
ac:b2:75:dd:c3:18:a7:4b:a6:11:4c:e3:16:ce:12:
52:a3:6f:28:8e:ac:7e:d5:64:66:9b:56:4f:53:ca:
31:9a:6b:d9:9f:08:5c:37:98:8d:e1:71:64:db:76:
26:76:88:c6:08:98:c7:88:e5:c6:46:62:3b:92:82:
cc:b0:d1:a8:d9:c6:21:63:f9:0e:e2:75:b3:bd:51:
cd:90:07:f2:e0:35:34:71:69:12:fa:a9:62:81:c9:
66:49:e2:32:3c:7d:82:00:fa:4a:dc:5e:62:49:ca:
d7:c6:11:c3:6c:ca:31:f3:49:47:b1:90:9a:e2:30:
f3:e5:1f:be:70:c6:0d:c8:40:5f:25:1a:cb:3c:3e:
f3:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:6A:9D:24:10:CF:10:9E:0D:1C:21:7D:D4:44:4E:C2:AD:8B:66:11
X509v3 Authority Key Identifier:
keyid:AD:36:7B:C1:9F:06:69:96:49:0A:20:66:74:C8:DA:8F:5E:D2:CD:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rTZ7wZ8GaZZJCiBmdMjaj17SzQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/3cc848-7861-4ce1-870d-84b67b470b04/1/RGqdJBDPEJ4NHCF91EROwq2LZhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/3cc848-7861-4ce1-870d-84b67b470b04/1/rTZ7wZ8GaZZJCiBmdMjaj17SzQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.236.0/22
185.163.204.0/24
IPv6:
2a10:c800::/47
2a10:c800:400::/47
Signature Algorithm: sha256WithRSAEncryption
05:8c:32:c9:4c:5f:f8:95:8a:fe:2a:fb:9c:26:38:6b:90:dc:
80:b4:67:2b:f5:77:02:75:f9:85:9b:f4:2c:c1:20:23:0f:ae:
5e:9f:c5:6c:9c:1d:b1:52:70:5e:e7:07:11:58:33:66:db:84:
6d:34:47:45:4d:e1:56:74:15:9a:22:75:e9:b4:11:6f:61:76:
c0:0e:eb:59:19:58:f3:f8:7b:b4:5e:d3:37:13:1b:69:37:7e:
09:c7:4d:d1:6e:43:0a:cd:39:06:fa:93:8d:80:bf:66:52:56:
cf:6d:b4:70:31:8e:f1:4d:33:dc:f6:9d:30:5d:bc:dc:e5:8d:
db:49:84:f1:3a:23:0d:83:a1:d1:75:ef:db:69:70:f3:b5:8d:
8f:a8:b0:3b:32:2b:aa:a4:bf:47:1a:ce:e2:4e:58:a5:22:e4:
3d:04:ee:70:c4:46:c1:97:a9:80:86:7b:cf:86:fd:d3:71:32:
cd:de:2e:e7:d1:ce:af:70:1c:55:e7:89:24:52:b6:a5:58:a0:
f4:a5:60:52:13:19:50:73:8f:86:0d:31:2a:62:8e:0a:6f:33:
28:0e:d4:12:e6:00:ec:f3:3b:dd:56:b6:6c:86:a9:38:a5:24:
7f:e3:40:dc:66:57:d8:40:65:17:18:9f:e5:66:e9:d9:89:08:
32:8e:80:e1
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQj18orHTUwMHMwVLdUIlBEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMzY3YmMxOWYwNjY5OTY0OTBhMjA2Njc0YzhkYThmNWVk
MmNkMGUwHhcNMjUwMTAxMjE0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDZhOWQyNDEwY2YxMDllMGQxYzIxN2RkNDQ0NGVjMmFkOGI2NjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gRw0JnAFTP9feST1x0I4qJOn4w7
l9IClvA2tUroem/MpKkMsr7YWoTOYO2hML9JfGUWXZBzd+MxEDi3B4OGacsFdZ3j
ophNfJyvySV2W0gNGiDphp6X6D6X5nJnJD6fqxP6o7OOlID4loTNwvTz1Nz+L1wr
Z0essnXdwxinS6YRTOMWzhJSo28ojqx+1WRmm1ZPU8oxmmvZnwhcN5iN4XFk23Ym
dojGCJjHiOXGRmI7koLMsNGo2cYhY/kO4nWzvVHNkAfy4DU0cWkS+qligclmSeIy
PH2CAPpK3F5iScrXxhHDbMox80lHsZCa4jDz5R++cMYNyEBfJRrLPD7zEwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFERqnSQQzxCeDRwhfdRETsKti2YRMB8GA1UdIwQY
MBaAFK02e8GfBmmWSQogZnTI2o9e0s0OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclRaN3daOEdhWlpKQ2lCbWRNamFqMTdTelE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8zY2M4NDgtNzg2MS00Y2UxLTg3MGQt
ODRiNjdiNDcwYjA0LzEvUkdxZEpCRFBFSjROSENGOTFFUk93cTJMWmhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8zY2M4NDgtNzg2MS00Y2UxLTg3MGQtODRiNjdiNDcwYjA0
LzEvclRaN3daOEdhWlpKQ2lCbWRNamFqMTdTelE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQCW9vsAwQA
uaPMMBgEAgACMBIDBwEqEMgAAAADBwEqEMgABAAwDQYJKoZIhvcNAQELBQADggEB
AAWMMslMX/iViv4q+5wmOGuQ3IC0Zyv1dwJ1+YWb9CzBICMPrl6fxWycHbFScF7n
BxFYM2bbhG00R0VN4VZ0FZoidem0EW9hdsAO61kZWPP4e7Re0zcTG2k3fgnHTdFu
QwrNOQb6k42Av2ZSVs9ttHAxjvFNM9z2nTBdvNzljdtJhPE6Iw2DodF179tpcPO1
jY+osDsyK6qkv0cazuJOWKUi5D0E7nDERsGXqYCGe8+G/dNxMs3eLufRzq9wHFXn
iSRStqVYoPSlYFITGVBzj4YNMSpijgpvMygO1BLmAOzzO91WtmyGqTilJH/jQNxm
V9hAZRcYn+Vm6dmJCDKOgOE=
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:46:09 2025 by rpki-client