Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/v1blfJinGg5UKGGxwJdmzLKT0hA.roa
File: v1blfJinGg5UKGGxwJdmzLKT0hA.roa (raw, json)
Hash identifier: 2J0ib4FslejnTfHhh0IkslYAy8P2uG24mP/Crt5i7Qg=
Subject key identifier: BF:56:E5:7C:98:A7:1A:0E:54:28:61:B1:C0:97:66:CC:B2:93:D2:10
Certificate issuer: /CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Certificate serial: 01846AFE050338CBF998196B9E36E5081D2E
Authority key identifier: D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/v1blfJinGg5UKGGxwJdmzLKT0hA.roa
Signing time: Sat 12 Nov 2022 08:39:03 +0000
ROA not before: Sat 12 Nov 2022 08:39:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15580
IP address blocks: 194.127.64.0/24 maxlen: 24
194.127.67.0/24 maxlen: 24
194.127.65.0/24 maxlen: 24
194.127.66.0/24 maxlen: 24
194.127.74.0/24 maxlen: 24
194.127.75.0/24 maxlen: 24
194.127.72.0/24 maxlen: 24
194.127.73.0/24 maxlen: 24
194.127.76.0/24 maxlen: 24
194.127.80.0/20 maxlen: 20
194.127.81.0/24 maxlen: 24
194.127.88.0/24 maxlen: 24
194.127.89.0/24 maxlen: 24
194.127.9.224/27 maxlen: 27
194.127.9.64/27 maxlen: 27
193.194.10.0/23 maxlen: 23
193.194.10.0/24 maxlen: 24
193.194.11.0/24 maxlen: 24
193.194.6.0/23 maxlen: 23
193.194.12.0/22 maxlen: 22
194.127.4.0/24 maxlen: 24
194.127.3.0/24 maxlen: 24
194.127.1.0/24 maxlen: 24
194.127.2.0/24 maxlen: 24
194.127.0.0/18 maxlen: 18
194.127.0.0/24 maxlen: 24
194.127.5.0/24 maxlen: 24
194.127.9.0/24 maxlen: 24
194.127.11.0/24 maxlen: 24
194.127.10.0/24 maxlen: 24
194.127.17.0/24 maxlen: 24
194.127.12.0/24 maxlen: 24
194.127.15.0/24 maxlen: 24
194.127.13.0/24 maxlen: 24
194.127.14.0/24 maxlen: 24
194.127.24.0/23 maxlen: 23
194.127.19.0/24 maxlen: 24
194.127.22.0/24 maxlen: 24
194.127.23.0/24 maxlen: 24
194.127.20.0/24 maxlen: 24
194.127.21.0/24 maxlen: 24
194.127.31.0/24 maxlen: 24
194.127.26.0/24 maxlen: 24
194.127.26.0/23 maxlen: 23
194.127.29.0/24 maxlen: 24
194.127.27.0/24 maxlen: 24
194.127.28.0/24 maxlen: 24
2a01:6f8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:6a:fe:05:03:38:cb:f9:98:19:6b:9e:36:e5:08:1d:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Validity
Not Before: Nov 12 08:39:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf56e57c98a71a0e542861b1c09766ccb293d210
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:27:79:68:45:e2:00:d1:67:11:7f:f1:96:9c:
73:d5:78:03:5f:75:39:15:cc:72:bc:24:5d:e8:60:
d3:7d:d5:df:82:0b:61:9b:7a:68:7d:43:c4:49:04:
92:e4:ce:17:2e:6b:13:24:91:75:1c:57:10:66:f0:
56:29:5a:5f:31:e3:33:53:f7:51:28:79:2f:c0:5e:
40:19:c4:35:0e:b4:8e:8c:27:bb:2f:81:04:3e:2e:
f5:ae:2e:86:64:3d:e9:d2:97:b9:82:c9:e1:26:84:
1c:75:ec:85:e0:53:ea:60:6b:f1:1f:eb:e1:0f:5a:
63:71:76:b7:37:09:05:15:cd:fa:55:6a:fc:f2:bf:
02:76:11:9e:7b:8c:79:cf:6f:16:41:35:c2:25:8d:
74:8d:5b:b4:e2:4d:0a:78:6a:6b:b3:17:7e:5e:1d:
2a:cb:56:b4:2a:8c:b4:7f:63:04:a4:b5:b2:24:2d:
40:0f:66:50:cb:3f:17:70:84:c4:a3:d2:7c:8d:52:
7a:57:41:35:34:d7:bb:52:b7:b1:aa:7f:ee:93:b7:
e2:bd:27:d3:bb:31:6f:8d:e8:44:17:ad:16:c4:d5:
8f:07:a4:5c:a8:1d:82:c3:ec:51:f2:f6:48:30:4f:
b2:ab:0d:87:60:da:82:02:0c:dd:93:7f:d1:46:14:
05:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:56:E5:7C:98:A7:1A:0E:54:28:61:B1:C0:97:66:CC:B2:93:D2:10
X509v3 Authority Key Identifier:
keyid:D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/v1blfJinGg5UKGGxwJdmzLKT0hA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/0x3RpRTTp-Pf24v7ddfSTtmNR58.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.194.6.0/23
193.194.10.0-193.194.15.255
194.127.0.0-194.127.67.255
194.127.72.0-194.127.76.255
194.127.80.0/20
IPv6:
2a01:6f8::/32
Signature Algorithm: sha256WithRSAEncryption
75:35:11:e3:b4:ab:e6:c8:b1:14:96:28:42:9c:6b:ed:3a:e6:
4e:8d:14:1e:a4:05:53:ca:bb:52:d0:d7:f1:87:4e:0d:ba:b1:
f0:21:89:47:fd:96:4f:c8:a0:86:0a:3c:2f:b7:04:ee:2e:74:
0c:71:a6:81:80:cb:2f:5e:9e:ac:f8:23:66:d5:d7:b5:42:90:
fe:94:39:7b:64:c8:d5:7d:7f:ca:93:06:64:79:1b:fd:27:5d:
6a:51:1c:07:a1:01:8b:60:d9:39:c0:10:26:33:91:6e:be:88:
f8:f2:63:fd:ae:ab:41:e0:5f:d9:db:60:57:c1:7e:93:9e:47:
4e:c6:92:e9:2f:cb:56:45:ee:52:ee:da:31:73:02:30:5f:0b:
04:a7:32:b7:b6:60:56:9c:eb:ac:d9:55:8e:39:75:bf:4c:34:
ef:72:0a:6c:57:7c:88:ea:5d:97:4d:be:d3:c9:cd:a9:3a:2b:
97:19:7a:7c:72:71:69:b2:24:31:16:e8:b3:dc:43:31:50:96:
90:f4:9c:4f:0a:05:ce:84:9b:c0:85:94:da:af:1f:36:6e:bc:
58:50:8a:7e:69:b3:db:74:14:81:e6:a4:07:c5:ae:e7:07:00:
d9:56:a3:08:69:be:38:c8:4d:e7:92:51:17:38:b8:e8:16:be:
19:f2:5c:88
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYRq/gUDOMv5mBlrnjblCB0uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMWRkMWE1MTRkM2E3ZTNkZmRiOGJmYjc1ZDdkMjRlZDk4
ZDQ3OWYwHhcNMjIxMTEyMDgzOTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjU2ZTU3Yzk4YTcxYTBlNTQyODYxYjFjMDk3NjZjY2IyOTNkMjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmid5aEXiANFnEX/xlpxz1XgDX3U5
FcxyvCRd6GDTfdXfggthm3pofUPESQSS5M4XLmsTJJF1HFcQZvBWKVpfMeMzU/dR
KHkvwF5AGcQ1DrSOjCe7L4EEPi71ri6GZD3p0pe5gsnhJoQcdeyF4FPqYGvxH+vh
D1pjcXa3NwkFFc36VWr88r8CdhGee4x5z28WQTXCJY10jVu04k0KeGprsxd+Xh0q
y1a0Koy0f2MEpLWyJC1AD2ZQyz8XcITEo9J8jVJ6V0E1NNe7Urexqn/uk7fivSfT
uzFvjehEF60WxNWPB6RcqB2Cw+xR8vZIME+yqw2HYNqCAgzdk3/RRhQF0QIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFL9W5XyYpxoOVChhscCXZsyyk9IQMB8GA1UdIwQY
MBaAFNMd0aUU06fj39uL+3XX0k7ZjUefMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHgzUnBSVFRwLVBmMjR2N2RkZlNUdG1OUjU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9mMjQ3OGYtYzUwMy00MmMyLTk0YjIt
YjE2NmFlMmVmMjg3LzEvdjFibGZKaW5HZzVVS0dHeHdKZG16TEtUMGhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9mMjQ3OGYtYzUwMy00MmMyLTk0YjItYjE2NmFlMmVmMjg3
LzEvMHgzUnBSVFRwLVBmMjR2N2RkZlNUdG1OUjU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDA7BAIAATA1AwQBwcIGMAwD
BAHBwgoDBATBwgAwCwMDAMJ/AwQCwn9AMAwDBAPCf0gDBADCf0wDBATCf1AwDQQC
AAIwBwMFACoBBvgwDQYJKoZIhvcNAQELBQADggEBAHU1EeO0q+bIsRSWKEKca+06
5k6NFB6kBVPKu1LQ1/GHTg26sfAhiUf9lk/IoIYKPC+3BO4udAxxpoGAyy9enqz4
I2bV17VCkP6UOXtkyNV9f8qTBmR5G/0nXWpRHAehAYtg2TnAECYzkW6+iPjyY/2u
q0HgX9nbYFfBfpOeR07Gkukvy1ZF7lLu2jFzAjBfCwSnMre2YFac66zZVY45db9M
NO9yCmxXfIjqXZdNvtPJzak6K5cZenxycWmyJDEW6LPcQzFQlpD0nE8KBc6Em8CF
lNqvHzZuvFhQin5ps9t0FIHmpAfFrucHANlWowhpvjjITeeSURc4uOgWvhnyXIg=
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:18:12 2025 by rpki-client