Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/AOhuIKQqkUFBGdFmMPL0AQ4-6ws.roa
File: AOhuIKQqkUFBGdFmMPL0AQ4-6ws.roa (raw, json)
Hash identifier: NMkAIRgl5lNzLREs3diQCp/jVGbMeQySwuIlxdMJq3M=
Subject key identifier: 00:E8:6E:20:A4:2A:91:41:41:19:D1:66:30:F2:F4:01:0E:3E:EB:0B
Certificate issuer: /CN=49216f5c165b827a7fd73d8107aebd2f63c63e24
Certificate serial: 019425FC9CD09DDB4413569F1859D87E44AF
Authority key identifier: 49:21:6F:5C:16:5B:82:7A:7F:D7:3D:81:07:AE:BD:2F:63:C6:3E:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/AOhuIKQqkUFBGdFmMPL0AQ4-6ws.roa
Signing time: Thu 02 Jan 2025 07:48:19 +0000
ROA not before: Thu 02 Jan 2025 07:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48407
IP address blocks: 81.90.16.0/20 maxlen: 20
81.90.17.0/24 maxlen: 24
81.90.18.0/24 maxlen: 24
81.90.19.0/24 maxlen: 24
93.94.50.0/24 maxlen: 24
93.94.55.0/24 maxlen: 24
178.17.48.0/20 maxlen: 20
2a00:8b20::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:9c:d0:9d:db:44:13:56:9f:18:59:d8:7e:44:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49216f5c165b827a7fd73d8107aebd2f63c63e24
Validity
Not Before: Jan 2 07:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00e86e20a42a91414119d16630f2f4010e3eeb0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:98:24:79:66:e1:9c:bc:62:22:d1:3d:8c:d0:
b0:d5:c8:74:4d:e9:47:a7:8d:48:53:73:99:db:8e:
17:c0:74:08:c6:68:65:5c:61:6a:ec:2e:c2:ce:ae:
15:2d:33:bc:8c:84:db:fa:2d:e5:cc:6c:51:26:de:
7a:10:d2:47:27:fd:ce:6f:24:ca:ad:7a:a8:e2:7e:
c2:37:3c:30:49:3b:1c:5d:eb:ba:d9:09:99:98:3c:
4f:26:87:17:eb:1a:54:48:23:b0:ce:66:38:51:37:
9c:d9:ff:1b:55:19:bc:1c:64:6f:50:8e:8b:15:d0:
94:8d:11:a7:d0:84:4c:da:b3:c1:44:fe:2c:f2:f5:
01:1e:80:a2:9c:f0:94:92:76:8e:0a:5a:90:a1:60:
eb:b1:ff:9a:d7:49:03:63:21:25:23:73:a4:ff:ce:
ed:c8:03:82:17:65:34:b3:bc:fc:bc:48:3a:34:a6:
ba:2c:59:69:5b:81:2a:9f:77:7b:a4:47:39:91:32:
5a:18:e8:bd:a1:3c:a9:61:84:63:70:18:3a:2a:bc:
f1:82:0e:82:74:2a:11:3a:ee:94:1f:1a:64:68:b0:
bd:cc:8d:ac:22:eb:3d:30:24:65:12:8a:9c:1d:9a:
b6:03:7e:f0:42:37:5d:90:5b:c5:3c:50:37:cf:e3:
da:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:E8:6E:20:A4:2A:91:41:41:19:D1:66:30:F2:F4:01:0E:3E:EB:0B
X509v3 Authority Key Identifier:
keyid:49:21:6F:5C:16:5B:82:7A:7F:D7:3D:81:07:AE:BD:2F:63:C6:3E:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/AOhuIKQqkUFBGdFmMPL0AQ4-6ws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.90.16.0/20
93.94.50.0/24
93.94.55.0/24
178.17.48.0/20
IPv6:
2a00:8b20::/32
Signature Algorithm: sha256WithRSAEncryption
97:e2:67:2f:f0:dd:41:2d:5b:a0:d6:d1:87:e1:c0:0b:ae:6e:
d0:8a:72:b8:73:7c:7a:78:9c:d3:9b:63:b5:74:fa:62:cd:55:
e6:2c:d8:00:de:6b:df:3e:73:20:a2:e9:d4:01:76:00:1c:09:
67:0a:ea:d6:e6:1b:d5:92:c5:7f:36:35:89:49:48:7d:0d:6a:
b9:b6:23:90:f4:7e:af:17:90:bf:7a:a4:f6:ad:b6:3d:ab:47:
74:29:c9:46:2d:f5:38:db:ef:a6:64:fc:7e:b4:58:40:fb:61:
90:b0:aa:69:c0:96:f7:a1:92:97:75:fa:ed:cf:4d:10:99:e4:
15:2c:76:61:96:23:46:2f:54:54:6f:89:0f:10:27:1d:b0:e3:
4a:14:0d:ba:9b:21:d6:c3:81:60:54:40:ad:4e:f2:32:64:9f:
33:70:48:63:17:dd:46:ba:5c:fa:e3:c2:6d:fa:f1:c0:03:22:
7d:48:fa:56:2e:90:62:cd:5d:48:40:91:8c:bb:aa:dc:2a:d3:
36:b6:fc:bd:3c:03:e5:8d:50:58:c7:e5:a7:48:eb:38:fb:81:
41:b9:15:96:1a:6d:ca:4f:54:6a:6b:ba:bd:f8:fc:44:0e:7c:
70:dc:96:2c:9a:01:90:e4:25:31:d9:a3:bf:34:3f:06:97:b9:
57:79:06:91
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQl/JzQndtEE1afGFnYfkSvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MjE2ZjVjMTY1YjgyN2E3ZmQ3M2Q4MTA3YWViZDJmNjNj
NjNlMjQwHhcNMjUwMTAyMDc0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGU4NmUyMGE0MmE5MTQxNDExOWQxNjYzMGYyZjQwMTBlM2VlYjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupgkeWbhnLxiItE9jNCw1ch0TelH
p41IU3OZ244XwHQIxmhlXGFq7C7Czq4VLTO8jITb+i3lzGxRJt56ENJHJ/3ObyTK
rXqo4n7CNzwwSTscXeu62QmZmDxPJocX6xpUSCOwzmY4UTec2f8bVRm8HGRvUI6L
FdCUjRGn0IRM2rPBRP4s8vUBHoCinPCUknaOClqQoWDrsf+a10kDYyElI3Ok/87t
yAOCF2U0s7z8vEg6NKa6LFlpW4Eqn3d7pEc5kTJaGOi9oTypYYRjcBg6Krzxgg6C
dCoROu6UHxpkaLC9zI2sIus9MCRlEoqcHZq2A37wQjddkFvFPFA3z+PaQwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFADobiCkKpFBQRnRZjDy9AEOPusLMB8GA1UdIwQY
MBaAFEkhb1wWW4J6f9c9gQeuvS9jxj4kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1NGdlhCWmJnbnBfMXoyQkI2NjlMMlBHUGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80ODQyYTktOWZjZC00YmI2LWJiMDQt
MGRiYmMyNDllNjU3LzEvQU9odUlLUXFrVUZCR2RGbU1QTDBBUTQtNndzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi80ODQyYTktOWZjZC00YmI2LWJiMDQtMGRiYmMyNDllNjU3
LzEvU1NGdlhCWmJnbnBfMXoyQkI2NjlMMlBHUGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUVoQAwQA
XV4yAwQAXV43AwQEshEwMA0EAgACMAcDBQAqAIsgMA0GCSqGSIb3DQEBCwUAA4IB
AQCX4mcv8N1BLVug1tGH4cALrm7QinK4c3x6eJzTm2O1dPpizVXmLNgA3mvfPnMg
ounUAXYAHAlnCurW5hvVksV/NjWJSUh9DWq5tiOQ9H6vF5C/eqT2rbY9q0d0KclG
LfU42++mZPx+tFhA+2GQsKppwJb3oZKXdfrtz00QmeQVLHZhliNGL1RUb4kPECcd
sONKFA26myHWw4FgVECtTvIyZJ8zcEhjF91Gulz648Jt+vHAAyJ9SPpWLpBizV1I
QJGMu6rcKtM2tvy9PAPljVBYx+WnSOs4+4FBuRWWGm3KT1Rqa7q9+PxEDnxw3JYs
mgGQ5CUx2aO/ND8Gl7lXeQaR
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:22:45 2025 by rpki-client