Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/raYuD2-oWYFkHeIeR6LIUYgtbtM.roa
File: raYuD2-oWYFkHeIeR6LIUYgtbtM.roa (raw, json)
Hash identifier: JU+hidsjRHQowQdjLtlmSpodi1Pd90fMaRJU/QLsDsg=
Subject key identifier: AD:A6:2E:0F:6F:A8:59:81:64:1D:E2:1E:47:A2:C8:51:88:2D:6E:D3
Certificate issuer: /CN=428df99824ce67b0cb5f87fc46599e13adea5702
Certificate serial: 01942445427D1DF01058BBCA348566A89E1A
Authority key identifier: 42:8D:F9:98:24:CE:67:B0:CB:5F:87:FC:46:59:9E:13:AD:EA:57:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qo35mCTOZ7DLX4f8RlmeE63qVwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/raYuD2-oWYFkHeIeR6LIUYgtbtM.roa
Signing time: Wed 01 Jan 2025 23:48:26 +0000
ROA not before: Wed 01 Jan 2025 23:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51402
IP address blocks: 91.221.250.0/23 maxlen: 23
178.239.64.0/20 maxlen: 20
185.128.120.0/22 maxlen: 22
185.196.224.0/22 maxlen: 22
185.221.136.0/22 maxlen: 22
2a02:2760::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:42:7d:1d:f0:10:58:bb:ca:34:85:66:a8:9e:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=428df99824ce67b0cb5f87fc46599e13adea5702
Validity
Not Before: Jan 1 23:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ada62e0f6fa85981641de21e47a2c851882d6ed3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:89:95:9b:04:ed:c7:65:b7:2d:04:16:c9:c0:
cb:f4:6f:6d:85:b8:d3:e2:9c:a8:85:2a:eb:e4:1f:
f4:42:d9:43:03:3e:5c:b8:86:fe:d1:0b:e6:63:88:
d0:d4:d6:36:ea:ec:66:e4:1d:d6:40:a6:65:c1:a9:
e9:ec:2f:ba:9f:94:b9:bf:eb:ae:4b:a0:ed:10:d0:
d4:70:c9:75:f2:27:fe:ec:9c:05:e0:80:f8:17:fd:
82:29:8b:e8:c9:52:2d:e9:76:b8:3a:bf:86:df:ba:
fd:26:2f:9d:64:4e:1c:de:4c:c4:8b:a3:7f:66:f7:
f5:0b:b5:af:2b:e7:cc:fa:00:ce:1b:88:f1:f9:ff:
6f:f3:f9:53:50:c4:c6:94:93:1f:f7:c9:81:12:64:
40:8b:5a:94:e5:b2:06:5c:a3:2a:63:40:56:24:61:
37:b5:6e:b8:18:a1:9b:62:6d:d6:8a:32:cd:3a:11:
ab:f2:da:13:25:9b:de:ed:b0:fb:bd:68:15:57:92:
3a:58:a1:69:c4:c7:66:cb:13:48:a0:fb:b9:b4:8b:
13:d4:c8:b9:8c:d5:7e:11:7a:b0:65:63:2f:b8:32:
9a:38:6d:10:f0:60:89:94:69:2a:e5:61:64:fb:f0:
72:bd:22:90:8a:d1:4c:51:01:87:43:27:0c:a4:c6:
3b:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:A6:2E:0F:6F:A8:59:81:64:1D:E2:1E:47:A2:C8:51:88:2D:6E:D3
X509v3 Authority Key Identifier:
keyid:42:8D:F9:98:24:CE:67:B0:CB:5F:87:FC:46:59:9E:13:AD:EA:57:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qo35mCTOZ7DLX4f8RlmeE63qVwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/raYuD2-oWYFkHeIeR6LIUYgtbtM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/Qo35mCTOZ7DLX4f8RlmeE63qVwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.250.0/23
178.239.64.0/20
185.128.120.0/22
185.196.224.0/22
185.221.136.0/22
IPv6:
2a02:2760::/32
Signature Algorithm: sha256WithRSAEncryption
c6:45:d0:d5:8a:64:5e:ec:59:7e:b4:e7:26:43:bd:7d:2b:fa:
45:75:30:df:de:95:5d:6b:4f:ef:45:28:3e:14:d3:93:91:11:
0b:f1:f5:93:1f:5d:0d:0e:c0:55:05:1b:2f:fc:3b:8a:ac:2c:
d5:04:05:cc:54:68:ba:7c:2e:3d:f4:b3:63:2a:12:b8:3e:4f:
c8:52:b8:f9:a2:e4:7f:16:f1:48:47:ff:55:e9:79:99:1b:61:
d8:3b:86:b3:ac:62:31:d1:e6:9c:da:0c:6c:fb:77:ff:84:f7:
39:e3:04:37:47:93:c2:34:24:b0:67:cf:fa:7e:90:77:27:85:
25:cc:2b:5b:17:79:ff:49:71:0a:4c:a2:82:60:f4:52:b5:9c:
1a:b2:8f:0a:e7:a5:1a:e1:6f:84:ab:d2:47:14:83:94:ba:d1:
46:a4:62:3a:86:6e:34:a3:8d:4b:fb:56:c8:87:95:e8:d8:73:
d7:e7:62:1e:11:5a:bd:c0:fb:22:9e:d5:3f:c0:28:b5:72:92:
04:08:c2:b6:2e:cd:c2:60:3c:cf:0a:df:a2:5d:38:95:e9:b8:
8d:92:de:7e:69:e7:ee:47:e9:af:ae:1a:39:93:1d:98:7d:75:
8b:17:93:f5:87:16:37:3a:c9:40:61:52:76:e4:25:fa:c5:ac:
5d:fe:9f:62
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQkRUJ9HfAQWLvKNIVmqJ4aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOGRmOTk4MjRjZTY3YjBjYjVmODdmYzQ2NTk5ZTEzYWRl
YTU3MDIwHhcNMjUwMTAxMjM0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGE2MmUwZjZmYTg1OTgxNjQxZGUyMWU0N2EyYzg1MTg4MmQ2ZWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhomVmwTtx2W3LQQWycDL9G9thbjT
4pyohSrr5B/0QtlDAz5cuIb+0QvmY4jQ1NY26uxm5B3WQKZlwanp7C+6n5S5v+uu
S6DtENDUcMl18if+7JwF4ID4F/2CKYvoyVIt6Xa4Or+G37r9Ji+dZE4c3kzEi6N/
Zvf1C7WvK+fM+gDOG4jx+f9v8/lTUMTGlJMf98mBEmRAi1qU5bIGXKMqY0BWJGE3
tW64GKGbYm3WijLNOhGr8toTJZve7bD7vWgVV5I6WKFpxMdmyxNIoPu5tIsT1Mi5
jNV+EXqwZWMvuDKaOG0Q8GCJlGkq5WFk+/ByvSKQitFMUQGHQycMpMY7hQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFK2mLg9vqFmBZB3iHkeiyFGILW7TMB8GA1UdIwQY
MBaAFEKN+Zgkzmewy1+H/EZZnhOt6lcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW8zNW1DVE9aN0RMWDRmOFJsbWVFNjNxVndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84MDJiMzUtNjczYy00NzU2LTk3NjEt
ZjIyNzQ5NjVjMDk1LzEvcmFZdUQyLW9XWUZrSGVJZVI2TElVWWd0YnRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84MDJiMzUtNjczYy00NzU2LTk3NjEtZjIyNzQ5NjVjMDk1
LzEvUW8zNW1DVE9aN0RMWDRmOFJsbWVFNjNxVndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQBW936AwQE
su9AAwQCuYB4AwQCucTgAwQCud2IMA0EAgACMAcDBQAqAidgMA0GCSqGSIb3DQEB
CwUAA4IBAQDGRdDVimRe7Fl+tOcmQ719K/pFdTDf3pVda0/vRSg+FNOTkREL8fWT
H10NDsBVBRsv/DuKrCzVBAXMVGi6fC499LNjKhK4Pk/IUrj5ouR/FvFIR/9V6XmZ
G2HYO4azrGIx0eac2gxs+3f/hPc54wQ3R5PCNCSwZ8/6fpB3J4UlzCtbF3n/SXEK
TKKCYPRStZwaso8K56Ua4W+Eq9JHFIOUutFGpGI6hm40o41L+1bIh5Xo2HPX52Ie
EVq9wPsintU/wCi1cpIECMK2Ls3CYDzPCt+iXTiV6biNkt5+aefuR+mvrho5kx2Y
fXWLF5P1hxY3OslAYVJ25CX6xaxd/p9i
-----END CERTIFICATE-----
Generated at Wed Apr 9 07:02:19 2025 by rpki-client