Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/34d470-49f7-4ae0-b61a-0944bed0ed26/1/ag-uYpovt5JPQ3cFAXtXn4zz86A.roa
File: ag-uYpovt5JPQ3cFAXtXn4zz86A.roa (raw, json)
Hash identifier: 2LKnP2sHY9S5jGwYqiGKID4jG+yM+87plZe5I7Vq4ns=
Subject key identifier: 6A:0F:AE:62:9A:2F:B7:92:4F:43:77:05:01:7B:57:9F:8C:F3:F3:A0
Certificate issuer: /CN=b4bdde78415b69c31277c0aac7fca6607d635d88
Certificate serial: 0194214373DDBFD09D48DB41530D3399A5CA
Authority key identifier: B4:BD:DE:78:41:5B:69:C3:12:77:C0:AA:C7:FC:A6:60:7D:63:5D:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tL3eeEFbacMSd8Cqx_ymYH1jXYg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/34d470-49f7-4ae0-b61a-0944bed0ed26/1/ag-uYpovt5JPQ3cFAXtXn4zz86A.roa
Signing time: Wed 01 Jan 2025 09:47:36 +0000
ROA not before: Wed 01 Jan 2025 09:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42541
IP address blocks: 89.23.224.0/19 maxlen: 19
185.10.220.0/22 maxlen: 22
193.104.135.0/24 maxlen: 24
193.106.164.0/22 maxlen: 22
2a03:5440::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:73:dd:bf:d0:9d:48:db:41:53:0d:33:99:a5:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4bdde78415b69c31277c0aac7fca6607d635d88
Validity
Not Before: Jan 1 09:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a0fae629a2fb7924f437705017b579f8cf3f3a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:06:fa:d8:ba:b9:62:bd:c7:27:d5:35:ee:89:
ae:f9:78:75:2f:1f:9b:13:33:e4:a3:19:18:ac:a8:
27:ff:2d:c4:4f:eb:17:f2:78:d4:cc:85:97:41:f6:
3a:9e:48:b3:61:30:f8:8f:48:79:e4:fa:d0:60:81:
20:5e:bd:23:68:a6:f5:29:69:eb:2d:bc:5c:d1:a1:
10:79:65:15:9c:bc:aa:d8:7a:bd:c2:44:21:f4:7f:
60:60:34:47:1b:47:40:b5:b2:e8:4f:18:f7:88:dc:
7c:ac:34:58:c1:f6:bc:02:3f:72:70:d1:03:08:8d:
95:00:b0:1c:1e:28:51:82:bb:fc:86:20:fa:38:46:
fa:8f:01:1f:6e:96:94:e1:cb:06:2a:c2:8f:fa:d5:
a4:63:3e:0f:2e:3c:20:94:95:a7:6a:86:7d:41:25:
0a:f4:9e:ef:7d:0b:6e:76:74:3f:a5:84:df:a1:80:
da:a0:4e:a5:ee:51:55:64:12:a5:44:f4:ca:74:99:
4d:34:52:65:61:4b:98:fd:06:f9:33:37:ff:80:12:
0c:d3:ea:82:43:81:5a:00:d7:33:1a:4a:fb:9c:5b:
3c:22:e5:8a:cc:0e:49:e5:49:77:b0:66:22:29:53:
ce:42:79:49:4d:ce:56:15:5c:05:dd:30:fe:eb:ea:
fb:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:0F:AE:62:9A:2F:B7:92:4F:43:77:05:01:7B:57:9F:8C:F3:F3:A0
X509v3 Authority Key Identifier:
keyid:B4:BD:DE:78:41:5B:69:C3:12:77:C0:AA:C7:FC:A6:60:7D:63:5D:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tL3eeEFbacMSd8Cqx_ymYH1jXYg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/34d470-49f7-4ae0-b61a-0944bed0ed26/1/ag-uYpovt5JPQ3cFAXtXn4zz86A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/34d470-49f7-4ae0-b61a-0944bed0ed26/1/tL3eeEFbacMSd8Cqx_ymYH1jXYg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.224.0/19
185.10.220.0/22
193.104.135.0/24
193.106.164.0/22
IPv6:
2a03:5440::/29
Signature Algorithm: sha256WithRSAEncryption
1e:f9:36:4b:04:75:96:18:5e:2e:21:98:a4:02:3f:b3:c9:93:
31:0a:5b:8b:4b:7c:8e:16:80:b5:10:9e:1f:dd:79:c0:94:92:
a6:bc:d9:6e:7b:f3:59:da:3f:ca:e7:da:ff:7b:91:cb:39:6d:
9f:1e:91:70:5e:9e:3d:7a:77:b9:57:44:8e:ac:ae:dd:28:af:
19:e3:ca:7d:46:74:fb:f7:5d:aa:9f:82:e5:91:d5:37:46:41:
2f:e0:b5:a8:da:5a:7e:96:09:b7:6d:2c:84:a3:21:5b:b7:12:
c5:62:91:a7:6b:bf:95:44:99:ce:9b:0b:22:93:30:84:12:34:
7c:b4:29:1e:fa:c7:f3:8a:7c:c7:d5:ff:7a:3b:d3:b8:28:cf:
43:28:59:72:67:bf:e3:69:1f:25:f7:27:96:8d:97:a6:01:f8:
f2:f3:c9:7c:23:9f:6d:fd:cb:12:75:28:bb:d3:6a:ea:f4:a3:
14:58:e0:a0:1a:03:a1:59:ac:af:d0:0e:04:50:41:1c:55:3b:
9a:0e:79:fe:e4:58:7f:c7:8e:51:d9:6f:05:f4:6f:06:b1:13:
63:38:9c:f1:dc:19:7d:ac:2f:45:21:f3:d2:de:bd:0f:1c:c0:
de:e4:ab:ad:62:7e:54:1c:fd:7e:96:d2:4d:3b:c2:a8:bf:66:
bf:41:58:9e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQhQ3Pdv9CdSNtBUw0zmaXKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YmRkZTc4NDE1YjY5YzMxMjc3YzBhYWM3ZmNhNjYwN2Q2
MzVkODgwHhcNMjUwMTAxMDk0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTBmYWU2MjlhMmZiNzkyNGY0Mzc3MDUwMTdiNTc5ZjhjZjNmM2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAb62Lq5Yr3HJ9U17omu+Xh1Lx+b
EzPkoxkYrKgn/y3ET+sX8njUzIWXQfY6nkizYTD4j0h55PrQYIEgXr0jaKb1KWnr
Lbxc0aEQeWUVnLyq2Hq9wkQh9H9gYDRHG0dAtbLoTxj3iNx8rDRYwfa8Aj9ycNED
CI2VALAcHihRgrv8hiD6OEb6jwEfbpaU4csGKsKP+tWkYz4PLjwglJWnaoZ9QSUK
9J7vfQtudnQ/pYTfoYDaoE6l7lFVZBKlRPTKdJlNNFJlYUuY/Qb5Mzf/gBIM0+qC
Q4FaANczGkr7nFs8IuWKzA5J5Ul3sGYiKVPOQnlJTc5WFVwF3TD+6+r7ewIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGoPrmKaL7eST0N3BQF7V5+M8/OgMB8GA1UdIwQY
MBaAFLS93nhBW2nDEnfAqsf8pmB9Y12IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEwzZWVFRmJhY01TZDhDcXhfeW1ZSDFqWFlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8zNGQ0NzAtNDlmNy00YWUwLWI2MWEt
MDk0NGJlZDBlZDI2LzEvYWctdVlwb3Z0NUpQUTNjRkFYdFhuNHp6ODZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8zNGQ0NzAtNDlmNy00YWUwLWI2MWEtMDk0NGJlZDBlZDI2
LzEvdEwzZWVFRmJhY01TZDhDcXhfeW1ZSDFqWFlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFWRfgAwQC
uQrcAwQAwWiHAwQCwWqkMA0EAgACMAcDBQMqA1RAMA0GCSqGSIb3DQEBCwUAA4IB
AQAe+TZLBHWWGF4uIZikAj+zyZMxCluLS3yOFoC1EJ4f3XnAlJKmvNlue/NZ2j/K
59r/e5HLOW2fHpFwXp49ene5V0SOrK7dKK8Z48p9RnT7912qn4LlkdU3RkEv4LWo
2lp+lgm3bSyEoyFbtxLFYpGna7+VRJnOmwsikzCEEjR8tCke+sfzinzH1f96O9O4
KM9DKFlyZ7/jaR8l9yeWjZemAfjy88l8I59t/csSdSi702rq9KMUWOCgGgOhWayv
0A4EUEEcVTuaDnn+5Fh/x45R2W8F9G8GsRNjOJzx3Bl9rC9FIfPS3r0PHMDe5Kut
Yn5UHP1+ltJNO8Kov2a/QVie
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:06 2025 by rpki-client on console.sobornost.net