Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/360fdd-76ae-41f1-98c0-2b275043719f/1/7SnZ2wdTAHyiVcyhnIAGtBdWwvY.roa
File: 7SnZ2wdTAHyiVcyhnIAGtBdWwvY.roa (raw, json)
Hash identifier: KOo8uRmX/xugX/zDKxM39qWHbAMQmIcpriUpdt/0wYA=
Subject key identifier: ED:29:D9:DB:07:53:00:7C:A2:55:CC:A1:9C:80:06:B4:17:56:C2:F6
Certificate issuer: /CN=cc5911433ba206f450ac9bd065c86c96608401c1
Certificate serial: 01942747F2B2D74D8534FD5DE8AD6B72CCA3
Authority key identifier: CC:59:11:43:3B:A2:06:F4:50:AC:9B:D0:65:C8:6C:96:60:84:01:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zFkRQzuiBvRQrJvQZchslmCEAcE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/360fdd-76ae-41f1-98c0-2b275043719f/1/7SnZ2wdTAHyiVcyhnIAGtBdWwvY.roa
Signing time: Thu 02 Jan 2025 13:50:14 +0000
ROA not before: Thu 02 Jan 2025 13:50:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13002
IP address blocks: 194.0.104.0/24 maxlen: 24
194.0.107.0/24 maxlen: 24
213.159.96.0/19 maxlen: 19
213.159.113.0/24 maxlen: 24
213.159.118.0/24 maxlen: 24
213.159.119.0/24 maxlen: 24
213.159.122.0/24 maxlen: 24
213.159.124.0/24 maxlen: 24
213.159.125.0/24 maxlen: 24
213.159.127.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:f2:b2:d7:4d:85:34:fd:5d:e8:ad:6b:72:cc:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc5911433ba206f450ac9bd065c86c96608401c1
Validity
Not Before: Jan 2 13:50:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ed29d9db0753007ca255cca19c8006b41756c2f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a4:98:96:dc:03:db:f6:e1:2a:13:1e:bb:36:
e1:d4:7c:22:c2:da:0e:f5:c5:e9:22:e7:ae:cf:9e:
64:a2:8d:e2:a7:2f:b8:00:f5:0a:e0:a8:bd:42:f0:
c6:18:d8:b3:71:16:58:eb:dc:a3:a0:0c:84:3b:21:
70:e4:0e:cd:0b:51:48:cb:4a:d3:f2:b4:ce:27:5d:
31:36:43:09:6b:b2:ad:88:5d:24:b4:a1:46:70:7e:
50:7a:50:b3:4c:32:ee:f1:1d:4c:85:c9:2c:91:7a:
7a:d3:9f:bb:ad:54:35:0a:a2:de:9b:76:08:85:79:
cb:b5:12:ab:d8:25:e6:cc:cc:7e:2a:b5:f1:5a:ab:
e6:12:f0:05:00:d7:79:14:a4:13:b4:3f:af:35:0b:
7e:2e:27:a6:d9:b8:8a:c9:2b:1c:84:2d:30:40:41:
81:45:7e:a4:29:9a:5f:ba:a4:08:72:3b:c4:e9:94:
51:6c:72:f1:42:97:ab:83:10:3b:1d:20:89:15:38:
38:d5:66:0f:f6:4c:8e:d7:80:4f:3e:ec:21:5e:a9:
be:24:6e:4a:0c:24:07:dd:07:b3:6e:78:03:9d:d3:
c0:b3:53:3b:7d:17:d8:c8:a4:f8:62:65:10:ca:a0:
93:e2:2b:6f:24:50:7a:e7:9e:49:cd:f6:68:e2:6a:
36:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:29:D9:DB:07:53:00:7C:A2:55:CC:A1:9C:80:06:B4:17:56:C2:F6
X509v3 Authority Key Identifier:
keyid:CC:59:11:43:3B:A2:06:F4:50:AC:9B:D0:65:C8:6C:96:60:84:01:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zFkRQzuiBvRQrJvQZchslmCEAcE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/360fdd-76ae-41f1-98c0-2b275043719f/1/7SnZ2wdTAHyiVcyhnIAGtBdWwvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/360fdd-76ae-41f1-98c0-2b275043719f/1/zFkRQzuiBvRQrJvQZchslmCEAcE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.104.0/24
194.0.107.0/24
213.159.96.0/19
Signature Algorithm: sha256WithRSAEncryption
a1:ec:27:02:5e:43:2a:96:20:a0:9b:68:73:82:8a:3b:b8:d8:
10:e5:0c:72:01:3c:b0:21:82:11:8f:01:1a:0f:bb:9b:6b:1d:
f5:d5:6c:f5:ff:be:07:44:6b:06:ae:a1:9a:f5:7c:50:6c:40:
a8:09:cd:da:63:08:bc:99:30:07:65:dc:f5:aa:fa:5f:3c:68:
34:01:30:e0:0e:a4:2e:f2:54:e9:09:45:d3:41:d6:62:df:ee:
8b:68:5e:d7:b2:d5:03:95:58:8d:9d:8f:36:6c:15:4b:3a:39:
4f:71:85:ae:c0:1e:b9:bf:5c:82:06:5f:6a:e7:68:05:cf:ac:
47:43:1f:52:b9:8b:e3:4e:0a:30:6a:3c:9a:b2:5a:cf:ae:66:
49:37:32:aa:01:81:db:5f:22:44:ae:41:c6:8e:8b:aa:10:0a:
5d:53:53:b4:d4:99:28:62:46:31:8c:e1:75:a7:d9:d9:17:72:
e3:57:54:a7:1a:60:a7:ba:fb:3f:f3:a3:07:b1:91:78:fa:8b:
df:3c:62:ad:47:7d:f9:43:4b:34:df:1a:04:4d:f1:f5:44:bb:
24:e5:aa:3f:6d:70:80:a6:73:94:62:19:48:69:8b:0b:92:d2:
35:9c:ea:ea:81:ae:5e:73:77:b1:18:ab:44:dc:4f:ba:4c:c7:
ad:c2:81:c8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQnR/Ky102FNP1d6K1rcsyjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjNTkxMTQzM2JhMjA2ZjQ1MGFjOWJkMDY1Yzg2Yzk2NjA4
NDAxYzEwHhcNMjUwMTAyMTM1MDE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDI5ZDlkYjA3NTMwMDdjYTI1NWNjYTE5YzgwMDZiNDE3NTZjMmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqSYltwD2/bhKhMeuzbh1HwiwtoO
9cXpIueuz55koo3ipy+4APUK4Ki9QvDGGNizcRZY69yjoAyEOyFw5A7NC1FIy0rT
8rTOJ10xNkMJa7KtiF0ktKFGcH5QelCzTDLu8R1MhckskXp605+7rVQ1CqLem3YI
hXnLtRKr2CXmzMx+KrXxWqvmEvAFANd5FKQTtD+vNQt+Liem2biKySschC0wQEGB
RX6kKZpfuqQIcjvE6ZRRbHLxQpergxA7HSCJFTg41WYP9kyO14BPPuwhXqm+JG5K
DCQH3QezbngDndPAs1M7fRfYyKT4YmUQyqCT4itvJFB6555JzfZo4mo2zQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFO0p2dsHUwB8olXMoZyABrQXVsL2MB8GA1UdIwQY
MBaAFMxZEUM7ogb0UKyb0GXIbJZghAHBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekZrUlF6dWlCdlJRckp2UVpjaHNsbUNFQWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zNjBmZGQtNzZhZS00MWYxLTk4YzAt
MmIyNzUwNDM3MTlmLzEvN1NuWjJ3ZFRBSHlpVmN5aG5JQUd0QmRXd3ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zNjBmZGQtNzZhZS00MWYxLTk4YzAtMmIyNzUwNDM3MTlm
LzEvekZrUlF6dWlCdlJRckp2UVpjaHNsbUNFQWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwgBoAwQA
wgBrAwQF1Z9gMA0GCSqGSIb3DQEBCwUAA4IBAQCh7CcCXkMqliCgm2hzgoo7uNgQ
5QxyATywIYIRjwEaD7ubax311Wz1/74HRGsGrqGa9XxQbECoCc3aYwi8mTAHZdz1
qvpfPGg0ATDgDqQu8lTpCUXTQdZi3+6LaF7XstUDlViNnY82bBVLOjlPcYWuwB65
v1yCBl9q52gFz6xHQx9SuYvjTgowajyaslrPrmZJNzKqAYHbXyJErkHGjouqEApd
U1O01JkoYkYxjOF1p9nZF3LjV1SnGmCnuvs/86MHsZF4+ovfPGKtR335Q0s03xoE
TfH1RLsk5ao/bXCApnOUYhlIaYsLktI1nOrqga5ec3exGKtE3E+6TMetwoHI
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:48:52 2025 by rpki-client