Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/0kW1TDfI9q6fxVYuKR51Kvqsmjk.roa
File: 0kW1TDfI9q6fxVYuKR51Kvqsmjk.roa (raw, json)
Hash identifier: BWFM+1Rz4lxzOiEU1vKhEB1GQDsmewa6ZTWhGeddIa0=
Subject key identifier: D2:45:B5:4C:37:C8:F6:AE:9F:C5:56:2E:29:1E:75:2A:FA:AC:9A:39
Certificate issuer: /CN=b287ff2a733e33beaf53494a90eec152bbc758bc
Certificate serial: 0192F77178ADBCC398DAE7D96542ED882857
Authority key identifier: B2:87:FF:2A:73:3E:33:BE:AF:53:49:4A:90:EE:C1:52:BB:C7:58:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sof_KnM-M76vU0lKkO7BUrvHWLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/0kW1TDfI9q6fxVYuKR51Kvqsmjk.roa
Signing time: Mon 04 Nov 2024 13:51:01 +0000
ROA not before: Mon 04 Nov 2024 13:51:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47527
IP address blocks: 45.95.208.0/24 maxlen: 24
185.31.76.0/22 maxlen: 22
188.116.39.0/24 maxlen: 24
213.142.140.0/23 maxlen: 23
2a00:b920::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f7:71:78:ad:bc:c3:98:da:e7:d9:65:42:ed:88:28:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b287ff2a733e33beaf53494a90eec152bbc758bc
Validity
Not Before: Nov 4 13:51:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d245b54c37c8f6ae9fc5562e291e752afaac9a39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:15:6c:c8:d2:6d:c2:eb:40:f2:2e:46:ef:59:
8b:62:5b:36:5d:9a:c6:2e:e6:09:fb:4b:ac:8d:0c:
bf:60:4c:31:54:8f:ac:f4:12:7b:52:5e:1b:5e:65:
15:83:8b:0a:b3:95:ad:18:01:10:10:63:1d:fa:67:
16:0f:dd:0e:ee:24:d0:c0:eb:ce:28:5d:e3:53:12:
dd:72:c7:f2:b5:46:7b:90:e1:46:d0:b4:e7:13:84:
8c:c1:e1:81:95:0b:80:b5:ca:52:26:98:8d:a3:61:
7c:cd:97:d8:fa:23:10:40:5e:b5:38:27:03:d1:c1:
da:16:e3:d1:0d:fb:66:5b:be:e5:f6:15:cb:b3:0c:
69:5e:2f:37:f4:c2:9c:d3:e5:02:46:8e:73:fe:b4:
a9:dd:04:17:84:73:34:0e:11:42:32:36:09:f0:5c:
ee:ef:49:f1:19:53:77:2d:86:83:8d:bd:48:88:e2:
69:ce:8d:b8:dc:44:55:19:5f:12:68:86:07:07:9c:
69:9a:ef:58:d0:fd:ba:a0:15:9f:d1:b9:4d:d2:ee:
12:4b:70:79:77:7a:81:9c:5d:02:19:69:85:ee:8d:
66:08:27:8d:e1:0b:74:40:26:ad:85:ce:25:ac:0f:
9f:8c:a4:7f:f6:ec:47:a7:eb:f2:02:54:01:bb:0f:
e0:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:45:B5:4C:37:C8:F6:AE:9F:C5:56:2E:29:1E:75:2A:FA:AC:9A:39
X509v3 Authority Key Identifier:
keyid:B2:87:FF:2A:73:3E:33:BE:AF:53:49:4A:90:EE:C1:52:BB:C7:58:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sof_KnM-M76vU0lKkO7BUrvHWLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/0kW1TDfI9q6fxVYuKR51Kvqsmjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/sof_KnM-M76vU0lKkO7BUrvHWLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.208.0/24
185.31.76.0/22
188.116.39.0/24
213.142.140.0/23
IPv6:
2a00:b920::/29
Signature Algorithm: sha256WithRSAEncryption
26:af:6d:1d:58:15:89:44:89:b0:9d:48:38:b6:69:26:63:04:
37:67:4f:67:49:23:3e:54:bc:f5:f4:06:cc:2a:09:cf:c9:3a:
cb:ec:ec:cb:75:e6:a9:49:ad:ad:da:94:98:62:d2:64:5b:42:
7c:7f:37:4e:8f:14:03:89:79:76:c0:e6:3f:be:ab:92:75:fd:
fd:1f:d7:df:8b:09:bb:2c:bd:ce:01:e4:30:0c:2d:28:f1:e9:
30:a1:f3:a5:c1:c3:4d:b4:44:26:6f:20:ec:77:7c:3e:18:4b:
16:0a:23:14:cb:36:01:68:b8:82:07:7e:a1:bb:7b:70:75:90:
41:21:cc:7b:87:0b:99:70:c4:59:58:e3:46:4e:8a:54:e2:dd:
01:71:53:20:a1:bc:81:82:01:60:44:f1:8d:82:79:d1:29:3b:
40:2f:a3:17:90:65:95:29:b3:fe:42:fb:04:0c:00:14:05:20:
66:d9:5a:2d:ab:1e:48:92:a6:3f:a0:4f:c4:90:bd:24:d2:2e:
b5:3c:65:c8:f0:ea:e4:96:4a:3d:80:67:b0:74:66:56:6c:08:
8a:32:42:a3:b6:04:0c:ad:95:89:73:03:ed:aa:7e:9c:ca:d6:
f1:43:74:88:3a:2c:c1:ce:9a:ec:45:1a:5f:c1:ae:4e:f4:9e:
5c:7f:0a:32
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZL3cXitvMOY2ufZZULtiChXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyODdmZjJhNzMzZTMzYmVhZjUzNDk0YTkwZWVjMTUyYmJj
NzU4YmMwHhcNMjQxMTA0MTM1MTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjQ1YjU0YzM3YzhmNmFlOWZjNTU2MmUyOTFlNzUyYWZhYWM5YTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1BVsyNJtwutA8i5G71mLYls2XZrG
LuYJ+0usjQy/YEwxVI+s9BJ7Ul4bXmUVg4sKs5WtGAEQEGMd+mcWD90O7iTQwOvO
KF3jUxLdcsfytUZ7kOFG0LTnE4SMweGBlQuAtcpSJpiNo2F8zZfY+iMQQF61OCcD
0cHaFuPRDftmW77l9hXLswxpXi839MKc0+UCRo5z/rSp3QQXhHM0DhFCMjYJ8Fzu
70nxGVN3LYaDjb1IiOJpzo243ERVGV8SaIYHB5xpmu9Y0P26oBWf0blN0u4SS3B5
d3qBnF0CGWmF7o1mCCeN4Qt0QCathc4lrA+fjKR/9uxHp+vyAlQBuw/gBwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNJFtUw3yPaun8VWLikedSr6rJo5MB8GA1UdIwQY
MBaAFLKH/ypzPjO+r1NJSpDuwVK7x1i8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc29mX0tuTS1NNzZ2VTBsS2tPN0JVcnZIV0x3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9jYjIxNTEtMDVjYS00YTc2LTg1OWYt
NGY1ZWMwYTdlMDA2LzEvMGtXMVREZkk5cTZmeFZZdUtSNTFLdnFzbWprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9jYjIxNTEtMDVjYS00YTc2LTg1OWYtNGY1ZWMwYTdlMDA2
LzEvc29mX0tuTS1NNzZ2VTBsS2tPN0JVcnZIV0x3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQALV/QAwQC
uR9MAwQAvHQnAwQB1Y6MMA0EAgACMAcDBQMqALkgMA0GCSqGSIb3DQEBCwUAA4IB
AQAmr20dWBWJRImwnUg4tmkmYwQ3Z09nSSM+VLz19AbMKgnPyTrL7OzLdeapSa2t
2pSYYtJkW0J8fzdOjxQDiXl2wOY/vquSdf39H9ffiwm7LL3OAeQwDC0o8ekwofOl
wcNNtEQmbyDsd3w+GEsWCiMUyzYBaLiCB36hu3twdZBBIcx7hwuZcMRZWONGTopU
4t0BcVMgobyBggFgRPGNgnnRKTtAL6MXkGWVKbP+QvsEDAAUBSBm2Votqx5IkqY/
oE/EkL0k0i61PGXI8Orklko9gGewdGZWbAiKMkKjtgQMrZWJcwPtqn6cytbxQ3SI
OizBzprsRRpfwa5O9J5cfwoy
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:00:49 2025 by rpki-client