Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/fRdopc3nA1qyei7zksH-Qi8H6AE.roa
File: fRdopc3nA1qyei7zksH-Qi8H6AE.roa (raw, json)
Hash identifier: ZSJhTcpAqHXBgg0B+878hAGbwjb5IkoJW1SgMExL/xY=
Subject key identifier: 7D:17:68:A5:CD:E7:03:5A:B2:7A:2E:F3:92:C1:FE:42:2F:07:E8:01
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01942747E6861E814253C1C973CBB61A4C3C
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/fRdopc3nA1qyei7zksH-Qi8H6AE.roa
Signing time: Thu 02 Jan 2025 13:50:10 +0000
ROA not before: Thu 02 Jan 2025 13:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31287
IP address blocks: 62.73.100.0/24 maxlen: 24
95.43.236.0/24 maxlen: 24
95.43.239.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:e6:86:1e:81:42:53:c1:c9:73:cb:b6:1a:4c:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 2 13:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d1768a5cde7035ab27a2ef392c1fe422f07e801
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ac:1f:48:97:7b:cb:15:b7:94:75:b5:f8:70:
7c:95:79:e9:81:0c:25:b2:ec:ee:bf:66:c4:5e:5d:
f5:9c:d7:f3:d0:05:d2:2d:cf:ee:b3:01:39:e7:fd:
c8:4f:e1:f0:00:2e:78:db:57:04:96:bb:85:d6:e0:
5d:a0:11:06:63:2b:35:58:28:b4:25:dc:af:dc:ff:
31:7c:a6:2b:64:38:35:fa:40:a8:f7:4e:06:18:1f:
2b:2f:73:06:27:65:dd:e9:6f:de:30:cd:00:4e:aa:
1b:62:ff:a7:16:c0:d2:ac:57:82:13:af:ae:a1:e2:
ef:af:4e:57:8c:62:31:4e:f4:34:ad:e9:2b:22:4c:
91:4b:c4:b2:74:39:e3:ef:7d:f7:c6:eb:3e:00:18:
87:9a:a7:ba:eb:6b:5b:47:bd:2e:1a:fa:c0:5d:39:
b0:42:50:c9:8d:df:8f:f9:1b:78:c2:f1:16:ff:b8:
12:6a:a9:8e:5f:0f:37:e8:86:39:6d:ae:0c:bc:be:
a9:b3:c6:9f:58:d6:33:29:2a:6e:04:37:e2:0f:30:
f8:63:a6:c5:10:8b:7a:52:ab:5d:03:66:82:c3:8d:
90:50:e7:9e:8d:7a:b7:5e:c9:0c:0f:85:10:f3:ae:
e8:f6:11:0b:83:5b:7b:fa:2c:24:46:29:d7:9c:00:
7b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:17:68:A5:CD:E7:03:5A:B2:7A:2E:F3:92:C1:FE:42:2F:07:E8:01
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/fRdopc3nA1qyei7zksH-Qi8H6AE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.73.100.0/24
95.43.236.0/24
95.43.239.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:3a:cf:b5:9b:b5:35:dc:c2:e7:86:fb:48:76:19:c8:6e:66:
40:fa:83:f3:cc:cf:f0:41:86:e2:5c:78:b5:a4:a8:a9:48:6b:
5c:65:b5:fd:72:48:a4:e1:ac:66:84:74:94:63:b9:ed:b7:a8:
4d:15:b6:c0:e2:40:90:f4:98:80:01:af:8c:7d:c7:a0:87:f6:
fc:6b:c0:8a:23:d3:6f:57:aa:90:c6:42:c0:01:bc:ab:4f:5a:
81:7d:43:66:34:b8:e0:91:24:fc:af:87:dc:ff:b1:01:0c:d3:
51:bb:30:7e:7e:ae:aa:ed:82:6b:5f:20:33:14:ed:01:76:89:
6b:50:66:f0:36:2e:03:f0:79:0f:a0:f8:6b:b5:90:cc:c4:ad:
84:09:84:7e:db:75:59:12:ab:8b:30:1e:33:8a:5f:12:52:c0:
f4:c4:e7:4b:33:ab:89:f2:d6:a6:24:c8:ac:a3:63:ed:ff:dc:
b4:60:d4:f3:a7:21:c0:a2:c7:f0:14:4b:f8:3f:3a:54:44:34:
e9:12:41:54:4a:2e:70:ef:89:c2:34:75:29:0e:8f:fa:a3:a6:
d2:08:a2:29:44:c0:01:90:de:82:40:06:94:be:e0:a2:be:25:
78:dc:cd:9e:2f:fe:1e:dc:63:0d:74:85:7b:0d:40:74:9d:75:
e0:b7:ed:45
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQnR+aGHoFCU8HJc8u2Gkw8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjUwMTAyMTM1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDE3NjhhNWNkZTcwMzVhYjI3YTJlZjM5MmMxZmU0MjJmMDdlODAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKwfSJd7yxW3lHW1+HB8lXnpgQwl
suzuv2bEXl31nNfz0AXSLc/uswE55/3IT+HwAC5421cElruF1uBdoBEGYys1WCi0
Jdyv3P8xfKYrZDg1+kCo904GGB8rL3MGJ2Xd6W/eMM0ATqobYv+nFsDSrFeCE6+u
oeLvr05XjGIxTvQ0rekrIkyRS8SydDnj7333xus+ABiHmqe662tbR70uGvrAXTmw
QlDJjd+P+Rt4wvEW/7gSaqmOXw836IY5ba4MvL6ps8afWNYzKSpuBDfiDzD4Y6bF
EIt6UqtdA2aCw42QUOeejXq3XskMD4UQ867o9hELg1t7+iwkRinXnAB7RQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH0XaKXN5wNasnou85LB/kIvB+gBMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvZlJkb3BjM25BMXF5ZWk3emtzSC1RaThINkFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAPklkAwQA
XyvsAwQAXyvvMA0GCSqGSIb3DQEBCwUAA4IBAQBvOs+1m7U13MLnhvtIdhnIbmZA
+oPzzM/wQYbiXHi1pKipSGtcZbX9ckik4axmhHSUY7ntt6hNFbbA4kCQ9JiAAa+M
fcegh/b8a8CKI9NvV6qQxkLAAbyrT1qBfUNmNLjgkST8r4fc/7EBDNNRuzB+fq6q
7YJrXyAzFO0BdolrUGbwNi4D8HkPoPhrtZDMxK2ECYR+23VZEquLMB4zil8SUsD0
xOdLM6uJ8tamJMiso2Pt/9y0YNTzpyHAosfwFEv4PzpURDTpEkFUSi5w74nCNHUp
Do/6o6bSCKIpRMABkN6CQAaUvuCiviV43M2eL/4e3GMNdIV7DUB0nXXgt+1F
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:02:49 2025 by rpki-client