Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/7B2j1343QblR9F6iTWiRinHn8x0.roa
File: 7B2j1343QblR9F6iTWiRinHn8x0.roa (raw, json)
Hash identifier: Bp/dbOZRIjunqnEsDuN3X0tRwg1SKVjgcGEA09U24Zc=
Subject key identifier: EC:1D:A3:D7:7E:37:41:B9:51:F4:5E:A2:4D:68:91:8A:71:E7:F3:1D
Certificate issuer: /CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8
Certificate serial: 0195939A2E1CED049F9B65A7B80FDCFC2BC2
Authority key identifier: 38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/7B2j1343QblR9F6iTWiRinHn8x0.roa
Signing time: Fri 14 Mar 2025 07:41:49 +0000
ROA not before: Fri 14 Mar 2025 07:41:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61423
IP address blocks: 185.161.120.0/24 maxlen: 24
185.202.132.0/24 maxlen: 24
193.200.196.0/24 maxlen: 24
212.32.65.0/24 maxlen: 24
2a0a:d6c0::/48 maxlen: 48
2a0a:d6c0:2::/48 maxlen: 48
2a0a:d6c0:3::/48 maxlen: 48
2a0a:d6c0:4::/48 maxlen: 48
2a0a:d6c0:5::/48 maxlen: 48
2a0a:d6c0:6::/48 maxlen: 48
2a0a:d6c0:7::/48 maxlen: 48
2a0a:d6c0:8::/48 maxlen: 48
2a0a:d6c0:9::/48 maxlen: 48
2a0a:d6c0:10::/48 maxlen: 48
2a0a:d6c0:11::/48 maxlen: 48
2a0a:d6c0:13::/48 maxlen: 48
2a0a:d6c0:208::/45 maxlen: 45
2a0a:d6c0:208::/48 maxlen: 48
2a0a:d6c0:efef::/48 maxlen: 48
2a0a:d6c0:eff0::/48 maxlen: 48
2a0a:d6c0:eff1::/48 maxlen: 48
2a0a:d6c0:eff2::/48 maxlen: 48
2a0a:d6c0:eff3::/48 maxlen: 48
2a0a:d6c0:efff::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:93:9a:2e:1c:ed:04:9f:9b:65:a7:b8:0f:dc:fc:2b:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8
Validity
Not Before: Mar 14 07:41:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec1da3d77e3741b951f45ea24d68918a71e7f31d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:db:4e:f5:4f:4a:94:ca:86:32:b8:f8:72:a4:
ed:eb:4d:c6:39:16:7c:cb:f1:24:ba:3a:11:40:36:
8f:83:8a:14:2d:ce:93:e7:89:63:ab:a6:9a:eb:f5:
b2:ea:72:45:26:b7:b1:08:93:5c:0a:17:04:19:49:
d2:a3:9f:7f:0b:0e:dd:25:df:75:b5:94:0c:0a:1c:
81:50:f4:99:3b:75:9a:e1:93:4f:79:21:c5:db:66:
ad:e4:18:50:1f:ea:14:f6:23:0c:8c:cc:05:f1:b1:
eb:cf:c5:a8:6e:ef:6d:69:96:2a:65:ec:6c:d6:22:
24:fc:80:df:36:9d:ae:90:f9:ce:dc:60:30:39:d1:
55:6a:14:6f:30:68:3b:97:90:17:6e:93:96:da:84:
5b:09:95:57:ea:f1:21:73:ed:be:cf:40:7b:bf:d0:
7c:88:0a:fd:e8:4b:b6:92:17:fe:c1:b1:43:08:15:
3b:b5:ef:68:c8:be:ca:5a:4d:d9:0f:4a:3b:99:52:
12:2c:e3:3a:0b:13:46:1d:2b:fc:c2:bb:31:cd:33:
ff:3b:c3:85:ea:47:d4:d2:a9:34:ad:ec:8e:29:4c:
39:a3:2a:cf:29:aa:83:eb:bc:87:42:a0:b3:86:ae:
be:f4:1b:89:5c:3c:88:0c:5e:99:8b:cf:0e:5e:21:
a9:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:1D:A3:D7:7E:37:41:B9:51:F4:5E:A2:4D:68:91:8A:71:E7:F3:1D
X509v3 Authority Key Identifier:
keyid:38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/7B2j1343QblR9F6iTWiRinHn8x0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.120.0/24
185.202.132.0/24
193.200.196.0/24
212.32.65.0/24
IPv6:
2a0a:d6c0::/48
2a0a:d6c0:2::-2a0a:d6c0:9:ffff:ffff:ffff:ffff:ffff
2a0a:d6c0:10::/47
2a0a:d6c0:13::/48
2a0a:d6c0:208::/45
2a0a:d6c0:efef::-2a0a:d6c0:eff3:ffff:ffff:ffff:ffff:ffff
2a0a:d6c0:efff::/48
Signature Algorithm: sha256WithRSAEncryption
0b:b9:9b:67:04:c5:7a:99:a6:2d:9d:21:99:52:5c:28:df:8a:
de:55:94:a2:6b:32:75:a0:3c:a5:b2:6f:99:81:9b:27:a3:8f:
fa:54:d2:19:f7:6e:99:f0:b0:49:e8:93:ea:06:a3:d5:96:98:
7b:fe:4c:f0:0d:03:1b:4d:55:eb:82:3e:1a:5b:1c:55:0e:79:
8d:49:35:d8:12:e5:ea:7e:2d:d1:e3:f5:7c:66:0c:d7:cf:67:
14:dd:89:78:e4:d8:3a:81:c9:5a:c0:5d:fa:ad:a1:5a:98:bf:
e0:87:b9:a4:8a:4f:d8:1c:5a:cc:1c:ca:fa:ca:b0:f0:c1:a8:
0c:83:ab:57:c2:7e:39:af:40:66:e7:25:6e:92:3e:ed:27:46:
6b:93:9e:a7:ad:20:26:26:5d:6f:80:2a:62:0d:b1:7f:94:c6:
60:42:f1:ba:3d:4b:5f:8b:e8:c0:c1:54:f7:88:06:99:58:d3:
de:9e:65:1c:10:c4:30:bf:82:f8:be:bf:27:99:58:68:6f:48:
1a:83:8c:36:8e:29:f9:9d:97:41:bf:b1:e3:d5:35:ee:18:5a:
99:35:87:3f:cc:fa:ca:ef:65:1c:7a:cf:57:d0:97:22:e1:a6:
61:5e:61:b7:30:9d:7d:6f:bd:25:f8:37:c7:87:39:dd:f9:ac:
83:60:86:de
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAZWTmi4c7QSfm2WnuA/c/CvCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4N2Q2ZGY3ZWI3NTQyZTAzMzNhZWVkZDE0YWRmZjhmNTFm
OGNiZDgwHhcNMjUwMzE0MDc0MTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzFkYTNkNzdlMzc0MWI5NTFmNDVlYTI0ZDY4OTE4YTcxZTdmMzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ttO9U9KlMqGMrj4cqTt603GORZ8
y/EkujoRQDaPg4oULc6T54ljq6aa6/Wy6nJFJrexCJNcChcEGUnSo59/Cw7dJd91
tZQMChyBUPSZO3Wa4ZNPeSHF22at5BhQH+oU9iMMjMwF8bHrz8Wobu9taZYqZexs
1iIk/IDfNp2ukPnO3GAwOdFVahRvMGg7l5AXbpOW2oRbCZVX6vEhc+2+z0B7v9B8
iAr96Eu2khf+wbFDCBU7te9oyL7KWk3ZD0o7mVISLOM6CxNGHSv8wrsxzTP/O8OF
6kfU0qk0reyOKUw5oyrPKaqD67yHQqCzhq6+9BuJXDyIDF6Zi88OXiGpXwIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFOwdo9d+N0G5UfReok1okYpx5/MdMB8GA1UdIwQY
MBaAFDh9bffrdULgMzru3RSt/49R+MvYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2Mt
NjA5YTQ4YjJiMTRkLzEvN0IyajEzNDNRYmxSOUY2aVRXaVJpbkhuOHgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2MtNjA5YTQ4YjJiMTRk
LzEvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wHgQCAAEwGAMEALmheAME
ALnKhAMEAMHIxAMEANQgQTBbBAIAAjBVAwcAKgrWwAAAMBIDBwEqCtbAAAIDBwEq
CtbAAAgDBwEqCtbAABADBwAqCtbAABMDBwMqCtbAAggwEgMHACoK1sDv7wMHAioK
1sDv8AMHACoK1sDv/zANBgkqhkiG9w0BAQsFAAOCAQEAC7mbZwTFepmmLZ0hmVJc
KN+K3lWUomsydaA8pbJvmYGbJ6OP+lTSGfdumfCwSeiT6gaj1ZaYe/5M8A0DG01V
64I+GlscVQ55jUk12BLl6n4t0eP1fGYM189nFN2JeOTYOoHJWsBd+q2hWpi/4Ie5
pIpP2BxazBzK+sqw8MGoDIOrV8J+Oa9AZuclbpI+7SdGa5Oep60gJiZdb4AqYg2x
f5TGYELxuj1LX4vowMFU94gGmVjT3p5lHBDEML+C+L6/J5lYaG9IGoOMNo4p+Z2X
Qb+x49U17hhamTWHP8z6yu9lHHrPV9CXIuGmYV5htzCdfW+9Jfg3x4c53fmsg2CG
3g==
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:02:24 2025 by rpki-client