Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/b9c906-1e85-4573-8f62-8257d51928a9/1/E008mlaZ-98yoVlxucj25N9tnVo.roa
File: E008mlaZ-98yoVlxucj25N9tnVo.roa (raw, json)
Hash identifier: 7h9j4kfENIh6mVCwgI4OQBIMY0MBjmJwFr/fTNDIJFk=
Subject key identifier: 13:4D:3C:9A:56:99:FB:DF:32:A1:59:71:B9:C8:F6:E4:DF:6D:9D:5A
Certificate issuer: /CN=7d35c0b209135c22cc8005a7c2e222c63c136cb0
Certificate serial: 019420D6017D8E7E2BEB757F118000E12BAF
Authority key identifier: 7D:35:C0:B2:09:13:5C:22:CC:80:05:A7:C2:E2:22:C6:3C:13:6C:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fTXAsgkTXCLMgAWnwuIixjwTbLA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/b9c906-1e85-4573-8f62-8257d51928a9/1/E008mlaZ-98yoVlxucj25N9tnVo.roa
Signing time: Wed 01 Jan 2025 07:48:03 +0000
ROA not before: Wed 01 Jan 2025 07:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 10474
IP address blocks: 176.67.176.0/21 maxlen: 24
185.39.236.0/22 maxlen: 24
2a01:5380::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:01:7d:8e:7e:2b:eb:75:7f:11:80:00:e1:2b:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d35c0b209135c22cc8005a7c2e222c63c136cb0
Validity
Not Before: Jan 1 07:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=134d3c9a5699fbdf32a15971b9c8f6e4df6d9d5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f1:fa:76:9f:a8:70:08:3a:14:96:7a:c7:c3:
2d:a7:ef:f9:4c:fa:e2:47:8f:b4:14:f8:69:b5:82:
5b:db:30:2a:11:a4:a4:bf:08:84:73:39:89:3b:c8:
38:d6:c7:14:3f:57:d4:a5:14:06:34:11:cb:2e:9f:
e3:7e:e8:fa:6d:31:b6:88:40:64:6a:08:fb:14:e4:
94:b6:8a:44:8d:d9:fd:ad:35:83:38:3d:1e:5a:cb:
85:70:7f:29:aa:64:fb:d5:e6:d3:09:c4:96:ee:05:
28:91:9b:7b:3d:13:bd:36:31:20:9e:4a:53:8b:41:
c1:ec:a1:1c:0d:63:30:9c:04:c6:df:73:54:44:60:
83:c4:9f:38:6e:56:42:76:ca:13:8f:2d:22:c0:2c:
04:1f:56:30:50:86:f3:12:ab:bf:ea:e2:6d:57:74:
35:b7:50:24:c6:78:19:3e:20:f4:6f:b7:b4:eb:8c:
ed:7c:7c:26:d1:f8:44:49:75:af:b7:ff:81:c7:81:
6d:a0:40:77:36:ed:a6:ef:17:63:83:50:87:3f:a8:
ba:cc:88:14:0b:ed:0b:62:7c:93:c9:23:a6:df:64:
d1:9f:6d:86:57:ac:cc:ff:27:fb:b8:90:ed:f7:e5:
27:07:cf:b9:32:90:81:bd:71:85:d8:8c:5e:fe:19:
cf:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:4D:3C:9A:56:99:FB:DF:32:A1:59:71:B9:C8:F6:E4:DF:6D:9D:5A
X509v3 Authority Key Identifier:
keyid:7D:35:C0:B2:09:13:5C:22:CC:80:05:A7:C2:E2:22:C6:3C:13:6C:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fTXAsgkTXCLMgAWnwuIixjwTbLA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/b9c906-1e85-4573-8f62-8257d51928a9/1/E008mlaZ-98yoVlxucj25N9tnVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/b9c906-1e85-4573-8f62-8257d51928a9/1/fTXAsgkTXCLMgAWnwuIixjwTbLA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.67.176.0/21
185.39.236.0/22
IPv6:
2a01:5380::/32
Signature Algorithm: sha256WithRSAEncryption
35:87:d8:fc:d7:1b:2f:74:78:92:56:56:73:2d:4d:2d:cb:e4:
b5:d7:f2:8e:7b:0c:66:cd:5d:6f:ff:bd:b3:1e:8a:c7:ec:60:
e7:1d:73:bf:d9:74:4f:ba:1c:29:e7:89:30:6b:b9:e4:53:ef:
00:79:ff:f6:8f:c1:45:8f:29:a9:42:92:85:e0:84:ed:cb:0e:
37:2f:d0:71:5c:27:be:75:1b:e3:31:3b:32:7f:61:9a:f6:ff:
8f:10:76:a2:3b:dc:db:07:06:5d:90:a7:68:7a:73:89:99:c6:
00:3c:84:c6:59:2d:86:4a:9d:b4:fc:9b:3c:b2:e0:2a:9f:44:
7d:52:8f:9d:24:49:0f:5a:ed:d6:4c:6e:18:4b:96:f8:11:71:
ae:b5:4f:7e:45:81:d0:4c:59:b8:4b:c9:c4:1d:27:a5:c5:c6:
77:1a:7e:49:d6:51:d3:d1:bc:9a:f1:1b:48:d3:b2:61:45:21:
9a:59:5d:03:03:c3:18:ef:f3:eb:ce:0d:e1:aa:e8:32:56:99:
86:69:c1:af:56:6a:df:ff:d6:b8:4c:f0:1c:23:7e:68:cf:40:
42:f4:a7:ee:6a:c1:1b:8b:ef:04:47:02:af:75:e9:1f:d2:c5:
a1:61:64:b5:74:e8:2c:f7:ba:d3:78:d9:eb:aa:1c:d1:2a:c6:
b4:9f:39:b8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQg1gF9jn4r63V/EYAA4SuvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMzVjMGIyMDkxMzVjMjJjYzgwMDVhN2MyZTIyMmM2M2Mx
MzZjYjAwHhcNMjUwMTAxMDc0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzRkM2M5YTU2OTlmYmRmMzJhMTU5NzFiOWM4ZjZlNGRmNmQ5ZDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvH6dp+ocAg6FJZ6x8Mtp+/5TPri
R4+0FPhptYJb2zAqEaSkvwiEczmJO8g41scUP1fUpRQGNBHLLp/jfuj6bTG2iEBk
agj7FOSUtopEjdn9rTWDOD0eWsuFcH8pqmT71ebTCcSW7gUokZt7PRO9NjEgnkpT
i0HB7KEcDWMwnATG33NURGCDxJ84blZCdsoTjy0iwCwEH1YwUIbzEqu/6uJtV3Q1
t1AkxngZPiD0b7e064ztfHwm0fhESXWvt/+Bx4FtoEB3Nu2m7xdjg1CHP6i6zIgU
C+0LYnyTySOm32TRn22GV6zM/yf7uJDt9+UnB8+5MpCBvXGF2Ixe/hnPfwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBNNPJpWmfvfMqFZcbnI9uTfbZ1aMB8GA1UdIwQY
MBaAFH01wLIJE1wizIAFp8LiIsY8E2ywMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlRYQXNna1RYQ0xNZ0FXbnd1SWl4andUYkxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9iOWM5MDYtMWU4NS00NTczLThmNjIt
ODI1N2Q1MTkyOGE5LzEvRTAwOG1sYVotOTh5b1ZseHVjajI1Tjl0blZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9iOWM5MDYtMWU4NS00NTczLThmNjItODI1N2Q1MTkyOGE5
LzEvZlRYQXNna1RYQ0xNZ0FXbnd1SWl4andUYkxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsEOwAwQC
uSfsMA0EAgACMAcDBQAqAVOAMA0GCSqGSIb3DQEBCwUAA4IBAQA1h9j81xsvdHiS
VlZzLU0ty+S11/KOewxmzV1v/72zHorH7GDnHXO/2XRPuhwp54kwa7nkU+8Aef/2
j8FFjympQpKF4ITtyw43L9BxXCe+dRvjMTsyf2Ga9v+PEHaiO9zbBwZdkKdoenOJ
mcYAPITGWS2GSp20/Js8suAqn0R9Uo+dJEkPWu3WTG4YS5b4EXGutU9+RYHQTFm4
S8nEHSelxcZ3Gn5J1lHT0bya8RtI07JhRSGaWV0DA8MY7/Przg3hqugyVpmGacGv
Vmrf/9a4TPAcI35oz0BC9KfuasEbi+8ERwKvdekf0sWhYWS1dOgs97rTeNnrqhzR
Ksa0nzm4
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:25:49 2025 by rpki-client