Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/9b6d9b-8541-44bc-961a-cee5be87a46b/1/8P5ffqPLJKYYNJnQChMlI7ALdn8.roa
File: 8P5ffqPLJKYYNJnQChMlI7ALdn8.roa (raw, json)
Hash identifier: HRZiFpkQQ+Nr6MCSY7lvsFCZFVTwCo1gLy31/BQbop0=
Subject key identifier: F0:FE:5F:7E:A3:CB:24:A6:18:34:99:D0:0A:13:25:23:B0:0B:76:7F
Certificate issuer: /CN=c1ee603b78ad72ba7855682ca2b806ac0e7e98fd
Certificate serial: 0194221FCCF3E8AFD363B51E94A7B70616CB
Authority key identifier: C1:EE:60:3B:78:AD:72:BA:78:55:68:2C:A2:B8:06:AC:0E:7E:98:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/we5gO3itcrp4VWgsorgGrA5-mP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/9b6d9b-8541-44bc-961a-cee5be87a46b/1/8P5ffqPLJKYYNJnQChMlI7ALdn8.roa
Signing time: Wed 01 Jan 2025 13:48:16 +0000
ROA not before: Wed 01 Jan 2025 13:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1126
IP address blocks: 37.60.192.0/21 maxlen: 24
85.90.64.0/19 maxlen: 24
185.33.68.0/22 maxlen: 24
2001:4d60::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:cc:f3:e8:af:d3:63:b5:1e:94:a7:b7:06:16:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1ee603b78ad72ba7855682ca2b806ac0e7e98fd
Validity
Not Before: Jan 1 13:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f0fe5f7ea3cb24a6183499d00a132523b00b767f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:d6:88:2d:02:90:c5:41:1b:4d:50:0b:94:47:
16:18:bd:ad:7f:73:ca:6c:3a:aa:e8:92:10:35:c8:
3b:81:b0:f7:07:bf:ff:e4:d7:ab:62:5d:36:7f:ba:
47:53:50:6b:9e:96:8d:5d:fd:ce:4a:09:18:33:e0:
e6:f9:a3:6a:63:bd:4d:bf:3e:58:b1:f7:8c:1e:9f:
ee:c8:f0:f0:33:5a:48:e8:8d:61:28:40:b3:db:8c:
86:ac:5d:71:7c:de:00:b9:0c:59:41:d5:07:8c:74:
79:f2:6f:87:9c:cf:20:dc:47:30:72:5d:b0:c9:77:
27:d5:62:55:16:fe:9a:82:64:2a:49:fe:a9:49:99:
8e:ef:46:62:33:51:96:ef:fa:d6:db:e4:9d:a0:3d:
df:0f:40:c6:07:68:f4:a7:c6:61:66:1f:b9:ca:9a:
36:9e:de:1b:08:1e:16:c5:fa:5a:3c:dd:ee:b1:4d:
5a:d1:49:a9:38:f6:78:07:27:4d:f4:de:2f:e8:6a:
f3:48:28:4c:7d:20:44:ca:42:70:28:aa:e7:52:66:
d1:8e:a9:33:d4:f4:87:bc:99:64:ed:19:f7:85:0e:
64:1e:b6:fe:f2:f2:7c:24:29:a3:3d:ec:43:fc:fc:
f4:ce:eb:3c:0a:5d:a7:92:f7:fe:14:43:66:de:c1:
f8:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:FE:5F:7E:A3:CB:24:A6:18:34:99:D0:0A:13:25:23:B0:0B:76:7F
X509v3 Authority Key Identifier:
keyid:C1:EE:60:3B:78:AD:72:BA:78:55:68:2C:A2:B8:06:AC:0E:7E:98:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/we5gO3itcrp4VWgsorgGrA5-mP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/9b6d9b-8541-44bc-961a-cee5be87a46b/1/8P5ffqPLJKYYNJnQChMlI7ALdn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/9b6d9b-8541-44bc-961a-cee5be87a46b/1/we5gO3itcrp4VWgsorgGrA5-mP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.60.192.0/21
85.90.64.0/19
185.33.68.0/22
IPv6:
2001:4d60::/32
Signature Algorithm: sha256WithRSAEncryption
7e:a3:71:e7:41:13:5d:ce:9b:db:a7:2d:4f:7c:ca:9e:1f:54:
2c:b1:99:4a:41:35:b9:0e:5f:08:ed:28:8d:6b:87:2e:6e:12:
54:65:86:32:03:6f:fe:75:96:4f:88:19:a8:2d:cd:80:8e:41:
88:e2:11:ae:fb:d1:ec:92:40:8d:26:80:01:bf:a0:d3:2e:f6:
bd:01:06:4e:a6:e5:72:70:3a:21:5e:b2:af:af:32:1c:b8:d9:
64:35:c7:b4:6f:57:64:55:6d:f3:de:45:dc:b5:65:51:73:de:
80:24:6a:01:d0:2a:0f:d7:4a:45:bd:da:8a:3b:8e:f9:6d:53:
b4:c6:ed:5c:bd:fd:4c:f9:8f:eb:c6:18:9e:53:ad:d3:0b:de:
77:fe:56:d1:d2:b1:27:fa:ec:b3:97:4c:8f:01:19:3b:9a:30:
1e:4c:03:27:81:8f:4e:fd:ab:97:05:ba:01:83:c6:bb:69:90:
01:18:13:f9:16:e9:a3:91:ca:9c:c5:61:43:22:65:04:5f:99:
b3:25:d5:91:a1:3d:8c:63:1d:a1:84:79:8e:65:7a:74:9f:a2:
72:51:03:06:e0:1b:57:72:b3:59:6a:3d:f5:77:2a:6b:80:ac:
a7:4a:07:54:40:95:e7:65:65:74:03:50:9e:12:b9:cf:30:ab:
e5:33:fd:a1
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQiH8zz6K/TY7UelKe3BhbLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZWU2MDNiNzhhZDcyYmE3ODU1NjgyY2EyYjgwNmFjMGU3
ZTk4ZmQwHhcNMjUwMTAxMTM0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGZlNWY3ZWEzY2IyNGE2MTgzNDk5ZDAwYTEzMjUyM2IwMGI3NjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2daILQKQxUEbTVALlEcWGL2tf3PK
bDqq6JIQNcg7gbD3B7//5NerYl02f7pHU1BrnpaNXf3OSgkYM+Dm+aNqY71Nvz5Y
sfeMHp/uyPDwM1pI6I1hKECz24yGrF1xfN4AuQxZQdUHjHR58m+HnM8g3Ecwcl2w
yXcn1WJVFv6agmQqSf6pSZmO70ZiM1GW7/rW2+SdoD3fD0DGB2j0p8ZhZh+5ypo2
nt4bCB4WxfpaPN3usU1a0UmpOPZ4BydN9N4v6GrzSChMfSBEykJwKKrnUmbRjqkz
1PSHvJlk7Rn3hQ5kHrb+8vJ8JCmjPexD/Pz0zus8Cl2nkvf+FENm3sH4XwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPD+X36jyySmGDSZ0AoTJSOwC3Z/MB8GA1UdIwQY
MBaAFMHuYDt4rXK6eFVoLKK4BqwOfpj9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2U1Z08zaXRjcnA0Vldnc29yZ0dyQTUtbVAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy85YjZkOWItODU0MS00NGJjLTk2MWEt
Y2VlNWJlODdhNDZiLzEvOFA1ZmZxUExKS1lZTkpuUUNoTWxJN0FMZG44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy85YjZkOWItODU0MS00NGJjLTk2MWEtY2VlNWJlODdhNDZi
LzEvd2U1Z08zaXRjcnA0Vldnc29yZ0dyQTUtbVAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDJTzAAwQF
VVpAAwQCuSFEMA0EAgACMAcDBQAgAU1gMA0GCSqGSIb3DQEBCwUAA4IBAQB+o3Hn
QRNdzpvbpy1PfMqeH1QssZlKQTW5Dl8I7SiNa4cubhJUZYYyA2/+dZZPiBmoLc2A
jkGI4hGu+9HskkCNJoABv6DTLva9AQZOpuVycDohXrKvrzIcuNlkNce0b1dkVW3z
3kXctWVRc96AJGoB0CoP10pFvdqKO475bVO0xu1cvf1M+Y/rxhieU63TC953/lbR
0rEn+uyzl0yPARk7mjAeTAMngY9O/auXBboBg8a7aZABGBP5FumjkcqcxWFDImUE
X5mzJdWRoT2MYx2hhHmOZXp0n6JyUQMG4BtXcrNZaj31dyprgKynSgdUQJXnZWV0
A1CeErnPMKvlM/2h
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:17:17 2025 by rpki-client