Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/eeec18-7669-4e7f-a670-ce62b40c2659/1/D7HxaLHBJCws8aQ9TBGklTSmpTo.roa
File: D7HxaLHBJCws8aQ9TBGklTSmpTo.roa (raw, json)
Hash identifier: TuJU+CmIWdTTM74pfgyLNivGV0Y/zyXLuskJxkITADA=
Subject key identifier: 0F:B1:F1:68:B1:C1:24:2C:2C:F1:A4:3D:4C:11:A4:95:34:A6:A5:3A
Certificate issuer: /CN=4f0ad0b1ac8b1fb56e1b7d3730044efea44770df
Certificate serial: 071C3D88
Authority key identifier: 4F:0A:D0:B1:AC:8B:1F:B5:6E:1B:7D:37:30:04:4E:FE:A4:47:70:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TwrQsayLH7VuG303MARO_qRHcN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/eeec18-7669-4e7f-a670-ce62b40c2659/1/D7HxaLHBJCws8aQ9TBGklTSmpTo.roa
Signing time: Sat 01 Jan 2022 16:05:04 +0000
ROA not before: Sat 01 Jan 2022 16:05:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34197
IP address blocks: 195.95.224.0/23 maxlen: 23
185.150.162.0/24 maxlen: 24
185.150.160.0/24 maxlen: 24
185.150.160.0/22 maxlen: 22
194.187.224.0/22 maxlen: 22
2a07:7200:ffff::/48 maxlen: 48
2a07:7200::/29 maxlen: 29
2a07:7200:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119291272 (0x71c3d88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f0ad0b1ac8b1fb56e1b7d3730044efea44770df
Validity
Not Before: Jan 1 16:05:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0fb1f168b1c1242c2cf1a43d4c11a49534a6a53a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:0a:0a:33:76:fb:e0:84:1e:86:df:13:fa:af:
a2:ea:f3:15:d1:63:8d:92:be:1d:a1:3d:46:75:f2:
00:a5:e3:03:07:c7:32:1b:8c:d1:91:20:b6:b8:56:
7f:99:17:e3:f6:f4:74:58:7b:b2:6d:56:32:b8:9a:
ea:cf:ff:bc:22:a5:ef:09:d1:78:02:20:15:57:4c:
63:53:4c:d8:9a:88:cb:b9:3f:97:93:6f:e7:6b:0c:
c4:f7:87:3b:08:06:ec:b0:19:20:bc:67:8b:5e:cb:
cd:3d:21:b7:0d:d1:22:8d:62:48:af:ca:1c:45:31:
b2:d9:58:3d:3e:7b:78:60:8e:39:3f:2f:31:8a:b6:
7e:8f:cf:04:7a:b2:59:69:45:be:5f:4a:0b:86:67:
80:d4:97:c3:7e:dd:a8:71:a2:42:bd:73:40:d0:bd:
bc:ce:7c:a2:6f:08:82:b3:f1:82:ea:ea:2e:e4:7d:
fb:57:fb:7a:ec:81:cf:0b:81:92:c4:c4:c6:06:e0:
c0:49:35:be:62:2d:4c:81:b9:ef:5b:4e:27:ae:5b:
1e:63:39:26:cf:52:b2:27:6a:6f:81:fc:50:c8:92:
6b:70:98:9b:49:70:3f:97:e4:77:a5:7e:e5:c6:86:
1f:3c:9a:d0:2a:53:4b:24:3e:69:b6:b4:3a:5d:80:
62:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:B1:F1:68:B1:C1:24:2C:2C:F1:A4:3D:4C:11:A4:95:34:A6:A5:3A
X509v3 Authority Key Identifier:
keyid:4F:0A:D0:B1:AC:8B:1F:B5:6E:1B:7D:37:30:04:4E:FE:A4:47:70:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TwrQsayLH7VuG303MARO_qRHcN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/eeec18-7669-4e7f-a670-ce62b40c2659/1/D7HxaLHBJCws8aQ9TBGklTSmpTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/eeec18-7669-4e7f-a670-ce62b40c2659/1/TwrQsayLH7VuG303MARO_qRHcN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.160.0/22
194.187.224.0/22
195.95.224.0/23
IPv6:
2a07:7200::/29
Signature Algorithm: sha256WithRSAEncryption
aa:5f:99:23:6f:98:8e:3a:e2:00:e5:ff:be:cd:fa:b9:39:ce:
11:48:a0:0b:14:87:e8:80:79:cf:36:5c:98:81:e5:45:97:da:
59:0d:61:59:c5:7a:2f:e9:08:90:2b:34:06:aa:be:30:41:4b:
f9:88:29:cb:84:64:58:c5:f2:5a:40:18:4c:ad:03:a9:d7:f8:
09:77:97:60:44:c3:02:2a:b5:31:1d:eb:d8:79:2b:e6:0d:3e:
8c:91:d4:a1:84:39:87:0a:66:11:b1:e5:8d:80:0e:b8:a6:ce:
a8:8e:45:13:34:9c:85:0b:bf:48:13:1c:4d:d0:88:cf:a3:71:
1c:aa:77:f2:81:55:7b:45:bd:f2:b7:09:ae:48:ab:97:73:9a:
d7:89:64:c7:21:65:e3:ed:34:85:15:77:4c:57:e0:26:04:12:
fb:20:95:0c:3b:32:37:26:a3:37:74:7a:1b:5a:0d:15:ff:b0:
f3:ce:bd:98:10:c0:23:ce:e7:87:60:86:b6:48:fc:06:95:b7:
de:31:d8:74:49:6b:59:bf:49:97:86:19:de:df:8d:0b:f4:6f:
b5:d1:00:0c:9e:d3:0a:b7:3a:cf:6d:84:da:76:34:a8:91:53:
29:54:4c:b2:f3:23:0f:97:2f:a1:c8:de:01:1e:d1:cc:c2:8d:
34:c3:6c:5a
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEBxw9iDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZjBhZDBiMWFjOGIxZmI1NmUxYjdkMzczMDA0NGVmZWE0NDc3MGRmMB4XDTIyMDEw
MTE2MDUwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGZiMWYxNjhiMWMx
MjQyYzJjZjFhNDNkNGMxMWE0OTUzNGE2YTUzYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKkKCjN2++CEHobfE/qvourzFdFjjZK+HaE9RnXyAKXjAwfH
MhuM0ZEgtrhWf5kX4/b0dFh7sm1WMria6s//vCKl7wnReAIgFVdMY1NM2JqIy7k/
l5Nv52sMxPeHOwgG7LAZILxni17LzT0htw3RIo1iSK/KHEUxstlYPT57eGCOOT8v
MYq2fo/PBHqyWWlFvl9KC4ZngNSXw37dqHGiQr1zQNC9vM58om8IgrPxgurqLuR9
+1f7euyBzwuBksTExgbgwEk1vmItTIG571tOJ65bHmM5Js9Ssidqb4H8UMiSa3CY
m0lwP5fkd6V+5caGHzya0CpTSyQ+aba0Ol2AYi0CAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBQPsfFoscEkLCzxpD1MEaSVNKalOjAfBgNVHSMEGDAWgBRPCtCxrIsftW4b
fTcwBE7+pEdw3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1R3clFzYXlMSDdWdUczMDNNQVJPX3FSSGNOOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmUvZWVlYzE4LTc2NjktNGU3Zi1hNjcwLWNlNjJiNDBjMjY1OS8x
L0Q3SHhhTEhCSkN3czhhUTlUQkdrbFRTbXBUby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmUv
ZWVlYzE4LTc2NjktNGU3Zi1hNjcwLWNlNjJiNDBjMjY1OS8xL1R3clFzYXlMSDdW
dUczMDNNQVJPX3FSSGNOOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEArmWoAMEAsK74AMEAcNf4DANBAIA
AjAHAwUDKgdyADANBgkqhkiG9w0BAQsFAAOCAQEAql+ZI2+YjjriAOX/vs36uTnO
EUigCxSH6IB5zzZcmIHlRZfaWQ1hWcV6L+kIkCs0Bqq+MEFL+Ygpy4RkWMXyWkAY
TK0Dqdf4CXeXYETDAiq1MR3r2Hkr5g0+jJHUoYQ5hwpmEbHljYAOuKbOqI5FEzSc
hQu/SBMcTdCIz6NxHKp38oFVe0W98rcJrkirl3Oa14lkxyFl4+00hRV3TFfgJgQS
+yCVDDsyNyajN3R6G1oNFf+w8869mBDAI87nh2CGtkj8BpW33jHYdElrWb9Jl4YZ
3t+NC/RvtdEADJ7TCrc6z22E2nY0qJFTKVRMsvMjD5cvocjeAR7RzMKNNMNsWg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:52:27 2025 by rpki-client