Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/dtKVxUHGrAkfKqCobm6KXtRp0E8.roa
File: dtKVxUHGrAkfKqCobm6KXtRp0E8.roa (raw, json)
Hash identifier: 83vvkJxmaytP0GLHWBg53bMWqx3mr1WoGbL8xTTfoKE=
Subject key identifier: 76:D2:95:C5:41:C6:AC:09:1F:2A:A0:A8:6E:6E:8A:5E:D4:69:D0:4F
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 01941FFA62C49463AA0F34FC2E5C093CF1DB
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/dtKVxUHGrAkfKqCobm6KXtRp0E8.roa
Signing time: Wed 01 Jan 2025 03:48:10 +0000
ROA not before: Wed 01 Jan 2025 03:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6762
IP address blocks: 5.180.177.0/24 maxlen: 24
185.213.194.0/24 maxlen: 24
193.38.155.0/24 maxlen: 24
193.163.87.0/24 maxlen: 24
194.62.160.0/24 maxlen: 24
195.225.83.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:62:c4:94:63:aa:0f:34:fc:2e:5c:09:3c:f1:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 1 03:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76d295c541c6ac091f2aa0a86e6e8a5ed469d04f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:10:e3:46:f8:53:0c:27:ed:7a:f2:7e:d5:f5:
ca:03:00:d8:e8:3f:eb:19:00:92:08:c5:c9:7b:08:
e1:a3:5a:2d:5a:c2:3f:3e:95:7b:17:56:a6:ca:99:
75:02:35:25:45:9b:62:e6:81:15:0a:4f:6e:ea:af:
bc:0a:45:00:4d:ec:aa:b9:b4:57:11:e1:28:93:87:
4b:15:f6:b4:75:bb:0c:bf:9d:c4:4c:1d:01:f7:28:
74:7d:06:bd:47:d2:b5:1d:5f:4e:b8:78:27:74:b2:
12:df:88:e6:ef:02:b2:06:6c:07:40:5d:ff:55:3b:
d2:87:fb:a2:3e:e6:a3:ac:e7:8f:d9:09:9e:c9:94:
37:0a:37:fa:5a:c9:10:24:c9:38:42:7c:d9:fb:f9:
ff:52:57:98:a0:fc:cb:65:d5:2a:ad:97:da:f8:cc:
7a:9d:c0:9f:2e:47:b3:ed:9d:26:03:67:49:ca:df:
e9:54:53:83:fb:8f:e8:01:78:d9:19:94:d9:31:04:
ad:36:b1:9f:df:aa:f0:07:02:4c:24:f3:db:4d:93:
d2:2d:bb:b1:f3:6c:7d:04:17:37:76:48:45:e1:88:
20:ef:68:d4:1e:55:46:94:1e:fc:48:a4:b1:b9:d8:
ab:da:c4:92:2d:81:95:34:6a:08:e2:10:08:56:26:
d5:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:D2:95:C5:41:C6:AC:09:1F:2A:A0:A8:6E:6E:8A:5E:D4:69:D0:4F
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/dtKVxUHGrAkfKqCobm6KXtRp0E8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.177.0/24
185.213.194.0/24
193.38.155.0/24
193.163.87.0/24
194.62.160.0/24
195.225.83.0/24
Signature Algorithm: sha256WithRSAEncryption
44:a0:52:83:c3:4d:b1:e9:80:8d:44:61:7a:86:03:52:e2:d7:
7c:19:3d:26:d6:4b:0d:f5:06:59:1e:37:be:6d:79:c5:5d:27:
20:55:93:47:f6:af:da:56:1d:5b:0f:83:85:3a:a3:f0:d1:ee:
9c:6c:91:3d:16:d0:9a:b9:72:56:19:b3:42:fe:26:77:09:a0:
20:e8:1b:a7:56:94:f5:c5:0b:83:fb:94:cf:2f:38:fa:9a:cf:
77:99:04:1d:17:f0:43:5c:a8:e9:a1:d2:e4:8b:f3:45:6e:ee:
4b:52:05:68:78:80:9f:49:6f:d1:c1:b5:1d:e2:a1:be:05:97:
b3:37:05:69:42:09:c7:94:c2:31:bd:93:ee:fa:df:78:b4:8e:
7a:4a:a8:ca:1b:6c:f9:50:23:61:7f:67:e9:32:d3:e9:67:9a:
c6:51:e3:a4:d3:a8:ba:c6:b4:a4:c0:7f:15:4b:3a:f6:42:97:
c5:1b:77:b5:d2:97:f1:36:47:ab:d6:75:53:72:2d:4a:eb:9c:
ed:40:ad:df:41:58:9c:7a:4a:3f:ab:01:d4:1e:ff:b0:11:74:
b8:7f:5b:aa:83:ef:22:c0:24:ad:6d:f6:05:96:e9:c5:cc:25:
9c:18:b8:f3:ed:d6:b1:8a:e3:89:27:e4:bb:c0:ce:b0:7b:90:
96:71:ae:f9
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQf+mLElGOqDzT8LlwJPPHbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjUwMTAxMDM0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmQyOTVjNTQxYzZhYzA5MWYyYWEwYTg2ZTZlOGE1ZWQ0NjlkMDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBDjRvhTDCftevJ+1fXKAwDY6D/r
GQCSCMXJewjho1otWsI/PpV7F1amypl1AjUlRZti5oEVCk9u6q+8CkUATeyqubRX
EeEok4dLFfa0dbsMv53ETB0B9yh0fQa9R9K1HV9OuHgndLIS34jm7wKyBmwHQF3/
VTvSh/uiPuajrOeP2QmeyZQ3Cjf6WskQJMk4QnzZ+/n/UleYoPzLZdUqrZfa+Mx6
ncCfLkez7Z0mA2dJyt/pVFOD+4/oAXjZGZTZMQStNrGf36rwBwJMJPPbTZPSLbux
82x9BBc3dkhF4Ygg72jUHlVGlB78SKSxudir2sSSLYGVNGoI4hAIVibVQQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHbSlcVBxqwJHyqgqG5uil7UadBPMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvZHRLVnhVSEdyQWtmS3FDb2JtNktYdFJwMEU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABbSxAwQA
udXCAwQAwSabAwQAwaNXAwQAwj6gAwQAw+FTMA0GCSqGSIb3DQEBCwUAA4IBAQBE
oFKDw02x6YCNRGF6hgNS4td8GT0m1ksN9QZZHje+bXnFXScgVZNH9q/aVh1bD4OF
OqPw0e6cbJE9FtCauXJWGbNC/iZ3CaAg6BunVpT1xQuD+5TPLzj6ms93mQQdF/BD
XKjpodLki/NFbu5LUgVoeICfSW/RwbUd4qG+BZezNwVpQgnHlMIxvZPu+t94tI56
SqjKG2z5UCNhf2fpMtPpZ5rGUeOk06i6xrSkwH8VSzr2QpfFG3e10pfxNker1nVT
ci1K65ztQK3fQViceko/qwHUHv+wEXS4f1uqg+8iwCStbfYFlunFzCWcGLjz7dax
iuOJJ+S7wM6we5CWca75
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:53:31 2025 by rpki-client