Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/42b3bb-1935-478b-a302-cb7a5fd1ac47/1/u2PcO0qxdpMSmR6nWgSSQ3nTHEM.roa
File: u2PcO0qxdpMSmR6nWgSSQ3nTHEM.roa (raw, json)
Hash identifier: hawJL7X7ALdqooYTS/10qneIqHecH3wASpMJDU35WRY=
Subject key identifier: BB:63:DC:3B:4A:B1:76:93:12:99:1E:A7:5A:04:92:43:79:D3:1C:43
Certificate issuer: /CN=a92db9b80dfb9c95678b07ef2c953d63107f5f62
Certificate serial: 0194266BB34CDD2D6A6A6F1C3B8FF137F2F5
Authority key identifier: A9:2D:B9:B8:0D:FB:9C:95:67:8B:07:EF:2C:95:3D:63:10:7F:5F:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qS25uA37nJVniwfvLJU9YxB_X2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/42b3bb-1935-478b-a302-cb7a5fd1ac47/1/u2PcO0qxdpMSmR6nWgSSQ3nTHEM.roa
Signing time: Thu 02 Jan 2025 09:49:39 +0000
ROA not before: Thu 02 Jan 2025 09:49:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 130.180.224.0/19 maxlen: 19
130.180.224.0/22 maxlen: 22
130.180.240.0/21 maxlen: 21
130.180.248.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:b3:4c:dd:2d:6a:6a:6f:1c:3b:8f:f1:37:f2:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a92db9b80dfb9c95678b07ef2c953d63107f5f62
Validity
Not Before: Jan 2 09:49:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb63dc3b4ab1769312991ea75a04924379d31c43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:2c:f8:f2:16:81:c5:56:27:44:ff:39:13:2f:
3a:ca:ac:20:c2:73:54:9c:c2:a5:ab:ce:b4:79:ea:
64:b9:e4:32:6d:d2:a7:d9:16:32:07:ae:d4:9a:d4:
d2:65:e7:e1:e6:b9:90:13:a6:86:8f:3e:0b:1f:30:
b6:c7:31:b2:59:69:fe:cb:1b:8b:4b:e6:1e:13:74:
b9:2c:2a:30:bf:50:9d:4f:54:11:d4:fe:28:ed:62:
f1:13:0d:b7:0e:6b:b9:e2:22:fb:6e:fd:64:e4:c8:
89:72:dc:28:c6:c2:7c:29:30:4a:3e:bd:ec:d2:12:
85:34:f7:6b:70:75:60:3e:0c:71:d9:e4:37:03:0c:
10:b5:02:b5:4b:6a:ec:4d:8b:db:4c:5a:3d:77:85:
86:c6:b8:b6:30:ff:7e:bb:9c:df:31:b2:44:da:b5:
f3:de:fe:86:f0:b2:df:c0:cd:69:2e:c9:6b:79:14:
6b:75:b3:6c:c7:9b:92:27:b5:79:67:1d:1c:50:9f:
0d:3d:1a:42:39:37:ff:8a:f4:13:e4:7c:fe:e8:03:
f7:68:eb:10:69:c0:39:d0:7f:20:e4:fc:08:1c:98:
8e:51:cd:9f:a5:70:bf:ea:46:94:e0:42:b3:fa:39:
fd:e7:fa:85:1b:d0:4e:02:b7:12:fa:4c:0f:3a:49:
a1:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:63:DC:3B:4A:B1:76:93:12:99:1E:A7:5A:04:92:43:79:D3:1C:43
X509v3 Authority Key Identifier:
keyid:A9:2D:B9:B8:0D:FB:9C:95:67:8B:07:EF:2C:95:3D:63:10:7F:5F:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qS25uA37nJVniwfvLJU9YxB_X2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/42b3bb-1935-478b-a302-cb7a5fd1ac47/1/u2PcO0qxdpMSmR6nWgSSQ3nTHEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/42b3bb-1935-478b-a302-cb7a5fd1ac47/1/qS25uA37nJVniwfvLJU9YxB_X2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.180.224.0/19
Signature Algorithm: sha256WithRSAEncryption
6d:7d:74:26:c6:b4:bd:49:b5:57:c2:6d:76:f3:b6:d2:07:d9:
7a:5c:2d:ad:4b:d5:ae:55:14:4a:b1:31:a2:95:60:5c:dc:7f:
d5:be:4b:10:d7:61:0d:eb:15:7b:fd:e7:e2:0e:7f:5f:56:0f:
d8:41:fd:ea:60:ec:b2:73:28:4c:73:4f:cf:60:79:ac:7b:55:
07:82:90:fb:bc:4a:ea:84:6f:1c:44:56:77:8b:25:26:27:76:
02:fd:4c:c4:2c:b3:e2:95:c8:a7:10:9c:a0:df:cd:13:6c:52:
88:85:ac:16:d3:db:fb:1d:4d:98:0f:a0:1c:54:31:2c:21:ea:
6b:26:a9:2c:4b:76:6b:6b:dc:0d:9c:f7:dd:71:2e:f6:13:8f:
fa:26:d6:c9:1c:2b:8c:4d:50:75:13:01:75:67:69:e5:60:c0:
54:96:7b:d0:e8:eb:72:81:50:fc:dc:4f:d6:57:51:54:e0:21:
3c:6b:f1:79:bb:9e:89:f6:50:73:71:87:c9:95:6a:a0:c7:5f:
93:af:57:98:00:7a:1a:c8:47:94:cf:53:4f:1b:4a:27:11:ee:
12:7a:65:6f:57:da:97:af:9c:3a:d3:c1:a8:20:2e:6e:7e:85:
c9:25:ed:63:25:a0:84:cb:6e:b1:1a:e7:d9:20:cf:df:77:12:
c1:be:92:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma7NM3S1qam8cO4/xN/L1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MmRiOWI4MGRmYjljOTU2NzhiMDdlZjJjOTUzZDYzMTA3
ZjVmNjIwHhcNMjUwMTAyMDk0OTM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjYzZGMzYjRhYjE3NjkzMTI5OTFlYTc1YTA0OTI0Mzc5ZDMxYzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Cz48haBxVYnRP85Ey86yqwgwnNU
nMKlq860eepkueQybdKn2RYyB67UmtTSZefh5rmQE6aGjz4LHzC2xzGyWWn+yxuL
S+YeE3S5LCowv1CdT1QR1P4o7WLxEw23Dmu54iL7bv1k5MiJctwoxsJ8KTBKPr3s
0hKFNPdrcHVgPgxx2eQ3AwwQtQK1S2rsTYvbTFo9d4WGxri2MP9+u5zfMbJE2rXz
3v6G8LLfwM1pLslreRRrdbNsx5uSJ7V5Zx0cUJ8NPRpCOTf/ivQT5Hz+6AP3aOsQ
acA50H8g5PwIHJiOUc2fpXC/6kaU4EKz+jn95/qFG9BOArcS+kwPOkmhGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLtj3DtKsXaTEpkep1oEkkN50xxDMB8GA1UdIwQY
MBaAFKktubgN+5yVZ4sH7yyVPWMQf19iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVMyNXVBMzduSlZuaXdmdkxKVTlZeEJfWDJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC80MmIzYmItMTkzNS00NzhiLWEzMDIt
Y2I3YTVmZDFhYzQ3LzEvdTJQY08wcXhkcE1TbVI2bldnU1NRM25USEVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC80MmIzYmItMTkzNS00NzhiLWEzMDItY2I3YTVmZDFhYzQ3
LzEvcVMyNXVBMzduSlZuaXdmdkxKVTlZeEJfWDJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFgrTgMA0G
CSqGSIb3DQEBCwUAA4IBAQBtfXQmxrS9SbVXwm1287bSB9l6XC2tS9WuVRRKsTGi
lWBc3H/VvksQ12EN6xV7/efiDn9fVg/YQf3qYOyycyhMc0/PYHmse1UHgpD7vErq
hG8cRFZ3iyUmJ3YC/UzELLPilcinEJyg380TbFKIhawW09v7HU2YD6AcVDEsIepr
JqksS3Zra9wNnPfdcS72E4/6JtbJHCuMTVB1EwF1Z2nlYMBUlnvQ6OtygVD83E/W
V1FU4CE8a/F5u56J9lBzcYfJlWqgx1+Tr1eYAHoayEeUz1NPG0onEe4SemVvV9qX
r5w608GoIC5ufoXJJe1jJaCEy26xGufZIM/fdxLBvpKJ
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:38:19 2025 by rpki-client