Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/936dd2-0c9a-48e9-aa71-d4519c539c9a/1/1P0mwdbt5Nu9Wf1s6x-mH6_wY1c.roa
File: 1P0mwdbt5Nu9Wf1s6x-mH6_wY1c.roa (raw, json)
Hash identifier: srGefRamEBO2dLWqosBkBpsBrpbhZwrE0OmVo8kw6wU=
Subject key identifier: D4:FD:26:C1:D6:ED:E4:DB:BD:59:FD:6C:EB:1F:A6:1F:AF:F0:63:57
Certificate issuer: /CN=4a88f3ab94a07587220e3d716f7b717df1d9e6d6
Certificate serial: 07569A1B
Authority key identifier: 4A:88:F3:AB:94:A0:75:87:22:0E:3D:71:6F:7B:71:7D:F1:D9:E6:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sojzq5SgdYciDj1xb3txffHZ5tY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/936dd2-0c9a-48e9-aa71-d4519c539c9a/1/1P0mwdbt5Nu9Wf1s6x-mH6_wY1c.roa
Signing time: Sat 01 Jan 2022 10:02:48 +0000
ROA not before: Sat 01 Jan 2022 10:02:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49567
IP address blocks: 84.252.108.0/22 maxlen: 22
185.76.224.0/22 maxlen: 22
31.217.240.0/21 maxlen: 21
45.154.100.0/22 maxlen: 22
185.213.132.0/22 maxlen: 22
45.155.24.0/22 maxlen: 22
94.198.120.0/21 maxlen: 21
2a03:7100::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 123116059 (0x7569a1b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a88f3ab94a07587220e3d716f7b717df1d9e6d6
Validity
Not Before: Jan 1 10:02:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d4fd26c1d6ede4dbbd59fd6ceb1fa61faff06357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:5c:af:be:63:4b:c9:16:09:4d:09:b3:1c:a6:
12:7b:64:76:6e:7d:e7:f3:ac:c4:59:61:21:32:2e:
e3:f2:03:ac:6e:64:ec:9a:46:d2:be:26:f9:cd:49:
d6:5a:19:8e:2c:52:cf:fa:9a:31:47:c5:ab:47:c0:
84:9b:df:70:f1:5d:60:9e:25:02:df:16:ba:53:7c:
a5:73:96:b7:1b:a9:16:d2:89:ad:9c:e2:0d:24:52:
71:b7:2a:9a:3b:f0:51:30:3e:75:a6:58:15:10:1f:
9d:71:14:b9:82:d9:5d:7f:8c:77:51:12:bc:bc:7e:
e6:ae:b9:0e:72:bc:1a:6e:48:b7:37:7a:92:7a:51:
1a:ed:75:f9:75:cc:e1:97:5e:19:10:b1:d1:2a:8e:
9b:8e:50:b7:6f:c9:b6:a2:88:f8:06:c0:eb:62:7f:
80:a2:7c:5d:13:93:cc:d4:b1:d3:f4:6a:01:f2:8c:
b7:c9:42:e6:2b:a1:e4:bd:47:25:27:bd:c9:18:0c:
5f:75:0e:45:95:d6:74:29:ae:92:0c:01:0b:55:5b:
9f:46:41:09:44:1f:8a:11:da:03:68:0a:0f:5c:fe:
6e:52:af:3b:f7:df:8e:00:57:69:91:f4:07:a5:2b:
c3:32:7c:a2:d8:bb:25:7a:a2:24:8f:c7:5d:61:41:
59:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:FD:26:C1:D6:ED:E4:DB:BD:59:FD:6C:EB:1F:A6:1F:AF:F0:63:57
X509v3 Authority Key Identifier:
keyid:4A:88:F3:AB:94:A0:75:87:22:0E:3D:71:6F:7B:71:7D:F1:D9:E6:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sojzq5SgdYciDj1xb3txffHZ5tY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/936dd2-0c9a-48e9-aa71-d4519c539c9a/1/1P0mwdbt5Nu9Wf1s6x-mH6_wY1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/936dd2-0c9a-48e9-aa71-d4519c539c9a/1/Sojzq5SgdYciDj1xb3txffHZ5tY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.217.240.0/21
45.154.100.0/22
45.155.24.0/22
84.252.108.0/22
94.198.120.0/21
185.76.224.0/22
185.213.132.0/22
IPv6:
2a03:7100::/29
Signature Algorithm: sha256WithRSAEncryption
27:cf:f7:48:13:27:e0:60:a5:0f:ff:9e:bd:e9:d9:dc:bb:94:
9f:8c:c4:3c:63:a1:d5:23:c0:d0:40:35:73:cc:60:ad:9b:90:
9d:bb:f6:9f:d7:d2:46:d2:85:12:84:d5:c6:78:0d:87:18:f4:
96:8c:df:b7:88:ee:01:c2:9f:fe:08:2f:45:fd:3a:9d:58:ad:
de:aa:e6:06:a5:bc:bd:26:23:e4:71:34:a2:dc:da:ff:79:4f:
e8:a4:ba:21:94:48:33:b1:99:ec:1a:63:55:b9:71:e5:7c:98:
6c:02:82:db:20:3e:91:f7:fb:1f:f4:e9:56:82:ca:ea:47:e8:
78:d8:5e:b4:42:d3:05:49:01:c4:55:81:7e:6b:12:b0:cb:8a:
f4:46:2c:d2:bc:c2:46:27:a1:92:4b:40:12:7f:68:6f:e3:5e:
4a:06:0a:2b:0e:7e:28:54:e2:f2:22:30:23:b4:8b:87:96:fc:
d1:e2:13:1f:fe:40:52:f8:20:46:78:f4:75:37:e9:fe:b9:5e:
ca:09:59:ae:8b:f5:56:24:c5:1b:13:9a:fd:54:a4:0d:b0:17:
57:01:04:ad:36:de:c3:79:05:f7:c2:68:45:73:1e:35:6c:8c:
79:b9:7e:0a:27:10:ee:2b:b0:ad:7b:06:a8:40:02:91:a1:b5:
10:f5:53:ad
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEB1aaGzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YTg4ZjNhYjk0YTA3NTg3MjIwZTNkNzE2ZjdiNzE3ZGYxZDllNmQ2MB4XDTIyMDEw
MTEwMDI0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDRmZDI2YzFkNmVk
ZTRkYmJkNTlmZDZjZWIxZmE2MWZhZmYwNjM1NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM1cr75jS8kWCU0JsxymEntkdm595/OsxFlhITIu4/IDrG5k
7JpG0r4m+c1J1loZjixSz/qaMUfFq0fAhJvfcPFdYJ4lAt8WulN8pXOWtxupFtKJ
rZziDSRScbcqmjvwUTA+daZYFRAfnXEUuYLZXX+Md1ESvLx+5q65DnK8Gm5Itzd6
knpRGu11+XXM4ZdeGRCx0SqOm45Qt2/JtqKI+AbA62J/gKJ8XROTzNSx0/RqAfKM
t8lC5iuh5L1HJSe9yRgMX3UORZXWdCmukgwBC1Vbn0ZBCUQfihHaA2gKD1z+blKv
O/ffjgBXaZH0B6UrwzJ8oti7JXqiJI/HXWFBWZ8CAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBTU/SbB1u3k271Z/WzrH6Yfr/BjVzAfBgNVHSMEGDAWgBRKiPOrlKB1hyIO
PXFve3F98dnm1jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NvanpxNVNnZFljaURqMXhiM3R4ZmZIWjV0WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGEvOTM2ZGQyLTBjOWEtNDhlOS1hYTcxLWQ0NTE5YzUzOWM5YS8x
LzFQMG13ZGJ0NU51OVdmMXM2eC1tSDZfd1kxYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEv
OTM2ZGQyLTBjOWEtNDhlOS1hYTcxLWQ0NTE5YzUzOWM5YS8xL1NvanpxNVNnZFlj
aURqMXhiM3R4ZmZIWjV0WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEAx/Z8AMEAi2aZAMEAi2bGAMEAlT8
bAMEA17GeAMEArlM4AMEArnVhDANBAIAAjAHAwUDKgNxADANBgkqhkiG9w0BAQsF
AAOCAQEAJ8/3SBMn4GClD/+evenZ3LuUn4zEPGOh1SPA0EA1c8xgrZuQnbv2n9fS
RtKFEoTVxngNhxj0lozft4juAcKf/ggvRf06nVit3qrmBqW8vSYj5HE0otza/3lP
6KS6IZRIM7GZ7BpjVblx5XyYbAKC2yA+kff7H/TpVoLK6kfoeNhetELTBUkBxFWB
fmsSsMuK9EYs0rzCRiehkktAEn9ob+NeSgYKKw5+KFTi8iIwI7SLh5b80eITH/5A
UvggRnj0dTfp/rleyglZrov1ViTFGxOa/VSkDbAXVwEErTbew3kF98JoRXMeNWyM
ebl+CicQ7iuwrXsGqEACkaG1EPVTrQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:57:22 2025 by rpki-client