Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/hK2MvsUGX-en-QRS8wt3Wf_U0nw.roa
File: hK2MvsUGX-en-QRS8wt3Wf_U0nw.roa (raw, json)
Hash identifier: TPzEJ4PR056FgBQncfoR2MgdCQdkMjaLd6UC5c1/V+U=
Subject key identifier: 84:AD:8C:BE:C5:06:5F:E7:A7:F9:04:52:F3:0B:77:59:FF:D4:D2:7C
Certificate issuer: /CN=25a553794223e6b4c632779b51371dc4e7d70705
Certificate serial: 019423697B89302299E2B9BD298EFFA23524
Authority key identifier: 25:A5:53:79:42:23:E6:B4:C6:32:77:9B:51:37:1D:C4:E7:D7:07:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JaVTeUIj5rTGMnebUTcdxOfXBwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/hK2MvsUGX-en-QRS8wt3Wf_U0nw.roa
Signing time: Wed 01 Jan 2025 19:48:22 +0000
ROA not before: Wed 01 Jan 2025 19:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201471
IP address blocks: 84.40.0.0/20 maxlen: 24
84.40.32.0/21 maxlen: 24
176.223.248.0/23 maxlen: 24
176.223.250.0/23 maxlen: 24
2001:67c:4dc::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:7b:89:30:22:99:e2:b9:bd:29:8e:ff:a2:35:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25a553794223e6b4c632779b51371dc4e7d70705
Validity
Not Before: Jan 1 19:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84ad8cbec5065fe7a7f90452f30b7759ffd4d27c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ce:74:0a:40:c7:e7:33:3c:aa:69:3e:8e:76:
db:a6:98:b3:4d:86:8d:11:a8:38:58:99:b0:5d:bd:
4d:c9:1b:ba:3a:af:f8:17:cb:c4:82:bb:bf:82:75:
61:86:de:e4:7d:85:fb:04:da:1f:53:1d:d5:ab:9d:
10:e9:31:94:88:9f:fc:81:12:d5:64:41:4b:ef:1c:
16:e3:48:83:e4:61:3c:9a:70:03:85:a0:b0:89:9a:
6a:f0:30:ce:3f:39:4a:80:ae:fd:db:7a:75:83:67:
5d:3e:f9:61:0b:10:c8:0a:9b:eb:03:e8:6c:b7:11:
8a:a4:57:87:dc:55:c3:09:0b:4c:15:02:11:2e:f4:
51:6e:d9:9d:cd:23:8c:1e:2f:e2:49:d4:23:5b:71:
2b:1b:ce:1f:ed:b7:1a:25:24:e0:28:d8:00:2d:08:
44:0a:d0:10:df:c1:b5:ab:da:c9:9d:5a:f9:58:8f:
13:e9:a8:7c:4b:90:24:ca:f4:a7:fb:2f:23:76:bd:
39:29:80:05:d1:ad:a7:57:26:29:20:c8:43:e0:10:
46:24:68:5a:7f:27:b7:24:a6:1e:be:75:cc:64:36:
57:dd:4a:77:72:de:26:6d:15:69:0b:49:5b:a7:c9:
49:f6:19:d0:16:b8:e1:2a:6e:de:3f:7c:7a:97:90:
77:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:AD:8C:BE:C5:06:5F:E7:A7:F9:04:52:F3:0B:77:59:FF:D4:D2:7C
X509v3 Authority Key Identifier:
keyid:25:A5:53:79:42:23:E6:B4:C6:32:77:9B:51:37:1D:C4:E7:D7:07:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JaVTeUIj5rTGMnebUTcdxOfXBwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/hK2MvsUGX-en-QRS8wt3Wf_U0nw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/JaVTeUIj5rTGMnebUTcdxOfXBwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.40.0.0/20
84.40.32.0/21
176.223.248.0/22
IPv6:
2001:67c:4dc::/48
Signature Algorithm: sha256WithRSAEncryption
2d:e8:14:01:11:ee:bd:29:6a:f8:46:f5:c4:70:72:99:31:64:
02:a4:81:b5:a7:24:d3:10:d6:22:74:92:87:4c:3a:e8:a8:12:
5d:73:8c:30:b6:50:1c:83:b9:d7:8a:55:e8:02:9b:81:69:a9:
28:ce:02:97:99:c9:4a:ac:b2:40:38:ad:93:f3:07:51:c6:07:
86:a2:10:f8:f0:95:63:c3:73:89:c9:da:1e:9c:23:9d:6e:34:
50:d7:e0:b1:d7:10:59:b0:cc:64:0e:3a:17:96:d2:81:26:ff:
9f:06:10:56:98:35:08:fe:97:a4:06:33:09:9c:00:5e:eb:b3:
86:b6:65:d8:e3:a7:cf:8b:ef:e4:c9:cf:21:d1:4a:d0:e2:f5:
63:ea:85:be:52:07:d6:91:56:b6:e7:a0:7a:fb:26:bc:7f:23:
6a:66:65:4e:2a:7c:3d:84:e1:ce:b8:ea:a7:ff:93:92:ec:1d:
53:de:b9:37:40:0f:3b:97:d6:ae:ad:b2:7d:7d:1b:8f:83:c7:
eb:8f:93:f4:d4:e6:24:a0:c9:c8:e0:dc:5c:c6:20:a5:14:90:
11:67:65:22:05:1b:14:fc:48:75:94:69:1d:93:80:e5:f3:ab:
20:24:b5:2e:5b:57:7d:7d:82:a4:44:d4:76:48:0c:6e:2b:09:
8a:fd:48:f1
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQjaXuJMCKZ4rm9KY7/ojUkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YTU1Mzc5NDIyM2U2YjRjNjMyNzc5YjUxMzcxZGM0ZTdk
NzA3MDUwHhcNMjUwMTAxMTk0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGFkOGNiZWM1MDY1ZmU3YTdmOTA0NTJmMzBiNzc1OWZmZDRkMjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoM50CkDH5zM8qmk+jnbbppizTYaN
Eag4WJmwXb1NyRu6Oq/4F8vEgru/gnVhht7kfYX7BNofUx3Vq50Q6TGUiJ/8gRLV
ZEFL7xwW40iD5GE8mnADhaCwiZpq8DDOPzlKgK7923p1g2ddPvlhCxDICpvrA+hs
txGKpFeH3FXDCQtMFQIRLvRRbtmdzSOMHi/iSdQjW3ErG84f7bcaJSTgKNgALQhE
CtAQ38G1q9rJnVr5WI8T6ah8S5AkyvSn+y8jdr05KYAF0a2nVyYpIMhD4BBGJGha
fye3JKYevnXMZDZX3Up3ct4mbRVpC0lbp8lJ9hnQFrjhKm7eP3x6l5B3mQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFIStjL7FBl/np/kEUvMLd1n/1NJ8MB8GA1UdIwQY
MBaAFCWlU3lCI+a0xjJ3m1E3HcTn1wcFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmFWVGVVSWo1clRHTW5lYlVUY2R4T2ZYQndVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8xZjk2Y2MtNWVhNi00OWUzLThmNWYt
MzBlOTI5ZWQxMDYzLzEvaEsyTXZzVUdYLWVuLVFSUzh3dDNXZl9VMG53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8xZjk2Y2MtNWVhNi00OWUzLThmNWYtMzBlOTI5ZWQxMDYz
LzEvSmFWVGVVSWo1clRHTW5lYlVUY2R4T2ZYQndVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQEVCgAAwQD
VCggAwQCsN/4MA8EAgACMAkDBwAgAQZ8BNwwDQYJKoZIhvcNAQELBQADggEBAC3o
FAER7r0pavhG9cRwcpkxZAKkgbWnJNMQ1iJ0kodMOuioEl1zjDC2UByDudeKVegC
m4FpqSjOApeZyUqsskA4rZPzB1HGB4aiEPjwlWPDc4nJ2h6cI51uNFDX4LHXEFmw
zGQOOheW0oEm/58GEFaYNQj+l6QGMwmcAF7rs4a2Zdjjp8+L7+TJzyHRStDi9WPq
hb5SB9aRVrbnoHr7Jrx/I2pmZU4qfD2E4c646qf/k5LsHVPeuTdADzuX1q6tsn19
G4+Dx+uPk/TU5iSgycjg3FzGIKUUkBFnZSIFGxT8SHWUaR2TgOXzqyAktS5bV319
gqRE1HZIDG4rCYr9SPE=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:39 2025 by rpki-client