Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/2b8b2d-c023-4dfb-a504-41f62da4edab/1/PX9v5qjZ5Kx92ejP5QMaNfGm8gQ.roa
File: PX9v5qjZ5Kx92ejP5QMaNfGm8gQ.roa (raw, json)
Hash identifier: VQ2IHPc4zVW5dJle4h1B0CNnt02hgrtdyFrWdC0CiSQ=
Subject key identifier: 3D:7F:6F:E6:A8:D9:E4:AC:7D:D9:E8:CF:E5:03:1A:35:F1:A6:F2:04
Certificate issuer: /CN=796d29ee381b51f645e05415668d92a9ce7a8dd2
Certificate serial: 01941FFA10FDCD56738C3ADDBD7975ACDC0C
Authority key identifier: 79:6D:29:EE:38:1B:51:F6:45:E0:54:15:66:8D:92:A9:CE:7A:8D:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eW0p7jgbUfZF4FQVZo2Sqc56jdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/2b8b2d-c023-4dfb-a504-41f62da4edab/1/PX9v5qjZ5Kx92ejP5QMaNfGm8gQ.roa
Signing time: Wed 01 Jan 2025 03:47:49 +0000
ROA not before: Wed 01 Jan 2025 03:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44763
IP address blocks: 93.93.72.0/21 maxlen: 21
176.241.232.0/21 maxlen: 24
185.79.84.0/24 maxlen: 24
185.79.85.0/24 maxlen: 24
2a00:1548::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:10:fd:cd:56:73:8c:3a:dd:bd:79:75:ac:dc:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=796d29ee381b51f645e05415668d92a9ce7a8dd2
Validity
Not Before: Jan 1 03:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d7f6fe6a8d9e4ac7dd9e8cfe5031a35f1a6f204
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:03:e6:ea:d2:72:51:1a:e1:99:66:b4:d7:06:
e1:b2:a9:56:1c:e4:3b:91:bc:84:3e:f4:77:81:00:
8c:6a:3a:1c:19:cd:0e:e3:ad:23:ae:5c:5f:e9:a5:
70:39:20:cb:1f:53:af:e1:07:26:9e:f5:c4:d5:be:
cc:95:a7:7f:31:bc:0d:d1:44:a8:18:0c:3e:4b:3d:
8d:01:f2:d5:4c:6d:7d:20:ef:fd:e1:d3:54:46:b0:
29:9d:47:ff:58:77:27:de:37:cc:c2:00:08:f6:6d:
6a:12:98:4a:2b:15:77:4f:3c:07:49:70:d8:53:61:
c7:8d:02:5a:88:b2:ff:62:a2:36:95:80:a6:19:4d:
e1:97:dc:fe:b8:3b:8c:d8:d1:0b:94:a3:25:7d:3e:
56:cd:d0:b4:02:a3:8b:8d:41:3c:ec:b3:6a:19:30:
4d:c4:01:4b:b5:b6:13:0e:e8:ce:2f:23:4f:67:bc:
15:fa:d2:3e:ed:e1:52:e7:2c:75:83:2f:55:ac:ac:
97:52:55:a9:70:b1:ac:6b:d3:15:7d:4b:2e:73:f0:
df:e0:9c:c8:59:50:63:95:0a:95:74:36:70:8b:d8:
e9:fc:a3:ba:73:1b:59:72:bc:f1:92:e6:2e:35:a2:
36:96:fc:cc:27:60:0b:89:16:74:1c:17:a6:40:a7:
83:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:7F:6F:E6:A8:D9:E4:AC:7D:D9:E8:CF:E5:03:1A:35:F1:A6:F2:04
X509v3 Authority Key Identifier:
keyid:79:6D:29:EE:38:1B:51:F6:45:E0:54:15:66:8D:92:A9:CE:7A:8D:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eW0p7jgbUfZF4FQVZo2Sqc56jdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/2b8b2d-c023-4dfb-a504-41f62da4edab/1/PX9v5qjZ5Kx92ejP5QMaNfGm8gQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/2b8b2d-c023-4dfb-a504-41f62da4edab/1/eW0p7jgbUfZF4FQVZo2Sqc56jdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.93.72.0/21
176.241.232.0/21
185.79.84.0/23
IPv6:
2a00:1548::/32
Signature Algorithm: sha256WithRSAEncryption
3c:7a:e1:20:eb:23:2c:00:3b:94:9f:72:09:53:54:ac:4c:77:
63:71:0f:95:91:65:b7:d1:3b:61:5d:96:47:05:bd:5b:18:b6:
45:d7:aa:42:5b:ee:a7:28:7b:a4:7a:f0:81:4e:ae:38:1e:fa:
1d:f6:90:75:c1:60:5b:e5:0d:35:14:bb:fa:49:c6:6e:34:43:
0b:18:8b:ff:66:2d:bd:f0:5e:79:54:ca:a9:24:b6:27:50:9a:
5e:5a:6d:d1:02:ad:5e:6a:13:c4:27:9c:88:25:5a:87:a4:ee:
4f:3c:1f:3f:df:34:58:2a:1e:86:43:f7:9b:48:8d:d7:f2:aa:
3a:7d:88:06:e4:36:8e:26:bc:cc:9c:8f:3b:9d:79:ad:d2:69:
9a:4f:51:b0:ec:47:bc:ea:19:e0:ce:8d:86:99:af:76:ac:55:
bf:4b:8b:81:86:f2:c8:23:de:ae:bf:df:f2:7e:4e:d9:e5:69:
61:6e:98:13:82:d9:e4:ef:0d:99:6c:98:fe:00:61:e7:de:a9:
2f:c5:69:9c:ed:55:f4:74:b1:9f:00:78:63:7b:0c:5c:d5:be:
66:de:1f:b6:ab:ec:ce:12:fc:82:ab:29:d2:ec:2a:f8:f1:c8:
0f:f3:14:75:f2:0e:ee:38:91:c7:5e:71:47:aa:ba:27:b3:7a:
7c:8e:c0:76
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQf+hD9zVZzjDrdvXl1rNwMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5NmQyOWVlMzgxYjUxZjY0NWUwNTQxNTY2OGQ5MmE5Y2U3
YThkZDIwHhcNMjUwMTAxMDM0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDdmNmZlNmE4ZDllNGFjN2RkOWU4Y2ZlNTAzMWEzNWYxYTZmMjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAPm6tJyURrhmWa01wbhsqlWHOQ7
kbyEPvR3gQCMajocGc0O460jrlxf6aVwOSDLH1Ov4QcmnvXE1b7Mlad/MbwN0USo
GAw+Sz2NAfLVTG19IO/94dNURrApnUf/WHcn3jfMwgAI9m1qEphKKxV3TzwHSXDY
U2HHjQJaiLL/YqI2lYCmGU3hl9z+uDuM2NELlKMlfT5WzdC0AqOLjUE87LNqGTBN
xAFLtbYTDujOLyNPZ7wV+tI+7eFS5yx1gy9VrKyXUlWpcLGsa9MVfUsuc/Df4JzI
WVBjlQqVdDZwi9jp/KO6cxtZcrzxkuYuNaI2lvzMJ2ALiRZ0HBemQKeDAQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFD1/b+ao2eSsfdnoz+UDGjXxpvIEMB8GA1UdIwQY
MBaAFHltKe44G1H2ReBUFWaNkqnOeo3SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVcwcDdqZ2JVZlpGNEZRVlpvMlNxYzU2amRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8yYjhiMmQtYzAyMy00ZGZiLWE1MDQt
NDFmNjJkYTRlZGFiLzEvUFg5djVxalo1S3g5MmVqUDVRTWFOZkdtOGdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8yYjhiMmQtYzAyMy00ZGZiLWE1MDQtNDFmNjJkYTRlZGFi
LzEvZVcwcDdqZ2JVZlpGNEZRVlpvMlNxYzU2amRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDXV1IAwQD
sPHoAwQBuU9UMA0EAgACMAcDBQAqABVIMA0GCSqGSIb3DQEBCwUAA4IBAQA8euEg
6yMsADuUn3IJU1SsTHdjcQ+VkWW30TthXZZHBb1bGLZF16pCW+6nKHukevCBTq44
Hvod9pB1wWBb5Q01FLv6ScZuNEMLGIv/Zi298F55VMqpJLYnUJpeWm3RAq1eahPE
J5yIJVqHpO5PPB8/3zRYKh6GQ/ebSI3X8qo6fYgG5DaOJrzMnI87nXmt0mmaT1Gw
7Ee86hngzo2Gma92rFW/S4uBhvLII96uv9/yfk7Z5WlhbpgTgtnk7w2ZbJj+AGHn
3qkvxWmc7VX0dLGfAHhjewxc1b5m3h+2q+zOEvyCqynS7Cr48cgP8xR18g7uOJHH
XnFHqrons3p8jsB2
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:48:06 2025 by rpki-client