Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/JHq-cx8MpGkJxGG33iO5RKm7cnc.roa
File: JHq-cx8MpGkJxGG33iO5RKm7cnc.roa (raw, json)
Hash identifier: ZMGUXtnT61LLOsqheUWPFTePFlayGE7mSCP72yP9Ymg=
Subject key identifier: 24:7A:BE:73:1F:0C:A4:69:09:C4:61:B7:DE:23:B9:44:A9:BB:72:77
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 018CE99ABA2B94AED4502EE6687498AF0352
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/JHq-cx8MpGkJxGG33iO5RKm7cnc.roa
Signing time: Mon 08 Jan 2024 15:04:40 +0000
ROA not before: Mon 08 Jan 2024 15:04:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41075
IP address blocks: 87.229.111.0/24 maxlen: 24
87.229.7.0/24 maxlen: 24
87.229.24.0/24 maxlen: 24
79.172.194.0/23 maxlen: 23
79.172.197.0/24 maxlen: 24
79.172.204.0/24 maxlen: 24
79.172.205.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e9:9a:ba:2b:94:ae:d4:50:2e:e6:68:74:98:af:03:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jan 8 15:04:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=247abe731f0ca46909c461b7de23b944a9bb7277
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e9:b0:92:f5:8d:b1:fa:b3:9c:4b:e7:8e:71:
40:37:3c:7e:08:c2:5e:23:89:2f:b7:b3:c0:37:33:
16:b2:5a:d9:88:04:84:80:59:78:79:15:4a:cc:b4:
f3:82:d0:fd:18:db:05:ef:c7:51:88:6e:34:9c:bc:
87:d1:db:d0:d2:36:5c:01:f6:af:4f:94:5c:fe:d4:
26:c5:51:a6:b0:a7:fb:fa:60:07:f7:8e:1f:66:b4:
ef:a8:20:be:92:c3:8b:7d:91:82:68:89:c2:d9:2e:
9f:6b:1a:08:74:9e:a4:be:7e:f0:4a:0a:72:1a:2b:
29:05:21:1a:e3:b7:7b:a3:76:4c:28:37:35:d7:ab:
37:72:63:11:67:57:77:b1:ad:eb:00:75:f1:6a:d4:
9d:d5:ba:07:10:26:37:26:ef:cc:b5:80:7f:a5:bd:
25:75:75:11:ce:54:60:1d:35:24:50:9d:35:cd:21:
e0:ca:f9:f2:d8:bb:07:3d:23:cc:11:7b:75:8d:31:
45:3c:d6:ac:da:4a:07:50:f8:fc:2b:43:35:5c:ec:
48:f2:44:c7:71:7b:84:b7:fa:2d:09:5d:db:98:5a:
51:6b:e2:f8:07:0b:6e:e6:b0:b4:d1:4f:7b:c4:5f:
88:7f:18:51:c3:9d:3a:f5:ff:c0:31:4d:00:0a:1c:
b2:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:7A:BE:73:1F:0C:A4:69:09:C4:61:B7:DE:23:B9:44:A9:BB:72:77
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/JHq-cx8MpGkJxGG33iO5RKm7cnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.194.0/23
79.172.197.0/24
79.172.204.0/23
87.229.7.0/24
87.229.24.0/24
87.229.111.0/24
Signature Algorithm: sha256WithRSAEncryption
28:83:0d:ee:d7:41:99:53:cc:a2:e2:29:35:99:cf:37:b0:4d:
15:b2:56:08:13:28:db:12:b8:94:27:9d:02:f8:65:05:94:d5:
90:82:db:4f:b2:e5:e8:99:b0:58:c4:cb:94:d0:f1:75:23:63:
d0:71:83:fd:07:56:ec:8d:4a:02:68:91:4b:8b:64:42:3e:7c:
3c:d0:c2:b2:6a:86:e5:0d:37:e8:89:e5:a3:c8:79:4a:d1:08:
10:3e:95:31:c9:21:41:4d:b4:15:18:d4:c7:ee:42:66:39:9d:
40:00:52:c3:04:f9:b3:30:a4:02:d0:cc:6f:2f:c7:63:15:b0:
1b:c4:8d:d8:be:e2:58:8e:7b:b3:69:e8:14:45:70:4c:b7:9d:
4b:b9:e3:52:10:df:e5:77:30:51:31:2e:b7:b8:81:bb:2b:6d:
20:fe:c0:ab:a7:d5:03:ff:66:81:7c:7f:f0:89:84:b3:24:ea:
bd:4f:4a:ed:92:0e:59:71:1e:c1:89:12:f1:c4:d5:ec:99:59:
ee:f0:d8:8a:8e:fb:49:2f:1f:01:6f:fd:b6:4d:2a:2f:a8:8f:
db:01:af:92:bc:f4:77:b0:3d:38:32:b3:52:e4:88:98:c5:5f:
0a:5b:7c:f9:39:2e:a5:81:16:1f:b7:a6:5d:a8:96:38:bc:72:
c1:85:7a:65
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzpmrorlK7UUC7maHSYrwNSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjQwMTA4MTUwNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDdhYmU3MzFmMGNhNDY5MDljNDYxYjdkZTIzYjk0NGE5YmI3Mjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxumwkvWNsfqznEvnjnFANzx+CMJe
I4kvt7PANzMWslrZiASEgFl4eRVKzLTzgtD9GNsF78dRiG40nLyH0dvQ0jZcAfav
T5Rc/tQmxVGmsKf7+mAH944fZrTvqCC+ksOLfZGCaInC2S6faxoIdJ6kvn7wSgpy
GispBSEa47d7o3ZMKDc116s3cmMRZ1d3sa3rAHXxatSd1boHECY3Ju/MtYB/pb0l
dXURzlRgHTUkUJ01zSHgyvny2LsHPSPMEXt1jTFFPNas2koHUPj8K0M1XOxI8kTH
cXuEt/otCV3bmFpRa+L4Bwtu5rC00U97xF+IfxhRw5069f/AMU0AChyyYwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCR6vnMfDKRpCcRht94juUSpu3J3MB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvSkhxLWN4OE1wR2tKeEdHMzNpTzVSS203Y25jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBT6zCAwQA
T6zFAwQBT6zMAwQAV+UHAwQAV+UYAwQAV+VvMA0GCSqGSIb3DQEBCwUAA4IBAQAo
gw3u10GZU8yi4ik1mc83sE0VslYIEyjbEriUJ50C+GUFlNWQgttPsuXombBYxMuU
0PF1I2PQcYP9B1bsjUoCaJFLi2RCPnw80MKyaoblDTfoieWjyHlK0QgQPpUxySFB
TbQVGNTH7kJmOZ1AAFLDBPmzMKQC0MxvL8djFbAbxI3YvuJYjnuzaegURXBMt51L
ueNSEN/ldzBRMS63uIG7K20g/sCrp9UD/2aBfH/wiYSzJOq9T0rtkg5ZcR7BiRLx
xNXsmVnu8NiKjvtJLx8Bb/22TSovqI/bAa+SvPR3sD04MrNS5IiYxV8KW3z5OS6l
gRYft6ZdqJY4vHLBhXpl
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:48:53 2025 by rpki-client