Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/i_UcuzL9zTQgOWXWKVKBnWlx2-Q.roa
File: i_UcuzL9zTQgOWXWKVKBnWlx2-Q.roa (raw, json)
Hash identifier: qOnrHWnxpU1VfUwGPdJ1vvqI7lQY18Q1pa9Mxzd+y5Y=
Subject key identifier: 8B:F5:1C:BB:32:FD:CD:34:20:39:65:D6:29:52:81:9D:69:71:DB:E4
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 01942827BEB3184CA3BB252A0A0DBE5D8083
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/i_UcuzL9zTQgOWXWKVKBnWlx2-Q.roa
Signing time: Thu 02 Jan 2025 17:54:40 +0000
ROA not before: Thu 02 Jan 2025 17:54:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47169
IP address blocks: 84.21.4.0/24 maxlen: 24
87.229.16.0/22 maxlen: 22
87.229.38.0/24 maxlen: 24
87.229.39.0/24 maxlen: 24
87.229.42.0/23 maxlen: 24
87.229.52.0/24 maxlen: 24
87.229.106.0/24 maxlen: 24
87.229.107.0/24 maxlen: 24
213.181.196.0/24 maxlen: 24
213.181.197.0/24 maxlen: 24
213.181.198.0/24 maxlen: 24
213.181.212.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:be:b3:18:4c:a3:bb:25:2a:0a:0d:be:5d:80:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jan 2 17:54:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8bf51cbb32fdcd34203965d62952819d6971dbe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:4c:d0:8f:ef:6e:d2:e0:73:f2:dd:6a:2a:b6:
aa:ba:5b:90:8e:e5:85:70:1b:02:72:24:c9:52:22:
30:2a:54:49:8d:0c:d4:2d:25:20:72:2c:f8:f5:f1:
aa:c0:2f:de:9d:26:b1:e9:57:05:db:fe:b4:48:23:
ac:b7:63:ab:36:c2:76:a1:a7:83:28:aa:c5:17:96:
a8:3e:a4:e6:23:6a:39:75:d2:13:33:b0:71:95:ee:
c2:71:e2:4f:ff:dc:2c:46:c3:47:94:ca:43:5f:5e:
80:d2:2f:5d:f8:f6:d2:bc:13:f3:a5:91:f1:01:a4:
2f:80:67:34:5e:b5:db:79:da:69:fc:ba:36:2f:8d:
78:ca:04:86:f4:45:b0:cd:0c:21:d4:ae:da:72:e8:
ea:3f:fa:e9:84:65:7d:d6:ec:c0:34:bb:16:53:3d:
4b:8e:22:58:3f:bb:f5:e3:86:e4:ff:ba:6b:33:49:
c8:5b:28:2f:11:77:a8:15:d5:c5:4b:61:c0:fe:ac:
4c:fc:4a:df:4f:dd:9a:c2:4e:bc:80:ff:27:c8:41:
54:c7:c3:16:d6:91:dc:c0:c9:44:8f:57:b8:de:b7:
b0:c9:4a:4c:2a:6f:1e:9f:a6:f1:6a:ce:1e:8b:c2:
4a:d2:81:8c:54:95:4c:c3:04:01:73:9b:d7:c8:d0:
ed:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:F5:1C:BB:32:FD:CD:34:20:39:65:D6:29:52:81:9D:69:71:DB:E4
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/i_UcuzL9zTQgOWXWKVKBnWlx2-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.4.0/24
87.229.16.0/22
87.229.38.0/23
87.229.42.0/23
87.229.52.0/24
87.229.106.0/23
213.181.196.0-213.181.198.255
213.181.212.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:b8:f5:7c:9f:6f:a4:c8:38:46:ef:90:e8:b3:6b:bb:c1:09:
6e:4c:90:91:7b:ea:38:8d:2f:7f:8a:31:5c:61:df:c5:cf:b4:
95:7a:b3:57:11:9b:fa:e0:9a:ee:2b:14:25:b8:c1:77:d6:3e:
e2:32:4a:89:19:06:03:e1:f5:1d:11:21:49:98:19:42:f7:94:
36:6f:4d:d3:f5:61:3c:b1:de:1d:6c:f2:e6:47:83:01:a1:41:
f5:6e:4b:10:54:07:9b:58:80:17:4f:1d:49:88:b2:8c:3f:80:
a1:ab:61:3a:82:d6:60:c5:b5:35:9d:61:f8:cf:33:42:45:0d:
c8:4a:f2:32:74:6f:fa:1a:d1:73:ac:b2:fe:c4:6b:ef:3b:48:
44:f3:b1:62:a4:ff:af:81:f1:77:37:cd:20:9a:d7:2a:ce:46:
13:ef:56:15:dd:5a:e8:45:57:f6:6d:dd:b6:02:01:bb:84:a1:
c8:fc:b6:2c:58:b6:a4:c6:36:49:09:37:0b:46:bf:23:96:ce:
13:c5:22:52:8c:5d:ab:e0:3d:4b:3e:63:1b:67:0a:76:52:29:
ad:06:2a:87:3f:44:e8:ee:44:d9:25:ed:ce:9e:8b:d3:de:d2:
d5:03:a5:c5:4b:41:b9:53:01:b0:1d:77:77:4f:ff:5f:ba:15:
42:dc:e4:02
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZQoJ76zGEyjuyUqCg2+XYCDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwMTAyMTc1NDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmY1MWNiYjMyZmRjZDM0MjAzOTY1ZDYyOTUyODE5ZDY5NzFkYmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UzQj+9u0uBz8t1qKraquluQjuWF
cBsCciTJUiIwKlRJjQzULSUgciz49fGqwC/enSax6VcF2/60SCOst2OrNsJ2oaeD
KKrFF5aoPqTmI2o5ddITM7Bxle7CceJP/9wsRsNHlMpDX16A0i9d+PbSvBPzpZHx
AaQvgGc0XrXbedpp/Lo2L414ygSG9EWwzQwh1K7acujqP/rphGV91uzANLsWUz1L
jiJYP7v144bk/7prM0nIWygvEXeoFdXFS2HA/qxM/ErfT92awk68gP8nyEFUx8MW
1pHcwMlEj1e43rewyUpMKm8en6bxas4ei8JK0oGMVJVMwwQBc5vXyNDtjwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFIv1HLsy/c00IDll1ilSgZ1pcdvkMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvaV9VY3V6TDl6VFFnT1dYV0tWS0JuV2x4Mi1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAVBUEAwQC
V+UQAwQBV+UmAwQBV+UqAwQAV+U0AwQBV+VqMAwDBALVtcQDBADVtcYDBADVtdQw
DQYJKoZIhvcNAQELBQADggEBAHq49Xyfb6TIOEbvkOiza7vBCW5MkJF76jiNL3+K
MVxh38XPtJV6s1cRm/rgmu4rFCW4wXfWPuIySokZBgPh9R0RIUmYGUL3lDZvTdP1
YTyx3h1s8uZHgwGhQfVuSxBUB5tYgBdPHUmIsow/gKGrYTqC1mDFtTWdYfjPM0JF
DchK8jJ0b/oa0XOssv7Ea+87SETzsWKk/6+B8Xc3zSCa1yrORhPvVhXdWuhFV/Zt
3bYCAbuEocj8tixYtqTGNkkJNwtGvyOWzhPFIlKMXavgPUs+YxtnCnZSKa0GKoc/
ROjuRNkl7c6ei9Pe0tUDpcVLQblTAbAdd3dP/1+6FULc5AI=
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:12:53 2025 by rpki-client