Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/7eNZUUtMr7jfA7YgPCDp5Y8grAc.roa
File: 7eNZUUtMr7jfA7YgPCDp5Y8grAc.roa (raw, json)
Hash identifier: sg/wNuUTNiEpzP8okvn65CcSYq3h0kogPktqzbhWv6o=
Subject key identifier: ED:E3:59:51:4B:4C:AF:B8:DF:03:B6:20:3C:20:E9:E5:8F:20:AC:07
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 01959E28D14160A7C9215B8FC8C0FF4606EC
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/7eNZUUtMr7jfA7YgPCDp5Y8grAc.roa
Signing time: Sun 16 Mar 2025 08:53:49 +0000
ROA not before: Sun 16 Mar 2025 08:53:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44889
IP address blocks: 46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
46.38.140.0/24 maxlen: 24
46.38.151.0/24 maxlen: 24
185.24.150.0/24 maxlen: 24
185.29.220.0/24 maxlen: 24
185.29.221.0/24 maxlen: 24
212.16.64.0/19 maxlen: 24
212.16.72.0/24 maxlen: 25
212.16.86.0/23 maxlen: 23
212.16.89.0/24 maxlen: 24
212.80.0.0/19 maxlen: 24
212.80.2.0/24 maxlen: 24
212.80.12.0/24 maxlen: 24
212.80.13.0/24 maxlen: 24
212.80.14.0/24 maxlen: 24
212.80.15.0/24 maxlen: 24
2a00:7d80::/29 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:9e:28:d1:41:60:a7:c9:21:5b:8f:c8:c0:ff:46:06:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Mar 16 08:53:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ede359514b4cafb8df03b6203c20e9e58f20ac07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:01:89:a0:73:c7:73:f7:51:17:84:25:c3:b9:
20:70:3d:26:c6:e6:1a:81:f5:4d:63:df:8c:65:75:
70:44:83:39:64:66:e6:2a:33:6a:6b:d7:94:0a:76:
f6:41:fb:6f:07:85:90:9e:c1:e3:f0:f5:fe:23:18:
b5:7c:1e:0b:0e:57:3a:cc:b8:c0:67:a0:74:48:0c:
d0:1a:9d:29:4e:fc:13:3a:44:62:33:12:7b:85:91:
20:10:68:81:77:3d:c5:02:08:72:b2:9a:fc:01:56:
ff:fa:ae:8a:3f:e3:14:d6:03:4a:1c:7d:1b:de:f9:
66:e8:85:a9:fa:2e:e7:c9:ff:e5:cd:e4:b4:25:1e:
53:ea:86:21:ec:12:6b:e5:56:75:46:0d:16:d3:56:
fa:34:4c:41:0e:28:d4:7a:b2:da:ac:dc:57:b9:39:
23:fd:1b:e0:0f:a7:bb:3f:75:be:d2:af:ae:04:eb:
37:24:6e:61:03:c2:e2:e6:59:f5:ad:84:27:2a:b3:
63:be:85:92:43:0a:8c:3d:f9:cc:d4:6c:c0:10:41:
8b:a3:15:ec:37:1b:86:fb:8e:1c:2e:ef:cf:55:4b:
52:37:e3:db:bc:e5:8b:b2:9b:d8:b9:b4:10:aa:2f:
0a:01:83:a1:02:c0:6f:86:c6:18:41:97:82:56:ae:
33:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:E3:59:51:4B:4C:AF:B8:DF:03:B6:20:3C:20:E9:E5:8F:20:AC:07
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/7eNZUUtMr7jfA7YgPCDp5Y8grAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0/24
46.38.140.0/24
46.38.151.0/24
185.24.150.0/24
185.29.220.0/23
212.16.64.0/19
212.80.0.0/19
IPv6:
2a00:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
bd:7e:fa:41:79:48:6e:b5:c6:cf:a8:46:59:e8:98:56:08:5f:
7d:d6:aa:1e:09:e6:26:b3:0e:e9:e3:32:57:b8:a4:9d:2e:71:
d8:4d:a3:dd:dd:e2:5c:5c:0e:f2:2d:28:fb:f4:11:df:eb:47:
70:95:6a:20:75:ab:83:85:c4:34:a2:3c:a7:08:0e:ae:ad:b5:
68:8b:1a:1a:c0:f2:4f:03:90:e4:bb:07:78:cb:36:4f:80:ce:
2d:ab:46:4a:74:82:a8:d7:cc:70:56:20:36:fe:ae:c6:a9:75:
9e:ee:c1:19:b8:4f:bb:b9:fb:2e:cc:d7:9a:bf:68:c3:15:9f:
01:84:2a:b8:50:50:c9:19:79:56:35:3c:70:d5:fa:b9:34:75:
86:53:d4:05:ae:25:4e:01:13:00:78:2e:0b:61:1d:4a:c4:ac:
ab:18:86:fc:37:fb:b5:8a:51:d9:30:bc:31:b3:ec:bb:e2:c3:
b2:f9:73:db:60:d3:c5:63:1e:ba:4e:bf:9c:ff:9c:5b:01:ab:
12:df:76:4f:21:25:ef:52:1f:7c:df:28:21:ed:30:59:c9:ff:
e1:72:58:a7:55:48:60:b4:ff:92:dd:fd:68:5d:83:f6:39:3d:
61:be:70:4d:63:10:10:82:08:a9:69:2d:1e:e6:7e:98:8b:85:
c5:96:b2:e4
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZWeKNFBYKfJIVuPyMD/RgbsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwMzE2MDg1MzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGUzNTk1MTRiNGNhZmI4ZGYwM2I2MjAzYzIwZTllNThmMjBhYzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQGJoHPHc/dRF4Qlw7kgcD0mxuYa
gfVNY9+MZXVwRIM5ZGbmKjNqa9eUCnb2QftvB4WQnsHj8PX+Ixi1fB4LDlc6zLjA
Z6B0SAzQGp0pTvwTOkRiMxJ7hZEgEGiBdz3FAghyspr8AVb/+q6KP+MU1gNKHH0b
3vlm6IWp+i7nyf/lzeS0JR5T6oYh7BJr5VZ1Rg0W01b6NExBDijUerLarNxXuTkj
/RvgD6e7P3W+0q+uBOs3JG5hA8Li5ln1rYQnKrNjvoWSQwqMPfnM1GzAEEGLoxXs
NxuG+44cLu/PVUtSN+PbvOWLspvYubQQqi8KAYOhAsBvhsYYQZeCVq4zTwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFO3jWVFLTK+43wO2IDwg6eWPIKwHMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvN2VOWlVVdE1yN2pmQTdZZ1BDRHA1WThnckFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQALiaBAwQA
LiaDAwQALiaMAwQALiaXAwQAuRiWAwQBuR3cAwQF1BBAAwQF1FAAMA0EAgACMAcD
BQMqAH2AMA0GCSqGSIb3DQEBCwUAA4IBAQC9fvpBeUhutcbPqEZZ6JhWCF991qoe
CeYmsw7p4zJXuKSdLnHYTaPd3eJcXA7yLSj79BHf60dwlWogdauDhcQ0ojynCA6u
rbVoixoawPJPA5Dkuwd4yzZPgM4tq0ZKdIKo18xwViA2/q7GqXWe7sEZuE+7ufsu
zNeav2jDFZ8BhCq4UFDJGXlWNTxw1fq5NHWGU9QFriVOARMAeC4LYR1KxKyrGIb8
N/u1ilHZMLwxs+y74sOy+XPbYNPFYx66Tr+c/5xbAasS33ZPISXvUh983ygh7TBZ
yf/hclinVUhgtP+S3f1oXYP2OT1hvnBNYxAQggipaS0e5n6Yi4XFlrLk
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:24:38 2025 by rpki-client