Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/tFn3BxzSitqIKPucx4Vmkr1AZSI.roa
File: tFn3BxzSitqIKPucx4Vmkr1AZSI.roa (raw, json)
Hash identifier: 4fQeute3WL+BHWDnzyDGmphOqL0assc8MtkpvA5+/wc=
Subject key identifier: B4:59:F7:07:1C:D2:8A:DA:88:28:FB:9C:C7:85:66:92:BD:40:65:22
Certificate issuer: /CN=210da9e7af01de75448f4906aac41bd2964e8847
Certificate serial: 44D58670
Authority key identifier: 21:0D:A9:E7:AF:01:DE:75:44:8F:49:06:AA:C4:1B:D2:96:4E:88:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQ2p568B3nVEj0kGqsQb0pZOiEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/tFn3BxzSitqIKPucx4Vmkr1AZSI.roa
Signing time: Sat 01 Jan 2022 00:51:01 +0000
ROA not before: Sat 01 Jan 2022 00:51:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47524
IP address blocks: 176.240.0.0/16 maxlen: 24
185.26.68.0/22 maxlen: 24
185.26.68.0/24 maxlen: 24
185.26.69.0/24 maxlen: 24
185.26.70.0/24 maxlen: 24
185.26.71.0/24 maxlen: 24
94.55.96.0/22 maxlen: 24
94.55.112.0/22 maxlen: 24
94.55.116.0/22 maxlen: 24
94.55.124.0/23 maxlen: 24
94.55.120.0/23 maxlen: 24
94.55.122.0/23 maxlen: 24
94.55.127.0/24 maxlen: 24
94.55.126.0/24 maxlen: 24
24.133.0.0/16 maxlen: 24
94.55.64.0/20 maxlen: 24
94.55.80.0/21 maxlen: 24
94.55.88.0/22 maxlen: 24
94.54.0.0/15 maxlen: 24
46.196.0.0/15 maxlen: 24
24.133.152.0/22 maxlen: 24
24.133.156.0/22 maxlen: 24
178.233.0.0/16 maxlen: 24
2a00:1d58::/36 maxlen: 36
2a00:1d58::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1154844272 (0x44d58670)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=210da9e7af01de75448f4906aac41bd2964e8847
Validity
Not Before: Jan 1 00:51:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b459f7071cd28ada8828fb9cc7856692bd406522
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:82:2d:a9:6d:ed:cf:f9:fc:d5:84:3b:40:33:
df:97:31:f8:8d:30:da:e8:f3:0c:87:68:44:32:18:
98:2d:e0:df:9d:62:c4:8d:d8:44:16:af:78:61:55:
94:4e:c7:e8:01:09:7a:89:b6:be:5b:d8:a5:97:85:
c1:27:4b:26:0b:f8:cf:2b:41:dd:ee:c7:43:a1:6c:
70:6d:a4:a0:ff:62:ef:2d:84:8f:1d:6e:68:d1:85:
58:d3:32:3c:35:81:5a:8a:9d:1c:0b:6d:45:5c:94:
6a:8d:16:0d:ae:5b:e7:52:7d:79:9b:c3:ee:4f:d4:
86:9a:50:11:d7:42:e2:ce:a9:97:4a:ab:62:54:f3:
73:db:b0:ef:ab:79:4f:81:c2:3b:36:29:d9:34:fc:
c0:b9:b5:95:95:aa:67:2a:c7:3c:79:74:b2:6e:a0:
52:07:f5:85:30:5e:3b:54:7a:ef:97:70:96:e8:45:
36:1c:02:24:df:f5:ce:c5:eb:42:98:2f:1c:70:95:
27:4b:56:4b:ea:4c:b8:cb:3b:24:36:7c:00:2f:d0:
1f:eb:19:ff:37:4d:d2:48:49:fb:ec:31:8f:6a:1e:
bd:d6:9c:1b:a3:fd:a7:6d:23:6f:b4:3d:90:fa:3c:
b6:1f:28:8e:27:68:8f:a1:2c:9e:8a:df:43:c4:ed:
38:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:59:F7:07:1C:D2:8A:DA:88:28:FB:9C:C7:85:66:92:BD:40:65:22
X509v3 Authority Key Identifier:
keyid:21:0D:A9:E7:AF:01:DE:75:44:8F:49:06:AA:C4:1B:D2:96:4E:88:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQ2p568B3nVEj0kGqsQb0pZOiEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/tFn3BxzSitqIKPucx4Vmkr1AZSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/IQ2p568B3nVEj0kGqsQb0pZOiEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
24.133.0.0/16
46.196.0.0/15
94.54.0.0/15
176.240.0.0/16
178.233.0.0/16
185.26.68.0/22
IPv6:
2a00:1d58::/32
Signature Algorithm: sha256WithRSAEncryption
82:13:26:84:e5:9c:cb:27:75:34:4b:9c:90:b0:ec:91:93:ed:
b8:18:70:e5:85:57:33:c6:cc:af:de:6b:56:af:4c:6f:9c:cb:
6b:d4:26:34:cf:5a:40:e2:a9:bf:20:55:a6:10:ab:0f:73:fe:
cf:d6:54:bd:d1:b4:3e:98:6a:5c:6e:65:3d:b5:4b:38:d1:93:
f3:4a:db:26:5c:d2:3e:48:f9:80:f7:7a:f4:b0:ed:22:3c:52:
4b:8c:c7:88:7b:f5:2c:9e:d8:8a:40:04:a1:5b:af:28:a0:49:
39:92:37:0d:cb:5a:80:40:fe:5c:39:3f:80:99:05:45:9d:32:
7e:f7:a4:84:b2:68:03:a1:83:c8:70:60:a3:7b:8d:42:46:1c:
53:2d:1d:37:12:77:de:31:be:b5:0e:9e:29:dd:f3:05:ee:df:
f9:04:69:00:5b:5b:4d:f2:4e:12:a7:3b:75:fc:a3:93:1d:78:
c8:5d:10:cc:88:5c:22:1f:be:8b:4e:70:dc:03:dd:75:49:04:
8f:cc:b6:99:e0:44:7d:72:34:00:d1:bd:ca:6c:9b:08:81:ed:
87:17:04:4a:c2:25:5a:66:6d:1f:4d:d1:c5:be:b9:28:6d:01:
6f:ac:2d:ba:e2:c2:e3:b6:8d:5f:16:fe:8e:13:db:47:d2:d8:
00:99:49:cc
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIERNWGcDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTBkYTllN2FmMDFkZTc1NDQ4ZjQ5MDZhYWM0MWJkMjk2NGU4ODQ3MB4XDTIyMDEw
MTAwNTEwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjQ1OWY3MDcxY2Qy
OGFkYTg4MjhmYjljYzc4NTY2OTJiZDQwNjUyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMCCLalt7c/5/NWEO0Az35cx+I0w2ujzDIdoRDIYmC3g351i
xI3YRBaveGFVlE7H6AEJeom2vlvYpZeFwSdLJgv4zytB3e7HQ6FscG2koP9i7y2E
jx1uaNGFWNMyPDWBWoqdHAttRVyUao0WDa5b51J9eZvD7k/UhppQEddC4s6pl0qr
YlTzc9uw76t5T4HCOzYp2TT8wLm1lZWqZyrHPHl0sm6gUgf1hTBeO1R675dwluhF
NhwCJN/1zsXrQpgvHHCVJ0tWS+pMuMs7JDZ8AC/QH+sZ/zdN0khJ++wxj2oevdac
G6P9p20jb7Q9kPo8th8ojidoj6EsnorfQ8TtOFECAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBS0WfcHHNKK2ogo+5zHhWaSvUBlIjAfBgNVHSMEGDAWgBQhDannrwHedUSP
SQaqxBvSlk6IRzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lRMnA1NjhCM25WRWowa0dxc1FiMHBaT2lFYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjQvZjI3ODIxLTRjY2YtNGQyZS04YjE1LTZlMTI3NzRmODUxZS8x
L3RGbjNCeHpTaXRxSUtQdWN4NFZta3IxQVpTSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQv
ZjI3ODIxLTRjY2YtNGQyZS04YjE1LTZlMTI3NzRmODUxZS8xL0lRMnA1NjhCM25W
RWowa0dxc1FiMHBaT2lFYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwJQQCAAEwHwMDABiFAwMBLsQDAwFeNgMDALDwAwMA
sukDBAK5GkQwDQQCAAIwBwMFACoAHVgwDQYJKoZIhvcNAQELBQADggEBAIITJoTl
nMsndTRLnJCw7JGT7bgYcOWFVzPGzK/ea1avTG+cy2vUJjTPWkDiqb8gVaYQqw9z
/s/WVL3RtD6YalxuZT21SzjRk/NK2yZc0j5I+YD3evSw7SI8UkuMx4h79Sye2IpA
BKFbryigSTmSNw3LWoBA/lw5P4CZBUWdMn73pISyaAOhg8hwYKN7jUJGHFMtHTcS
d94xvrUOnind8wXu3/kEaQBbW03yThKnO3X8o5MdeMhdEMyIXCIfvotOcNwD3XVJ
BI/MtpngRH1yNADRvcpsmwiB7YcXBErCJVpmbR9N0cW+uShtAW+sLbriwuO2jV8W
/o4T20fS2ACZScw=
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:47:55 2025 by rpki-client