Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/7E2-fvvW68-Lxb7uMuhlTQYV6hQ.roa
File: 7E2-fvvW68-Lxb7uMuhlTQYV6hQ.roa (raw, json)
Hash identifier: XloIaOML05RrSRyWJESTPzWI+hsrVK9gnrZxlIwPLJ8=
Subject key identifier: EC:4D:BE:7E:FB:D6:EB:CF:8B:C5:BE:EE:32:E8:65:4D:06:15:EA:14
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 01942747C1DBF1BDC27CFF4C23949DA85B2B
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/7E2-fvvW68-Lxb7uMuhlTQYV6hQ.roa
Signing time: Thu 02 Jan 2025 13:50:01 +0000
ROA not before: Thu 02 Jan 2025 13:50:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48780
IP address blocks: 95.182.112.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:c1:db:f1:bd:c2:7c:ff:4c:23:94:9d:a8:5b:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jan 2 13:50:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec4dbe7efbd6ebcf8bc5beee32e8654d0615ea14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:bd:0f:5d:45:2a:0e:fc:5c:34:cf:57:29:19:
f9:ee:7f:ed:48:ec:e7:61:ae:23:69:dc:03:b9:bc:
06:99:bf:3d:70:2b:3f:d3:c8:89:b2:fc:34:e3:3a:
ce:3e:77:65:b1:3a:d0:43:db:b5:fc:6d:bb:64:07:
37:3d:70:66:be:e9:fc:c4:0f:00:fb:54:1e:a3:f2:
c9:c7:d8:43:5b:34:e8:2f:2f:c8:43:a5:2e:bd:f2:
01:6c:e8:b0:ab:70:5b:fb:67:11:7d:56:4b:d6:a2:
ec:e1:f1:a7:99:e3:ad:5f:b8:6f:bf:5d:07:4d:1b:
ef:66:5f:7e:7e:74:20:48:8e:db:b4:6a:a2:01:29:
2e:ea:b0:12:fb:e0:ed:f8:75:84:90:5e:15:6c:9c:
29:44:67:bb:a3:c5:6e:e3:f3:71:cd:c1:fd:a0:72:
e6:40:93:8a:31:63:05:3a:38:26:66:3c:d4:ae:9c:
ed:71:23:04:dd:e7:1d:fe:2c:ef:a5:c0:e5:09:da:
49:0f:92:9e:78:20:98:aa:a2:fb:c3:e1:ef:e2:42:
12:e8:40:a7:27:87:70:a6:d4:ed:30:6d:fa:0e:b0:
c9:fe:e9:f2:b3:f5:bc:c3:55:af:e0:db:5d:d1:9c:
f8:2d:da:5a:76:b3:05:fe:0e:b9:58:d3:6b:21:7b:
be:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:4D:BE:7E:FB:D6:EB:CF:8B:C5:BE:EE:32:E8:65:4D:06:15:EA:14
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/7E2-fvvW68-Lxb7uMuhlTQYV6hQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.182.112.0/21
Signature Algorithm: sha256WithRSAEncryption
29:18:d7:fd:00:b6:bf:9f:aa:fb:5b:6b:b3:cc:ae:d8:36:46:
bd:cf:2e:c2:a3:b4:ce:89:20:f0:58:b1:8d:ce:9e:30:f0:d8:
4f:2f:8e:b2:f6:b3:89:ca:d6:0a:c1:0d:e5:7c:a3:83:91:62:
73:e1:6b:c8:3e:34:b7:41:44:5d:05:b5:7a:46:bf:76:4e:a4:
69:7d:7a:f9:e9:09:62:54:87:74:e1:7f:a0:0a:56:9a:ab:75:
28:3e:a6:8b:f0:a5:81:7b:db:d4:cf:e5:f0:d1:3e:88:33:ab:
4e:d2:69:44:e8:95:06:e3:3d:c9:2d:1f:23:17:d5:48:d6:e3:
51:5b:b4:a1:8e:ec:f7:38:ef:db:83:96:a4:69:3e:cb:eb:b7:
74:d9:a7:19:13:7e:f0:e7:89:28:96:d1:d4:a5:ff:6a:47:26:
d6:cc:9d:ff:3b:56:58:a3:b9:5a:b2:7b:62:68:11:06:5c:cb:
57:69:41:58:f0:f1:f4:24:14:24:52:76:12:3e:45:a4:47:cb:
32:15:de:12:e9:84:9d:5d:4f:8f:5a:e0:0c:df:3a:8e:6d:27:
7f:33:f7:07:3c:14:fb:ac:0c:67:db:03:73:0a:aa:74:b1:99:
4c:e2:e0:ff:9e:fa:64:f3:36:bf:de:6b:3e:a5:9d:b8:12:e9:
56:69:14:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR8Hb8b3CfP9MI5SdqFsrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjUwMTAyMTM1MDAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzRkYmU3ZWZiZDZlYmNmOGJjNWJlZWUzMmU4NjU0ZDA2MTVlYTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuL0PXUUqDvxcNM9XKRn57n/tSOzn
Ya4jadwDubwGmb89cCs/08iJsvw04zrOPndlsTrQQ9u1/G27ZAc3PXBmvun8xA8A
+1Qeo/LJx9hDWzToLy/IQ6UuvfIBbOiwq3Bb+2cRfVZL1qLs4fGnmeOtX7hvv10H
TRvvZl9+fnQgSI7btGqiASku6rAS++Dt+HWEkF4VbJwpRGe7o8Vu4/NxzcH9oHLm
QJOKMWMFOjgmZjzUrpztcSME3ecd/izvpcDlCdpJD5KeeCCYqqL7w+Hv4kIS6ECn
J4dwptTtMG36DrDJ/unys/W8w1Wv4Ntd0Zz4LdpadrMF/g65WNNrIXu+PwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOxNvn771uvPi8W+7jLoZU0GFeoUMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvN0UyLWZ2dlc2OC1MeGI3dU11aGxUUVlWNmhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDX7ZwMA0G
CSqGSIb3DQEBCwUAA4IBAQApGNf9ALa/n6r7W2uzzK7YNka9zy7Co7TOiSDwWLGN
zp4w8NhPL46y9rOJytYKwQ3lfKODkWJz4WvIPjS3QURdBbV6Rr92TqRpfXr56Qli
VId04X+gClaaq3UoPqaL8KWBe9vUz+Xw0T6IM6tO0mlE6JUG4z3JLR8jF9VI1uNR
W7Shjuz3OO/bg5akaT7L67d02acZE37w54koltHUpf9qRybWzJ3/O1ZYo7lasnti
aBEGXMtXaUFY8PH0JBQkUnYSPkWkR8syFd4S6YSdXU+PWuAM3zqObSd/M/cHPBT7
rAxn2wNzCqp0sZlM4uD/nvpk8za/3ms+pZ24EulWaRSd
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:27:20 2025 by rpki-client