Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/b7cd91-7e4a-46cf-9498-09fac0697649/1/clN4rn78ALDRkU6Gc0tlA0L76yY.roa
File: clN4rn78ALDRkU6Gc0tlA0L76yY.roa (raw, json)
Hash identifier: HSAiRzNpFiSSFt3gFQJ5gPuQzchbTNDXBSkeKqZgK9w=
Subject key identifier: 72:53:78:AE:7E:FC:00:B0:D1:91:4E:86:73:4B:65:03:42:FB:EB:26
Certificate issuer: /CN=738fd9467821d05286f4b33be86176651b6aff3e
Certificate serial: 019422FB547ED8AF2871348F5A3D868593D4
Authority key identifier: 73:8F:D9:46:78:21:D0:52:86:F4:B3:3B:E8:61:76:65:1B:6A:FF:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c4_ZRngh0FKG9LM76GF2ZRtq_z4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/b7cd91-7e4a-46cf-9498-09fac0697649/1/clN4rn78ALDRkU6Gc0tlA0L76yY.roa
Signing time: Wed 01 Jan 2025 17:48:04 +0000
ROA not before: Wed 01 Jan 2025 17:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43633
IP address blocks: 5.180.128.0/22 maxlen: 24
45.128.188.0/22 maxlen: 24
91.195.90.0/23 maxlen: 24
91.195.90.0/24 maxlen: 24
91.195.91.0/24 maxlen: 24
91.213.59.0/24 maxlen: 24
2a06:2b40::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:54:7e:d8:af:28:71:34:8f:5a:3d:86:85:93:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=738fd9467821d05286f4b33be86176651b6aff3e
Validity
Not Before: Jan 1 17:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=725378ae7efc00b0d1914e86734b650342fbeb26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:7f:50:71:a5:e1:98:f9:24:65:f6:fd:47:1b:
60:16:e8:2c:e5:a9:e7:56:f8:b6:b6:4b:6f:b7:e4:
31:30:bf:95:90:0b:dd:98:c9:23:89:06:4d:c7:1f:
69:b4:58:3a:e8:99:f7:30:3a:d3:47:a0:f4:5c:f9:
ed:f1:78:18:00:80:7a:77:23:82:a9:bf:ad:85:31:
72:f6:03:84:5e:e1:d4:ef:42:cb:91:47:d7:a3:ee:
df:cc:64:20:25:53:c3:f9:a7:c9:4b:82:d0:9a:3e:
07:af:59:9d:b9:b0:fd:24:f6:e0:e1:6c:1a:db:78:
f2:4e:6d:f6:a2:fb:1e:40:92:5d:46:86:59:a3:d1:
f7:08:a9:d7:8c:6d:a1:b5:0e:77:6c:04:0c:2e:e7:
25:9e:e2:5c:8c:e9:82:54:46:02:cd:b4:1a:4d:1a:
ed:35:fd:05:50:dd:36:15:87:e0:a0:39:8a:65:a9:
d0:24:4a:97:db:5c:4f:d8:97:c9:65:d7:70:85:85:
de:d2:ce:de:ab:63:b3:76:d9:bc:57:f2:85:b3:65:
5e:8b:15:cb:b0:db:aa:a0:a6:ab:ff:52:3c:8e:c6:
94:0b:59:4d:2e:14:f6:fe:ab:39:f9:b2:86:1a:7d:
34:76:5e:26:41:e9:15:43:3c:9e:e9:75:e8:70:c5:
1a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:53:78:AE:7E:FC:00:B0:D1:91:4E:86:73:4B:65:03:42:FB:EB:26
X509v3 Authority Key Identifier:
keyid:73:8F:D9:46:78:21:D0:52:86:F4:B3:3B:E8:61:76:65:1B:6A:FF:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4_ZRngh0FKG9LM76GF2ZRtq_z4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/b7cd91-7e4a-46cf-9498-09fac0697649/1/clN4rn78ALDRkU6Gc0tlA0L76yY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/b7cd91-7e4a-46cf-9498-09fac0697649/1/c4_ZRngh0FKG9LM76GF2ZRtq_z4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.128.0/22
45.128.188.0/22
91.195.90.0/23
91.213.59.0/24
IPv6:
2a06:2b40::/29
Signature Algorithm: sha256WithRSAEncryption
28:99:92:3a:ef:99:16:f7:98:11:ca:c6:3b:73:7d:2a:57:5a:
ab:61:c4:c1:aa:ad:88:73:57:22:0e:38:0d:58:59:90:02:5b:
02:56:be:af:f0:82:7f:38:5b:2c:ff:d7:48:c6:1f:f3:89:30:
b8:03:ff:fe:6f:1e:30:4d:c8:01:aa:31:5b:0c:ff:a1:0b:5d:
70:24:23:4f:96:f0:6b:bf:11:4e:0a:79:2d:56:bf:40:67:f2:
71:33:45:46:43:07:9a:e2:bc:4f:75:17:48:f5:9f:18:23:d6:
af:64:b8:7c:db:70:72:2b:ae:4b:7b:d2:75:87:46:39:66:12:
cf:bf:f1:ca:63:4d:2b:91:32:63:04:18:4d:80:d1:bd:b3:b7:
0b:17:a2:57:17:b7:d3:b8:8e:0f:48:39:9b:5d:4b:1e:00:6f:
14:13:e1:48:7a:d8:4d:8a:51:37:4a:f9:87:8a:3a:af:b2:67:
48:8e:4a:16:6e:d5:4c:19:c7:11:0f:a3:25:0f:7e:d1:e5:0a:
a0:ba:82:2e:1b:d4:54:c4:62:7d:9d:7b:81:04:a8:a2:fa:5b:
6e:46:79:44:73:0c:54:3a:2b:d9:63:96:dc:b2:b6:24:18:6b:
b2:da:ed:9c:e9:c1:56:0f:95:09:d2:68:e3:d9:c8:fa:d2:23:
9a:d0:1b:41
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQi+1R+2K8ocTSPWj2GhZPUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczOGZkOTQ2NzgyMWQwNTI4NmY0YjMzYmU4NjE3NjY1MWI2
YWZmM2UwHhcNMjUwMTAxMTc0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjUzNzhhZTdlZmMwMGIwZDE5MTRlODY3MzRiNjUwMzQyZmJlYjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzX9QcaXhmPkkZfb9RxtgFugs5ann
Vvi2tktvt+QxML+VkAvdmMkjiQZNxx9ptFg66Jn3MDrTR6D0XPnt8XgYAIB6dyOC
qb+thTFy9gOEXuHU70LLkUfXo+7fzGQgJVPD+afJS4LQmj4Hr1mdubD9JPbg4Wwa
23jyTm32ovseQJJdRoZZo9H3CKnXjG2htQ53bAQMLuclnuJcjOmCVEYCzbQaTRrt
Nf0FUN02FYfgoDmKZanQJEqX21xP2JfJZddwhYXe0s7eq2Ozdtm8V/KFs2VeixXL
sNuqoKar/1I8jsaUC1lNLhT2/qs5+bKGGn00dl4mQekVQzye6XXocMUagQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHJTeK5+/ACw0ZFOhnNLZQNC++smMB8GA1UdIwQY
MBaAFHOP2UZ4IdBShvSzO+hhdmUbav8+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzRfWlJuZ2gwRktHOUxNNzZHRjJaUnRxX3o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iN2NkOTEtN2U0YS00NmNmLTk0OTgt
MDlmYWMwNjk3NjQ5LzEvY2xONHJuNzhBTERSa1U2R2MwdGxBMEw3NnlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iN2NkOTEtN2U0YS00NmNmLTk0OTgtMDlmYWMwNjk3NjQ5
LzEvYzRfWlJuZ2gwRktHOUxNNzZHRjJaUnRxX3o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCBbSAAwQC
LYC8AwQBW8NaAwQAW9U7MA0EAgACMAcDBQMqBitAMA0GCSqGSIb3DQEBCwUAA4IB
AQAomZI675kW95gRysY7c30qV1qrYcTBqq2Ic1ciDjgNWFmQAlsCVr6v8IJ/OFss
/9dIxh/ziTC4A//+bx4wTcgBqjFbDP+hC11wJCNPlvBrvxFOCnktVr9AZ/JxM0VG
Qwea4rxPdRdI9Z8YI9avZLh823ByK65Le9J1h0Y5ZhLPv/HKY00rkTJjBBhNgNG9
s7cLF6JXF7fTuI4PSDmbXUseAG8UE+FIethNilE3SvmHijqvsmdIjkoWbtVMGccR
D6MlD37R5QqguoIuG9RUxGJ9nXuBBKii+ltuRnlEcwxUOivZY5bcsrYkGGuy2u2c
6cFWD5UJ0mjj2cj60iOa0BtB
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:28:17 2025 by rpki-client