Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/1alyGbip0aNuOwpmRLL5QWW2i2c.roa
File: 1alyGbip0aNuOwpmRLL5QWW2i2c.roa (raw, json)
Hash identifier: pyo2RTycZyEVj9r8yK5WQ4zyd0poeuqjZJHW+16jfnk=
Subject key identifier: D5:A9:72:19:B8:A9:D1:A3:6E:3B:0A:66:44:B2:F9:41:65:B6:8B:67
Certificate issuer: /CN=b287ff2a733e33beaf53494a90eec152bbc758bc
Certificate serial: 0192DAEF1F8AC2FE020D1CD6118966B057F3
Authority key identifier: B2:87:FF:2A:73:3E:33:BE:AF:53:49:4A:90:EE:C1:52:BB:C7:58:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sof_KnM-M76vU0lKkO7BUrvHWLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/1alyGbip0aNuOwpmRLL5QWW2i2c.roa
Signing time: Wed 30 Oct 2024 00:59:17 +0000
ROA not before: Wed 30 Oct 2024 00:59:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47527
IP address blocks: 45.95.208.0/24 maxlen: 24
185.31.76.0/22 maxlen: 22
188.116.39.0/24 maxlen: 24
213.142.140.0/23 maxlen: 23
2a00:b920::/29 maxlen: 32
2a00:b920:200::/40 maxlen: 40
2a00:b921::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:da:ef:1f:8a:c2:fe:02:0d:1c:d6:11:89:66:b0:57:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b287ff2a733e33beaf53494a90eec152bbc758bc
Validity
Not Before: Oct 30 00:59:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5a97219b8a9d1a36e3b0a6644b2f94165b68b67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:36:53:83:90:b0:45:cf:1c:85:68:65:2f:7a:
3f:5c:0b:60:8f:88:8a:cc:0b:65:66:f6:88:cd:26:
09:ff:9c:b2:c2:5b:e8:01:25:0d:1c:56:3a:62:00:
b0:6e:10:fd:19:9b:3c:b5:d5:14:6f:89:8a:e6:6d:
38:68:66:7d:69:e9:22:27:de:70:3b:50:bf:a1:a4:
1e:81:01:61:25:0b:67:8b:f0:10:9f:59:3e:f8:2c:
95:e5:e5:ed:ac:38:12:c0:c5:3b:e2:da:9a:4c:67:
0d:7e:95:9e:93:54:10:9a:01:26:48:2b:07:0f:e9:
49:bf:6c:44:98:c6:bf:9e:3c:61:f2:2b:18:1c:18:
f4:f7:39:ec:c7:bf:62:70:87:8c:1c:3f:d8:bd:24:
38:47:c4:55:1f:f7:7e:3b:95:64:9d:88:ba:f6:37:
1c:e2:97:03:05:57:de:6b:dd:25:ae:1c:69:b2:d1:
2d:68:3b:de:ae:79:de:b7:2b:0f:d6:7a:e2:73:fe:
75:56:f2:15:0a:35:2d:ee:a3:5d:37:a2:c9:d0:33:
d4:fa:3c:5a:06:da:e8:f8:fc:f0:a3:d5:ce:71:7a:
bd:2b:06:f2:e3:8b:68:48:0d:6b:09:22:25:26:e0:
e4:f7:9b:7c:e9:ba:f8:a4:f1:0e:38:44:de:00:9e:
6a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:A9:72:19:B8:A9:D1:A3:6E:3B:0A:66:44:B2:F9:41:65:B6:8B:67
X509v3 Authority Key Identifier:
keyid:B2:87:FF:2A:73:3E:33:BE:AF:53:49:4A:90:EE:C1:52:BB:C7:58:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sof_KnM-M76vU0lKkO7BUrvHWLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/1alyGbip0aNuOwpmRLL5QWW2i2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/sof_KnM-M76vU0lKkO7BUrvHWLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.208.0/24
185.31.76.0/22
188.116.39.0/24
213.142.140.0/23
IPv6:
2a00:b920::/29
Signature Algorithm: sha256WithRSAEncryption
93:cb:01:93:d7:54:f2:ed:90:68:d8:74:ca:b1:12:a1:7c:9c:
41:67:3f:00:64:f7:98:e9:c7:cd:c5:88:bf:50:15:15:e4:18:
b3:c9:bf:8d:58:c4:cf:aa:81:08:f8:f1:83:73:fc:69:fd:55:
ba:b7:f1:ea:21:d3:ea:f1:7a:9a:c9:15:a2:9a:fe:9a:fd:2b:
61:6d:21:76:3c:49:55:c1:26:39:ed:e9:dd:e7:cb:71:c1:24:
b8:51:4c:48:03:10:7d:e4:61:10:06:5b:dc:b5:21:83:0d:54:
d9:5d:4d:25:30:b5:84:ea:dd:c1:54:f7:6c:ee:3e:dc:1b:18:
ef:4e:69:72:8a:58:82:32:97:b4:22:4e:ad:09:ee:0f:29:7b:
e0:b2:87:cb:76:e8:95:71:bd:82:d7:a7:36:62:d5:41:e8:30:
66:fc:e2:ef:3f:29:4a:8e:f4:dd:8d:4f:f4:17:5e:02:b1:d2:
d4:75:c9:36:1c:9a:fc:d5:91:8c:ca:b4:3d:20:4b:76:da:fb:
88:c8:31:a8:87:99:d4:f4:18:a2:4c:76:ca:54:d9:61:2c:b3:
9c:e8:00:50:59:dc:3a:21:65:fc:97:d5:47:83:50:64:78:28:
8b:16:58:fb:a2:7b:48:c5:a5:f0:15:f5:a3:67:62:18:25:6f:
65:13:f4:68
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZLa7x+Kwv4CDRzWEYlmsFfzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyODdmZjJhNzMzZTMzYmVhZjUzNDk0YTkwZWVjMTUyYmJj
NzU4YmMwHhcNMjQxMDMwMDA1OTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWE5NzIxOWI4YTlkMWEzNmUzYjBhNjY0NGIyZjk0MTY1YjY4YjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzZTg5CwRc8chWhlL3o/XAtgj4iK
zAtlZvaIzSYJ/5yywlvoASUNHFY6YgCwbhD9GZs8tdUUb4mK5m04aGZ9aekiJ95w
O1C/oaQegQFhJQtni/AQn1k++CyV5eXtrDgSwMU74tqaTGcNfpWek1QQmgEmSCsH
D+lJv2xEmMa/njxh8isYHBj09znsx79icIeMHD/YvSQ4R8RVH/d+O5VknYi69jcc
4pcDBVfea90lrhxpstEtaDvernnetysP1nric/51VvIVCjUt7qNdN6LJ0DPU+jxa
Btro+Pzwo9XOcXq9Kwby44toSA1rCSIlJuDk95t86br4pPEOOETeAJ5qnwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNWpchm4qdGjbjsKZkSy+UFltotnMB8GA1UdIwQY
MBaAFLKH/ypzPjO+r1NJSpDuwVK7x1i8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc29mX0tuTS1NNzZ2VTBsS2tPN0JVcnZIV0x3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9jYjIxNTEtMDVjYS00YTc2LTg1OWYt
NGY1ZWMwYTdlMDA2LzEvMWFseUdiaXAwYU51T3dwbVJMTDVRV1cyaTJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9jYjIxNTEtMDVjYS00YTc2LTg1OWYtNGY1ZWMwYTdlMDA2
LzEvc29mX0tuTS1NNzZ2VTBsS2tPN0JVcnZIV0x3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQALV/QAwQC
uR9MAwQAvHQnAwQB1Y6MMA0EAgACMAcDBQMqALkgMA0GCSqGSIb3DQEBCwUAA4IB
AQCTywGT11Ty7ZBo2HTKsRKhfJxBZz8AZPeY6cfNxYi/UBUV5Bizyb+NWMTPqoEI
+PGDc/xp/VW6t/HqIdPq8XqayRWimv6a/SthbSF2PElVwSY57end58txwSS4UUxI
AxB95GEQBlvctSGDDVTZXU0lMLWE6t3BVPds7j7cGxjvTmlyiliCMpe0Ik6tCe4P
KXvgsofLduiVcb2C16c2YtVB6DBm/OLvPylKjvTdjU/0F14CsdLUdck2HJr81ZGM
yrQ9IEt22vuIyDGoh5nU9BiiTHbKVNlhLLOc6ABQWdw6IWX8l9VHg1BkeCiLFlj7
ontIxaXwFfWjZ2IYJW9lE/Ro
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:52 2025 by rpki-client