Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/d5a49a-4f1a-4961-9c1f-76b0325c3b07/1/8Tphwf2TdCn6_ko-jZ8YIaCMG4Y.roa
File: 8Tphwf2TdCn6_ko-jZ8YIaCMG4Y.roa (raw, json)
Hash identifier: EBGUP9Onjc28Spxu+Bc1P0vLX2s/3Esh3HDfGA5b/yg=
Subject key identifier: F1:3A:61:C1:FD:93:74:29:FA:FE:4A:3E:8D:9F:18:21:A0:8C:1B:86
Certificate issuer: /CN=71601c0b8b13cc121017f6d25117ac1fd0664344
Certificate serial: 0194221FEC60C13FFDFE29B6E99B1FEE5DD7
Authority key identifier: 71:60:1C:0B:8B:13:CC:12:10:17:F6:D2:51:17:AC:1F:D0:66:43:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cWAcC4sTzBIQF_bSUResH9BmQ0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/d5a49a-4f1a-4961-9c1f-76b0325c3b07/1/8Tphwf2TdCn6_ko-jZ8YIaCMG4Y.roa
Signing time: Wed 01 Jan 2025 13:48:25 +0000
ROA not before: Wed 01 Jan 2025 13:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198949
IP address blocks: 37.114.64.0/21 maxlen: 24
78.152.128.0/19 maxlen: 24
185.147.228.0/22 maxlen: 24
2a00:b180::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ec:60:c1:3f:fd:fe:29:b6:e9:9b:1f:ee:5d:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71601c0b8b13cc121017f6d25117ac1fd0664344
Validity
Not Before: Jan 1 13:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f13a61c1fd937429fafe4a3e8d9f1821a08c1b86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:62:8b:54:2f:8d:40:0e:fd:83:33:bf:27:d0:
d8:ca:5a:69:9e:4c:12:94:7c:d0:74:84:67:25:18:
e1:f8:62:23:99:78:20:d9:d2:d4:90:2a:f6:e0:19:
ce:c7:10:1a:ef:78:5b:53:f7:5d:a7:b4:57:72:d1:
1e:e7:ec:37:ca:89:0a:1a:0e:c3:01:24:0b:09:cc:
d3:7e:60:b7:e0:5b:49:1f:cb:f1:20:12:b6:c1:fb:
0a:84:b5:c6:45:a1:6a:c4:58:5b:76:5e:22:8d:52:
3b:c0:a8:ab:78:8f:c9:8b:67:cd:79:2c:81:49:3c:
d6:6c:d3:4d:dc:e4:37:6e:3f:41:45:81:b3:bc:b7:
d8:d2:c3:20:cd:94:68:65:4d:f5:2f:12:06:7c:30:
af:bf:dc:53:06:40:1d:f5:85:54:c1:dc:79:1b:c9:
47:99:ea:eb:d4:d6:41:5d:12:e9:95:11:a5:8b:8c:
5e:7b:5e:4c:ba:46:99:2c:9a:92:10:ab:4e:8b:2f:
89:80:62:51:c6:6c:93:6c:aa:aa:d7:ef:21:68:24:
6c:a0:05:d1:27:42:32:04:04:23:b5:1e:5c:7a:92:
aa:ab:08:14:8e:a2:96:29:cc:35:f7:45:26:d7:07:
03:db:11:95:55:a3:86:f9:11:ca:11:93:74:d1:eb:
04:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:3A:61:C1:FD:93:74:29:FA:FE:4A:3E:8D:9F:18:21:A0:8C:1B:86
X509v3 Authority Key Identifier:
keyid:71:60:1C:0B:8B:13:CC:12:10:17:F6:D2:51:17:AC:1F:D0:66:43:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cWAcC4sTzBIQF_bSUResH9BmQ0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d5a49a-4f1a-4961-9c1f-76b0325c3b07/1/8Tphwf2TdCn6_ko-jZ8YIaCMG4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d5a49a-4f1a-4961-9c1f-76b0325c3b07/1/cWAcC4sTzBIQF_bSUResH9BmQ0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.64.0/21
78.152.128.0/19
185.147.228.0/22
IPv6:
2a00:b180::/32
Signature Algorithm: sha256WithRSAEncryption
bf:98:cf:1e:56:50:53:3c:e7:94:89:a5:7a:34:fe:fb:94:81:
63:90:4d:a8:13:89:d5:c4:95:f3:87:75:86:c2:87:b0:b2:2a:
8a:85:3e:e6:3a:93:4f:ec:59:76:7b:33:e9:4b:18:6d:54:9d:
2a:85:3b:91:d8:7c:e1:e9:ba:85:b3:cd:ad:7d:c6:51:ff:ab:
43:79:28:c8:a7:fa:e8:88:a2:8f:2c:61:06:a9:a5:ac:7e:1e:
c9:ca:0f:72:7c:b5:32:8c:f2:7d:3c:41:62:9a:1a:a0:76:93:
f6:70:09:6a:e2:e2:cd:93:60:c9:ab:6b:57:d5:df:8d:4a:0c:
eb:a4:f9:1c:91:04:4d:00:8d:bf:7c:7c:4a:cc:d9:a4:aa:36:
3c:32:65:58:f3:ac:dd:f1:5c:ac:a9:6a:00:77:8f:8a:0a:55:
25:b3:d1:21:38:c1:48:f1:c1:3e:6a:9d:2d:0e:fa:39:31:c7:
cb:86:9e:8e:31:a4:36:dc:30:28:76:7b:f3:fb:5c:e4:57:8b:
5f:19:2a:b6:5e:1b:8e:33:89:99:87:c3:70:b1:3d:a8:15:81:
d3:e8:53:b9:fc:63:69:c4:d1:cb:73:e8:e4:07:85:d9:52:a5:
87:07:aa:ab:cb:94:1f:0e:fd:cd:e3:ab:fa:d8:8b:5e:96:66:
6b:1a:04:59
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQiH+xgwT/9/im26Zsf7l3XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNjAxYzBiOGIxM2NjMTIxMDE3ZjZkMjUxMTdhYzFmZDA2
NjQzNDQwHhcNMjUwMTAxMTM0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTNhNjFjMWZkOTM3NDI5ZmFmZTRhM2U4ZDlmMTgyMWEwOGMxYjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9mKLVC+NQA79gzO/J9DYylppnkwS
lHzQdIRnJRjh+GIjmXgg2dLUkCr24BnOxxAa73hbU/ddp7RXctEe5+w3yokKGg7D
ASQLCczTfmC34FtJH8vxIBK2wfsKhLXGRaFqxFhbdl4ijVI7wKireI/Ji2fNeSyB
STzWbNNN3OQ3bj9BRYGzvLfY0sMgzZRoZU31LxIGfDCvv9xTBkAd9YVUwdx5G8lH
merr1NZBXRLplRGli4xee15MukaZLJqSEKtOiy+JgGJRxmyTbKqq1+8haCRsoAXR
J0IyBAQjtR5cepKqqwgUjqKWKcw190Um1wcD2xGVVaOG+RHKEZN00esEUwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPE6YcH9k3Qp+v5KPo2fGCGgjBuGMB8GA1UdIwQY
MBaAFHFgHAuLE8wSEBf20lEXrB/QZkNEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1dBY0M0c1R6QklRRl9iU1VSZXNIOUJtUTBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9kNWE0OWEtNGYxYS00OTYxLTljMWYt
NzZiMDMyNWMzYjA3LzEvOFRwaHdmMlRkQ242X2tvLWpaOFlJYUNNRzRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9kNWE0OWEtNGYxYS00OTYxLTljMWYtNzZiMDMyNWMzYjA3
LzEvY1dBY0M0c1R6QklRRl9iU1VSZXNIOUJtUTBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDJXJAAwQF
TpiAAwQCuZPkMA0EAgACMAcDBQAqALGAMA0GCSqGSIb3DQEBCwUAA4IBAQC/mM8e
VlBTPOeUiaV6NP77lIFjkE2oE4nVxJXzh3WGwoewsiqKhT7mOpNP7Fl2ezPpSxht
VJ0qhTuR2Hzh6bqFs82tfcZR/6tDeSjIp/roiKKPLGEGqaWsfh7Jyg9yfLUyjPJ9
PEFimhqgdpP2cAlq4uLNk2DJq2tX1d+NSgzrpPkckQRNAI2/fHxKzNmkqjY8MmVY
86zd8VysqWoAd4+KClUls9EhOMFI8cE+ap0tDvo5McfLhp6OMaQ23DAodnvz+1zk
V4tfGSq2XhuOM4mZh8NwsT2oFYHT6FO5/GNpxNHLc+jkB4XZUqWHB6qry5QfDv3N
46v62ItelmZrGgRZ
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:04:31 2025 by rpki-client