Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/237947-70c2-4661-a36f-6b497b2c0b38/1/Pb3BR7I3yypN0jZXyhXVjX7_7qk.roa
File: Pb3BR7I3yypN0jZXyhXVjX7_7qk.roa (raw, json)
Hash identifier: Hki992M/vj13WyFzgI/qTd7id5FfrVmsocjjt8H+8YY=
Subject key identifier: 3D:BD:C1:47:B2:37:CB:2A:4D:D2:36:57:CA:15:D5:8D:7E:FF:EE:A9
Certificate issuer: /CN=10a8c6e9308bb00083100171e00dbb6140f4f580
Certificate serial: 019421443C63D9995C71395A37061AE9AE65
Authority key identifier: 10:A8:C6:E9:30:8B:B0:00:83:10:01:71:E0:0D:BB:61:40:F4:F5:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EKjG6TCLsACDEAFx4A27YUD09YA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/237947-70c2-4661-a36f-6b497b2c0b38/1/Pb3BR7I3yypN0jZXyhXVjX7_7qk.roa
Signing time: Wed 01 Jan 2025 09:48:27 +0000
ROA not before: Wed 01 Jan 2025 09:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59943
IP address blocks: 2.57.40.0/24 maxlen: 24
2.57.41.0/24 maxlen: 24
2.57.42.0/24 maxlen: 24
2.57.43.0/24 maxlen: 24
91.236.244.0/24 maxlen: 24
91.236.245.0/24 maxlen: 24
185.70.44.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:3c:63:d9:99:5c:71:39:5a:37:06:1a:e9:ae:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10a8c6e9308bb00083100171e00dbb6140f4f580
Validity
Not Before: Jan 1 09:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3dbdc147b237cb2a4dd23657ca15d58d7effeea9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:de:d3:55:13:15:7a:bc:b8:8d:77:01:e8:7f:
eb:0c:ab:a4:6d:b7:48:85:3d:52:11:b4:67:16:8d:
f0:00:61:f5:9f:78:da:97:57:f1:d7:1e:a7:88:13:
51:1e:2f:11:97:aa:2c:a4:1b:dc:87:ed:d7:1d:95:
49:4d:2a:d1:37:bc:a8:d5:4c:23:8b:c6:98:2a:8b:
16:04:80:f4:f8:b5:06:a1:56:e4:a9:f2:63:01:95:
51:86:25:92:8f:b6:f6:b2:4c:99:70:17:02:d3:0b:
02:c9:e6:f6:51:b5:2a:34:b7:fc:d0:31:3a:c3:50:
08:7a:5c:7f:94:4f:04:7d:d2:1f:d0:88:d7:29:7a:
96:c5:7b:c6:4c:94:4f:de:79:2b:eb:aa:47:01:51:
df:9e:69:ce:89:72:b4:23:5b:97:26:5f:97:e4:26:
ec:e7:01:4e:b9:d3:ab:35:7a:fb:a0:26:e0:74:f3:
1c:6e:6f:37:f1:f2:d6:74:33:57:c0:32:96:91:c4:
35:4e:b8:d8:3f:e3:4e:49:7b:37:63:a1:22:61:17:
13:3f:1e:61:7d:7d:23:b6:1d:27:97:d8:57:e7:97:
cd:50:f7:bd:b9:05:8c:8b:6f:61:0c:fd:eb:4b:6a:
85:51:35:58:91:fd:1d:5f:34:40:4f:ab:3e:af:98:
2a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:BD:C1:47:B2:37:CB:2A:4D:D2:36:57:CA:15:D5:8D:7E:FF:EE:A9
X509v3 Authority Key Identifier:
keyid:10:A8:C6:E9:30:8B:B0:00:83:10:01:71:E0:0D:BB:61:40:F4:F5:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EKjG6TCLsACDEAFx4A27YUD09YA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/237947-70c2-4661-a36f-6b497b2c0b38/1/Pb3BR7I3yypN0jZXyhXVjX7_7qk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/237947-70c2-4661-a36f-6b497b2c0b38/1/EKjG6TCLsACDEAFx4A27YUD09YA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.40.0/22
91.236.244.0/23
185.70.44.0/24
Signature Algorithm: sha256WithRSAEncryption
79:0d:43:c8:5d:9f:3c:a8:44:39:15:e3:7a:ca:01:ad:0c:98:
3b:e5:06:22:f8:d1:40:7f:d4:f5:29:0e:23:5e:2a:ba:99:3d:
b7:7b:d2:9d:00:2c:fd:93:39:7c:bc:6d:51:a1:ea:0c:0c:95:
ae:2e:fc:c3:c2:36:b3:e6:26:8b:4e:c4:2d:41:3b:0a:e0:cc:
ac:52:69:64:ba:39:b5:2d:2e:7d:d2:27:72:6d:63:14:b6:26:
a5:07:28:d1:f9:6e:24:4b:f4:8f:69:89:46:c1:63:8d:24:99:
af:a2:06:d4:c0:48:54:ec:dc:86:72:bb:33:c0:9a:56:e8:28:
21:6b:ca:67:0e:45:f5:d7:20:cd:89:41:b4:d6:e2:99:3c:0e:
9e:58:20:77:ab:09:e8:aa:50:8f:f3:13:88:5a:06:67:cb:69:
7f:0f:a8:7b:75:0b:b8:d1:97:e9:71:71:18:27:fc:91:c6:66:
71:48:a5:8d:6f:4e:72:0a:a0:1b:cf:ad:fd:08:65:d0:32:f4:
9f:fb:a2:b2:82:6d:ee:9f:4d:c1:4c:20:d4:b9:e8:f7:5b:3c:
91:3a:a3:45:f8:74:22:ea:e4:0c:47:1b:00:34:bc:77:8a:aa:
7b:3c:4b:1c:fe:c8:4b:32:93:f6:42:25:2c:79:b4:ae:d4:dc:
16:08:2b:23
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQhRDxj2ZlccTlaNwYa6a5lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwYThjNmU5MzA4YmIwMDA4MzEwMDE3MWUwMGRiYjYxNDBm
NGY1ODAwHhcNMjUwMTAxMDk0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGJkYzE0N2IyMzdjYjJhNGRkMjM2NTdjYTE1ZDU4ZDdlZmZlZWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA997TVRMVery4jXcB6H/rDKukbbdI
hT1SEbRnFo3wAGH1n3jal1fx1x6niBNRHi8Rl6ospBvch+3XHZVJTSrRN7yo1Uwj
i8aYKosWBID0+LUGoVbkqfJjAZVRhiWSj7b2skyZcBcC0wsCyeb2UbUqNLf80DE6
w1AIelx/lE8EfdIf0IjXKXqWxXvGTJRP3nkr66pHAVHfnmnOiXK0I1uXJl+X5Cbs
5wFOudOrNXr7oCbgdPMcbm838fLWdDNXwDKWkcQ1TrjYP+NOSXs3Y6EiYRcTPx5h
fX0jth0nl9hX55fNUPe9uQWMi29hDP3rS2qFUTVYkf0dXzRAT6s+r5gqKQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD29wUeyN8sqTdI2V8oV1Y1+/+6pMB8GA1UdIwQY
MBaAFBCoxukwi7AAgxABceANu2FA9PWAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUtqRzZUQ0xzQUNERUFGeDRBMjdZVUQwOVlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMzc5NDctNzBjMi00NjYxLWEzNmYt
NmI0OTdiMmMwYjM4LzEvUGIzQlI3STN5eXBOMGpaWHloWFZqWDdfN3FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMzc5NDctNzBjMi00NjYxLWEzNmYtNmI0OTdiMmMwYjM4
LzEvRUtqRzZUQ0xzQUNERUFGeDRBMjdZVUQwOVlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCAjkoAwQB
W+z0AwQAuUYsMA0GCSqGSIb3DQEBCwUAA4IBAQB5DUPIXZ88qEQ5FeN6ygGtDJg7
5QYi+NFAf9T1KQ4jXiq6mT23e9KdACz9kzl8vG1RoeoMDJWuLvzDwjaz5iaLTsQt
QTsK4MysUmlkujm1LS590idybWMUtialByjR+W4kS/SPaYlGwWONJJmvogbUwEhU
7NyGcrszwJpW6Cgha8pnDkX11yDNiUG01uKZPA6eWCB3qwnoqlCP8xOIWgZny2l/
D6h7dQu40ZfpcXEYJ/yRxmZxSKWNb05yCqAbz639CGXQMvSf+6Kygm3un03BTCDU
uej3WzyROqNF+HQi6uQMRxsANLx3iqp7PEsc/shLMpP2QiUsebSu1NwWCCsj
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:29:18 2025 by rpki-client