Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/F7VtIEmMZmsdWkt0VCX4cwPSD3I.roa
File: F7VtIEmMZmsdWkt0VCX4cwPSD3I.roa (raw, json)
Hash identifier: pt6vMx0dEwVx2sHh/Y99xQxE2icOOT8mwZQHp5NGxZY=
Subject key identifier: 17:B5:6D:20:49:8C:66:6B:1D:5A:4B:74:54:25:F8:73:03:D2:0F:72
Certificate issuer: /CN=c1098a1905bbd3381533828f6b7fd227170431ef
Certificate serial: 0194221FE49B0D63D7B8851CF18F17BF8C61
Authority key identifier: C1:09:8A:19:05:BB:D3:38:15:33:82:8F:6B:7F:D2:27:17:04:31:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQmKGQW70zgVM4KPa3_SJxcEMe8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/F7VtIEmMZmsdWkt0VCX4cwPSD3I.roa
Signing time: Wed 01 Jan 2025 13:48:22 +0000
ROA not before: Wed 01 Jan 2025 13:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 79.132.196.0/24 maxlen: 24
109.230.112.0/24 maxlen: 24
109.230.113.0/24 maxlen: 24
202.164.192.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:e4:9b:0d:63:d7:b8:85:1c:f1:8f:17:bf:8c:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1098a1905bbd3381533828f6b7fd227170431ef
Validity
Not Before: Jan 1 13:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17b56d20498c666b1d5a4b745425f87303d20f72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:13:47:ad:83:5f:dd:f3:40:97:d9:02:63:25:
7f:02:30:72:f1:d5:c0:66:70:a2:7d:a6:42:c0:a0:
f0:78:42:a3:46:e8:5d:95:2b:6b:3f:27:74:19:2d:
30:3c:00:f5:a1:1b:d9:66:2b:d1:95:8a:0d:4e:4b:
59:6a:72:c2:fb:77:4f:0a:c7:99:8a:21:d3:3f:25:
c1:c8:7b:c8:ce:63:f3:8a:63:b2:6d:05:60:fd:7f:
f5:f1:02:48:33:09:46:b8:cc:40:57:de:eb:c7:c2:
2a:c7:56:51:3e:f4:25:54:11:de:9f:77:72:6b:32:
70:1a:d4:34:bd:9c:b0:a2:d4:e9:bf:cc:8c:3e:b3:
e1:67:10:b5:5a:70:c4:10:24:19:ca:dd:ae:4a:05:
b8:e5:bb:d8:49:fd:0c:5e:cc:ae:f9:cb:56:8d:31:
63:d1:e4:0d:45:09:42:8e:59:52:b8:4b:5e:71:a5:
f4:f8:c2:f5:70:1f:7a:c4:df:4f:fc:a3:7b:cd:cf:
a6:a4:23:4f:b0:0a:81:a8:82:5b:6e:6b:4b:8c:f6:
22:7c:ad:01:40:97:9e:ae:47:cb:a5:8e:4c:a6:3d:
dd:29:38:6e:4d:9b:3c:79:3c:60:74:7c:60:59:58:
9f:c0:33:3c:5f:a7:e3:bf:b4:ed:ae:1d:de:7c:27:
13:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:B5:6D:20:49:8C:66:6B:1D:5A:4B:74:54:25:F8:73:03:D2:0F:72
X509v3 Authority Key Identifier:
keyid:C1:09:8A:19:05:BB:D3:38:15:33:82:8F:6B:7F:D2:27:17:04:31:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQmKGQW70zgVM4KPa3_SJxcEMe8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/F7VtIEmMZmsdWkt0VCX4cwPSD3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/wQmKGQW70zgVM4KPa3_SJxcEMe8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.132.196.0/24
109.230.112.0/23
202.164.192.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:c6:f1:5a:5b:23:93:20:5c:da:ce:69:6c:09:3a:4f:1d:98:
57:17:b0:11:b0:78:50:96:a9:a5:c1:97:a7:91:59:30:08:08:
29:30:f0:68:69:8b:71:52:a5:3f:d9:62:56:21:f4:6c:20:82:
50:a1:9b:e0:26:a6:0c:da:87:51:a0:42:b3:9c:e5:77:9d:ec:
6f:de:8b:37:55:7e:f6:f8:bd:55:5a:aa:a7:87:97:47:43:7f:
dd:29:0f:57:de:22:a9:69:70:5c:54:74:ed:36:1c:89:19:f5:
6c:ac:65:c9:5c:50:aa:dc:0f:cf:5b:a9:32:46:46:0f:f6:96:
11:49:57:08:78:f3:36:21:cf:26:6b:15:fc:70:f8:1b:1a:69:
be:15:26:1d:c2:ee:7f:52:07:42:f6:c5:0c:6d:8e:bc:c9:b3:
46:a7:ca:46:82:db:e0:38:39:88:62:1d:86:02:26:dc:b0:bb:
e2:a3:95:eb:87:65:04:46:45:58:be:04:86:20:98:47:74:c6:
96:d5:fa:b8:c2:2e:63:e2:5f:94:28:54:a2:0e:2d:87:50:3e:
eb:a2:f4:7f:48:b5:29:11:3d:dc:ae:d7:1d:4a:51:c7:58:c5:
49:5b:85:fb:7a:7e:57:cd:4e:8e:d9:22:42:0f:f4:d7:89:e5:
6d:9b:01:ee
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQiH+SbDWPXuIUc8Y8Xv4xhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDk4YTE5MDViYmQzMzgxNTMzODI4ZjZiN2ZkMjI3MTcw
NDMxZWYwHhcNMjUwMTAxMTM0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2I1NmQyMDQ5OGM2NjZiMWQ1YTRiNzQ1NDI1Zjg3MzAzZDIwZjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8xNHrYNf3fNAl9kCYyV/AjBy8dXA
ZnCifaZCwKDweEKjRuhdlStrPyd0GS0wPAD1oRvZZivRlYoNTktZanLC+3dPCseZ
iiHTPyXByHvIzmPzimOybQVg/X/18QJIMwlGuMxAV97rx8Iqx1ZRPvQlVBHen3dy
azJwGtQ0vZywotTpv8yMPrPhZxC1WnDEECQZyt2uSgW45bvYSf0MXsyu+ctWjTFj
0eQNRQlCjllSuEtecaX0+ML1cB96xN9P/KN7zc+mpCNPsAqBqIJbbmtLjPYifK0B
QJeerkfLpY5Mpj3dKThuTZs8eTxgdHxgWVifwDM8X6fjv7Ttrh3efCcT2wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBe1bSBJjGZrHVpLdFQl+HMD0g9yMB8GA1UdIwQY
MBaAFMEJihkFu9M4FTOCj2t/0icXBDHvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FtS0dRVzcwemdWTTRLUGEzX1NKeGNFTWU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yZWVkNzEtNDY2NS00OTQ4LWEzYzUt
YjJhNzEzZDJlYWIyLzEvRjdWdElFbU1abXNkV2t0MFZDWDRjd1BTRDNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yZWVkNzEtNDY2NS00OTQ4LWEzYzUtYjJhNzEzZDJlYWIy
LzEvd1FtS0dRVzcwemdWTTRLUGEzX1NKeGNFTWU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAT4TEAwQB
beZwAwQAyqTAMA0GCSqGSIb3DQEBCwUAA4IBAQB6xvFaWyOTIFzazmlsCTpPHZhX
F7ARsHhQlqmlwZenkVkwCAgpMPBoaYtxUqU/2WJWIfRsIIJQoZvgJqYM2odRoEKz
nOV3nexv3os3VX72+L1VWqqnh5dHQ3/dKQ9X3iKpaXBcVHTtNhyJGfVsrGXJXFCq
3A/PW6kyRkYP9pYRSVcIePM2Ic8maxX8cPgbGmm+FSYdwu5/UgdC9sUMbY68ybNG
p8pGgtvgODmIYh2GAibcsLvio5Xrh2UERkVYvgSGIJhHdMaW1fq4wi5j4l+UKFSi
Di2HUD7rovR/SLUpET3crtcdSlHHWMVJW4X7en5XzU6O2SJCD/TXieVtmwHu
-----END CERTIFICATE-----
Generated at Fri Apr 11 14:35:17 2025 by rpki-client