Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/3uIWyZ2-NdDfWkBz-Cz4ehXcDXw.roa
File: 3uIWyZ2-NdDfWkBz-Cz4ehXcDXw.roa (raw, json)
Hash identifier: MQ45FFneVJjtvuTav7T4FKF/BiqudQZo8fk5fSUR0xU=
Subject key identifier: DE:E2:16:C9:9D:BE:35:D0:DF:5A:40:73:F8:2C:F8:7A:15:DC:0D:7C
Certificate issuer: /CN=0246e8a76d30c7c0495bc5ce8ee5110feab286e6
Certificate serial: 0194228DCF27079EABEB98264FAE56244650
Authority key identifier: 02:46:E8:A7:6D:30:C7:C0:49:5B:C5:CE:8E:E5:11:0F:EA:B2:86:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Akbop20wx8BJW8XOjuURD-qyhuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/3uIWyZ2-NdDfWkBz-Cz4ehXcDXw.roa
Signing time: Wed 01 Jan 2025 15:48:26 +0000
ROA not before: Wed 01 Jan 2025 15:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206174
IP address blocks: 66.84.72.0/24 maxlen: 24
193.31.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:cf:27:07:9e:ab:eb:98:26:4f:ae:56:24:46:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0246e8a76d30c7c0495bc5ce8ee5110feab286e6
Validity
Not Before: Jan 1 15:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dee216c99dbe35d0df5a4073f82cf87a15dc0d7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9a:af:b1:22:04:1c:1d:5c:ec:c9:c5:b1:f6:
25:1f:58:aa:4d:e7:d8:8e:ce:8e:a1:b4:45:6c:6b:
8d:09:40:d2:ff:4e:b1:87:c1:b3:d4:02:80:ad:6d:
72:4d:69:bf:ab:e6:2a:05:5e:2c:f3:06:8d:80:20:
e9:4b:7a:6c:7c:9b:3e:98:e4:9e:07:52:4b:a8:d0:
46:f7:28:8c:23:23:18:fa:c0:05:a9:6c:52:c6:ab:
3f:99:87:45:2d:36:69:52:06:ab:e9:02:d5:65:f0:
96:c3:d1:0e:91:4e:0e:70:74:84:38:32:57:a4:c0:
82:42:63:da:a6:de:05:c4:f7:ef:6b:ee:5b:f1:f1:
74:f5:f5:12:17:29:e0:fd:2b:64:83:cd:b2:49:df:
4f:e2:ec:bf:32:34:28:d3:57:fb:ed:b6:0f:b9:a0:
12:f6:8a:c5:8b:b0:cd:04:0e:77:26:9d:d7:d2:88:
39:27:0f:fb:35:86:8e:a1:b9:11:04:03:15:d5:a1:
7b:18:f3:69:d9:42:96:82:7d:75:9e:e3:02:c1:df:
2a:31:15:dc:36:0f:27:b1:23:c0:0b:9f:08:3c:38:
aa:1b:ff:be:3f:44:eb:d7:ec:a4:12:a2:c5:12:71:
47:d5:d7:91:f1:95:3a:4d:69:51:51:66:0c:98:63:
a8:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:E2:16:C9:9D:BE:35:D0:DF:5A:40:73:F8:2C:F8:7A:15:DC:0D:7C
X509v3 Authority Key Identifier:
keyid:02:46:E8:A7:6D:30:C7:C0:49:5B:C5:CE:8E:E5:11:0F:EA:B2:86:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Akbop20wx8BJW8XOjuURD-qyhuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/3uIWyZ2-NdDfWkBz-Cz4ehXcDXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/Akbop20wx8BJW8XOjuURD-qyhuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.84.72.0/24
193.31.221.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:04:e1:cc:f4:12:c2:b3:10:3e:ad:91:a4:2b:b2:0f:6e:74:
24:37:97:c8:5b:d6:3f:e8:3a:d7:ee:68:30:3f:23:c3:d1:63:
b6:94:18:29:b1:75:cc:16:d0:26:52:69:32:77:11:96:75:68:
ca:d1:5b:c3:02:9d:cd:ce:49:95:ec:36:1b:d0:c4:7f:82:ea:
86:a3:29:0d:6e:e7:cb:bd:16:76:73:92:5f:b5:20:b3:54:a2:
a7:8d:58:66:29:d6:52:9c:9b:85:72:b2:77:13:12:f1:ae:61:
a1:73:9a:e9:00:11:47:f0:c6:74:46:bf:0d:79:0e:1e:4b:7f:
1a:1f:87:68:69:6d:2b:c0:84:da:5e:af:9d:a2:c7:68:78:00:
6c:57:14:cf:be:ad:b5:7c:46:12:57:f4:10:dc:fc:70:cb:f4:
ce:fe:fb:90:8e:ab:f4:cd:46:90:84:92:38:21:60:0f:b3:81:
7f:c1:65:10:5f:31:33:ba:52:31:94:4a:65:cf:10:24:83:84:
72:83:99:92:5c:6e:53:e4:23:da:f7:fa:43:77:84:22:78:5a:
1f:07:25:3e:a7:04:1b:2a:14:53:9e:95:09:7c:5c:34:b0:87:
40:f9:26:14:40:63:fa:3f:74:d9:9a:ee:2e:21:b4:fc:3b:c0:
1c:96:b1:2c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQijc8nB56r65gmT65WJEZQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNDZlOGE3NmQzMGM3YzA0OTViYzVjZThlZTUxMTBmZWFi
Mjg2ZTYwHhcNMjUwMTAxMTU0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWUyMTZjOTlkYmUzNWQwZGY1YTQwNzNmODJjZjg3YTE1ZGMwZDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5qvsSIEHB1c7MnFsfYlH1iqTefY
js6OobRFbGuNCUDS/06xh8Gz1AKArW1yTWm/q+YqBV4s8waNgCDpS3psfJs+mOSe
B1JLqNBG9yiMIyMY+sAFqWxSxqs/mYdFLTZpUgar6QLVZfCWw9EOkU4OcHSEODJX
pMCCQmPapt4FxPfva+5b8fF09fUSFyng/Stkg82ySd9P4uy/MjQo01f77bYPuaAS
9orFi7DNBA53Jp3X0og5Jw/7NYaOobkRBAMV1aF7GPNp2UKWgn11nuMCwd8qMRXc
Ng8nsSPAC58IPDiqG/++P0Tr1+ykEqLFEnFH1deR8ZU6TWlRUWYMmGOo6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN7iFsmdvjXQ31pAc/gs+HoV3A18MB8GA1UdIwQY
MBaAFAJG6KdtMMfASVvFzo7lEQ/qsobmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWtib3AyMHd4OEJKVzhYT2p1VVJELXF5aHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9jMGE1NzYtYTIyMC00ZGUwLWFhYzEt
N2I5NmE5OTk3NzE4LzEvM3VJV3laMi1OZERmV2tCei1DejRlaFhjRFh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9jMGE1NzYtYTIyMC00ZGUwLWFhYzEtN2I5NmE5OTk3NzE4
LzEvQWtib3AyMHd4OEJKVzhYT2p1VVJELXF5aHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAQlRIAwQA
wR/dMA0GCSqGSIb3DQEBCwUAA4IBAQBfBOHM9BLCsxA+rZGkK7IPbnQkN5fIW9Y/
6DrX7mgwPyPD0WO2lBgpsXXMFtAmUmkydxGWdWjK0VvDAp3NzkmV7DYb0MR/guqG
oykNbufLvRZ2c5JftSCzVKKnjVhmKdZSnJuFcrJ3ExLxrmGhc5rpABFH8MZ0Rr8N
eQ4eS38aH4doaW0rwITaXq+dosdoeABsVxTPvq21fEYSV/QQ3Pxwy/TO/vuQjqv0
zUaQhJI4IWAPs4F/wWUQXzEzulIxlEplzxAkg4Ryg5mSXG5T5CPa9/pDd4QieFof
ByU+pwQbKhRTnpUJfFw0sIdA+SYUQGP6P3TZmu4uIbT8O8AclrEs
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:27:19 2025 by rpki-client