Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/6f598d-a5c5-4c99-a1f0-548263eb6fb4/1/7IdkztL4D2rd1OWu-Fwdy4TrVLU.roa
File: 7IdkztL4D2rd1OWu-Fwdy4TrVLU.roa (raw, json)
Hash identifier: dbyo4ZfaUk/gfa7oD7KrfiLAvIhYyozL2QxpQuJXGrE=
Subject key identifier: EC:87:64:CE:D2:F8:0F:6A:DD:D4:E5:AE:F8:5C:1D:CB:84:EB:54:B5
Certificate issuer: /CN=7a0a06564d3c717d2d6daa1e833c495976b0bada
Certificate serial: 019420D62D66C30E49CB0CAC407B8D2DC22A
Authority key identifier: 7A:0A:06:56:4D:3C:71:7D:2D:6D:AA:1E:83:3C:49:59:76:B0:BA:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/egoGVk08cX0tbaoegzxJWXawuto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/6f598d-a5c5-4c99-a1f0-548263eb6fb4/1/7IdkztL4D2rd1OWu-Fwdy4TrVLU.roa
Signing time: Wed 01 Jan 2025 07:48:14 +0000
ROA not before: Wed 01 Jan 2025 07:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198949
IP address blocks: 149.249.0.0/24 maxlen: 24
149.249.1.0/24 maxlen: 24
149.249.2.0/24 maxlen: 24
149.249.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:2d:66:c3:0e:49:cb:0c:ac:40:7b:8d:2d:c2:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a0a06564d3c717d2d6daa1e833c495976b0bada
Validity
Not Before: Jan 1 07:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec8764ced2f80f6addd4e5aef85c1dcb84eb54b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:89:1d:fe:1e:58:a5:87:10:ff:2f:7b:db:af:
64:be:a5:38:7f:32:d0:9f:f0:b4:3a:d8:ea:ef:3d:
df:b8:87:32:86:f8:b0:03:f5:c3:c0:25:b4:11:1e:
d8:8f:89:cf:82:a7:07:35:03:3d:e1:7b:e0:99:1c:
bd:5c:20:32:b4:c2:5b:fe:16:d8:a0:28:e4:45:39:
d2:f1:74:a3:f5:95:b9:50:39:20:5a:4d:9c:f3:da:
e0:ec:f9:ce:e4:e6:80:43:3e:91:9d:f7:01:dc:d8:
9b:33:7a:85:b5:80:f7:4d:c0:1c:fe:27:ff:9d:0b:
fb:e4:e5:ba:8a:f8:53:72:51:3c:34:69:cb:ee:85:
e5:88:78:30:ad:88:28:d4:9e:67:74:ab:75:68:b5:
ac:11:16:08:d0:4f:03:d7:09:12:b1:f0:d2:96:71:
1a:4a:e0:10:28:08:71:fa:50:8d:73:28:5a:8b:b5:
ef:85:94:ec:33:bc:19:3c:bb:06:ef:96:00:e1:94:
50:5a:59:a7:92:9c:70:49:f8:b1:0c:1b:aa:af:8b:
40:a0:bb:48:c9:5c:6c:79:40:98:c4:ee:5a:42:38:
46:5d:d8:26:0e:e0:8b:ea:9f:3e:0f:c5:37:89:b1:
f4:cc:6e:7e:cc:cc:94:eb:37:cb:bc:52:ef:59:a1:
2e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:87:64:CE:D2:F8:0F:6A:DD:D4:E5:AE:F8:5C:1D:CB:84:EB:54:B5
X509v3 Authority Key Identifier:
keyid:7A:0A:06:56:4D:3C:71:7D:2D:6D:AA:1E:83:3C:49:59:76:B0:BA:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/egoGVk08cX0tbaoegzxJWXawuto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/6f598d-a5c5-4c99-a1f0-548263eb6fb4/1/7IdkztL4D2rd1OWu-Fwdy4TrVLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/6f598d-a5c5-4c99-a1f0-548263eb6fb4/1/egoGVk08cX0tbaoegzxJWXawuto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.249.0.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:8b:d7:36:55:f9:d5:f2:57:1d:a8:f6:e3:12:7d:30:c1:df:
3a:09:0c:ae:c0:49:e4:e6:f5:98:92:e8:a0:97:ed:f2:31:70:
09:a6:ac:b3:4c:9c:ef:b7:22:d5:45:3f:45:d0:59:64:03:67:
fc:f3:29:c6:88:27:a5:9b:c3:79:56:84:ec:22:24:7b:1b:c4:
91:b6:15:25:05:ce:7a:92:c2:27:b8:fa:e2:03:7d:e0:d6:d9:
b2:d6:1c:9f:62:1d:74:88:7b:66:7e:de:70:c8:fd:36:dc:58:
ab:be:02:10:c4:74:e8:f0:b8:fd:1b:a7:59:b7:1f:fe:88:a7:
1b:ae:32:1c:09:9d:f4:ea:4a:7b:82:b3:ab:73:94:83:e9:0a:
09:93:a1:1f:96:bd:d4:d3:59:2a:2f:a9:ac:d6:19:0a:8a:19:
c5:7f:ac:90:30:ee:e3:1e:55:00:52:03:21:df:84:0a:dc:b6:
45:4b:32:a2:df:8c:fb:53:b3:4f:36:48:c3:e4:9a:29:de:e8:
dc:3c:eb:d6:3c:08:12:ae:e4:ec:78:1b:bb:30:f2:7c:02:ac:
25:cd:53:27:12:39:96:e1:f5:ec:cb:4d:d0:9f:75:ea:b8:03:
da:aa:7b:3b:a6:8f:a5:d2:7a:bf:d5:3d:c1:10:1a:ed:e2:11:
6c:3f:9b:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1i1mww5JywysQHuNLcIqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMGEwNjU2NGQzYzcxN2QyZDZkYWExZTgzM2M0OTU5NzZi
MGJhZGEwHhcNMjUwMTAxMDc0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzg3NjRjZWQyZjgwZjZhZGRkNGU1YWVmODVjMWRjYjg0ZWI1NGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIkd/h5YpYcQ/y97269kvqU4fzLQ
n/C0Otjq7z3fuIcyhviwA/XDwCW0ER7Yj4nPgqcHNQM94XvgmRy9XCAytMJb/hbY
oCjkRTnS8XSj9ZW5UDkgWk2c89rg7PnO5OaAQz6RnfcB3NibM3qFtYD3TcAc/if/
nQv75OW6ivhTclE8NGnL7oXliHgwrYgo1J5ndKt1aLWsERYI0E8D1wkSsfDSlnEa
SuAQKAhx+lCNcyhai7XvhZTsM7wZPLsG75YA4ZRQWlmnkpxwSfixDBuqr4tAoLtI
yVxseUCYxO5aQjhGXdgmDuCL6p8+D8U3ibH0zG5+zMyU6zfLvFLvWaEuYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOyHZM7S+A9q3dTlrvhcHcuE61S1MB8GA1UdIwQY
MBaAFHoKBlZNPHF9LW2qHoM8SVl2sLraMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWdvR1ZrMDhjWDB0YmFvZWd6eEpXWGF3dXRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi82ZjU5OGQtYTVjNS00Yzk5LWExZjAt
NTQ4MjYzZWI2ZmI0LzEvN0lka3p0TDREMnJkMU9XdS1Gd2R5NFRyVkxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi82ZjU5OGQtYTVjNS00Yzk5LWExZjAtNTQ4MjYzZWI2ZmI0
LzEvZWdvR1ZrMDhjWDB0YmFvZWd6eEpXWGF3dXRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQClfkAMA0G
CSqGSIb3DQEBCwUAA4IBAQC4i9c2VfnV8lcdqPbjEn0wwd86CQyuwEnk5vWYkuig
l+3yMXAJpqyzTJzvtyLVRT9F0FlkA2f88ynGiCelm8N5VoTsIiR7G8SRthUlBc56
ksInuPriA33g1tmy1hyfYh10iHtmft5wyP023FirvgIQxHTo8Lj9G6dZtx/+iKcb
rjIcCZ306kp7grOrc5SD6QoJk6Eflr3U01kqL6ms1hkKihnFf6yQMO7jHlUAUgMh
34QK3LZFSzKi34z7U7NPNkjD5Jop3ujcPOvWPAgSruTseBu7MPJ8AqwlzVMnEjmW
4fXsy03Qn3XquAPaqns7po+l0nq/1T3BEBrt4hFsP5u6
-----END CERTIFICATE-----
Generated at Sat Apr 12 07:57:27 2025 by rpki-client