Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/403ddd-c2d5-4b54-973a-2b7a794d5795/1/cHH8n9jIhtvEhfYf9DzKMDe1sMM.roa
File: cHH8n9jIhtvEhfYf9DzKMDe1sMM.roa (raw, json)
Hash identifier: 24RyHXYm2+n9v+uk7dd0yGKCI/vamDa6gkuFRLODvdE=
Subject key identifier: 70:71:FC:9F:D8:C8:86:DB:C4:85:F6:1F:F4:3C:CA:30:37:B5:B0:C3
Certificate issuer: /CN=002434c73a0eea22c6e441072e93db77c7e8a2f1
Certificate serial: 0194236A42E7A2BAAE476A9DC1DA64EF3730
Authority key identifier: 00:24:34:C7:3A:0E:EA:22:C6:E4:41:07:2E:93:DB:77:C7:E8:A2:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ACQ0xzoO6iLG5EEHLpPbd8foovE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/403ddd-c2d5-4b54-973a-2b7a794d5795/1/cHH8n9jIhtvEhfYf9DzKMDe1sMM.roa
Signing time: Wed 01 Jan 2025 19:49:13 +0000
ROA not before: Wed 01 Jan 2025 19:49:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43366
IP address blocks: 91.194.224.0/23 maxlen: 24
185.12.144.0/22 maxlen: 24
185.37.124.0/22 maxlen: 24
217.21.192.0/20 maxlen: 24
2a00:8080::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:42:e7:a2:ba:ae:47:6a:9d:c1:da:64:ef:37:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=002434c73a0eea22c6e441072e93db77c7e8a2f1
Validity
Not Before: Jan 1 19:49:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7071fc9fd8c886dbc485f61ff43cca3037b5b0c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:8f:3d:85:cc:2c:cf:2b:3e:14:20:1f:e3:06:
80:76:81:ea:2b:59:f3:56:3d:78:11:15:13:e0:4f:
8e:1e:05:dd:0a:a2:22:fa:40:17:ef:c8:79:84:56:
06:fa:28:ee:81:ec:0b:1c:0d:0c:94:e7:fc:cf:8f:
86:05:ab:c7:57:c7:1a:0e:cd:a9:0b:66:fc:9b:47:
3f:4c:96:e3:fb:10:50:99:c3:38:1a:34:d3:e3:cc:
77:5f:9d:30:d2:68:79:23:da:7c:55:06:7c:56:51:
b5:a4:36:d0:c2:ff:47:e4:22:10:1f:05:cd:de:26:
ec:b2:25:c5:59:77:2a:fa:72:25:26:2f:7f:cd:6a:
0b:a3:22:fa:e3:3a:ab:75:a9:5a:89:37:2c:ca:af:
a3:e6:08:50:3b:75:c4:fb:81:92:c1:ce:fd:ff:4d:
eb:bb:26:af:54:1a:30:a3:94:9a:4f:3b:4a:4b:89:
35:34:4b:ca:67:08:f6:56:8f:e5:d4:71:b0:2d:e9:
be:48:7b:7d:05:72:d0:36:8a:20:5d:65:04:0a:eb:
59:ac:ce:a0:85:fe:2f:59:27:aa:9e:41:1f:20:05:
c6:54:16:ba:3e:7f:93:c0:25:96:f4:6c:c8:81:a5:
ec:ff:21:73:ff:4f:19:8d:b0:eb:03:1d:52:48:97:
e4:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:71:FC:9F:D8:C8:86:DB:C4:85:F6:1F:F4:3C:CA:30:37:B5:B0:C3
X509v3 Authority Key Identifier:
keyid:00:24:34:C7:3A:0E:EA:22:C6:E4:41:07:2E:93:DB:77:C7:E8:A2:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ACQ0xzoO6iLG5EEHLpPbd8foovE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/403ddd-c2d5-4b54-973a-2b7a794d5795/1/cHH8n9jIhtvEhfYf9DzKMDe1sMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/403ddd-c2d5-4b54-973a-2b7a794d5795/1/ACQ0xzoO6iLG5EEHLpPbd8foovE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.224.0/23
185.12.144.0/22
185.37.124.0/22
217.21.192.0/20
IPv6:
2a00:8080::/32
Signature Algorithm: sha256WithRSAEncryption
5e:cb:7e:2b:72:13:0e:50:0b:69:3c:62:8f:9b:42:21:15:f3:
bc:28:e4:72:a3:2d:0c:9f:35:5b:79:36:c7:8e:71:51:c2:53:
fd:df:d0:9c:9b:c1:71:9c:85:9b:dd:07:35:bf:ce:9d:79:4b:
9c:66:e2:cd:8e:c3:22:9b:a4:f3:b4:8c:be:31:1e:10:5e:76:
10:d4:b4:37:ee:9c:10:61:e9:c4:be:0b:cd:40:9d:70:88:37:
b3:80:2a:dd:92:95:d9:87:73:60:a7:c4:cb:c5:36:dc:dd:3d:
ab:5d:d1:6e:f2:4c:7c:e2:7b:f9:e3:a8:2b:26:13:64:d5:de:
3e:9c:37:c9:69:7d:e2:c6:6b:fa:b5:e6:73:83:67:52:04:3e:
18:99:64:e3:a1:21:1a:f6:98:06:52:23:65:71:7d:21:8a:df:
b5:e1:48:45:b3:9a:c2:ac:3a:f1:5e:24:34:1e:42:59:fc:ce:
de:47:dd:1b:c7:fb:88:5c:6a:9f:2f:b4:fb:24:37:fe:be:b7:
c3:db:af:56:eb:b8:92:0d:c6:98:3b:e4:5c:96:35:a0:f6:fb:
7c:e6:0d:c8:c3:9a:f4:6e:0f:c7:bc:37:8d:de:4d:2c:37:26:
ae:fd:65:dc:07:83:8e:4e:54:86:75:66:75:18:38:d3:7e:f0:
b6:a8:86:2a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQjakLnorquR2qdwdpk7zcwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMjQzNGM3M2EwZWVhMjJjNmU0NDEwNzJlOTNkYjc3Yzdl
OGEyZjEwHhcNMjUwMTAxMTk0OTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDcxZmM5ZmQ4Yzg4NmRiYzQ4NWY2MWZmNDNjY2EzMDM3YjViMGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9o89hcwszys+FCAf4waAdoHqK1nz
Vj14ERUT4E+OHgXdCqIi+kAX78h5hFYG+ijugewLHA0MlOf8z4+GBavHV8caDs2p
C2b8m0c/TJbj+xBQmcM4GjTT48x3X50w0mh5I9p8VQZ8VlG1pDbQwv9H5CIQHwXN
3ibssiXFWXcq+nIlJi9/zWoLoyL64zqrdalaiTcsyq+j5ghQO3XE+4GSwc79/03r
uyavVBowo5SaTztKS4k1NEvKZwj2Vo/l1HGwLem+SHt9BXLQNoogXWUECutZrM6g
hf4vWSeqnkEfIAXGVBa6Pn+TwCWW9GzIgaXs/yFz/08ZjbDrAx1SSJfkPQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHBx/J/YyIbbxIX2H/Q8yjA3tbDDMB8GA1UdIwQY
MBaAFAAkNMc6DuoixuRBBy6T23fH6KLxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUNRMHh6b082aUxHNUVFSExwUGJkOGZvb3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi80MDNkZGQtYzJkNS00YjU0LTk3M2Et
MmI3YTc5NGQ1Nzk1LzEvY0hIOG45aklodHZFaGZZZjlEektNRGUxc01NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi80MDNkZGQtYzJkNS00YjU0LTk3M2EtMmI3YTc5NGQ1Nzk1
LzEvQUNRMHh6b082aUxHNUVFSExwUGJkOGZvb3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBW8LgAwQC
uQyQAwQCuSV8AwQE2RXAMA0EAgACMAcDBQAqAICAMA0GCSqGSIb3DQEBCwUAA4IB
AQBey34rchMOUAtpPGKPm0IhFfO8KORyoy0MnzVbeTbHjnFRwlP939Ccm8FxnIWb
3Qc1v86deUucZuLNjsMim6TztIy+MR4QXnYQ1LQ37pwQYenEvgvNQJ1wiDezgCrd
kpXZh3Ngp8TLxTbc3T2rXdFu8kx84nv546grJhNk1d4+nDfJaX3ixmv6teZzg2dS
BD4YmWTjoSEa9pgGUiNlcX0hit+14UhFs5rCrDrxXiQ0HkJZ/M7eR90bx/uIXGqf
L7T7JDf+vrfD269W67iSDcaYO+RcljWg9vt85g3Iw5r0bg/HvDeN3k0sNyau/WXc
B4OOTlSGdWZ1GDjTfvC2qIYq
-----END CERTIFICATE-----
Generated at Thu Apr 10 11:40:26 2025 by rpki-client