Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/8b2aaf-345b-40bb-a31b-fd98fd70f34f/1/py8Xp3ZpBIK97blq7xFJULbGTm4.roa
File: py8Xp3ZpBIK97blq7xFJULbGTm4.roa (raw, json)
Hash identifier: DKAaoIesnSnsaGeSYQPo4HMqtcREs+GQ8Vs9Wa1cfK0=
Subject key identifier: A7:2F:17:A7:76:69:04:82:BD:ED:B9:6A:EF:11:49:50:B6:C6:4E:6E
Certificate issuer: /CN=3e1ab5f88b1cd7728f177cc86e33bceb9e2214b2
Certificate serial: 019427486C4E5B447FB427F6A35C28825F1D
Authority key identifier: 3E:1A:B5:F8:8B:1C:D7:72:8F:17:7C:C8:6E:33:BC:EB:9E:22:14:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Phq1-Isc13KPF3zIbjO8654iFLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/8b2aaf-345b-40bb-a31b-fd98fd70f34f/1/py8Xp3ZpBIK97blq7xFJULbGTm4.roa
Signing time: Thu 02 Jan 2025 13:50:45 +0000
ROA not before: Thu 02 Jan 2025 13:50:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39172
IP address blocks: 185.53.60.0/24 maxlen: 24
185.53.61.0/24 maxlen: 24
185.53.62.0/24 maxlen: 24
185.53.63.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:6c:4e:5b:44:7f:b4:27:f6:a3:5c:28:82:5f:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1ab5f88b1cd7728f177cc86e33bceb9e2214b2
Validity
Not Before: Jan 2 13:50:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a72f17a776690482bdedb96aef114950b6c64e6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:18:d6:83:61:ea:28:49:4d:77:cd:b7:2a:ef:
68:2a:b7:82:76:22:5b:f3:50:9e:5f:7d:45:d7:fa:
ac:03:17:4e:25:31:84:56:92:e2:65:f3:d0:3b:ba:
e4:56:71:c7:95:66:be:07:db:76:e7:30:86:fd:6f:
26:0a:37:0c:7d:97:35:37:0a:f4:50:91:57:c7:69:
50:ae:1a:a7:61:56:4d:37:50:09:d2:50:e3:5d:35:
d3:bb:e6:d5:65:e2:77:f7:d9:28:fe:09:f2:99:6e:
04:17:35:0d:bd:92:9c:13:60:ee:1b:42:34:19:ed:
32:2e:e3:c6:4c:3f:7e:73:52:d5:04:bc:16:e2:77:
1d:45:4c:8d:49:e1:81:c5:0e:52:1a:0b:15:28:15:
78:f6:ee:ab:95:e4:9e:cf:29:51:a5:d5:3a:ec:3d:
ed:c0:0f:f8:1f:46:e7:d6:22:c1:a3:28:73:04:64:
d6:bb:a6:04:04:9e:09:49:e4:c5:95:46:1f:07:95:
c8:19:7b:26:1f:b0:11:8b:78:19:67:a9:f3:0c:2e:
01:2f:a6:47:6d:50:48:90:df:7f:58:19:0c:75:fc:
c0:e1:4c:1c:56:e0:52:de:c2:fe:21:5d:7d:65:6d:
dc:f8:43:b4:18:07:48:98:7b:fd:06:04:7d:5d:97:
28:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:2F:17:A7:76:69:04:82:BD:ED:B9:6A:EF:11:49:50:B6:C6:4E:6E
X509v3 Authority Key Identifier:
keyid:3E:1A:B5:F8:8B:1C:D7:72:8F:17:7C:C8:6E:33:BC:EB:9E:22:14:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Phq1-Isc13KPF3zIbjO8654iFLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/8b2aaf-345b-40bb-a31b-fd98fd70f34f/1/py8Xp3ZpBIK97blq7xFJULbGTm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/8b2aaf-345b-40bb-a31b-fd98fd70f34f/1/Phq1-Isc13KPF3zIbjO8654iFLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.53.60.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:0c:90:f1:3d:b5:40:dc:7d:c8:5c:2a:47:01:e6:ae:c1:a3:
15:bb:e5:ff:e6:2a:25:bb:76:39:1a:58:85:73:82:30:04:ee:
f0:4c:b4:55:05:bb:78:c0:d1:e7:08:42:e1:f9:92:72:cb:63:
59:40:15:d3:59:cb:f6:e4:84:5e:d5:56:bb:14:ee:fd:a9:76:
05:cb:83:29:94:88:45:84:62:98:44:43:2c:51:ec:71:8a:c2:
8a:9a:22:98:ea:26:35:5c:e9:45:5e:3c:2f:fa:c1:9c:e5:1e:
e2:73:01:45:9b:60:42:d4:6b:5e:aa:81:0e:a1:91:02:33:cb:
8a:9a:c2:1b:1a:10:e6:a3:93:e3:12:5d:e0:bf:7f:17:1f:8c:
fa:5d:12:c6:c0:58:30:61:5e:74:6b:22:94:f0:dc:19:35:8c:
46:08:13:dd:65:b6:1e:af:a7:74:ee:e7:ea:70:ec:00:3d:82:
53:7d:19:b6:27:59:ed:f2:fb:f1:24:ef:92:3b:d3:e3:12:aa:
0a:a4:71:17:28:e9:cc:74:0d:b0:19:5f:68:1e:1b:fb:33:f5:
af:3c:89:13:8d:95:5d:72:07:c4:c0:b0:ca:94:45:7b:bf:c6:
da:63:10:f8:94:d3:5f:60:11:6a:43:f9:a0:b9:e4:8f:a8:47:
3b:c9:41:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSGxOW0R/tCf2o1wogl8dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWFiNWY4OGIxY2Q3NzI4ZjE3N2NjODZlMzNiY2ViOWUy
MjE0YjIwHhcNMjUwMTAyMTM1MDQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzJmMTdhNzc2NjkwNDgyYmRlZGI5NmFlZjExNDk1MGI2YzY0ZTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4BjWg2HqKElNd823Ku9oKreCdiJb
81CeX31F1/qsAxdOJTGEVpLiZfPQO7rkVnHHlWa+B9t25zCG/W8mCjcMfZc1Nwr0
UJFXx2lQrhqnYVZNN1AJ0lDjXTXTu+bVZeJ399ko/gnymW4EFzUNvZKcE2DuG0I0
Ge0yLuPGTD9+c1LVBLwW4ncdRUyNSeGBxQ5SGgsVKBV49u6rleSezylRpdU67D3t
wA/4H0bn1iLBoyhzBGTWu6YEBJ4JSeTFlUYfB5XIGXsmH7ARi3gZZ6nzDC4BL6ZH
bVBIkN9/WBkMdfzA4UwcVuBS3sL+IV19ZW3c+EO0GAdImHv9BgR9XZcoGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKcvF6d2aQSCve25au8RSVC2xk5uMB8GA1UdIwQY
MBaAFD4atfiLHNdyjxd8yG4zvOueIhSyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGhxMS1Jc2MxM0tQRjN6SWJqTzg2NTRpRkxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy84YjJhYWYtMzQ1Yi00MGJiLWEzMWIt
ZmQ5OGZkNzBmMzRmLzEvcHk4WHAzWnBCSUs5N2JscTd4RkpVTGJHVG00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy84YjJhYWYtMzQ1Yi00MGJiLWEzMWItZmQ5OGZkNzBmMzRm
LzEvUGhxMS1Jc2MxM0tQRjN6SWJqTzg2NTRpRkxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTU8MA0G
CSqGSIb3DQEBCwUAA4IBAQCdDJDxPbVA3H3IXCpHAeauwaMVu+X/5iolu3Y5GliF
c4IwBO7wTLRVBbt4wNHnCELh+ZJyy2NZQBXTWcv25IRe1Va7FO79qXYFy4MplIhF
hGKYREMsUexxisKKmiKY6iY1XOlFXjwv+sGc5R7icwFFm2BC1GteqoEOoZECM8uK
msIbGhDmo5PjEl3gv38XH4z6XRLGwFgwYV50ayKU8NwZNYxGCBPdZbYer6d07ufq
cOwAPYJTfRm2J1nt8vvxJO+SO9PjEqoKpHEXKOnMdA2wGV9oHhv7M/WvPIkTjZVd
cgfEwLDKlEV7v8baYxD4lNNfYBFqQ/mgueSPqEc7yUHC
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:06:29 2025 by rpki-client