Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/0b4dba-0747-4e0f-8036-f2223606c538/1/P-O7tsPc2MVbLNpcI5hPez2b_dc.roa
File: P-O7tsPc2MVbLNpcI5hPez2b_dc.roa (raw, json)
Hash identifier: 7ZnPnzyOsWpvtfqN2wIGrijUdQcAUxgjitqJJrLP3sM=
Subject key identifier: 3F:E3:BB:B6:C3:DC:D8:C5:5B:2C:DA:5C:23:98:4F:7B:3D:9B:FD:D7
Certificate issuer: /CN=73340fd7b3c285637adc00f1e61e2b8e402658f3
Certificate serial: 01856FA6F47E1B2FE4452B7C22F1F993D8EC
Authority key identifier: 73:34:0F:D7:B3:C2:85:63:7A:DC:00:F1:E6:1E:2B:8E:40:26:58:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/czQP17PChWN63ADx5h4rjkAmWPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/0b4dba-0747-4e0f-8036-f2223606c538/1/P-O7tsPc2MVbLNpcI5hPez2b_dc.roa
Signing time: Sun 01 Jan 2023 23:24:50 +0000
ROA not before: Sun 01 Jan 2023 23:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51299
IP address blocks: 185.158.144.0/22 maxlen: 24
194.61.87.0/24 maxlen: 24
2a07:ae00::/31 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a6:f4:7e:1b:2f:e4:45:2b:7c:22:f1:f9:93:d8:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73340fd7b3c285637adc00f1e61e2b8e402658f3
Validity
Not Before: Jan 1 23:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3fe3bbb6c3dcd8c55b2cda5c23984f7b3d9bfdd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:13:f8:17:97:8b:c7:f6:e0:3a:6c:6b:9b:cd:
f0:d5:e5:d2:ef:13:84:36:0e:19:96:56:92:c0:00:
07:c0:d7:08:7c:ca:99:e7:f8:84:14:91:c6:0e:28:
1e:de:cd:9b:62:c8:49:4c:cc:89:ec:73:2a:99:f3:
e0:8c:7f:06:16:2b:3e:ed:c6:b3:b4:90:e6:99:73:
f4:29:4c:7b:28:94:10:73:04:83:5a:36:c3:5e:4e:
92:1c:88:ba:70:7a:a6:cd:13:73:b2:a1:df:10:ec:
76:66:e4:a8:e4:33:b9:81:1b:59:f1:6f:22:e9:ac:
11:26:cd:ae:f0:ea:b4:f9:d9:b1:24:24:50:7f:19:
f0:80:ee:de:9c:ac:12:05:1a:23:cf:fe:23:29:51:
d0:7f:d7:d3:52:be:35:76:37:05:33:31:1b:12:4e:
39:d6:cd:13:3e:33:e8:c5:a2:96:eb:b9:e7:7b:c9:
59:2c:1f:5e:7c:eb:c5:57:cd:66:40:57:1b:68:aa:
81:6c:6b:14:7f:90:e1:0d:99:1c:b0:89:59:5e:85:
ce:53:e3:fd:49:35:81:4d:a0:ee:9c:34:9d:6c:d4:
08:83:58:1f:90:5e:02:9f:d8:23:69:6c:e8:6e:6e:
f8:0f:d6:4c:0c:da:24:f9:9a:c8:1a:e9:30:71:54:
44:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:E3:BB:B6:C3:DC:D8:C5:5B:2C:DA:5C:23:98:4F:7B:3D:9B:FD:D7
X509v3 Authority Key Identifier:
keyid:73:34:0F:D7:B3:C2:85:63:7A:DC:00:F1:E6:1E:2B:8E:40:26:58:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/czQP17PChWN63ADx5h4rjkAmWPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/0b4dba-0747-4e0f-8036-f2223606c538/1/P-O7tsPc2MVbLNpcI5hPez2b_dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/0b4dba-0747-4e0f-8036-f2223606c538/1/czQP17PChWN63ADx5h4rjkAmWPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.158.144.0/22
194.61.87.0/24
IPv6:
2a07:ae00::/31
Signature Algorithm: sha256WithRSAEncryption
52:ed:d4:b4:92:cb:b1:03:14:2c:27:bf:a1:94:b3:e8:eb:00:
03:a5:3e:96:00:b3:bc:10:0c:a5:75:74:6e:bd:b4:34:36:2a:
75:51:2a:c0:d2:d2:8b:2c:00:b0:5c:db:88:b4:8f:f5:db:9a:
19:f8:b6:9d:ab:dc:6c:90:24:6f:d0:fe:19:f0:57:17:60:3e:
fd:4f:d1:fd:30:5f:74:c6:00:dd:fe:87:51:22:17:af:2f:d6:
b5:3d:9a:e6:56:f7:26:1c:ea:69:f6:c1:bd:2a:3b:ab:fd:3c:
83:b9:10:f1:ed:8c:f9:d8:1f:33:96:00:aa:e7:c8:00:fe:38:
c0:d1:0c:bc:40:eb:fb:1b:eb:31:a0:0a:50:8c:86:de:1a:91:
50:3a:7c:86:4a:81:96:d1:85:37:08:2a:a9:1c:c6:ed:b8:fa:
49:81:02:a9:be:e7:88:95:b8:53:ef:c0:df:98:d9:73:b4:1f:
18:2e:f3:fb:28:69:59:80:fa:f2:69:32:99:b4:e8:7a:4a:62:
2a:99:8a:b0:4e:47:da:0d:6a:bc:a3:77:c2:aa:ea:9d:d0:cc:
b6:da:04:07:74:df:b8:b0:62:43:82:b8:80:d4:cf:77:76:9e:
bd:23:31:f7:a4:cb:ea:3d:46:d2:36:4a:8f:ab:28:06:a1:df:
ef:14:f1:43
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvpvR+Gy/kRSt8IvH5k9jsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczMzQwZmQ3YjNjMjg1NjM3YWRjMDBmMWU2MWUyYjhlNDAy
NjU4ZjMwHhcNMjMwMTAxMjMyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmUzYmJiNmMzZGNkOGM1NWIyY2RhNWMyMzk4NGY3YjNkOWJmZGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixP4F5eLx/bgOmxrm83w1eXS7xOE
Ng4ZllaSwAAHwNcIfMqZ5/iEFJHGDige3s2bYshJTMyJ7HMqmfPgjH8GFis+7caz
tJDmmXP0KUx7KJQQcwSDWjbDXk6SHIi6cHqmzRNzsqHfEOx2ZuSo5DO5gRtZ8W8i
6awRJs2u8Oq0+dmxJCRQfxnwgO7enKwSBRojz/4jKVHQf9fTUr41djcFMzEbEk45
1s0TPjPoxaKW67nne8lZLB9efOvFV81mQFcbaKqBbGsUf5DhDZkcsIlZXoXOU+P9
STWBTaDunDSdbNQIg1gfkF4Cn9gjaWzobm74D9ZMDNok+ZrIGukwcVREnwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFD/ju7bD3NjFWyzaXCOYT3s9m/3XMB8GA1UdIwQY
MBaAFHM0D9ezwoVjetwA8eYeK45AJljzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3pRUDE3UENoV042M0FEeDVoNHJqa0FtV1BNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8wYjRkYmEtMDc0Ny00ZTBmLTgwMzYt
ZjIyMjM2MDZjNTM4LzEvUC1PN3RzUGMyTVZiTE5wY0k1aFBlejJiX2RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8wYjRkYmEtMDc0Ny00ZTBmLTgwMzYtZjIyMjM2MDZjNTM4
LzEvY3pRUDE3UENoV042M0FEeDVoNHJqa0FtV1BNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuZ6QAwQA
wj1XMA0EAgACMAcDBQEqB64AMA0GCSqGSIb3DQEBCwUAA4IBAQBS7dS0ksuxAxQs
J7+hlLPo6wADpT6WALO8EAyldXRuvbQ0Nip1USrA0tKLLACwXNuItI/125oZ+Lad
q9xskCRv0P4Z8FcXYD79T9H9MF90xgDd/odRIhevL9a1PZrmVvcmHOpp9sG9Kjur
/TyDuRDx7Yz52B8zlgCq58gA/jjA0Qy8QOv7G+sxoApQjIbeGpFQOnyGSoGW0YU3
CCqpHMbtuPpJgQKpvueIlbhT78DfmNlztB8YLvP7KGlZgPryaTKZtOh6SmIqmYqw
TkfaDWq8o3fCquqd0My22gQHdN+4sGJDgriA1M93dp69IzH3pMvqPUbSNkqPqygG
od/vFPFD
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:46:10 2025 by rpki-client