Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/42be5f-2432-4899-a4ff-198adda5a281/1/c7QJZpcKw5JtI5FMoVTzm0WUSCk.roa
File: c7QJZpcKw5JtI5FMoVTzm0WUSCk.roa (raw, json)
Hash identifier: eFh5B28aZqPEyGFrbmBU9Qj8kztn04oOd68LadOBOHU=
Subject key identifier: 73:B4:09:66:97:0A:C3:92:6D:23:91:4C:A1:54:F3:9B:45:94:48:29
Certificate issuer: /CN=e4e17e07b04dc76c9d6c91fafc2d5a8402c64b8e
Certificate serial: 0194228DB8FF402F7069DEFCD74E65B4605F
Authority key identifier: E4:E1:7E:07:B0:4D:C7:6C:9D:6C:91:FA:FC:2D:5A:84:02:C6:4B:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5OF-B7BNx2ydbJH6_C1ahALGS44.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/42be5f-2432-4899-a4ff-198adda5a281/1/c7QJZpcKw5JtI5FMoVTzm0WUSCk.roa
Signing time: Wed 01 Jan 2025 15:48:20 +0000
ROA not before: Wed 01 Jan 2025 15:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206141
IP address blocks: 147.28.48.0/20 maxlen: 20
185.155.188.0/22 maxlen: 22
2a07:9540::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:b8:ff:40:2f:70:69:de:fc:d7:4e:65:b4:60:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4e17e07b04dc76c9d6c91fafc2d5a8402c64b8e
Validity
Not Before: Jan 1 15:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=73b40966970ac3926d23914ca154f39b45944829
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:07:ac:8b:a4:a3:87:75:6c:3f:41:f3:5d:a4:
80:25:2e:20:06:4e:2c:00:0e:57:78:36:ee:55:c5:
dc:1d:b4:c4:40:fc:70:e6:57:09:e3:32:06:90:eb:
4a:30:b4:4e:2d:59:d4:1c:cd:74:e6:8e:2d:fd:91:
be:88:99:8a:c5:40:71:c3:cc:58:53:e4:f5:d8:7a:
6f:fb:dc:0a:58:5e:0a:6c:8e:c0:1c:c3:88:53:1c:
45:f1:1b:2d:64:21:17:96:ce:1a:71:c0:e3:be:57:
d5:eb:4d:6d:df:ce:c4:db:04:e9:8b:99:95:a0:7d:
30:fb:28:85:d7:8f:8c:fe:63:9c:ff:6e:ba:6b:17:
30:93:b3:5b:39:42:be:5d:65:80:f7:55:09:21:37:
1f:28:c3:97:6a:fd:71:8d:b0:06:86:20:02:e9:fc:
54:d8:f4:9b:f8:2c:9e:2c:be:d0:c6:31:88:0c:e5:
ed:c7:00:80:54:fc:c3:b8:19:b4:cf:18:f3:2e:2b:
a2:19:56:a1:bc:ae:0e:db:90:50:46:fa:fe:f6:22:
ce:a5:3e:29:54:e1:c2:20:dc:41:21:5c:43:83:55:
3f:64:4c:c2:ed:10:bf:56:7c:f6:e6:d9:76:47:6f:
2e:7e:3a:0d:31:8d:e2:83:69:df:3a:58:5b:1e:dc:
7b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:B4:09:66:97:0A:C3:92:6D:23:91:4C:A1:54:F3:9B:45:94:48:29
X509v3 Authority Key Identifier:
keyid:E4:E1:7E:07:B0:4D:C7:6C:9D:6C:91:FA:FC:2D:5A:84:02:C6:4B:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5OF-B7BNx2ydbJH6_C1ahALGS44.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/42be5f-2432-4899-a4ff-198adda5a281/1/c7QJZpcKw5JtI5FMoVTzm0WUSCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/42be5f-2432-4899-a4ff-198adda5a281/1/5OF-B7BNx2ydbJH6_C1ahALGS44.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.28.48.0/20
185.155.188.0/22
IPv6:
2a07:9540::/29
Signature Algorithm: sha256WithRSAEncryption
62:71:ea:4f:24:8f:95:f5:c0:fd:d2:dc:4c:75:54:5f:a8:e8:
73:b0:b5:4a:03:ad:2b:6f:69:84:91:66:84:2d:ba:a6:dd:58:
d8:6e:c6:6d:90:4e:63:de:82:7f:a7:d7:e5:58:79:15:0d:f3:
10:8e:00:fb:3b:f8:dc:cd:04:4a:b8:06:62:2f:5e:e9:42:4e:
32:7a:2b:da:ff:d9:3e:63:26:fd:cb:ce:b4:42:b1:38:9d:d6:
0f:cc:3d:85:f9:2b:92:94:59:94:38:ea:6d:f9:b5:e0:86:02:
43:c5:f4:06:08:67:20:3f:2d:b9:f8:ca:09:db:89:59:c6:c9:
0c:62:4d:09:cb:43:83:7b:fe:44:c5:4f:b9:3a:62:bb:a8:26:
c8:e5:86:d6:40:3f:11:79:e4:ba:b6:a7:c6:a2:55:4e:e7:c2:
ec:6c:d1:ca:2f:cb:5b:74:6c:43:8a:92:ad:20:06:16:6d:12:
d7:96:f7:e9:b3:0a:28:5e:b6:f4:99:29:7c:3b:6e:d9:7a:fd:
67:46:3e:8a:9a:28:cc:4b:e5:b6:2d:54:40:ef:61:06:1b:0d:
25:a6:35:dc:89:a2:2d:b0:f7:f9:c5:ff:8b:ce:f3:f2:f0:99:
47:77:8e:e5:58:86:8e:99:26:65:8d:53:7c:f7:f5:df:0c:1b:
19:53:b8:cf
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQijbj/QC9wad78105ltGBfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0ZTE3ZTA3YjA0ZGM3NmM5ZDZjOTFmYWZjMmQ1YTg0MDJj
NjRiOGUwHhcNMjUwMTAxMTU0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2I0MDk2Njk3MGFjMzkyNmQyMzkxNGNhMTU0ZjM5YjQ1OTQ0ODI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Qesi6Sjh3VsP0HzXaSAJS4gBk4s
AA5XeDbuVcXcHbTEQPxw5lcJ4zIGkOtKMLROLVnUHM105o4t/ZG+iJmKxUBxw8xY
U+T12Hpv+9wKWF4KbI7AHMOIUxxF8RstZCEXls4accDjvlfV601t387E2wTpi5mV
oH0w+yiF14+M/mOc/266axcwk7NbOUK+XWWA91UJITcfKMOXav1xjbAGhiAC6fxU
2PSb+CyeLL7QxjGIDOXtxwCAVPzDuBm0zxjzLiuiGVahvK4O25BQRvr+9iLOpT4p
VOHCINxBIVxDg1U/ZEzC7RC/Vnz25tl2R28ufjoNMY3ig2nfOlhbHtx7TwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHO0CWaXCsOSbSORTKFU85tFlEgpMB8GA1UdIwQY
MBaAFOThfgewTcdsnWyR+vwtWoQCxkuOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU9GLUI3Qk54MnlkYkpINl9DMWFoQUxHUzQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC80MmJlNWYtMjQzMi00ODk5LWE0ZmYt
MTk4YWRkYTVhMjgxLzEvYzdRSlpwY0t3NUp0STVGTW9WVHptMFdVU0NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC80MmJlNWYtMjQzMi00ODk5LWE0ZmYtMTk4YWRkYTVhMjgx
LzEvNU9GLUI3Qk54MnlkYkpINl9DMWFoQUxHUzQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEkxwwAwQC
uZu8MA0EAgACMAcDBQMqB5VAMA0GCSqGSIb3DQEBCwUAA4IBAQBicepPJI+V9cD9
0txMdVRfqOhzsLVKA60rb2mEkWaELbqm3VjYbsZtkE5j3oJ/p9flWHkVDfMQjgD7
O/jczQRKuAZiL17pQk4yeiva/9k+Yyb9y860QrE4ndYPzD2F+SuSlFmUOOpt+bXg
hgJDxfQGCGcgPy25+MoJ24lZxskMYk0Jy0ODe/5ExU+5OmK7qCbI5YbWQD8ReeS6
tqfGolVO58LsbNHKL8tbdGxDipKtIAYWbRLXlvfpswooXrb0mSl8O27Zev1nRj6K
mijMS+W2LVRA72EGGw0lpjXciaItsPf5xf+LzvPy8JlHd47lWIaOmSZljVN89/Xf
DBsZU7jP
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:05:44 2025 by rpki-client