Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c5f2a4-adca-4fc4-87b2-bf4b75e200a7/1/7b72R8YLb2SHH9MjZo55yK3DpuU.roa
File: 7b72R8YLb2SHH9MjZo55yK3DpuU.roa (raw, json)
Hash identifier: EOM+9zK0YudveaEnl18alhJ+F+Rk/QyUoYSZ9iQgFf4=
Subject key identifier: ED:BE:F6:47:C6:0B:6F:64:87:1F:D3:23:66:8E:79:C8:AD:C3:A6:E5
Certificate issuer: /CN=1609c24dae3eeffcbefa37a688664ac93300ef58
Certificate serial: 01942444C35F6201508289AA621BFB824CAB
Authority key identifier: 16:09:C2:4D:AE:3E:EF:FC:BE:FA:37:A6:88:66:4A:C9:33:00:EF:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgnCTa4-7_y--jemiGZKyTMA71g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c5f2a4-adca-4fc4-87b2-bf4b75e200a7/1/7b72R8YLb2SHH9MjZo55yK3DpuU.roa
Signing time: Wed 01 Jan 2025 23:47:53 +0000
ROA not before: Wed 01 Jan 2025 23:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207233
IP address blocks: 45.84.124.0/22 maxlen: 24
185.162.60.0/22 maxlen: 24
2a0a:4000::/29 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:c3:5f:62:01:50:82:89:aa:62:1b:fb:82:4c:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1609c24dae3eeffcbefa37a688664ac93300ef58
Validity
Not Before: Jan 1 23:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=edbef647c60b6f64871fd323668e79c8adc3a6e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:bc:02:a4:5f:37:f5:ea:09:a6:87:aa:77:d0:
8d:1e:f0:7d:d0:dc:c5:f6:2e:6d:51:c9:ff:aa:11:
2a:5a:96:8a:20:b9:87:4a:d4:98:7e:39:b5:25:ad:
12:a5:ae:b2:1f:eb:c5:d7:69:5d:62:af:0b:36:d2:
33:39:88:dc:d9:ef:92:34:4b:03:d2:53:56:d7:08:
84:4d:7e:5e:86:cf:6f:c5:c1:6b:4d:78:f2:c4:41:
13:4b:2b:4f:1c:de:a5:2d:f6:9b:99:fc:04:79:e6:
b0:60:ba:fe:07:fd:0d:81:6f:c8:48:a2:7d:49:60:
e4:fe:3d:30:05:90:68:3d:9d:24:f6:f4:8d:13:d1:
6c:ed:d6:76:15:ad:dd:53:95:bb:9b:94:e7:80:14:
3a:fd:cb:42:93:ae:7b:7a:ca:2e:c3:26:79:8b:dd:
fb:30:48:7c:a2:67:bd:ff:17:52:d8:32:03:53:8a:
f5:10:76:e6:07:d9:73:c4:58:b5:97:4e:52:48:fe:
a9:97:e5:ab:ee:58:85:98:fa:03:16:d1:4f:07:e2:
b1:b5:87:30:67:05:71:66:61:5d:b6:b5:03:6e:09:
95:94:dd:bf:b7:0e:8f:42:b9:e9:3e:8f:82:d9:85:
b9:aa:d3:2a:0a:ff:8c:e0:3a:a6:59:8e:ad:b9:8e:
55:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:BE:F6:47:C6:0B:6F:64:87:1F:D3:23:66:8E:79:C8:AD:C3:A6:E5
X509v3 Authority Key Identifier:
keyid:16:09:C2:4D:AE:3E:EF:FC:BE:FA:37:A6:88:66:4A:C9:33:00:EF:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgnCTa4-7_y--jemiGZKyTMA71g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c5f2a4-adca-4fc4-87b2-bf4b75e200a7/1/7b72R8YLb2SHH9MjZo55yK3DpuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c5f2a4-adca-4fc4-87b2-bf4b75e200a7/1/FgnCTa4-7_y--jemiGZKyTMA71g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.124.0/22
185.162.60.0/22
IPv6:
2a0a:4000::/29
Signature Algorithm: sha256WithRSAEncryption
3b:35:79:d8:3e:5a:ce:36:f5:19:1f:58:fa:7d:1e:a3:43:95:
52:75:30:d7:06:19:3c:aa:35:18:1c:e6:21:03:ba:c9:0d:86:
6a:e8:4b:bd:85:e8:41:31:35:be:2d:f0:68:9f:87:50:bc:8a:
e0:97:82:e5:be:c6:3a:b9:12:26:e2:50:d4:67:a9:75:18:6d:
a0:86:18:1b:e8:6c:ab:ed:ca:8b:9c:20:c0:a2:50:0f:f9:1e:
49:9e:57:96:cc:79:aa:4f:6e:16:60:85:41:cb:a8:d4:27:6d:
77:bc:67:cf:de:e6:a8:e6:38:de:e3:81:79:31:49:68:e3:6a:
f6:73:2a:82:63:8c:48:ea:f7:48:e0:fb:2e:7a:91:7a:80:74:
48:77:92:88:19:db:e2:76:a2:e7:17:a1:84:24:62:c5:3c:07:
5f:b6:d2:02:66:d2:cb:a9:6d:5f:7f:3e:86:a4:1e:7d:a0:6b:
e8:4d:ec:58:26:fc:2d:b3:b2:07:b2:d2:7a:51:5c:95:c4:b0:
8c:98:69:6e:7e:57:a0:1e:ca:29:be:f0:30:83:6b:7f:9c:66:
87:a7:f1:92:8a:76:da:48:fd:42:a2:a6:98:43:6d:08:fe:c7:
59:e4:03:cb:4a:38:7b:ed:01:d9:19:d5:f4:a4:5d:b5:53:f2:
e9:74:b9:8b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQkRMNfYgFQgomqYhv7gkyrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDljMjRkYWUzZWVmZmNiZWZhMzdhNjg4NjY0YWM5MzMw
MGVmNTgwHhcNMjUwMTAxMjM0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGJlZjY0N2M2MGI2ZjY0ODcxZmQzMjM2NjhlNzljOGFkYzNhNmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLwCpF839eoJpoeqd9CNHvB90NzF
9i5tUcn/qhEqWpaKILmHStSYfjm1Ja0Spa6yH+vF12ldYq8LNtIzOYjc2e+SNEsD
0lNW1wiETX5ehs9vxcFrTXjyxEETSytPHN6lLfabmfwEeeawYLr+B/0NgW/ISKJ9
SWDk/j0wBZBoPZ0k9vSNE9Fs7dZ2Fa3dU5W7m5TngBQ6/ctCk657esouwyZ5i937
MEh8ome9/xdS2DIDU4r1EHbmB9lzxFi1l05SSP6pl+Wr7liFmPoDFtFPB+KxtYcw
ZwVxZmFdtrUDbgmVlN2/tw6PQrnpPo+C2YW5qtMqCv+M4DqmWY6tuY5VFQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFO2+9kfGC29khx/TI2aOecitw6blMB8GA1UdIwQY
MBaAFBYJwk2uPu/8vvo3pohmSskzAO9YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmduQ1RhNC03X3ktLWplbWlHWkt5VE1BNzFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNWYyYTQtYWRjYS00ZmM0LTg3YjIt
YmY0Yjc1ZTIwMGE3LzEvN2I3MlI4WUxiMlNISDlNalpvNTV5SzNEcHVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNWYyYTQtYWRjYS00ZmM0LTg3YjItYmY0Yjc1ZTIwMGE3
LzEvRmduQ1RhNC03X3ktLWplbWlHWkt5VE1BNzFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLVR8AwQC
uaI8MA0EAgACMAcDBQMqCkAAMA0GCSqGSIb3DQEBCwUAA4IBAQA7NXnYPlrONvUZ
H1j6fR6jQ5VSdTDXBhk8qjUYHOYhA7rJDYZq6Eu9hehBMTW+LfBon4dQvIrgl4Ll
vsY6uRIm4lDUZ6l1GG2ghhgb6Gyr7cqLnCDAolAP+R5JnleWzHmqT24WYIVBy6jU
J213vGfP3uao5jje44F5MUlo42r2cyqCY4xI6vdI4PsuepF6gHRId5KIGdvidqLn
F6GEJGLFPAdfttICZtLLqW1ffz6GpB59oGvoTexYJvwts7IHstJ6UVyVxLCMmGlu
flegHsopvvAwg2t/nGaHp/GSinbaSP1CoqaYQ20I/sdZ5APLSjh77QHZGdX0pF21
U/LpdLmL
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:56:06 2025 by rpki-client