Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/iC76qBJ7rnzv-dHxbskQvop6cgc.roa
File: iC76qBJ7rnzv-dHxbskQvop6cgc.roa (raw, json)
Hash identifier: oJSwW2odcdRO6PnopLoj/bdLs5EoyAuWigInla4hrGk=
Subject key identifier: 88:2E:FA:A8:12:7B:AE:7C:EF:F9:D1:F1:6E:C9:10:BE:8A:7A:72:07
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019421B2324D20F00231F2F197E0AEA85665
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/iC76qBJ7rnzv-dHxbskQvop6cgc.roa
Signing time: Wed 01 Jan 2025 11:48:33 +0000
ROA not before: Wed 01 Jan 2025 11:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 5.180.234.0/24 maxlen: 24
45.8.205.0/24 maxlen: 24
2a06:e5c0::/29 maxlen: 48
2a09:96c0::/29 maxlen: 48
2a09:ae80::/29 maxlen: 48
2a09:b440::/48 maxlen: 48
2a13:4bc0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:32:4d:20:f0:02:31:f2:f1:97:e0:ae:a8:56:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 1 11:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=882efaa8127bae7ceff9d1f16ec910be8a7a7207
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:71:b6:fd:af:8d:72:7f:e9:d0:0f:d5:80:8d:
f7:8b:ca:d9:3a:71:41:50:7c:23:a7:3b:01:f1:07:
94:98:78:34:a2:1f:0e:f5:d5:39:e3:3f:f2:08:db:
60:5f:c3:a2:c6:b5:d4:2c:ac:9e:c4:60:e2:7d:e1:
ee:00:e3:d7:f4:6f:0d:82:d7:18:f7:84:a5:38:1d:
dc:44:93:e5:0f:78:d9:cb:2a:d1:8d:bc:24:6b:af:
b8:b2:af:8b:36:55:0e:8e:78:e9:33:47:7d:56:bf:
c9:2d:81:2f:33:8a:bf:24:a1:c4:4d:1d:93:40:ef:
e1:26:ca:55:6f:0e:a8:69:09:51:95:33:ce:af:1a:
ab:c1:78:d7:45:2a:d1:a3:4b:27:9e:d4:7a:e8:07:
73:7b:3d:1b:40:c4:55:8e:b8:ea:7b:37:b0:44:b1:
29:09:8b:56:c2:32:a5:b9:3e:45:70:3c:11:60:0e:
e4:cf:38:e6:8c:4c:cf:f9:5a:f7:f0:e3:55:2c:b7:
39:19:12:58:25:9c:f7:b4:79:90:80:f9:8f:a7:fa:
e2:9e:4d:2f:8f:85:85:61:99:9f:27:5d:65:60:03:
f2:e0:aa:9b:5a:3d:3b:32:5a:bb:38:3d:f9:28:9b:
bc:13:3d:67:02:9f:04:7b:77:6c:61:16:f5:77:6c:
72:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:2E:FA:A8:12:7B:AE:7C:EF:F9:D1:F1:6E:C9:10:BE:8A:7A:72:07
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/iC76qBJ7rnzv-dHxbskQvop6cgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.234.0/24
45.8.205.0/24
IPv6:
2a06:e5c0::/29
2a09:96c0::/29
2a09:ae80::/29
2a09:b440::/48
2a13:4bc0::/29
Signature Algorithm: sha256WithRSAEncryption
9f:d1:d3:45:9e:8b:f1:29:ae:35:10:5a:c0:6c:31:20:03:37:
82:57:0b:97:ab:c8:8a:5b:15:54:08:4f:7c:36:4c:62:1c:7b:
fc:19:58:15:87:68:14:a7:c5:38:47:71:cc:df:56:a1:91:36:
07:1d:53:94:d6:b7:e8:71:55:80:6d:b0:49:35:30:76:a2:61:
c9:54:14:8a:10:68:32:2d:af:5b:9a:ab:39:dc:05:91:d8:33:
7b:38:3b:36:1e:d8:d6:ce:b0:c3:ab:9d:c8:8d:fb:ce:01:f4:
9d:ff:3e:d0:12:99:82:2e:a7:85:bc:61:2e:f9:91:88:15:88:
a8:49:7a:6d:30:ab:46:00:8e:d8:24:59:2d:3e:5e:b3:3c:4e:
4d:07:76:f3:e1:4a:a9:d6:a0:87:5f:a1:c2:c6:8a:30:d7:4a:
d1:19:07:2b:24:93:44:1a:1a:50:84:24:c4:68:56:69:61:ba:
53:f8:03:b3:e3:e0:fd:ab:b2:78:6f:3a:ea:e4:fb:37:e8:72:
fa:e4:89:6e:0f:e9:c3:58:ca:d8:27:d8:14:f3:fc:27:2b:1c:
96:23:07:4e:47:83:83:42:6f:9e:22:86:7d:b5:41:49:f2:d0:
71:78:c6:64:68:8e:31:6d:ff:41:66:7c:80:67:77:b7:1b:c6:
9d:a0:04:04
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZQhsjJNIPACMfLxl+CuqFZlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwMTAxMTE0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODJlZmFhODEyN2JhZTdjZWZmOWQxZjE2ZWM5MTBiZThhN2E3MjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3G2/a+Ncn/p0A/VgI33i8rZOnFB
UHwjpzsB8QeUmHg0oh8O9dU54z/yCNtgX8OixrXULKyexGDifeHuAOPX9G8NgtcY
94SlOB3cRJPlD3jZyyrRjbwka6+4sq+LNlUOjnjpM0d9Vr/JLYEvM4q/JKHETR2T
QO/hJspVbw6oaQlRlTPOrxqrwXjXRSrRo0snntR66Adzez0bQMRVjrjqezewRLEp
CYtWwjKluT5FcDwRYA7kzzjmjEzP+Vr38ONVLLc5GRJYJZz3tHmQgPmPp/rink0v
j4WFYZmfJ11lYAPy4KqbWj07Mlq7OD35KJu8Ez1nAp8Ee3dsYRb1d2xyNQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFIgu+qgSe6587/nR8W7JEL6KenIHMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvaUM3NnFCSjdybnp2LWRIeGJza1F2b3A2Y2djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTASBAIAATAMAwQABbTqAwQA
LQjNMCsEAgACMCUDBQMqBuXAAwUDKgmWwAMFAyoJroADBwAqCbRAAAADBQMqE0vA
MA0GCSqGSIb3DQEBCwUAA4IBAQCf0dNFnovxKa41EFrAbDEgAzeCVwuXq8iKWxVU
CE98NkxiHHv8GVgVh2gUp8U4R3HM31ahkTYHHVOU1rfocVWAbbBJNTB2omHJVBSK
EGgyLa9bmqs53AWR2DN7ODs2HtjWzrDDq53IjfvOAfSd/z7QEpmCLqeFvGEu+ZGI
FYioSXptMKtGAI7YJFktPl6zPE5NB3bz4Uqp1qCHX6HCxoow10rRGQcrJJNEGhpQ
hCTEaFZpYbpT+AOz4+D9q7J4bzrq5Ps36HL65IluD+nDWMrYJ9gU8/wnKxyWIwdO
R4ODQm+eIoZ9tUFJ8tBxeMZkaI4xbf9BZnyAZ3e3G8adoAQE
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:49:48 2025 by rpki-client