Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/970cf0-9298-4ff0-baf5-210ae0569a45/1/72LdJQQ_XzgvUHseE2sST5RXq_4.roa
File: 72LdJQQ_XzgvUHseE2sST5RXq_4.roa (raw, json)
Hash identifier: kR5iFtf9EPBMZTsPkYiIRyrCHP6r5lMPF7yM/ECFgng=
Subject key identifier: EF:62:DD:25:04:3F:5F:38:2F:50:7B:1E:13:6B:12:4F:94:57:AB:FE
Certificate issuer: /CN=f83faec93d403f3713823fa39c7d27c62e921471
Certificate serial: 019423D6E498C1AF0EE4C099DD81AB13C36A
Authority key identifier: F8:3F:AE:C9:3D:40:3F:37:13:82:3F:A3:9C:7D:27:C6:2E:92:14:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-D-uyT1APzcTgj-jnH0nxi6SFHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/970cf0-9298-4ff0-baf5-210ae0569a45/1/72LdJQQ_XzgvUHseE2sST5RXq_4.roa
Signing time: Wed 01 Jan 2025 21:47:53 +0000
ROA not before: Wed 01 Jan 2025 21:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206712
IP address blocks: 185.174.168.0/24 maxlen: 24
185.174.169.0/24 maxlen: 24
185.174.170.0/24 maxlen: 24
2a0b:a900::/32 maxlen: 32
2a0b:a901::/32 maxlen: 32
2a0b:a902::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:e4:98:c1:af:0e:e4:c0:99:dd:81:ab:13:c3:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f83faec93d403f3713823fa39c7d27c62e921471
Validity
Not Before: Jan 1 21:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ef62dd25043f5f382f507b1e136b124f9457abfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:19:6d:60:52:16:fd:5a:8f:fb:db:dc:c1:fe:
e7:d4:ed:86:95:fd:d3:20:e4:d8:af:1a:35:9e:b8:
14:ab:06:cb:cf:ef:cb:c1:ec:1a:63:19:3d:4f:9d:
c6:4a:36:c5:0a:8b:f0:6c:5b:91:a9:69:8f:b7:80:
de:c3:63:82:3c:19:b5:27:be:4e:88:ac:85:a0:e9:
8d:f6:a3:da:a6:e8:98:7c:ba:bc:23:9b:f9:e6:a2:
42:2e:7f:94:8c:60:9e:4c:c2:99:47:34:e6:4a:f9:
34:22:ae:fb:b8:14:35:14:bd:9b:ca:64:bc:90:3e:
ed:61:cc:75:5f:b4:44:c7:92:d1:0c:2f:9d:fa:2f:
a1:22:58:1c:98:4c:58:3d:5e:f2:1b:09:24:08:8a:
76:ba:fd:29:f1:dc:07:40:8c:61:09:aa:6d:8d:c4:
90:6a:77:94:5f:fa:6a:9d:99:45:da:6e:e0:73:8d:
55:4b:02:2f:dc:28:50:da:0a:45:8e:15:d9:96:cd:
b7:09:cd:93:cd:2e:bc:e3:cb:31:1a:6b:aa:d3:e8:
8a:80:c0:d9:46:1e:fd:60:93:c2:d7:a4:89:e0:d4:
0f:46:4e:65:53:f3:c4:eb:b8:fd:a1:8c:dc:38:f4:
5e:0e:8f:7d:fc:fd:09:e4:4b:20:d0:f1:75:1a:12:
7e:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:62:DD:25:04:3F:5F:38:2F:50:7B:1E:13:6B:12:4F:94:57:AB:FE
X509v3 Authority Key Identifier:
keyid:F8:3F:AE:C9:3D:40:3F:37:13:82:3F:A3:9C:7D:27:C6:2E:92:14:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-D-uyT1APzcTgj-jnH0nxi6SFHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/970cf0-9298-4ff0-baf5-210ae0569a45/1/72LdJQQ_XzgvUHseE2sST5RXq_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/970cf0-9298-4ff0-baf5-210ae0569a45/1/1-D-uyT1APzcTgj-jnH0nxi6SFHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.168.0-185.174.170.255
IPv6:
2a0b:a900::-2a0b:a902:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
cd:2f:92:d2:d7:d7:2e:19:bf:8a:5d:01:91:45:bc:37:c9:81:
9e:2f:04:e9:6b:fb:5a:17:ed:2b:12:64:73:30:c7:4a:3d:c4:
2c:09:cf:ca:f4:6e:b8:a8:28:56:73:e8:b6:27:bd:8d:d3:7c:
ea:19:34:b9:93:de:76:c7:38:7a:09:41:06:f7:dc:42:c8:17:
60:b9:2f:4f:87:05:0d:3a:ed:29:58:4b:ed:94:41:34:ee:59:
fc:2e:29:28:da:f5:e3:b9:d9:16:6c:a7:71:2f:c6:9a:93:b4:
1c:1a:f8:06:1b:58:0c:da:08:d4:f1:82:d4:c0:ea:a2:e3:eb:
a0:c6:08:b3:d1:60:d2:1b:fd:88:73:d4:33:95:ca:25:57:2d:
8e:2b:e2:0b:2d:88:9a:f9:bd:20:2f:61:36:3e:ea:a6:7e:7e:
29:40:f1:10:e9:ee:d5:39:09:cf:32:52:92:72:7f:0b:23:11:
e2:54:48:fb:95:9c:4a:d9:77:1e:a5:fd:d2:97:67:61:6a:99:
6a:9d:d2:1a:63:16:48:0c:29:38:f4:af:d1:d1:b1:2d:e0:e1:
6f:02:c5:a6:e9:57:b2:b0:0d:56:24:77:b4:d7:31:fe:88:74:
38:31:3c:36:ca:ee:97:6d:8e:ec:b9:9a:88:53:86:38:f1:ca:
63:25:29:8b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQj1uSYwa8O5MCZ3YGrE8NqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4M2ZhZWM5M2Q0MDNmMzcxMzgyM2ZhMzljN2QyN2M2MmU5
MjE0NzEwHhcNMjUwMTAxMjE0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjYyZGQyNTA0M2Y1ZjM4MmY1MDdiMWUxMzZiMTI0Zjk0NTdhYmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2xltYFIW/VqP+9vcwf7n1O2Glf3T
IOTYrxo1nrgUqwbLz+/LwewaYxk9T53GSjbFCovwbFuRqWmPt4Dew2OCPBm1J75O
iKyFoOmN9qPapuiYfLq8I5v55qJCLn+UjGCeTMKZRzTmSvk0Iq77uBQ1FL2bymS8
kD7tYcx1X7REx5LRDC+d+i+hIlgcmExYPV7yGwkkCIp2uv0p8dwHQIxhCaptjcSQ
aneUX/pqnZlF2m7gc41VSwIv3ChQ2gpFjhXZls23Cc2TzS6848sxGmuq0+iKgMDZ
Rh79YJPC16SJ4NQPRk5lU/PE67j9oYzcOPReDo99/P0J5Esg0PF1GhJ+kwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFO9i3SUEP184L1B7HhNrEk+UV6v+MB8GA1UdIwQY
MBaAFPg/rsk9QD83E4I/o5x9J8YukhRxMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1ELXV5VDFBUHpjVGdqLWpuSDBueGk2U0ZIRS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkvOTcwY2YwLTkyOTgtNGZmMC1iYWY1
LTIxMGFlMDU2OWE0NS8xLzcyTGRKUVFfWHpndlVIc2VFMnNTVDVSWHFfNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjkvOTcwY2YwLTkyOTgtNGZmMC1iYWY1LTIxMGFlMDU2OWE0
NS8xLzEtRC11eVQxQVB6Y1Rnai1qbkgwbnhpNlNGSEUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPgYIKwYBBQUHAQcBAf8ELzAtMBQEAgABMA4wDAMEA7mu
qAMEALmuqjAVBAIAAjAPMA0DBAAqC6kDBQAqC6kCMA0GCSqGSIb3DQEBCwUAA4IB
AQDNL5LS19cuGb+KXQGRRbw3yYGeLwTpa/taF+0rEmRzMMdKPcQsCc/K9G64qChW
c+i2J72N03zqGTS5k952xzh6CUEG99xCyBdguS9PhwUNOu0pWEvtlEE07ln8Liko
2vXjudkWbKdxL8aak7QcGvgGG1gM2gjU8YLUwOqi4+ugxgiz0WDSG/2Ic9Qzlcol
Vy2OK+ILLYia+b0gL2E2Puqmfn4pQPEQ6e7VOQnPMlKScn8LIxHiVEj7lZxK2Xce
pf3Sl2dhaplqndIaYxZIDCk49K/R0bEt4OFvAsWm6VeysA1WJHe01zH+iHQ4MTw2
yu6XbY7suZqIU4Y48cpjJSmL
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:10:53 2025 by rpki-client