Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/602bfe-7a40-4f5a-9ec9-37a5d9ca6558/1/dnhmPWmpRWX9rAh9nBMTSVjDqxs.roa
File: dnhmPWmpRWX9rAh9nBMTSVjDqxs.roa (raw, json)
Hash identifier: fzOf1Or3/SM11VjxsfHMYPlVNvpYFDsl88MJ3GBj7FI=
Subject key identifier: 76:78:66:3D:69:A9:45:65:FD:AC:08:7D:9C:13:13:49:58:C3:AB:1B
Certificate issuer: /CN=753cff430f7f1751e697bb30f87fef397cc17fa6
Certificate serial: 0194236A53CC5C1BBC533CBE5EA7BC1B55B1
Authority key identifier: 75:3C:FF:43:0F:7F:17:51:E6:97:BB:30:F8:7F:EF:39:7C:C1:7F:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dTz_Qw9_F1Hml7sw-H_vOXzBf6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/602bfe-7a40-4f5a-9ec9-37a5d9ca6558/1/dnhmPWmpRWX9rAh9nBMTSVjDqxs.roa
Signing time: Wed 01 Jan 2025 19:49:18 +0000
ROA not before: Wed 01 Jan 2025 19:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8816
IP address blocks: 185.84.228.0/22 maxlen: 22
212.45.128.0/19 maxlen: 19
212.121.64.0/19 maxlen: 19
217.174.112.0/20 maxlen: 20
2a02:4d0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:53:cc:5c:1b:bc:53:3c:be:5e:a7:bc:1b:55:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=753cff430f7f1751e697bb30f87fef397cc17fa6
Validity
Not Before: Jan 1 19:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7678663d69a94565fdac087d9c13134958c3ab1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e9:71:a6:64:df:7a:65:3e:b6:f8:fa:90:19:
3f:28:c1:5f:03:98:95:f3:8c:a8:fd:0c:1a:dc:b6:
43:4a:0a:eb:90:11:9a:72:22:f3:f3:bc:54:b1:9b:
eb:2f:49:f9:f3:2f:48:19:69:29:d8:66:24:6c:7c:
f5:b9:96:e1:ec:f3:ce:3b:b1:7d:54:a3:3b:eb:35:
3e:0b:2f:e6:c5:85:94:ad:b8:0d:ec:62:78:74:ba:
04:ad:11:1d:d0:3e:aa:a6:85:57:48:06:87:29:2f:
07:87:e0:0f:e8:61:0f:c3:72:c1:95:3d:c9:1e:99:
3e:5d:01:93:f9:d8:f2:7a:74:aa:49:d3:0b:f9:f4:
a3:a0:32:ac:40:b1:0e:04:5e:b8:7e:a7:ce:59:ef:
c6:d8:f9:55:55:ae:fd:05:88:47:5f:ab:ff:2e:aa:
37:f1:2d:13:58:92:c5:80:99:16:27:e5:3b:7d:d6:
7c:b7:da:c1:29:ff:9b:d6:60:c6:d8:ba:8f:00:8f:
8b:e4:ac:7a:c7:22:60:4b:45:58:d7:26:ba:fd:85:
f6:5f:05:0f:f2:4f:12:c7:81:46:52:1d:94:5f:ce:
14:10:b2:78:59:2d:7b:b4:44:cd:0e:7d:fe:2f:71:
6d:5d:db:b5:df:29:0a:13:04:76:d5:86:2a:7a:4e:
55:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:78:66:3D:69:A9:45:65:FD:AC:08:7D:9C:13:13:49:58:C3:AB:1B
X509v3 Authority Key Identifier:
keyid:75:3C:FF:43:0F:7F:17:51:E6:97:BB:30:F8:7F:EF:39:7C:C1:7F:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dTz_Qw9_F1Hml7sw-H_vOXzBf6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/602bfe-7a40-4f5a-9ec9-37a5d9ca6558/1/dnhmPWmpRWX9rAh9nBMTSVjDqxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/602bfe-7a40-4f5a-9ec9-37a5d9ca6558/1/dTz_Qw9_F1Hml7sw-H_vOXzBf6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.228.0/22
212.45.128.0/19
212.121.64.0/19
217.174.112.0/20
IPv6:
2a02:4d0::/32
Signature Algorithm: sha256WithRSAEncryption
c7:93:7d:2b:18:36:69:41:88:51:ce:14:ff:cb:f9:fe:fb:40:
da:16:c2:eb:ba:5a:0f:ba:a7:40:26:72:db:b6:7f:6b:05:c0:
df:cd:f2:c6:33:0d:71:a9:dc:b2:c8:02:01:71:db:e5:2f:9e:
b2:7e:47:c7:37:3b:3d:4f:bb:dc:cf:70:5c:b0:a1:09:48:f8:
54:9a:9c:79:84:e2:26:99:e2:74:e9:f9:ed:7b:e2:c6:9b:a2:
69:bb:aa:d2:ab:7c:c2:3f:4d:86:e7:33:d4:59:cf:67:c5:40:
0c:e7:1f:b7:09:41:9d:ca:81:3b:1c:f3:c7:29:f2:9b:ae:5e:
b7:83:36:c1:95:cc:e0:a7:64:a2:c6:38:00:e1:10:bb:0f:e1:
dd:e2:ff:e4:58:4c:38:8d:51:a4:5a:9f:17:30:06:20:ba:88:
98:38:6e:ce:cf:6e:d0:d0:90:f7:86:cf:ae:f7:8f:75:30:6f:
2c:aa:02:7c:db:42:e8:ae:e0:ca:72:d9:c8:33:2b:8c:35:1f:
d4:96:1d:b3:4f:19:59:b2:69:91:df:74:cc:7f:83:ae:cb:c0:
fa:09:02:6c:60:91:f1:ed:1e:c1:f2:3e:67:89:5e:70:49:de:
3a:8b:86:29:8b:ca:0e:5f:20:1c:f4:4f:11:f4:f6:78:3d:22:
0d:48:03:bb
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQjalPMXBu8Uzy+Xqe8G1WxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1M2NmZjQzMGY3ZjE3NTFlNjk3YmIzMGY4N2ZlZjM5N2Nj
MTdmYTYwHhcNMjUwMTAxMTk0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Njc4NjYzZDY5YTk0NTY1ZmRhYzA4N2Q5YzEzMTM0OTU4YzNhYjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOlxpmTfemU+tvj6kBk/KMFfA5iV
84yo/Qwa3LZDSgrrkBGaciLz87xUsZvrL0n58y9IGWkp2GYkbHz1uZbh7PPOO7F9
VKM76zU+Cy/mxYWUrbgN7GJ4dLoErREd0D6qpoVXSAaHKS8Hh+AP6GEPw3LBlT3J
Hpk+XQGT+djyenSqSdML+fSjoDKsQLEOBF64fqfOWe/G2PlVVa79BYhHX6v/Lqo3
8S0TWJLFgJkWJ+U7fdZ8t9rBKf+b1mDG2LqPAI+L5Kx6xyJgS0VY1ya6/YX2XwUP
8k8Sx4FGUh2UX84UELJ4WS17tETNDn3+L3FtXdu13ykKEwR21YYqek5VHQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHZ4Zj1pqUVl/awIfZwTE0lYw6sbMB8GA1UdIwQY
MBaAFHU8/0MPfxdR5pe7MPh/7zl8wX+mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFR6X1F3OV9GMUhtbDdzdy1IX3ZPWHpCZjZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS82MDJiZmUtN2E0MC00ZjVhLTllYzkt
MzdhNWQ5Y2E2NTU4LzEvZG5obVBXbXBSV1g5ckFoOW5CTVRTVmpEcXhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS82MDJiZmUtN2E0MC00ZjVhLTllYzktMzdhNWQ5Y2E2NTU4
LzEvZFR6X1F3OV9GMUhtbDdzdy1IX3ZPWHpCZjZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCuVTkAwQF
1C2AAwQF1HlAAwQE2a5wMA0EAgACMAcDBQAqAgTQMA0GCSqGSIb3DQEBCwUAA4IB
AQDHk30rGDZpQYhRzhT/y/n++0DaFsLruloPuqdAJnLbtn9rBcDfzfLGMw1xqdyy
yAIBcdvlL56yfkfHNzs9T7vcz3BcsKEJSPhUmpx5hOImmeJ06fnte+LGm6Jpu6rS
q3zCP02G5zPUWc9nxUAM5x+3CUGdyoE7HPPHKfKbrl63gzbBlczgp2SixjgA4RC7
D+Hd4v/kWEw4jVGkWp8XMAYguoiYOG7Oz27Q0JD3hs+u9491MG8sqgJ820LoruDK
ctnIMyuMNR/Ulh2zTxlZsmmR33TMf4Ouy8D6CQJsYJHx7R7B8j5niV5wSd46i4Yp
i8oOXyAc9E8R9PZ4PSINSAO7
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:56:37 2025 by rpki-client