Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/66c08a-ee59-4771-a8f2-2a55399a80b0/1/vd7D-3mdClrE2pBAFW5I8DbmNHQ.roa
File: vd7D-3mdClrE2pBAFW5I8DbmNHQ.roa (raw, json)
Hash identifier: XeWgnqjmy+ysQNojNpVwYywd9xnz6oTic5jOkSU+sTo=
Subject key identifier: BD:DE:C3:FB:79:9D:0A:5A:C4:DA:90:40:15:6E:48:F0:36:E6:34:74
Certificate issuer: /CN=01bfe882d13e803fc194373ea40d8a5a9e69f304
Certificate serial: 019427B5D7B0A5AA34809F51467FC9BC6298
Authority key identifier: 01:BF:E8:82:D1:3E:80:3F:C1:94:37:3E:A4:0D:8A:5A:9E:69:F3:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ab_ogtE-gD_BlDc-pA2KWp5p8wQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/66c08a-ee59-4771-a8f2-2a55399a80b0/1/vd7D-3mdClrE2pBAFW5I8DbmNHQ.roa
Signing time: Thu 02 Jan 2025 15:50:16 +0000
ROA not before: Thu 02 Jan 2025 15:50:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50785
IP address blocks: 5.144.40.0/21 maxlen: 21
81.18.16.0/20 maxlen: 21
185.128.172.0/22 maxlen: 22
185.152.224.0/22 maxlen: 22
2a02:d38::/29 maxlen: 29
2a06:d040::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:d7:b0:a5:aa:34:80:9f:51:46:7f:c9:bc:62:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01bfe882d13e803fc194373ea40d8a5a9e69f304
Validity
Not Before: Jan 2 15:50:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bddec3fb799d0a5ac4da9040156e48f036e63474
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:18:94:28:fc:16:b0:3d:70:e0:4b:9d:cc:37:
ef:a3:35:2e:8d:59:b6:9e:a6:0f:3c:ec:2f:b6:fe:
d3:6e:f0:f0:15:6b:5f:d3:c3:d3:92:76:dc:f9:87:
50:d1:60:f4:66:89:03:dd:df:9c:80:63:51:d6:fc:
5c:d6:8c:d5:de:39:7b:ac:db:cb:ad:ad:c9:2d:52:
e3:3b:9b:7a:3e:4c:b8:6f:79:f9:59:63:80:7c:6b:
34:91:9e:ff:58:af:2c:e9:c0:0f:8d:39:83:4f:58:
1b:56:7a:73:3d:f1:e3:67:db:f0:e4:c9:3f:21:98:
e9:c8:60:75:61:5e:4a:60:cc:91:af:90:f1:28:a1:
63:76:bc:31:d7:4e:8b:25:dd:1f:50:ff:60:93:c3:
c8:00:f2:17:1a:9d:3b:65:bb:95:ec:35:23:0c:27:
70:27:07:e2:61:9b:b4:2b:2e:09:ce:e4:9d:c5:9d:
00:88:44:91:68:ea:09:2f:ad:77:5d:5e:ad:99:2b:
3c:1a:8c:b9:ea:96:41:5f:7c:fa:45:bb:b8:35:90:
45:25:cd:2e:04:88:13:d0:a7:51:c1:bb:68:0a:48:
7a:95:9a:d0:0c:80:57:a2:06:82:93:1a:8c:9d:94:
ef:79:a3:84:4e:37:9a:e0:9e:2b:27:ed:da:7c:d5:
d2:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:DE:C3:FB:79:9D:0A:5A:C4:DA:90:40:15:6E:48:F0:36:E6:34:74
X509v3 Authority Key Identifier:
keyid:01:BF:E8:82:D1:3E:80:3F:C1:94:37:3E:A4:0D:8A:5A:9E:69:F3:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ab_ogtE-gD_BlDc-pA2KWp5p8wQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/66c08a-ee59-4771-a8f2-2a55399a80b0/1/vd7D-3mdClrE2pBAFW5I8DbmNHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/66c08a-ee59-4771-a8f2-2a55399a80b0/1/Ab_ogtE-gD_BlDc-pA2KWp5p8wQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.40.0/21
81.18.16.0/20
185.128.172.0/22
185.152.224.0/22
IPv6:
2a02:d38::/29
2a06:d040::/29
Signature Algorithm: sha256WithRSAEncryption
d0:08:09:f6:e4:d5:c3:5d:72:66:1a:0d:58:5e:f7:b3:24:1b:
3b:35:45:cb:47:75:2f:8a:ec:45:b8:c2:00:83:f6:2e:1a:54:
d6:25:61:90:c0:09:13:f4:8e:73:13:4a:b6:72:19:8c:1b:bb:
3d:58:2f:2c:3a:cc:68:f5:6e:2a:e4:ca:3e:b9:f9:d4:70:c8:
29:a5:e8:9d:6a:ec:28:1b:c3:de:cf:d8:9c:dd:3a:e2:62:2b:
73:7c:4a:d7:fd:fc:a9:ff:cc:53:85:d8:5c:b8:12:80:fe:25:
65:af:54:c3:b0:99:8d:6b:15:a1:b5:11:94:1b:bd:91:9f:57:
8c:32:e1:a0:23:a3:c9:7a:70:63:48:d3:ba:ef:ce:a7:fe:e0:
1b:ba:cc:04:26:1e:fe:6c:33:da:6f:b1:66:c0:9f:ea:ca:53:
7d:84:ab:67:fa:62:e5:61:bb:04:74:63:f8:20:af:50:6d:52:
08:aa:56:1f:38:28:ed:21:1b:60:e9:f2:13:76:86:a0:aa:73:
19:3d:d2:3d:67:5f:dd:65:f6:cf:bd:4d:42:f6:70:7b:b9:fd:
8a:97:fc:97:e9:f2:de:79:b4:10:3a:52:20:ee:82:e3:a8:50:
68:1e:e7:2a:b9:84:53:fb:75:9b:3f:b8:38:b1:c6:78:c4:33:
09:10:30:1f
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZQntdewpao0gJ9RRn/JvGKYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxYmZlODgyZDEzZTgwM2ZjMTk0MzczZWE0MGQ4YTVhOWU2
OWYzMDQwHhcNMjUwMTAyMTU1MDE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGRlYzNmYjc5OWQwYTVhYzRkYTkwNDAxNTZlNDhmMDM2ZTYzNDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxiUKPwWsD1w4EudzDfvozUujVm2
nqYPPOwvtv7TbvDwFWtf08PTknbc+YdQ0WD0ZokD3d+cgGNR1vxc1ozV3jl7rNvL
ra3JLVLjO5t6Pky4b3n5WWOAfGs0kZ7/WK8s6cAPjTmDT1gbVnpzPfHjZ9vw5Mk/
IZjpyGB1YV5KYMyRr5DxKKFjdrwx106LJd0fUP9gk8PIAPIXGp07ZbuV7DUjDCdw
JwfiYZu0Ky4JzuSdxZ0AiESRaOoJL613XV6tmSs8Goy56pZBX3z6Rbu4NZBFJc0u
BIgT0KdRwbtoCkh6lZrQDIBXogaCkxqMnZTveaOETjea4J4rJ+3afNXSiQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFL3ew/t5nQpaxNqQQBVuSPA25jR0MB8GA1UdIwQY
MBaAFAG/6ILRPoA/wZQ3PqQNilqeafMEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWJfb2d0RS1nRF9CbERjLXBBMktXcDVwOHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82NmMwOGEtZWU1OS00NzcxLWE4ZjIt
MmE1NTM5OWE4MGIwLzEvdmQ3RC0zbWRDbHJFMnBCQUZXNUk4RGJtTkhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82NmMwOGEtZWU1OS00NzcxLWE4ZjItMmE1NTM5OWE4MGIw
LzEvQWJfb2d0RS1nRF9CbERjLXBBMktXcDVwOHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQDBZAoAwQE
URIQAwQCuYCsAwQCuZjgMBQEAgACMA4DBQMqAg04AwUDKgbQQDANBgkqhkiG9w0B
AQsFAAOCAQEA0AgJ9uTVw11yZhoNWF73syQbOzVFy0d1L4rsRbjCAIP2LhpU1iVh
kMAJE/SOcxNKtnIZjBu7PVgvLDrMaPVuKuTKPrn51HDIKaXonWrsKBvD3s/YnN06
4mIrc3xK1/38qf/MU4XYXLgSgP4lZa9Uw7CZjWsVobURlBu9kZ9XjDLhoCOjyXpw
Y0jTuu/Op/7gG7rMBCYe/mwz2m+xZsCf6spTfYSrZ/pi5WG7BHRj+CCvUG1SCKpW
Hzgo7SEbYOnyE3aGoKpzGT3SPWdf3WX2z71NQvZwe7n9ipf8l+ny3nm0EDpSIO6C
46hQaB7nKrmEU/t1mz+4OLHGeMQzCRAwHw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:05:43 2025 by rpki-client