Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/2260f2-3ccd-44e5-8428-e82d5ee4e40f/1/57DX2wZimKWofZi6PeHt5u3F3VI.roa
File: 57DX2wZimKWofZi6PeHt5u3F3VI.roa (raw, json)
Hash identifier: uKhLvwaBHKGGo6ZEIjx423DdQQ7aftl8PcP/O+/hDno=
Subject key identifier: E7:B0:D7:DB:06:62:98:A5:A8:7D:98:BA:3D:E1:ED:E6:ED:C5:DD:52
Certificate issuer: /CN=a42d0b826644a18387cf8322db7e646af63d986a
Certificate serial: 0194258E344A62E3CAFEDE55C413AB4751FC
Authority key identifier: A4:2D:0B:82:66:44:A1:83:87:CF:83:22:DB:7E:64:6A:F6:3D:98:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pC0LgmZEoYOHz4Mi235kavY9mGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/2260f2-3ccd-44e5-8428-e82d5ee4e40f/1/57DX2wZimKWofZi6PeHt5u3F3VI.roa
Signing time: Thu 02 Jan 2025 05:47:43 +0000
ROA not before: Thu 02 Jan 2025 05:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42517
IP address blocks: 77.241.224.0/20 maxlen: 20
89.248.128.0/20 maxlen: 20
109.69.224.0/21 maxlen: 21
185.130.240.0/22 maxlen: 22
2a00:1ae8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:34:4a:62:e3:ca:fe:de:55:c4:13:ab:47:51:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a42d0b826644a18387cf8322db7e646af63d986a
Validity
Not Before: Jan 2 05:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e7b0d7db066298a5a87d98ba3de1ede6edc5dd52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f1:ec:31:35:00:76:73:5f:11:bd:ca:50:6a:
df:c9:d2:89:e3:af:ac:5b:13:d4:5f:66:a5:c1:25:
08:e8:a8:9f:2b:36:ac:49:60:49:23:33:b9:ae:21:
72:7b:15:af:6c:57:51:35:4c:54:dc:0d:9e:f2:21:
09:98:99:85:90:19:fa:4e:0c:10:c5:53:8d:14:41:
75:ed:27:da:50:d1:d4:bb:9e:bc:b9:ac:57:c2:cf:
cd:be:3a:56:80:3f:76:4b:04:11:c3:11:9f:26:7d:
56:6c:1f:ac:48:7b:ff:d0:70:4a:d1:95:18:19:e0:
99:f6:a8:6c:3c:e0:3f:0b:6f:05:d4:a8:26:da:a8:
a1:e0:7f:a6:b1:39:d7:22:40:05:a7:34:62:78:e7:
d9:81:05:8c:a5:b4:d0:cf:ca:5e:d1:c9:fa:a4:22:
83:88:42:37:dd:05:cd:fa:fa:1b:47:86:87:84:37:
6e:07:bf:c4:0e:82:00:bf:b0:6d:56:71:03:fd:a3:
67:aa:91:ea:78:25:ba:4d:ae:68:4b:0a:3f:77:c4:
ce:a7:fa:c8:cf:e6:6e:2b:df:e5:b4:b4:b7:2c:b3:
16:c5:51:8b:89:d6:91:72:a4:ac:df:56:79:dd:47:
0f:a8:b5:93:ec:8e:51:ce:cf:09:f8:6b:a0:5d:ac:
a3:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:B0:D7:DB:06:62:98:A5:A8:7D:98:BA:3D:E1:ED:E6:ED:C5:DD:52
X509v3 Authority Key Identifier:
keyid:A4:2D:0B:82:66:44:A1:83:87:CF:83:22:DB:7E:64:6A:F6:3D:98:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pC0LgmZEoYOHz4Mi235kavY9mGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2260f2-3ccd-44e5-8428-e82d5ee4e40f/1/57DX2wZimKWofZi6PeHt5u3F3VI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2260f2-3ccd-44e5-8428-e82d5ee4e40f/1/pC0LgmZEoYOHz4Mi235kavY9mGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.241.224.0/20
89.248.128.0/20
109.69.224.0/21
185.130.240.0/22
IPv6:
2a00:1ae8::/32
Signature Algorithm: sha256WithRSAEncryption
21:f9:68:74:7c:49:f1:64:1c:62:5c:ed:34:74:f3:aa:ec:5f:
54:2f:1c:31:ef:51:55:d8:92:5e:90:04:61:8a:24:b2:d4:11:
36:15:c1:fb:26:fc:7f:ff:14:97:6b:1c:9b:30:b4:d6:af:a8:
dc:f4:19:79:5a:e0:67:0a:11:28:24:74:84:83:69:78:43:0b:
e7:5f:03:de:df:4a:a1:a8:d5:21:ef:61:a9:a4:d1:20:c5:ce:
c6:07:36:0c:a0:ec:c9:c9:b9:51:9e:9b:7e:6a:31:80:f8:91:
b6:4c:80:40:c0:bc:28:46:da:1d:b7:aa:83:e3:c3:52:59:d3:
4c:b5:b5:a9:de:58:63:74:f2:1d:df:f8:6e:f7:fb:c0:0c:d9:
05:e0:04:6d:a2:6b:ea:0b:57:0e:97:8f:d7:33:e2:b3:21:06:
6e:8d:8f:30:56:4e:bf:6d:32:90:93:81:88:b4:40:3b:89:75:
1b:30:2c:3f:24:d5:d4:67:a0:e0:ff:c7:c0:55:3a:28:5c:48:
25:3a:a4:02:a7:46:10:a8:97:be:b3:00:ca:28:70:c3:40:7b:
17:c9:19:9e:7d:6b:43:e2:cc:45:54:ec:71:c7:0a:77:c4:97:
c5:ef:11:fb:d1:1b:09:83:12:3a:dc:a5:a1:47:1b:7a:77:83:
28:76:36:9b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQljjRKYuPK/t5VxBOrR1H8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MmQwYjgyNjY0NGExODM4N2NmODMyMmRiN2U2NDZhZjYz
ZDk4NmEwHhcNMjUwMTAyMDU0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2IwZDdkYjA2NjI5OGE1YTg3ZDk4YmEzZGUxZWRlNmVkYzVkZDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1fHsMTUAdnNfEb3KUGrfydKJ46+s
WxPUX2alwSUI6KifKzasSWBJIzO5riFyexWvbFdRNUxU3A2e8iEJmJmFkBn6TgwQ
xVONFEF17SfaUNHUu568uaxXws/NvjpWgD92SwQRwxGfJn1WbB+sSHv/0HBK0ZUY
GeCZ9qhsPOA/C28F1Kgm2qih4H+msTnXIkAFpzRieOfZgQWMpbTQz8pe0cn6pCKD
iEI33QXN+vobR4aHhDduB7/EDoIAv7BtVnED/aNnqpHqeCW6Ta5oSwo/d8TOp/rI
z+ZuK9/ltLS3LLMWxVGLidaRcqSs31Z53UcPqLWT7I5Rzs8J+GugXayjgwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFOew19sGYpilqH2Yuj3h7ebtxd1SMB8GA1UdIwQY
MBaAFKQtC4JmRKGDh8+DItt+ZGr2PZhqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEMwTGdtWkVvWU9IejRNaTIzNWthdlk5bUdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yMjYwZjItM2NjZC00NGU1LTg0Mjgt
ZTgyZDVlZTRlNDBmLzEvNTdEWDJ3WmltS1dvZlppNlBlSHQ1dTNGM1ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yMjYwZjItM2NjZC00NGU1LTg0MjgtZTgyZDVlZTRlNDBm
LzEvcEMwTGdtWkVvWU9IejRNaTIzNWthdlk5bUdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQETfHgAwQE
WfiAAwQDbUXgAwQCuYLwMA0EAgACMAcDBQAqABroMA0GCSqGSIb3DQEBCwUAA4IB
AQAh+Wh0fEnxZBxiXO00dPOq7F9ULxwx71FV2JJekARhiiSy1BE2FcH7Jvx//xSX
axybMLTWr6jc9Bl5WuBnChEoJHSEg2l4QwvnXwPe30qhqNUh72GppNEgxc7GBzYM
oOzJyblRnpt+ajGA+JG2TIBAwLwoRtodt6qD48NSWdNMtbWp3lhjdPId3/hu9/vA
DNkF4ARtomvqC1cOl4/XM+KzIQZujY8wVk6/bTKQk4GItEA7iXUbMCw/JNXUZ6Dg
/8fAVTooXEglOqQCp0YQqJe+swDKKHDDQHsXyRmefWtD4sxFVOxxxwp3xJfF7xH7
0RsJgxI63KWhRxt6d4Modjab
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:45:18 2025 by rpki-client