Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/0b8f11-a011-4764-bcf3-6dbba2b1dca7/1/328W7NzX5apZBWq3pyy8JCc4s-E.roa
File: 328W7NzX5apZBWq3pyy8JCc4s-E.roa (raw, json)
Hash identifier: ksJ9JJOUwJOZ93oqiZVxGsGwysa27ckV82/EFvGLp+k=
Subject key identifier: DF:6F:16:EC:DC:D7:E5:AA:59:05:6A:B7:A7:2C:BC:24:27:38:B3:E1
Certificate issuer: /CN=ee0581767af4579e44da977b1082d94b3c7b9298
Certificate serial: 0194274710BCBF02107A4C056CAB8E974FF6
Authority key identifier: EE:05:81:76:7A:F4:57:9E:44:DA:97:7B:10:82:D9:4B:3C:7B:92:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7gWBdnr0V55E2pd7EILZSzx7kpg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/0b8f11-a011-4764-bcf3-6dbba2b1dca7/1/328W7NzX5apZBWq3pyy8JCc4s-E.roa
Signing time: Thu 02 Jan 2025 13:49:16 +0000
ROA not before: Thu 02 Jan 2025 13:49:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29684
IP address blocks: 193.105.119.0/24 maxlen: 24
195.85.224.0/24 maxlen: 24
2001:678:39c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:10:bc:bf:02:10:7a:4c:05:6c:ab:8e:97:4f:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee0581767af4579e44da977b1082d94b3c7b9298
Validity
Not Before: Jan 2 13:49:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df6f16ecdcd7e5aa59056ab7a72cbc242738b3e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b5:be:44:7f:59:32:c6:4a:9d:d3:b3:c2:4c:
79:68:67:a4:b7:0a:f8:98:41:80:bb:8a:a9:40:aa:
a6:2f:01:98:35:30:2e:5f:07:92:b7:9f:b4:cd:16:
ac:1a:65:59:4b:80:70:c6:77:87:af:77:8b:1a:62:
2c:44:c0:e5:e3:7e:cf:c2:a2:c7:e8:bf:d7:01:e8:
96:aa:1c:14:e3:68:c5:37:b5:35:32:e2:eb:9d:f7:
aa:3e:3e:46:ec:7b:47:ff:d9:97:3e:3f:61:e9:7e:
2a:d3:37:89:36:18:c4:e9:ee:9c:b5:b2:96:cb:80:
d6:ad:dd:4d:53:4d:01:fb:8a:7d:c7:91:5c:6e:fb:
a6:7c:bc:dc:cb:cf:64:e0:94:c5:58:4f:a6:2e:24:
f4:24:50:3a:5f:fc:b2:31:67:9c:c2:4d:33:11:86:
54:f1:e0:47:bc:56:b3:73:38:96:b8:d5:cf:09:bb:
c0:2e:f8:cc:6f:5f:7c:7e:8c:0f:73:42:54:51:dd:
0b:bd:25:8a:c8:cd:52:45:03:f7:5a:fe:18:55:6a:
06:44:bd:d2:89:1d:77:c5:02:7d:ea:c2:7a:88:b8:
0e:6a:11:f4:2e:9b:64:da:84:b2:67:50:f6:ed:4e:
a3:14:c0:2b:0d:19:ee:b9:95:89:0f:b2:7f:7c:f7:
89:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:6F:16:EC:DC:D7:E5:AA:59:05:6A:B7:A7:2C:BC:24:27:38:B3:E1
X509v3 Authority Key Identifier:
keyid:EE:05:81:76:7A:F4:57:9E:44:DA:97:7B:10:82:D9:4B:3C:7B:92:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7gWBdnr0V55E2pd7EILZSzx7kpg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/0b8f11-a011-4764-bcf3-6dbba2b1dca7/1/328W7NzX5apZBWq3pyy8JCc4s-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/0b8f11-a011-4764-bcf3-6dbba2b1dca7/1/7gWBdnr0V55E2pd7EILZSzx7kpg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.105.119.0/24
195.85.224.0/24
IPv6:
2001:678:39c::/48
Signature Algorithm: sha256WithRSAEncryption
3f:c7:6e:53:14:dc:23:9f:32:d7:68:00:39:21:ba:4a:eb:5d:
4b:56:f8:de:92:74:02:39:17:a0:23:b6:57:9f:b2:98:3c:a8:
db:7f:65:cf:ad:70:a2:c4:b7:de:1a:70:74:b0:92:07:e6:a6:
9c:92:51:e1:46:3e:d8:ff:8a:11:a8:e2:e7:ed:49:51:d0:a8:
e5:1f:a5:66:fe:cb:53:e8:ed:17:5c:1e:83:93:0c:f6:51:9a:
fd:40:37:38:3d:58:36:31:85:6e:fd:37:50:fd:00:ab:52:7c:
80:e2:a2:5e:e4:6f:c0:05:56:3b:5e:b4:cd:7e:0b:95:d2:da:
c3:51:8e:f0:cd:90:09:73:bc:be:04:b6:33:19:c5:68:c2:2d:
99:7a:ea:1f:d0:a4:e2:e2:2a:7f:d3:18:d0:17:75:51:a5:0d:
5f:11:89:30:7e:55:e5:24:6b:3d:0d:1c:42:66:ee:ed:2a:01:
9c:3b:42:0b:df:77:40:0a:63:00:7c:c1:56:5e:7b:d0:cb:78:
d7:fc:7b:02:f1:66:35:d9:88:bc:d8:c5:7b:50:cc:95:ad:5c:
2d:e0:f7:ac:aa:bb:92:8b:e0:fd:ad:32:b9:6a:e4:2a:a5:bb:
0d:6e:12:f0:7c:f4:9e:07:bc:3a:a3:e4:33:c4:d0:cf:9c:b4:
92:db:36:a6
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQnRxC8vwIQekwFbKuOl0/2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMDU4MTc2N2FmNDU3OWU0NGRhOTc3YjEwODJkOTRiM2M3
YjkyOTgwHhcNMjUwMTAyMTM0OTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjZmMTZlY2RjZDdlNWFhNTkwNTZhYjdhNzJjYmMyNDI3MzhiM2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7W+RH9ZMsZKndOzwkx5aGektwr4
mEGAu4qpQKqmLwGYNTAuXweSt5+0zRasGmVZS4BwxneHr3eLGmIsRMDl437PwqLH
6L/XAeiWqhwU42jFN7U1MuLrnfeqPj5G7HtH/9mXPj9h6X4q0zeJNhjE6e6ctbKW
y4DWrd1NU00B+4p9x5FcbvumfLzcy89k4JTFWE+mLiT0JFA6X/yyMWecwk0zEYZU
8eBHvFazcziWuNXPCbvALvjMb198fowPc0JUUd0LvSWKyM1SRQP3Wv4YVWoGRL3S
iR13xQJ96sJ6iLgOahH0Lptk2oSyZ1D27U6jFMArDRnuuZWJD7J/fPeJnQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFN9vFuzc1+WqWQVqt6csvCQnOLPhMB8GA1UdIwQY
MBaAFO4FgXZ69FeeRNqXexCC2Us8e5KYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2dXQmRucjBWNTVFMnBkN0VJTFpTeng3a3BnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8wYjhmMTEtYTAxMS00NzY0LWJjZjMt
NmRiYmEyYjFkY2E3LzEvMzI4VzdOelg1YXBaQldxM3B5eThKQ2M0cy1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8wYjhmMTEtYTAxMS00NzY0LWJjZjMtNmRiYmEyYjFkY2E3
LzEvN2dXQmRucjBWNTVFMnBkN0VJTFpTeng3a3BnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwWl3AwQA
w1XgMA8EAgACMAkDBwAgAQZ4A5wwDQYJKoZIhvcNAQELBQADggEBAD/HblMU3COf
MtdoADkhukrrXUtW+N6SdAI5F6Ajtlefspg8qNt/Zc+tcKLEt94acHSwkgfmppyS
UeFGPtj/ihGo4uftSVHQqOUfpWb+y1Po7RdcHoOTDPZRmv1ANzg9WDYxhW79N1D9
AKtSfIDiol7kb8AFVjtetM1+C5XS2sNRjvDNkAlzvL4EtjMZxWjCLZl66h/QpOLi
Kn/TGNAXdVGlDV8RiTB+VeUkaz0NHEJm7u0qAZw7Qgvfd0AKYwB8wVZee9DLeNf8
ewLxZjXZiLzYxXtQzJWtXC3g96yqu5KL4P2tMrlq5Cqluw1uEvB89J4HvDqj5DPE
0M+ctJLbNqY=
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:59:42 2025 by rpki-client