Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/8Dt0TuVJVMCN6RnRhXhKGlf_lII.roa
File: 8Dt0TuVJVMCN6RnRhXhKGlf_lII.roa (raw, json)
Hash identifier: sSGLTETKxbNSq3MrBGV2DgOI7we1i0Q8mkHNa5K3SUY=
Subject key identifier: F0:3B:74:4E:E5:49:54:C0:8D:E9:19:D1:85:78:4A:1A:57:FF:94:82
Certificate issuer: /CN=d9fc0bec60d0bace1889677bd9bb90190cc4fd22
Certificate serial: 01942521FB45AF73D8CC19059252DDBC15C2
Authority key identifier: D9:FC:0B:EC:60:D0:BA:CE:18:89:67:7B:D9:BB:90:19:0C:C4:FD:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fwL7GDQus4YiWd72buQGQzE_SI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/8Dt0TuVJVMCN6RnRhXhKGlf_lII.roa
Signing time: Thu 02 Jan 2025 03:49:31 +0000
ROA not before: Thu 02 Jan 2025 03:49:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25091
IP address blocks: 5.144.32.0/21 maxlen: 24
46.20.240.0/20 maxlen: 24
85.8.128.0/24 maxlen: 24
91.247.176.0/24 maxlen: 24
185.60.52.0/22 maxlen: 24
212.102.126.0/24 maxlen: 24
2a02:2528::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:fb:45:af:73:d8:cc:19:05:92:52:dd:bc:15:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9fc0bec60d0bace1889677bd9bb90190cc4fd22
Validity
Not Before: Jan 2 03:49:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f03b744ee54954c08de919d185784a1a57ff9482
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f6:1d:2e:f4:86:2c:83:c0:5e:b1:a2:08:3e:
af:5c:b2:e2:45:74:7a:18:9f:5f:6d:50:0c:cc:6b:
a8:77:38:d6:9d:3b:98:fe:68:c8:ff:14:39:8e:50:
37:50:2d:ef:91:e8:30:98:0b:85:c7:6c:87:bb:33:
01:5b:34:f1:8b:55:f1:14:3b:bb:74:6c:32:d3:8b:
3b:4d:9a:1d:e3:b8:4f:fd:0a:01:dc:44:c2:84:ad:
d5:96:70:8e:d9:87:14:31:0e:c6:66:ae:3a:7f:7f:
cc:46:8b:88:d1:a2:f3:b5:3b:66:bb:d8:42:b1:0a:
e1:7e:89:e1:7e:62:0d:42:0d:b8:45:f2:00:6d:da:
85:17:9f:6d:fe:13:d5:b2:f2:7c:0e:42:b4:2e:ca:
58:a8:0f:55:7d:a7:2b:cf:5e:4e:3c:f1:1b:33:07:
0d:40:0b:8f:d9:8e:c8:b5:32:ac:73:53:88:4f:8a:
46:3e:90:44:af:cc:93:ee:ec:a2:cf:a2:61:b5:ad:
83:92:5e:39:d8:86:22:ed:d1:cb:75:f2:a6:78:47:
9a:be:2f:8b:91:d6:49:6b:5a:e6:c4:d7:fb:7a:f6:
4f:de:b4:d4:ed:ab:49:69:f3:a3:37:2f:c2:4c:75:
b4:8c:79:5b:6e:f3:e1:ad:f8:8b:d1:1b:bc:c1:02:
52:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:3B:74:4E:E5:49:54:C0:8D:E9:19:D1:85:78:4A:1A:57:FF:94:82
X509v3 Authority Key Identifier:
keyid:D9:FC:0B:EC:60:D0:BA:CE:18:89:67:7B:D9:BB:90:19:0C:C4:FD:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fwL7GDQus4YiWd72buQGQzE_SI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/8Dt0TuVJVMCN6RnRhXhKGlf_lII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/2fwL7GDQus4YiWd72buQGQzE_SI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.32.0/21
46.20.240.0/20
85.8.128.0/24
91.247.176.0/24
185.60.52.0/22
212.102.126.0/24
IPv6:
2a02:2528::/29
Signature Algorithm: sha256WithRSAEncryption
08:b8:52:93:83:eb:d5:39:a9:7d:cc:71:09:08:6a:54:31:4c:
12:02:51:a0:74:37:1e:56:6d:c0:18:8a:8f:e7:5c:98:0c:57:
d9:e0:10:c5:f1:cf:70:a0:37:bc:1e:b4:82:8c:dc:5e:a6:f4:
a2:ae:3b:25:dc:d7:cf:55:47:1f:eb:3d:6e:d6:c8:27:24:8c:
a6:96:dd:b3:e3:0a:5a:8d:46:68:ed:53:cd:81:58:06:a7:b2:
c2:a4:3e:bf:07:26:7e:cc:cb:c1:8d:bf:23:c8:e9:55:ca:05:
60:c2:a6:71:80:28:80:ca:6b:2b:23:11:59:ab:4f:fc:b9:ca:
21:92:b1:91:35:e6:c8:fe:c0:43:d3:7c:32:55:87:82:de:ae:
af:3b:eb:a8:ec:26:f1:7e:89:a5:11:79:71:a1:71:60:e7:64:
b3:ca:e1:33:e4:e1:9e:1d:51:ad:7c:cb:40:f0:14:ed:bd:69:
6b:f9:f5:25:57:36:a4:14:42:2a:d4:48:d1:25:58:5d:99:2d:
20:84:09:61:2d:d8:bf:a0:a4:5c:de:da:c7:70:cd:31:1e:13:
c3:7e:63:1f:82:e7:5d:c3:0d:49:1b:59:3e:3b:7b:2d:37:5f:
8a:64:a6:47:57:95:45:d0:c5:fd:c2:e7:e0:d6:45:3c:58:9d:
28:ee:0c:28
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQlIftFr3PYzBkFklLdvBXCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZmMwYmVjNjBkMGJhY2UxODg5Njc3YmQ5YmI5MDE5MGNj
NGZkMjIwHhcNMjUwMTAyMDM0OTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDNiNzQ0ZWU1NDk1NGMwOGRlOTE5ZDE4NTc4NGExYTU3ZmY5NDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfYdLvSGLIPAXrGiCD6vXLLiRXR6
GJ9fbVAMzGuodzjWnTuY/mjI/xQ5jlA3UC3vkegwmAuFx2yHuzMBWzTxi1XxFDu7
dGwy04s7TZod47hP/QoB3ETChK3VlnCO2YcUMQ7GZq46f3/MRouI0aLztTtmu9hC
sQrhfonhfmINQg24RfIAbdqFF59t/hPVsvJ8DkK0LspYqA9Vfacrz15OPPEbMwcN
QAuP2Y7ItTKsc1OIT4pGPpBEr8yT7uyiz6Jhta2Dkl452IYi7dHLdfKmeEeavi+L
kdZJa1rmxNf7evZP3rTU7atJafOjNy/CTHW0jHlbbvPhrfiL0Ru8wQJSIQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFPA7dE7lSVTAjekZ0YV4ShpX/5SCMB8GA1UdIwQY
MBaAFNn8C+xg0LrOGIlne9m7kBkMxP0iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZ3TDdHRFF1czRZaVdkNzJidVFHUXpFX1NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9iMGQ2ZTYtMmVkNy00OTI4LWFkNjkt
MzQ2OTAzNGZhNDQxLzEvOER0MFR1VkpWTUNONlJuUmhYaEtHbGZfbElJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9iMGQ2ZTYtMmVkNy00OTI4LWFkNjktMzQ2OTAzNGZhNDQx
LzEvMmZ3TDdHRFF1czRZaVdkNzJidVFHUXpFX1NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDBZAgAwQE
LhTwAwQAVQiAAwQAW/ewAwQCuTw0AwQA1GZ+MA0EAgACMAcDBQMqAiUoMA0GCSqG
SIb3DQEBCwUAA4IBAQAIuFKTg+vVOal9zHEJCGpUMUwSAlGgdDceVm3AGIqP51yY
DFfZ4BDF8c9woDe8HrSCjNxepvSirjsl3NfPVUcf6z1u1sgnJIymlt2z4wpajUZo
7VPNgVgGp7LCpD6/ByZ+zMvBjb8jyOlVygVgwqZxgCiAymsrIxFZq0/8ucohkrGR
NebI/sBD03wyVYeC3q6vO+uo7CbxfomlEXlxoXFg52SzyuEz5OGeHVGtfMtA8BTt
vWlr+fUlVzakFEIq1EjRJVhdmS0ghAlhLdi/oKRc3trHcM0xHhPDfmMfguddww1J
G1k+O3stN1+KZKZHV5VF0MX9wufg1kU8WJ0o7gwo
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:29:25 2025 by rpki-client