Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/a8d6d8-d2a5-4af2-bb44-0807091aa77d/1/1gktZR41lM7jL9DWPWwIpWV6M78.roa
File: 1gktZR41lM7jL9DWPWwIpWV6M78.roa (raw, json)
Hash identifier: HJiBs8EKqMUy6AK9Z/fItBE1opDLfro1xaIJHGboLfU=
Subject key identifier: D6:09:2D:65:1E:35:94:CE:E3:2F:D0:D6:3D:6C:08:A5:65:7A:33:BF
Certificate issuer: /CN=7d57b153eed110bcbd14dc7e33fd47f02e2fe071
Certificate serial: 0194252238260A48E8F63D2A2506798A4900
Authority key identifier: 7D:57:B1:53:EE:D1:10:BC:BD:14:DC:7E:33:FD:47:F0:2E:2F:E0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVexU-7RELy9FNx-M_1H8C4v4HE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/a8d6d8-d2a5-4af2-bb44-0807091aa77d/1/1gktZR41lM7jL9DWPWwIpWV6M78.roa
Signing time: Thu 02 Jan 2025 03:49:47 +0000
ROA not before: Thu 02 Jan 2025 03:49:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31236
IP address blocks: 82.112.64.0/19 maxlen: 24
94.198.48.0/23 maxlen: 23
160.20.214.0/23 maxlen: 23
2a00:92c0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:38:26:0a:48:e8:f6:3d:2a:25:06:79:8a:49:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d57b153eed110bcbd14dc7e33fd47f02e2fe071
Validity
Not Before: Jan 2 03:49:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d6092d651e3594cee32fd0d63d6c08a5657a33bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f9:85:71:47:c0:e6:af:3a:48:8e:5a:2d:c2:
0d:c7:c9:46:6d:3c:f5:67:9f:da:9f:45:34:79:67:
89:29:f9:99:a7:dc:fc:ad:06:8d:63:05:ac:02:1f:
c5:78:b2:ae:d6:23:ef:be:d5:73:d5:08:9c:d1:30:
5f:de:88:81:5d:05:e5:51:c2:a9:37:ea:5c:a0:4e:
a5:7c:42:4b:1b:d1:06:e7:b0:6f:96:64:b9:70:fe:
6a:9c:53:f2:6c:ec:f8:e7:c4:3b:ed:21:57:49:9b:
3a:80:41:f2:8f:ea:cb:cf:fb:b6:db:64:e6:9c:bc:
ad:4a:68:4c:cd:b7:81:9a:b1:c9:56:d7:ca:9c:d2:
c7:80:72:3e:91:67:43:b6:1e:a6:9e:e9:39:1c:0a:
9d:0e:04:86:bd:4f:36:5e:0a:dc:64:4c:5c:2e:42:
68:08:e8:f8:b6:46:91:33:5d:86:e5:31:aa:4e:bf:
95:0d:c8:cd:1f:1e:69:13:d5:18:48:ce:d8:59:0a:
44:1a:ea:ea:3f:d1:a9:c4:2d:13:56:dc:cc:2b:6f:
d3:1c:d8:7a:ac:87:70:d3:92:fc:2a:b4:07:60:31:
5c:8c:b4:50:22:c9:af:6c:a6:d3:5c:24:d5:be:43:
7e:f8:be:cc:55:91:bb:1a:c4:6d:9f:5b:6e:cb:fc:
47:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:09:2D:65:1E:35:94:CE:E3:2F:D0:D6:3D:6C:08:A5:65:7A:33:BF
X509v3 Authority Key Identifier:
keyid:7D:57:B1:53:EE:D1:10:BC:BD:14:DC:7E:33:FD:47:F0:2E:2F:E0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVexU-7RELy9FNx-M_1H8C4v4HE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/a8d6d8-d2a5-4af2-bb44-0807091aa77d/1/1gktZR41lM7jL9DWPWwIpWV6M78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/a8d6d8-d2a5-4af2-bb44-0807091aa77d/1/fVexU-7RELy9FNx-M_1H8C4v4HE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.112.64.0/19
94.198.48.0/23
160.20.214.0/23
IPv6:
2a00:92c0::/29
Signature Algorithm: sha256WithRSAEncryption
77:9f:d8:36:d7:4c:06:38:cd:d9:24:30:c2:90:53:8a:15:21:
8f:7a:d3:64:fe:1c:7b:7a:52:fc:95:2c:a0:95:51:b0:5e:eb:
66:55:db:f0:2a:b5:9e:5a:1e:12:94:69:3b:ce:de:21:dc:65:
fc:dc:f9:de:e0:eb:76:33:27:24:c0:d1:2d:b4:89:2c:78:ef:
fa:39:d3:7f:88:4e:0c:f1:86:23:f2:70:26:4c:94:a6:d9:91:
39:c2:3f:c7:c5:fc:95:1b:a9:48:b5:54:ed:18:24:ef:1a:11:
cb:6a:f1:25:85:78:1e:5a:a4:07:be:81:67:2a:7c:1b:aa:52:
a1:59:89:fd:f0:f3:43:2a:bd:67:92:5c:4d:63:4f:3e:75:86:
00:2e:a1:a3:29:ee:3c:42:f2:9b:f1:2a:a1:ec:af:9c:4b:07:
ba:96:af:14:d4:7d:c0:5c:55:11:cc:32:1f:7c:fc:62:b1:22:
7c:11:4b:9d:b4:f9:35:f6:54:ab:c4:b2:8a:8f:76:2a:7d:b8:
b3:4e:7e:f6:3a:11:74:d6:da:f2:90:39:05:81:3e:28:aa:d4:
98:bf:bc:7e:78:06:47:46:69:df:20:00:fd:f7:11:27:6d:1a:
82:b0:9d:b9:e2:3d:8e:63:4b:59:d7:cb:34:68:48:79:5a:fb:
ef:78:93:f0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQlIjgmCkjo9j0qJQZ5ikkAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTdiMTUzZWVkMTEwYmNiZDE0ZGM3ZTMzZmQ0N2YwMmUy
ZmUwNzEwHhcNMjUwMTAyMDM0OTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjA5MmQ2NTFlMzU5NGNlZTMyZmQwZDYzZDZjMDhhNTY1N2EzM2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/mFcUfA5q86SI5aLcINx8lGbTz1
Z5/an0U0eWeJKfmZp9z8rQaNYwWsAh/FeLKu1iPvvtVz1Qic0TBf3oiBXQXlUcKp
N+pcoE6lfEJLG9EG57BvlmS5cP5qnFPybOz458Q77SFXSZs6gEHyj+rLz/u222Tm
nLytSmhMzbeBmrHJVtfKnNLHgHI+kWdDth6mnuk5HAqdDgSGvU82XgrcZExcLkJo
COj4tkaRM12G5TGqTr+VDcjNHx5pE9UYSM7YWQpEGurqP9GpxC0TVtzMK2/THNh6
rIdw05L8KrQHYDFcjLRQIsmvbKbTXCTVvkN++L7MVZG7GsRtn1tuy/xHIQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNYJLWUeNZTO4y/Q1j1sCKVlejO/MB8GA1UdIwQY
MBaAFH1XsVPu0RC8vRTcfjP9R/AuL+BxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZleFUtN1JFTHk5Rk54LU1fMUg4QzR2NEhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9hOGQ2ZDgtZDJhNS00YWYyLWJiNDQt
MDgwNzA5MWFhNzdkLzEvMWdrdFpSNDFsTTdqTDlEV1BXd0lwV1Y2TTc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9hOGQ2ZDgtZDJhNS00YWYyLWJiNDQtMDgwNzA5MWFhNzdk
LzEvZlZleFUtN1JFTHk5Rk54LU1fMUg4QzR2NEhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFUnBAAwQB
XsYwAwQBoBTWMA0EAgACMAcDBQMqAJLAMA0GCSqGSIb3DQEBCwUAA4IBAQB3n9g2
10wGOM3ZJDDCkFOKFSGPetNk/hx7elL8lSyglVGwXutmVdvwKrWeWh4SlGk7zt4h
3GX83Pne4Ot2MyckwNEttIkseO/6OdN/iE4M8YYj8nAmTJSm2ZE5wj/HxfyVG6lI
tVTtGCTvGhHLavElhXgeWqQHvoFnKnwbqlKhWYn98PNDKr1nklxNY08+dYYALqGj
Ke48QvKb8Sqh7K+cSwe6lq8U1H3AXFURzDIffPxisSJ8EUudtPk19lSrxLKKj3Yq
fbizTn72OhF01trykDkFgT4oqtSYv7x+eAZHRmnfIAD99xEnbRqCsJ254j2OY0tZ
18s0aEh5WvvveJPw
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:58:21 2025 by rpki-client