Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/2c0f0b-7831-41d3-916d-d9655987874a/1/Th0AzgJWNzEMUInk7IHPiBNTMFs.roa
File: Th0AzgJWNzEMUInk7IHPiBNTMFs.roa (raw, json)
Hash identifier: 0b9R/T23sDaiRJT9SmZqwKUiLRaB4TURwrsLOA1pG44=
Subject key identifier: 4E:1D:00:CE:02:56:37:31:0C:50:89:E4:EC:81:CF:88:13:53:30:5B
Certificate issuer: /CN=0277acd112f1c6c833bec22f8b53cc70d2390876
Certificate serial: 019420D5BF9FF1B1C1B5EFF54D85A2CF9F1D
Authority key identifier: 02:77:AC:D1:12:F1:C6:C8:33:BE:C2:2F:8B:53:CC:70:D2:39:08:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Anes0RLxxsgzvsIvi1PMcNI5CHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/2c0f0b-7831-41d3-916d-d9655987874a/1/Th0AzgJWNzEMUInk7IHPiBNTMFs.roa
Signing time: Wed 01 Jan 2025 07:47:46 +0000
ROA not before: Wed 01 Jan 2025 07:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56995
IP address blocks: 176.58.64.0/20 maxlen: 20
176.58.64.0/24 maxlen: 24
176.58.66.0/23 maxlen: 23
176.58.68.0/22 maxlen: 22
176.58.72.0/22 maxlen: 22
176.58.76.0/22 maxlen: 22
176.58.77.0/24 maxlen: 24
185.6.16.0/22 maxlen: 24
2a03:c40::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:bf:9f:f1:b1:c1:b5:ef:f5:4d:85:a2:cf:9f:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0277acd112f1c6c833bec22f8b53cc70d2390876
Validity
Not Before: Jan 1 07:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e1d00ce025637310c5089e4ec81cf881353305b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:82:78:0d:b6:be:84:26:b5:b5:4f:31:1b:78:
d0:27:e1:bf:81:d4:a7:09:fb:12:ab:ce:4e:03:04:
9d:e7:4d:b1:61:60:09:f6:6e:17:1e:44:93:29:e0:
d4:a9:db:27:10:5b:3c:40:3c:ae:19:ad:4a:d4:cd:
0e:03:5e:80:37:68:cc:51:74:03:94:97:f2:12:33:
c1:df:fa:e6:b5:7f:0a:92:e7:20:8b:f4:ca:1f:ec:
fb:9e:fd:5c:c9:ab:8e:60:c1:00:d5:b3:e9:98:ed:
59:aa:3c:8e:4a:1c:42:99:15:98:e2:35:ad:5c:8f:
c4:01:b3:9a:38:d6:47:1a:ba:c0:7c:e5:76:48:32:
57:9e:b2:70:e2:d3:c0:8c:2a:4e:50:19:66:a3:4b:
88:63:5a:c4:72:e4:30:d8:92:a4:5b:27:16:a1:84:
24:75:80:d6:e1:a0:41:c8:90:99:6e:f6:2f:06:e6:
65:bf:84:5e:62:f4:85:18:43:08:d7:46:39:62:9e:
11:ac:77:5e:1e:84:a5:40:58:5e:c2:9e:6a:be:17:
c4:f5:b2:97:69:8d:6f:86:4a:d6:2b:c9:79:db:ee:
5b:b7:3f:63:2b:6d:e6:65:61:af:87:20:31:da:74:
4a:89:41:ad:2a:c0:97:84:5b:6d:ce:f4:dc:81:ca:
95:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:1D:00:CE:02:56:37:31:0C:50:89:E4:EC:81:CF:88:13:53:30:5B
X509v3 Authority Key Identifier:
keyid:02:77:AC:D1:12:F1:C6:C8:33:BE:C2:2F:8B:53:CC:70:D2:39:08:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Anes0RLxxsgzvsIvi1PMcNI5CHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/2c0f0b-7831-41d3-916d-d9655987874a/1/Th0AzgJWNzEMUInk7IHPiBNTMFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/2c0f0b-7831-41d3-916d-d9655987874a/1/Anes0RLxxsgzvsIvi1PMcNI5CHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.58.64.0/20
185.6.16.0/22
IPv6:
2a03:c40::/32
Signature Algorithm: sha256WithRSAEncryption
28:93:04:40:f5:4d:97:89:67:12:fc:3f:41:23:7e:25:72:b5:
c5:75:bf:98:a2:2d:22:b3:06:d2:62:26:e0:0e:51:d2:73:b7:
2f:e8:36:75:f1:3b:8b:af:cc:3b:ce:0f:9d:b6:d2:38:a2:b6:
a1:c1:df:cb:19:09:41:8c:9d:c1:d1:ef:f4:17:ba:b6:ec:82:
38:05:af:32:9e:ad:69:e3:fe:9a:86:b5:1f:94:39:b0:bb:a5:
84:d8:76:0e:21:26:fb:78:b4:d0:52:fc:9a:bd:2f:e3:d9:6a:
99:93:ec:ce:c9:57:b5:5f:24:27:85:57:f0:7f:86:51:52:08:
c2:99:42:39:af:e8:ea:1f:84:72:2a:3c:2f:a2:09:58:be:46:
66:f0:36:c2:f6:9e:42:0c:49:4a:ab:88:18:12:f7:85:e3:79:
21:5e:7e:b8:19:09:e8:07:56:83:b1:61:de:ea:45:6f:a5:2a:
27:59:9f:3f:f9:8d:8c:3d:91:c0:6d:29:98:3b:71:80:d6:b7:
77:a6:15:0c:12:21:b6:e7:ae:cf:4c:aa:68:ca:5b:11:0f:e2:
02:52:bd:7a:83:a7:39:16:f7:79:38:fa:f9:46:55:c6:43:c9:
be:ca:62:bb:ee:08:a5:7b:58:0d:d5:35:5b:7b:fd:a5:d6:27:
1b:5b:d0:ad
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQg1b+f8bHBte/1TYWiz58dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNzdhY2QxMTJmMWM2YzgzM2JlYzIyZjhiNTNjYzcwZDIz
OTA4NzYwHhcNMjUwMTAxMDc0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTFkMDBjZTAyNTYzNzMxMGM1MDg5ZTRlYzgxY2Y4ODEzNTMzMDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzoJ4Dba+hCa1tU8xG3jQJ+G/gdSn
CfsSq85OAwSd502xYWAJ9m4XHkSTKeDUqdsnEFs8QDyuGa1K1M0OA16AN2jMUXQD
lJfyEjPB3/rmtX8Kkucgi/TKH+z7nv1cyauOYMEA1bPpmO1ZqjyOShxCmRWY4jWt
XI/EAbOaONZHGrrAfOV2SDJXnrJw4tPAjCpOUBlmo0uIY1rEcuQw2JKkWycWoYQk
dYDW4aBByJCZbvYvBuZlv4ReYvSFGEMI10Y5Yp4RrHdeHoSlQFhewp5qvhfE9bKX
aY1vhkrWK8l52+5btz9jK23mZWGvhyAx2nRKiUGtKsCXhFttzvTcgcqVwQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFE4dAM4CVjcxDFCJ5OyBz4gTUzBbMB8GA1UdIwQY
MBaAFAJ3rNES8cbIM77CL4tTzHDSOQh2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW5lczBSTHh4c2d6dnNJdmkxUE1jTkk1Q0hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8yYzBmMGItNzgzMS00MWQzLTkxNmQt
ZDk2NTU5ODc4NzRhLzEvVGgwQXpnSldOekVNVUluazdJSFBpQk5UTUZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8yYzBmMGItNzgzMS00MWQzLTkxNmQtZDk2NTU5ODc4NzRh
LzEvQW5lczBSTHh4c2d6dnNJdmkxUE1jTkk1Q0hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEsDpAAwQC
uQYQMA0EAgACMAcDBQAqAwxAMA0GCSqGSIb3DQEBCwUAA4IBAQAokwRA9U2XiWcS
/D9BI34lcrXFdb+Yoi0iswbSYibgDlHSc7cv6DZ18TuLr8w7zg+dttI4orahwd/L
GQlBjJ3B0e/0F7q27II4Ba8ynq1p4/6ahrUflDmwu6WE2HYOISb7eLTQUvyavS/j
2WqZk+zOyVe1XyQnhVfwf4ZRUgjCmUI5r+jqH4RyKjwvoglYvkZm8DbC9p5CDElK
q4gYEveF43khXn64GQnoB1aDsWHe6kVvpSonWZ8/+Y2MPZHAbSmYO3GA1rd3phUM
EiG2567PTKpoylsRD+ICUr16g6c5Fvd5OPr5RlXGQ8m+ymK77gile1gN1TVbe/2l
1icbW9Ct
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:40:41 2025 by rpki-client