Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/fe173b-f87f-464f-b1b9-8c7d20923b08/1/2TabSpltHUMp_5ejqOpWZde5yuo.roa
File: 2TabSpltHUMp_5ejqOpWZde5yuo.roa (raw, json)
Hash identifier: 3/hdPalq/aa4mw4O394+y1isU6rPiSjjsa/MhWeedzA=
Subject key identifier: D9:36:9B:4A:99:6D:1D:43:29:FF:97:A3:A8:EA:56:65:D7:B9:CA:EA
Certificate issuer: /CN=4978d328bcde5294f372765c11aeef28155b0f02
Certificate serial: 01941F8C9B69D538B047473F2A0798B21EE9
Authority key identifier: 49:78:D3:28:BC:DE:52:94:F3:72:76:5C:11:AE:EF:28:15:5B:0F:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SXjTKLzeUpTzcnZcEa7vKBVbDwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/fe173b-f87f-464f-b1b9-8c7d20923b08/1/2TabSpltHUMp_5ejqOpWZde5yuo.roa
Signing time: Wed 01 Jan 2025 01:48:15 +0000
ROA not before: Wed 01 Jan 2025 01:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47745
IP address blocks: 85.187.1.0/24 maxlen: 24
87.246.6.0/24 maxlen: 24
87.246.39.0/24 maxlen: 24
151.237.60.0/23 maxlen: 23
151.237.60.0/24 maxlen: 24
151.237.61.0/24 maxlen: 24
185.255.59.0/24 maxlen: 24
212.5.56.0/23 maxlen: 23
212.5.56.0/24 maxlen: 24
212.5.57.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:9b:69:d5:38:b0:47:47:3f:2a:07:98:b2:1e:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4978d328bcde5294f372765c11aeef28155b0f02
Validity
Not Before: Jan 1 01:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9369b4a996d1d4329ff97a3a8ea5665d7b9caea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:48:64:78:ee:3e:b0:4f:a7:25:36:72:46:35:
90:44:28:a6:e4:cc:9d:ee:6e:c8:8a:eb:92:e4:21:
49:fb:4b:8a:58:45:8d:e2:ff:3e:88:c8:f0:80:9e:
01:7b:53:05:65:d2:96:d6:76:f6:d5:bd:e5:60:2d:
10:35:85:af:1a:e0:91:0b:f4:53:b6:81:a0:86:cc:
35:b9:d7:8d:80:66:35:41:ee:68:49:97:b3:d4:cf:
05:4b:c1:0c:9a:4b:ed:eb:45:04:cf:a9:ab:28:b7:
93:8a:0a:37:94:4b:26:d3:3a:0e:30:d6:5b:7a:04:
1b:18:f0:ff:c8:08:cd:56:51:ce:6c:3a:17:0c:b0:
e7:93:4a:2f:50:df:74:87:3d:ad:b1:c0:31:9d:fe:
81:b3:57:08:e4:f3:22:0a:68:71:13:04:87:b2:ca:
97:52:31:0b:a2:20:4a:b7:56:d8:90:20:a2:ee:90:
3a:61:19:a4:b9:3c:82:7e:aa:70:ef:ca:20:4b:9f:
dd:4a:3c:f9:da:d9:00:fc:90:23:5f:e6:c1:14:2b:
b3:aa:d9:88:ab:17:e5:3f:b1:0a:84:a9:51:aa:43:
eb:90:56:72:e2:1c:b3:40:88:55:9e:6a:f6:d7:52:
a9:43:9e:0c:6d:4d:e8:74:5e:a1:80:ae:49:7c:b7:
0b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:36:9B:4A:99:6D:1D:43:29:FF:97:A3:A8:EA:56:65:D7:B9:CA:EA
X509v3 Authority Key Identifier:
keyid:49:78:D3:28:BC:DE:52:94:F3:72:76:5C:11:AE:EF:28:15:5B:0F:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SXjTKLzeUpTzcnZcEa7vKBVbDwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/fe173b-f87f-464f-b1b9-8c7d20923b08/1/2TabSpltHUMp_5ejqOpWZde5yuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/fe173b-f87f-464f-b1b9-8c7d20923b08/1/SXjTKLzeUpTzcnZcEa7vKBVbDwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.1.0/24
87.246.6.0/24
87.246.39.0/24
151.237.60.0/23
185.255.59.0/24
212.5.56.0/23
Signature Algorithm: sha256WithRSAEncryption
65:12:49:ed:1e:fc:b5:1d:17:7c:3e:6e:75:36:d4:31:c8:c6:
73:54:11:f7:58:d4:d2:65:c7:1e:c0:d9:e4:a5:b6:1e:62:13:
b9:a4:48:ab:e5:f3:1c:70:ee:6e:36:32:c1:a3:25:6d:dc:83:
45:49:e5:38:95:e7:f0:b7:e8:f2:a9:1f:4b:2a:b5:57:97:87:
86:17:dc:c6:ba:1c:87:71:ca:87:d5:8c:5d:43:9e:8b:41:d9:
d0:47:df:3d:a1:6c:be:a7:a6:45:eb:77:9f:75:a7:5f:16:9e:
9f:70:85:db:f6:56:f6:ea:7d:b8:11:5a:1b:05:70:d9:a0:fd:
1b:05:d9:a2:6c:c6:52:e0:1a:7a:e1:36:22:b7:29:0a:70:85:
94:1f:a8:31:23:ad:0a:43:51:72:9c:f0:d3:88:d7:bd:5f:03:
83:53:25:97:40:d3:5a:0f:e3:52:a5:a1:bc:0d:47:ac:76:19:
c6:d4:23:56:68:f4:ef:c7:0f:6a:e2:09:2b:9c:90:08:3c:26:
96:d5:f6:ce:63:64:9b:f8:17:51:be:29:27:5a:08:68:30:7f:
ce:92:a2:8d:a3:18:dc:89:ad:2e:62:32:cd:6c:79:b7:6e:14:
9f:4b:6e:73:8e:02:99:38:ed:6f:40:13:13:20:24:bf:b2:69:
a8:fc:32:3a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQfjJtp1TiwR0c/KgeYsh7pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NzhkMzI4YmNkZTUyOTRmMzcyNzY1YzExYWVlZjI4MTU1
YjBmMDIwHhcNMjUwMTAxMDE0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTM2OWI0YTk5NmQxZDQzMjlmZjk3YTNhOGVhNTY2NWQ3YjljYWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00hkeO4+sE+nJTZyRjWQRCim5Myd
7m7IiuuS5CFJ+0uKWEWN4v8+iMjwgJ4Be1MFZdKW1nb21b3lYC0QNYWvGuCRC/RT
toGghsw1udeNgGY1Qe5oSZez1M8FS8EMmkvt60UEz6mrKLeTigo3lEsm0zoOMNZb
egQbGPD/yAjNVlHObDoXDLDnk0ovUN90hz2tscAxnf6Bs1cI5PMiCmhxEwSHssqX
UjELoiBKt1bYkCCi7pA6YRmkuTyCfqpw78ogS5/dSjz52tkA/JAjX+bBFCuzqtmI
qxflP7EKhKlRqkPrkFZy4hyzQIhVnmr211KpQ54MbU3odF6hgK5JfLcLNQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNk2m0qZbR1DKf+Xo6jqVmXXucrqMB8GA1UdIwQY
MBaAFEl40yi83lKU83J2XBGu7ygVWw8CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1hqVEtMemVVcFR6Y25aY0VhN3ZLQlZiRHdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9mZTE3M2ItZjg3Zi00NjRmLWIxYjkt
OGM3ZDIwOTIzYjA4LzEvMlRhYlNwbHRIVU1wXzVlanFPcFdaZGU1eXVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9mZTE3M2ItZjg3Zi00NjRmLWIxYjktOGM3ZDIwOTIzYjA4
LzEvU1hqVEtMemVVcFR6Y25aY0VhN3ZLQlZiRHdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVbsBAwQA
V/YGAwQAV/YnAwQBl+08AwQAuf87AwQB1AU4MA0GCSqGSIb3DQEBCwUAA4IBAQBl
EkntHvy1HRd8Pm51NtQxyMZzVBH3WNTSZccewNnkpbYeYhO5pEir5fMccO5uNjLB
oyVt3INFSeU4lefwt+jyqR9LKrVXl4eGF9zGuhyHccqH1YxdQ56LQdnQR989oWy+
p6ZF63efdadfFp6fcIXb9lb26n24EVobBXDZoP0bBdmibMZS4Bp64TYitykKcIWU
H6gxI60KQ1FynPDTiNe9XwODUyWXQNNaD+NSpaG8DUesdhnG1CNWaPTvxw9q4gkr
nJAIPCaW1fbOY2Sb+BdRviknWghoMH/OkqKNoxjcia0uYjLNbHm3bhSfS25zjgKZ
OO1vQBMTICS/smmo/DI6
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:25:53 2025 by rpki-client