Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/744e53-8de6-4671-9f80-5f015730d811/1/aATeS7_Zg3KdAOaKx-n1ZvynPH4.roa
File: aATeS7_Zg3KdAOaKx-n1ZvynPH4.roa (raw, json)
Hash identifier: BiTKK6ZatcQ+uoSfiABBAw2jPEjkMuOpjqegStTZ06Q=
Subject key identifier: 68:04:DE:4B:BF:D9:83:72:9D:00:E6:8A:C7:E9:F5:66:FC:A7:3C:7E
Certificate issuer: /CN=3eb470fd4d674212ffc82a9936f3fe254becce66
Certificate serial: 019422FC03273D3248B5417560C51B433D78
Authority key identifier: 3E:B4:70:FD:4D:67:42:12:FF:C8:2A:99:36:F3:FE:25:4B:EC:CE:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PrRw_U1nQhL_yCqZNvP-JUvszmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/744e53-8de6-4671-9f80-5f015730d811/1/aATeS7_Zg3KdAOaKx-n1ZvynPH4.roa
Signing time: Wed 01 Jan 2025 17:48:48 +0000
ROA not before: Wed 01 Jan 2025 17:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48360
IP address blocks: 185.77.104.0/22 maxlen: 24
2a05:62c0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:03:27:3d:32:48:b5:41:75:60:c5:1b:43:3d:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eb470fd4d674212ffc82a9936f3fe254becce66
Validity
Not Before: Jan 1 17:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6804de4bbfd983729d00e68ac7e9f566fca73c7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:76:a6:9a:a3:f0:83:74:cf:dd:50:31:be:6e:
bc:23:d0:9b:49:18:36:86:a7:37:37:46:fa:c8:5e:
e7:6b:84:eb:ad:45:fa:ce:63:71:c0:3c:31:b1:0e:
82:ae:fe:97:1b:8e:97:dc:cf:84:10:d9:09:19:f5:
bb:db:fe:f6:3d:c1:17:66:15:e9:9f:34:7d:ef:70:
80:ad:46:e2:9f:8c:10:8d:93:28:e0:f2:ed:ac:84:
4b:bb:52:9f:65:29:0d:8c:a4:89:c3:26:fe:82:83:
bc:ee:31:ff:71:2f:bb:b7:08:72:06:01:1c:86:c1:
62:32:e7:68:36:bb:74:53:84:75:0e:82:09:bd:0e:
4c:9b:98:a2:5c:32:66:79:cc:55:2e:8f:ad:f1:cd:
19:62:15:9b:c9:a8:8e:0a:83:d3:13:c3:9a:85:ea:
5d:98:9f:72:48:b7:43:b0:84:e6:da:29:77:d2:02:
5b:c5:62:03:70:42:2a:92:8f:3a:f9:c4:b0:29:28:
ce:ac:43:09:1b:3a:27:6a:8e:22:e6:bf:1e:a1:2b:
7e:e0:2e:62:0e:a5:16:0d:24:76:47:6f:63:96:57:
58:f9:b7:a6:79:8a:2a:20:27:81:7a:6a:d3:d2:b6:
4b:5d:73:b4:53:4b:d9:5b:8c:67:a3:7f:cf:36:bf:
d1:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:04:DE:4B:BF:D9:83:72:9D:00:E6:8A:C7:E9:F5:66:FC:A7:3C:7E
X509v3 Authority Key Identifier:
keyid:3E:B4:70:FD:4D:67:42:12:FF:C8:2A:99:36:F3:FE:25:4B:EC:CE:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PrRw_U1nQhL_yCqZNvP-JUvszmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/744e53-8de6-4671-9f80-5f015730d811/1/aATeS7_Zg3KdAOaKx-n1ZvynPH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/744e53-8de6-4671-9f80-5f015730d811/1/PrRw_U1nQhL_yCqZNvP-JUvszmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.104.0/22
IPv6:
2a05:62c0::/29
Signature Algorithm: sha256WithRSAEncryption
48:41:40:48:70:4f:b9:3f:6c:41:65:b7:d9:be:e2:13:2f:fa:
f4:7c:4e:3c:6f:fb:0d:5f:3e:3b:2e:a9:d5:a7:07:0f:23:20:
2e:5f:ac:b0:d7:46:7a:bc:1c:c1:d4:3e:e2:47:78:3e:8e:f7:
18:f8:2b:5d:4a:4d:2f:56:8d:de:8b:63:e8:a8:20:49:72:e8:
c4:a2:ae:a4:c1:68:90:c1:9f:0e:d8:f7:a6:12:e6:92:a4:41:
31:0b:49:43:a0:7f:49:15:23:44:30:87:27:e3:57:38:b9:7c:
17:5d:04:e3:a3:68:2f:50:6e:0a:43:19:f1:1b:46:f8:2b:d1:
a9:a4:84:a1:c9:fb:d8:18:ac:f7:07:82:24:6a:f4:c1:a8:83:
a2:d0:18:95:f9:5e:f8:80:e3:4c:cd:5d:c8:f4:40:5d:43:6e:
6f:e1:7d:64:00:fa:ee:de:5e:57:fb:36:26:18:4d:08:7f:d7:
0d:d5:a1:a1:57:42:05:4f:8f:03:ea:92:5c:52:f6:e1:10:94:
3b:9a:d1:db:3f:15:5c:18:59:e8:9a:60:08:47:e3:2b:80:22:
fb:49:c1:22:bc:ea:e9:55:1b:72:09:19:bf:f9:01:25:bb:20:
31:4f:e1:12:12:ed:77:22:03:8a:09:98:5a:0e:76:73:56:a0:
4c:d5:32:b3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQi/AMnPTJItUF1YMUbQz14MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYjQ3MGZkNGQ2NzQyMTJmZmM4MmE5OTM2ZjNmZTI1NGJl
Y2NlNjYwHhcNMjUwMTAxMTc0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODA0ZGU0YmJmZDk4MzcyOWQwMGU2OGFjN2U5ZjU2NmZjYTczYzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHammqPwg3TP3VAxvm68I9CbSRg2
hqc3N0b6yF7na4TrrUX6zmNxwDwxsQ6Crv6XG46X3M+EENkJGfW72/72PcEXZhXp
nzR973CArUbin4wQjZMo4PLtrIRLu1KfZSkNjKSJwyb+goO87jH/cS+7twhyBgEc
hsFiMudoNrt0U4R1DoIJvQ5Mm5iiXDJmecxVLo+t8c0ZYhWbyaiOCoPTE8Oahepd
mJ9ySLdDsITm2il30gJbxWIDcEIqko86+cSwKSjOrEMJGzonao4i5r8eoSt+4C5i
DqUWDSR2R29jlldY+bemeYoqICeBemrT0rZLXXO0U0vZW4xno3/PNr/R+wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGgE3ku/2YNynQDmisfp9Wb8pzx+MB8GA1UdIwQY
MBaAFD60cP1NZ0IS/8gqmTbz/iVL7M5mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHJSd19VMW5RaExfeUNxWk52UC1KVXZzem1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi83NDRlNTMtOGRlNi00NjcxLTlmODAt
NWYwMTU3MzBkODExLzEvYUFUZVM3X1pnM0tkQU9hS3gtbjFadnluUEg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi83NDRlNTMtOGRlNi00NjcxLTlmODAtNWYwMTU3MzBkODEx
LzEvUHJSd19VMW5RaExfeUNxWk52UC1KVXZzem1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuU1oMA0E
AgACMAcDBQMqBWLAMA0GCSqGSIb3DQEBCwUAA4IBAQBIQUBIcE+5P2xBZbfZvuIT
L/r0fE48b/sNXz47LqnVpwcPIyAuX6yw10Z6vBzB1D7iR3g+jvcY+CtdSk0vVo3e
i2PoqCBJcujEoq6kwWiQwZ8O2PemEuaSpEExC0lDoH9JFSNEMIcn41c4uXwXXQTj
o2gvUG4KQxnxG0b4K9GppIShyfvYGKz3B4IkavTBqIOi0BiV+V74gONMzV3I9EBd
Q25v4X1kAPru3l5X+zYmGE0If9cN1aGhV0IFT48D6pJcUvbhEJQ7mtHbPxVcGFno
mmAIR+MrgCL7ScEivOrpVRtyCRm/+QEluyAxT+ESEu13IgOKCZhaDnZzVqBM1TKz
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:22:49 2025 by rpki-client