Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/2a773b-efa0-4b40-9861-6d6f558a7d65/1/0xD3QLVX-qA3FCr0U1Jkwk4eicg.roa
File: 0xD3QLVX-qA3FCr0U1Jkwk4eicg.roa (raw, json)
Hash identifier: DgMhk8OacC8J3+2qO2tKPU1mCaj5HskLKduZIM0dEVI=
Subject key identifier: D3:10:F7:40:B5:57:FA:A0:37:14:2A:F4:53:52:64:C2:4E:1E:89:C8
Certificate issuer: /CN=7a867d2c1a2905d54321f01a710b21ed7abd857d
Certificate serial: 01942369DD7C1015C9620B56F61C0E6D2D4B
Authority key identifier: 7A:86:7D:2C:1A:29:05:D5:43:21:F0:1A:71:0B:21:ED:7A:BD:85:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eoZ9LBopBdVDIfAacQsh7Xq9hX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/2a773b-efa0-4b40-9861-6d6f558a7d65/1/0xD3QLVX-qA3FCr0U1Jkwk4eicg.roa
Signing time: Wed 01 Jan 2025 19:48:48 +0000
ROA not before: Wed 01 Jan 2025 19:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44219
IP address blocks: 94.247.184.0/23 maxlen: 23
94.247.186.0/23 maxlen: 23
94.247.188.0/22 maxlen: 22
178.249.216.0/23 maxlen: 23
178.249.218.0/23 maxlen: 23
178.249.220.0/22 maxlen: 22
194.39.144.0/23 maxlen: 23
194.39.146.0/23 maxlen: 23
2a00:1cb0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:dd:7c:10:15:c9:62:0b:56:f6:1c:0e:6d:2d:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a867d2c1a2905d54321f01a710b21ed7abd857d
Validity
Not Before: Jan 1 19:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d310f740b557faa037142af4535264c24e1e89c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:0a:49:20:45:ec:67:f7:15:d2:05:49:be:e6:
07:bc:c5:02:54:cc:bd:67:78:8a:8e:a1:ba:b8:17:
9b:be:33:69:3b:b0:63:c4:ff:ac:4c:48:c6:21:78:
29:ce:40:c8:17:f9:ad:44:64:ad:8f:ee:72:6a:15:
91:37:43:98:a5:6d:ce:de:88:1b:d1:97:ee:d9:cc:
1f:c8:48:ae:70:9e:30:52:7b:26:25:ea:5f:d3:f4:
e4:40:c6:6c:9c:0e:a9:f6:df:60:30:6b:d0:b7:6c:
4c:77:04:f6:9f:42:5b:a8:41:e9:ea:18:00:97:aa:
95:05:1c:5b:bb:61:32:5d:51:53:b5:8f:2b:16:37:
f3:d3:de:18:cf:ce:ad:04:ab:45:65:c2:4a:28:ef:
ea:73:20:e0:c7:84:2a:d4:55:72:18:ce:e9:9a:43:
0f:77:b6:c4:33:a6:0c:6b:43:62:e7:8a:97:a8:58:
00:43:4e:ea:3b:91:85:2e:33:24:ff:35:26:cf:6e:
0d:ac:6f:f2:a7:ab:8a:23:fc:24:1a:0f:80:bf:f2:
28:af:2e:d1:fc:46:45:df:1d:08:c9:67:36:68:e6:
a6:8e:5c:b6:4d:eb:89:d9:46:ba:59:5b:26:f5:29:
00:1a:aa:aa:93:2f:bd:5a:3f:35:93:6f:89:cf:62:
38:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:10:F7:40:B5:57:FA:A0:37:14:2A:F4:53:52:64:C2:4E:1E:89:C8
X509v3 Authority Key Identifier:
keyid:7A:86:7D:2C:1A:29:05:D5:43:21:F0:1A:71:0B:21:ED:7A:BD:85:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eoZ9LBopBdVDIfAacQsh7Xq9hX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/2a773b-efa0-4b40-9861-6d6f558a7d65/1/0xD3QLVX-qA3FCr0U1Jkwk4eicg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/2a773b-efa0-4b40-9861-6d6f558a7d65/1/eoZ9LBopBdVDIfAacQsh7Xq9hX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.247.184.0/21
178.249.216.0/21
194.39.144.0/22
IPv6:
2a00:1cb0::/32
Signature Algorithm: sha256WithRSAEncryption
9e:78:d8:1d:a8:f5:8e:55:c7:05:98:c4:be:3a:ae:63:ab:37:
07:2c:1e:69:1e:b5:5d:e5:20:db:e2:99:28:e3:d3:94:2e:6e:
bd:55:5b:32:bb:eb:f2:ac:d0:1c:11:63:98:a0:ba:d3:45:6c:
03:39:08:27:6f:2a:34:39:34:62:0e:07:ae:c7:5a:5b:b0:1a:
3c:5f:c6:fb:47:07:81:ce:8e:f8:d8:17:d2:77:6f:b8:c8:9a:
1c:ca:fb:1d:64:09:68:8b:21:f4:e7:3b:7e:b6:b9:62:47:1c:
99:a3:c3:f9:b9:02:c3:65:35:22:8d:85:4c:a5:e8:4d:0a:05:
87:53:e7:fb:b8:aa:59:af:fb:b2:78:3c:00:90:87:16:42:80:
21:73:c7:12:79:91:13:0c:fc:0c:b7:03:70:de:fe:ef:ff:17:
f5:35:5e:d6:9b:5d:c9:f9:4f:1f:43:de:9d:10:57:c7:37:e4:
81:08:08:e0:8c:16:45:ce:18:20:45:aa:09:ea:e1:b3:e3:ae:
fe:ac:88:9c:ec:5d:7e:1b:73:b2:ba:6a:46:48:66:2b:3a:79:
6d:7e:b8:64:83:75:41:46:63:ce:a3:d3:ae:61:35:fb:59:50:
80:29:d9:a3:bf:14:40:dc:56:76:54:a4:5b:33:7e:ad:83:a6:
9e:80:b6:15
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQjad18EBXJYgtW9hwObS1LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhODY3ZDJjMWEyOTA1ZDU0MzIxZjAxYTcxMGIyMWVkN2Fi
ZDg1N2QwHhcNMjUwMTAxMTk0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzEwZjc0MGI1NTdmYWEwMzcxNDJhZjQ1MzUyNjRjMjRlMWU4OWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyApJIEXsZ/cV0gVJvuYHvMUCVMy9
Z3iKjqG6uBebvjNpO7BjxP+sTEjGIXgpzkDIF/mtRGStj+5yahWRN0OYpW3O3ogb
0Zfu2cwfyEiucJ4wUnsmJepf0/TkQMZsnA6p9t9gMGvQt2xMdwT2n0JbqEHp6hgA
l6qVBRxbu2EyXVFTtY8rFjfz094Yz86tBKtFZcJKKO/qcyDgx4Qq1FVyGM7pmkMP
d7bEM6YMa0Ni54qXqFgAQ07qO5GFLjMk/zUmz24NrG/yp6uKI/wkGg+Av/Iory7R
/EZF3x0IyWc2aOamjly2TeuJ2Ua6WVsm9SkAGqqqky+9Wj81k2+Jz2I4oQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNMQ90C1V/qgNxQq9FNSZMJOHonIMB8GA1UdIwQY
MBaAFHqGfSwaKQXVQyHwGnELIe16vYV9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZW9aOUxCb3BCZFZESWZBYWNRc2g3WHE5aFgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yYTc3M2ItZWZhMC00YjQwLTk4NjEt
NmQ2ZjU1OGE3ZDY1LzEvMHhEM1FMVlgtcUEzRkNyMFUxSmt3azRlaWNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yYTc3M2ItZWZhMC00YjQwLTk4NjEtNmQ2ZjU1OGE3ZDY1
LzEvZW9aOUxCb3BCZFZESWZBYWNRc2g3WHE5aFgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDXve4AwQD
svnYAwQCwieQMA0EAgACMAcDBQAqABywMA0GCSqGSIb3DQEBCwUAA4IBAQCeeNgd
qPWOVccFmMS+Oq5jqzcHLB5pHrVd5SDb4pko49OULm69VVsyu+vyrNAcEWOYoLrT
RWwDOQgnbyo0OTRiDgeux1pbsBo8X8b7RweBzo742BfSd2+4yJocyvsdZAloiyH0
5zt+trliRxyZo8P5uQLDZTUijYVMpehNCgWHU+f7uKpZr/uyeDwAkIcWQoAhc8cS
eZETDPwMtwNw3v7v/xf1NV7Wm13J+U8fQ96dEFfHN+SBCAjgjBZFzhggRaoJ6uGz
467+rIic7F1+G3OyumpGSGYrOnltfrhkg3VBRmPOo9OuYTX7WVCAKdmjvxRA3FZ2
VKRbM36tg6aegLYV
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:29:44 2025 by rpki-client