Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/dTFvaTKNrrTKmPTRuQq0bUi97Dw.roa
File: dTFvaTKNrrTKmPTRuQq0bUi97Dw.roa (raw, json)
Hash identifier: REIOG5nB7YsieUH1aZV6KOXpJqnQIitcU0dRrhoJ+78=
Subject key identifier: 75:31:6F:69:32:8D:AE:B4:CA:98:F4:D1:B9:0A:B4:6D:48:BD:EC:3C
Certificate issuer: /CN=21351865b767dd7b9c22314bfc8055bd57db0065
Certificate serial: 019427B5E1ACBC1B2992E79161BEA5BD7E67
Authority key identifier: 21:35:18:65:B7:67:DD:7B:9C:22:31:4B:FC:80:55:BD:57:DB:00:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITUYZbdn3XucIjFL_IBVvVfbAGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/dTFvaTKNrrTKmPTRuQq0bUi97Dw.roa
Signing time: Thu 02 Jan 2025 15:50:18 +0000
ROA not before: Thu 02 Jan 2025 15:50:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197328
IP address blocks: 185.220.58.0/23 maxlen: 23
194.107.229.0/24 maxlen: 24
194.110.1.0/24 maxlen: 24
194.110.7.0/24 maxlen: 24
194.110.19.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:e1:ac:bc:1b:29:92:e7:91:61:be:a5:bd:7e:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21351865b767dd7b9c22314bfc8055bd57db0065
Validity
Not Before: Jan 2 15:50:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75316f69328daeb4ca98f4d1b90ab46d48bdec3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:b3:ff:e8:78:86:9d:51:a8:00:4c:79:e7:42:
b4:75:b3:c7:ba:c7:ff:c5:1c:b9:16:6b:28:45:ff:
5c:aa:5b:5e:00:e6:33:51:e9:fa:3f:db:99:fe:a5:
5a:cc:ce:aa:63:cc:7f:8a:a0:51:01:1b:ba:17:c5:
bd:14:1a:cc:7c:57:b5:d1:51:32:81:0a:5e:42:5c:
ce:83:4e:82:ee:4c:53:6f:60:f9:ac:4f:87:de:76:
91:69:02:39:b9:a5:4e:22:77:58:39:4d:6c:24:ba:
c1:0c:de:11:20:6f:7d:d4:da:38:00:d1:65:68:c1:
46:f6:21:f5:2d:5c:5d:69:46:35:24:b6:02:68:4e:
84:9b:ec:91:62:83:72:8b:87:ea:eb:d1:ab:5a:24:
92:d7:4d:60:6c:cc:3d:aa:a3:f1:f0:0b:b8:c4:66:
9a:e1:87:ff:a3:2d:8d:07:a7:4a:b8:a5:58:dd:c1:
38:85:35:db:83:31:fc:60:21:e4:9f:0a:f6:b7:c8:
41:2b:a7:20:ac:72:28:76:bb:ed:6e:4b:00:76:53:
25:c0:b2:58:68:9b:a5:16:89:ba:df:69:48:b9:a0:
c1:9d:02:50:6a:80:2e:7c:77:d3:b9:0a:50:60:5a:
7c:6d:84:c7:00:b0:87:87:7d:fd:17:d1:58:3c:7e:
8a:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:31:6F:69:32:8D:AE:B4:CA:98:F4:D1:B9:0A:B4:6D:48:BD:EC:3C
X509v3 Authority Key Identifier:
keyid:21:35:18:65:B7:67:DD:7B:9C:22:31:4B:FC:80:55:BD:57:DB:00:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITUYZbdn3XucIjFL_IBVvVfbAGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/dTFvaTKNrrTKmPTRuQq0bUi97Dw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/ITUYZbdn3XucIjFL_IBVvVfbAGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.58.0/23
194.107.229.0/24
194.110.1.0/24
194.110.7.0/24
194.110.19.0/24
Signature Algorithm: sha256WithRSAEncryption
23:c4:78:49:7c:a6:b2:93:4e:d9:36:80:45:ac:46:18:d5:b8:
f8:3b:96:08:3c:fd:cb:75:24:86:52:b0:5d:09:eb:a7:99:d5:
4f:61:10:2e:25:81:5b:60:a6:11:bc:75:de:fa:dc:e9:8c:ae:
b1:c9:81:46:14:09:65:cb:64:6c:2c:bf:a4:80:7c:b5:15:32:
8c:d7:d6:66:a6:c4:0f:4f:f1:b3:c0:81:cb:9a:86:14:c1:af:
8e:21:b4:50:ff:07:25:52:fa:18:12:1b:30:f5:cd:81:2f:f3:
d6:3c:ee:8f:92:15:fe:f6:4b:37:00:ba:7b:67:d7:41:f3:6f:
d3:61:d8:bb:ab:bb:7b:51:26:06:5f:ff:36:b4:5e:38:c9:8b:
87:fc:0d:cd:07:d1:45:86:dd:1f:8b:32:40:c1:0c:cf:64:1f:
de:28:24:af:61:bd:77:5a:5e:8f:d6:a3:05:ab:62:42:60:27:
93:2b:4a:e6:56:17:fc:b4:b6:d2:0d:91:01:69:69:83:68:ba:
fd:01:13:a1:a5:57:4f:b3:4f:a9:29:61:dd:5c:d6:32:f8:fc:
19:51:f8:f2:34:3b:f0:6b:6b:7d:2d:b7:d0:1f:94:ec:b8:99:
01:47:78:90:a9:a6:5d:8f:10:2d:68:20:d2:0b:98:72:3c:36:
f3:6b:5b:f0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQnteGsvBspkueRYb6lvX5nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzUxODY1Yjc2N2RkN2I5YzIyMzE0YmZjODA1NWJkNTdk
YjAwNjUwHhcNMjUwMTAyMTU1MDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTMxNmY2OTMyOGRhZWI0Y2E5OGY0ZDFiOTBhYjQ2ZDQ4YmRlYzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4LP/6HiGnVGoAEx550K0dbPHusf/
xRy5FmsoRf9cqlteAOYzUen6P9uZ/qVazM6qY8x/iqBRARu6F8W9FBrMfFe10VEy
gQpeQlzOg06C7kxTb2D5rE+H3naRaQI5uaVOIndYOU1sJLrBDN4RIG991No4ANFl
aMFG9iH1LVxdaUY1JLYCaE6Em+yRYoNyi4fq69GrWiSS101gbMw9qqPx8Au4xGaa
4Yf/oy2NB6dKuKVY3cE4hTXbgzH8YCHknwr2t8hBK6cgrHIodrvtbksAdlMlwLJY
aJulFom632lIuaDBnQJQaoAufHfTuQpQYFp8bYTHALCHh339F9FYPH6K9wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHUxb2kyja60ypj00bkKtG1Ivew8MB8GA1UdIwQY
MBaAFCE1GGW3Z917nCIxS/yAVb1X2wBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRVWVpiZG4zWHVjSWpGTF9JQlZ2VmZiQUdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lNTJiMDctZjJhNC00N2MxLTk0NjAt
MWU0ZTA0MDA4NDRiLzEvZFRGdmFUS05yclRLbVBUUnVRcTBiVWk5N0R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lNTJiMDctZjJhNC00N2MxLTk0NjAtMWU0ZTA0MDA4NDRi
LzEvSVRVWVpiZG4zWHVjSWpGTF9JQlZ2VmZiQUdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBudw6AwQA
wmvlAwQAwm4BAwQAwm4HAwQAwm4TMA0GCSqGSIb3DQEBCwUAA4IBAQAjxHhJfKay
k07ZNoBFrEYY1bj4O5YIPP3LdSSGUrBdCeunmdVPYRAuJYFbYKYRvHXe+tzpjK6x
yYFGFAlly2RsLL+kgHy1FTKM19ZmpsQPT/GzwIHLmoYUwa+OIbRQ/wclUvoYEhsw
9c2BL/PWPO6PkhX+9ks3ALp7Z9dB82/TYdi7q7t7USYGX/82tF44yYuH/A3NB9FF
ht0fizJAwQzPZB/eKCSvYb13Wl6P1qMFq2JCYCeTK0rmVhf8tLbSDZEBaWmDaLr9
AROhpVdPs0+pKWHdXNYy+PwZUfjyNDvwa2t9LbfQH5TsuJkBR3iQqaZdjxAtaCDS
C5hyPDbza1vw
-----END CERTIFICATE-----
Generated at Fri Apr 25 19:12:27 2025 by rpki-client