Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/9ed76b-35a6-4a9d-9fa6-8517a8f355ae/1/7YIS0bT7r6mIPdG3lzPc8xURHA0.roa
File: 7YIS0bT7r6mIPdG3lzPc8xURHA0.roa (raw, json)
Hash identifier: S7EdUKMung24eC2Jd1bwpXWo6RwzQ7x4IOzT/TSQ/Uc=
Subject key identifier: ED:82:12:D1:B4:FB:AF:A9:88:3D:D1:B7:97:33:DC:F3:15:11:1C:0D
Certificate issuer: /CN=03196c89e554dbe4774522759906e2581a174694
Certificate serial: 0194221FEEDAFFE429EA27A9690F0ACEADDD
Authority key identifier: 03:19:6C:89:E5:54:DB:E4:77:45:22:75:99:06:E2:58:1A:17:46:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AxlsieVU2-R3RSJ1mQbiWBoXRpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/9ed76b-35a6-4a9d-9fa6-8517a8f355ae/1/7YIS0bT7r6mIPdG3lzPc8xURHA0.roa
Signing time: Wed 01 Jan 2025 13:48:25 +0000
ROA not before: Wed 01 Jan 2025 13:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215092
IP address blocks: 146.66.160.0/19 maxlen: 19
146.66.192.0/20 maxlen: 20
178.252.64.0/18 maxlen: 18
2a0b:c0c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ee:da:ff:e4:29:ea:27:a9:69:0f:0a:ce:ad:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03196c89e554dbe4774522759906e2581a174694
Validity
Not Before: Jan 1 13:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ed8212d1b4fbafa9883dd1b79733dcf315111c0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:49:89:92:7a:46:c5:48:27:36:1e:1c:9b:a5:
3e:c5:08:b8:ab:14:db:ac:7e:06:3f:f6:a6:12:43:
19:51:a0:79:be:ed:c5:64:d1:cb:b3:b1:55:25:41:
e9:a4:77:73:8c:fa:7c:6d:c5:b8:cd:42:4e:e9:4f:
ec:9e:78:4b:e0:64:92:5e:67:da:15:27:bf:ee:08:
73:ae:86:83:0f:8f:12:84:13:ca:34:b0:99:64:41:
0d:dd:27:a8:51:e0:25:96:99:4b:5e:23:c8:c1:7a:
ed:59:5b:7d:3d:2a:0e:43:47:eb:05:ef:9a:a1:1c:
62:b9:ee:6a:68:86:f4:47:9e:55:4a:40:78:f3:d5:
a4:59:45:54:b1:c4:5d:bf:b7:2f:d9:57:47:32:d3:
12:98:b3:f3:91:71:85:f5:b1:3b:a4:7c:35:a9:02:
58:05:54:20:99:fb:54:0c:34:8e:fa:23:e9:28:3b:
4d:1a:5c:cf:7b:3e:71:d5:f9:42:0f:49:7f:56:89:
a9:67:08:7e:8d:62:f8:0d:62:8e:6b:fe:d0:0e:3b:
ec:70:56:e2:c6:c4:08:22:34:05:58:98:92:1a:0d:
25:5d:77:b1:0c:d2:9a:8c:91:bd:e9:56:56:3a:ca:
2d:20:4a:37:4e:bc:d6:dd:14:37:67:5f:3e:f8:02:
fe:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:82:12:D1:B4:FB:AF:A9:88:3D:D1:B7:97:33:DC:F3:15:11:1C:0D
X509v3 Authority Key Identifier:
keyid:03:19:6C:89:E5:54:DB:E4:77:45:22:75:99:06:E2:58:1A:17:46:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AxlsieVU2-R3RSJ1mQbiWBoXRpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/9ed76b-35a6-4a9d-9fa6-8517a8f355ae/1/7YIS0bT7r6mIPdG3lzPc8xURHA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/9ed76b-35a6-4a9d-9fa6-8517a8f355ae/1/AxlsieVU2-R3RSJ1mQbiWBoXRpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.66.160.0-146.66.207.255
178.252.64.0/18
IPv6:
2a0b:c0c0::/29
Signature Algorithm: sha256WithRSAEncryption
56:01:af:f5:76:64:85:a0:ba:f0:48:be:ac:a2:2f:ed:cc:09:
40:01:06:60:8e:0f:49:a2:93:22:ac:cc:4c:04:c7:3a:af:1a:
1d:f7:73:dc:11:4b:47:c6:ae:8a:e3:3b:58:d2:ad:f7:f4:0d:
2a:68:f6:1e:5d:cf:bb:d1:6f:be:df:8b:ee:99:8e:fe:b8:4b:
3f:a5:f8:d3:2f:88:a6:05:d7:b3:65:5c:c5:1a:1d:e1:ec:ae:
72:a4:c2:3f:43:c4:77:19:64:9e:81:a1:c5:58:e6:0a:21:db:
b2:a7:95:a8:68:f9:47:25:ee:b4:42:71:6d:92:67:09:61:1c:
75:cf:a1:c0:0d:27:1a:25:77:e9:f3:05:97:be:2e:c4:d3:5c:
fe:4a:d0:c3:3e:81:45:f3:92:81:54:9d:7b:14:08:d6:e2:1b:
c6:22:3f:56:c4:4a:01:76:91:8f:dd:ad:8e:cd:ae:7e:40:82:
7d:d7:c2:4e:49:fb:e6:f6:02:3b:e1:4b:a1:fe:3c:99:75:f3:
88:0c:8f:bc:f5:6b:e3:56:86:de:72:d9:24:d9:07:cd:be:17:
7b:20:52:1d:79:de:4e:ca:a7:da:5a:8f:aa:71:26:cb:41:37:
43:20:93:7b:d3:0a:4f:ba:e5:4c:99:9b:b7:84:d8:43:28:dd:
7d:29:d2:5b
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQiH+7a/+Qp6iepaQ8Kzq3dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMTk2Yzg5ZTU1NGRiZTQ3NzQ1MjI3NTk5MDZlMjU4MWEx
NzQ2OTQwHhcNMjUwMTAxMTM0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDgyMTJkMWI0ZmJhZmE5ODgzZGQxYjc5NzMzZGNmMzE1MTExYzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6EmJknpGxUgnNh4cm6U+xQi4qxTb
rH4GP/amEkMZUaB5vu3FZNHLs7FVJUHppHdzjPp8bcW4zUJO6U/snnhL4GSSXmfa
FSe/7ghzroaDD48ShBPKNLCZZEEN3SeoUeAllplLXiPIwXrtWVt9PSoOQ0frBe+a
oRxiue5qaIb0R55VSkB489WkWUVUscRdv7cv2VdHMtMSmLPzkXGF9bE7pHw1qQJY
BVQgmftUDDSO+iPpKDtNGlzPez5x1flCD0l/VompZwh+jWL4DWKOa/7QDjvscFbi
xsQIIjQFWJiSGg0lXXexDNKajJG96VZWOsotIEo3TrzW3RQ3Z18++AL+LwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFO2CEtG0+6+piD3Rt5cz3PMVERwNMB8GA1UdIwQY
MBaAFAMZbInlVNvkd0UidZkG4lgaF0aUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXhsc2llVlUyLVIzUlNKMW1RYmlXQm9YUnBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi85ZWQ3NmItMzVhNi00YTlkLTlmYTYt
ODUxN2E4ZjM1NWFlLzEvN1lJUzBiVDdyNm1JUGRHM2x6UGM4eFVSSEEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi85ZWQ3NmItMzVhNi00YTlkLTlmYTYtODUxN2E4ZjM1NWFl
LzEvQXhsc2llVlUyLVIzUlNKMW1RYmlXQm9YUnBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAWSQqAD
BASSQsADBAay/EAwDQQCAAIwBwMFAyoLwMAwDQYJKoZIhvcNAQELBQADggEBAFYB
r/V2ZIWguvBIvqyiL+3MCUABBmCOD0mikyKszEwExzqvGh33c9wRS0fGrorjO1jS
rff0DSpo9h5dz7vRb77fi+6Zjv64Sz+l+NMviKYF17NlXMUaHeHsrnKkwj9DxHcZ
ZJ6BocVY5goh27Knlaho+Ucl7rRCcW2SZwlhHHXPocANJxold+nzBZe+LsTTXP5K
0MM+gUXzkoFUnXsUCNbiG8YiP1bESgF2kY/drY7Nrn5Agn3Xwk5J++b2AjvhS6H+
PJl184gMj7z1a+NWht5y2STZB82+F3sgUh153k7Kp9paj6pxJstBN0Mgk3vTCk+6
5UyZm7eE2EMo3X0p0ls=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:21:50 2025 by rpki-client