Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/bb5ece-012e-4194-9980-7e21db5a2ef9/1/Crd7C8SVck2OIDtSkQeAyuMLu6I.roa
File: Crd7C8SVck2OIDtSkQeAyuMLu6I.roa (raw, json)
Hash identifier: wscKj8/Aoswv3PHZoE2nGYXdRz4QSyUb5GTz6Q8fmgM=
Subject key identifier: 0A:B7:7B:0B:C4:95:72:4D:8E:20:3B:52:91:07:80:CA:E3:0B:BB:A2
Certificate issuer: /CN=4214088c77bd12687fd4ba9fe3159ea805888ed2
Certificate serial: 0194266BF9C4F21830D2A3918B802C62FDDB
Authority key identifier: 42:14:08:8C:77:BD:12:68:7F:D4:BA:9F:E3:15:9E:A8:05:88:8E:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QhQIjHe9Emh_1Lqf4xWeqAWIjtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/bb5ece-012e-4194-9980-7e21db5a2ef9/1/Crd7C8SVck2OIDtSkQeAyuMLu6I.roa
Signing time: Thu 02 Jan 2025 09:49:57 +0000
ROA not before: Thu 02 Jan 2025 09:49:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21183
IP address blocks: 46.252.32.0/20 maxlen: 24
185.237.16.0/23 maxlen: 24
188.164.216.0/21 maxlen: 24
188.164.216.0/22 maxlen: 22
188.164.219.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:f9:c4:f2:18:30:d2:a3:91:8b:80:2c:62:fd:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4214088c77bd12687fd4ba9fe3159ea805888ed2
Validity
Not Before: Jan 2 09:49:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0ab77b0bc495724d8e203b52910780cae30bbba2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:32:05:58:16:a5:9b:72:e7:f5:bb:2b:9c:05:
26:98:cd:9c:4a:86:a2:7a:6a:20:f9:88:e8:4e:53:
95:94:45:c6:cf:98:fb:e3:f4:97:d6:12:79:6d:ad:
cc:84:dd:3f:ac:c0:89:94:ac:b6:da:66:2b:e2:cd:
b4:4b:af:69:41:d3:45:7c:94:46:92:c8:a1:59:57:
b9:d4:fc:0b:5b:ec:16:8e:cd:55:31:0a:16:03:62:
e1:ab:63:56:2e:e1:6c:30:8e:39:ee:2a:88:87:9e:
a3:06:6b:93:b4:05:87:32:60:10:bf:09:ba:2d:d1:
35:ef:fe:17:4c:49:66:c0:e7:2d:74:59:ab:7d:52:
15:80:b1:d5:f0:04:ae:4c:2e:d9:8e:26:35:29:67:
0c:57:34:69:34:d3:eb:3e:ab:bf:c6:77:ce:eb:4b:
16:83:8d:f1:c6:92:1e:4e:53:1c:f5:e3:50:4a:33:
b9:dc:1f:1e:97:3e:be:05:94:24:c0:ed:29:b1:25:
09:fc:40:0e:c7:74:16:35:c2:47:94:91:86:82:6f:
f0:23:1d:54:7c:11:5f:fc:d5:ff:fe:50:4d:fa:56:
94:91:9c:09:76:12:20:bf:72:6a:2e:6f:ee:25:02:
1b:84:13:72:db:63:ae:cd:3b:7c:0e:f4:35:26:98:
1e:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:B7:7B:0B:C4:95:72:4D:8E:20:3B:52:91:07:80:CA:E3:0B:BB:A2
X509v3 Authority Key Identifier:
keyid:42:14:08:8C:77:BD:12:68:7F:D4:BA:9F:E3:15:9E:A8:05:88:8E:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QhQIjHe9Emh_1Lqf4xWeqAWIjtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/bb5ece-012e-4194-9980-7e21db5a2ef9/1/Crd7C8SVck2OIDtSkQeAyuMLu6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/bb5ece-012e-4194-9980-7e21db5a2ef9/1/QhQIjHe9Emh_1Lqf4xWeqAWIjtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.252.32.0/20
185.237.16.0/23
188.164.216.0/21
Signature Algorithm: sha256WithRSAEncryption
34:30:1a:86:f7:b4:f3:79:ae:42:12:bc:df:42:62:6b:7d:95:
64:b6:d8:d2:52:0a:5a:2d:25:8d:ea:4d:a2:f0:05:d5:e9:56:
40:81:4f:49:e2:0e:b7:ec:88:6c:d6:22:54:26:84:4f:bf:e7:
d9:8b:ba:cb:22:cd:ef:ab:be:d5:6b:7b:eb:82:a8:a2:95:d9:
c4:fc:25:b0:b6:29:99:35:e6:fe:b7:39:d4:35:d8:e2:73:f1:
d7:9d:08:fc:02:80:e2:1c:bc:2f:9c:a9:9c:66:a8:42:28:ba:
ec:51:04:2f:89:e1:a9:2f:f9:e5:07:16:13:ee:98:7a:2c:ad:
2b:37:68:88:20:a5:9e:6f:8d:c7:fe:3b:26:f9:eb:98:2b:c3:
62:cd:91:dd:c0:58:17:9f:c1:77:67:32:d3:93:05:df:a0:6a:
aa:0d:2c:e7:9e:8a:45:45:88:5d:cc:ff:4a:27:a8:5a:57:43:
ae:7f:69:8b:7f:2e:02:4f:e9:2e:70:06:f2:02:93:ad:03:7e:
8a:51:72:86:47:36:88:43:64:44:e4:f4:d1:81:6e:b7:78:ca:
ce:13:2a:61:0a:6c:4b:d1:3b:2a:ae:89:47:4b:da:5f:1a:f1:
00:a4:f7:b3:f0:40:f9:bc:65:16:83:18:fb:30:87:1d:73:ef:
42:8e:74:4a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQma/nE8hgw0qORi4AsYv3bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMTQwODhjNzdiZDEyNjg3ZmQ0YmE5ZmUzMTU5ZWE4MDU4
ODhlZDIwHhcNMjUwMTAyMDk0OTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWI3N2IwYmM0OTU3MjRkOGUyMDNiNTI5MTA3ODBjYWUzMGJiYmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2TIFWBalm3Ln9bsrnAUmmM2cSoai
emog+YjoTlOVlEXGz5j74/SX1hJ5ba3MhN0/rMCJlKy22mYr4s20S69pQdNFfJRG
ksihWVe51PwLW+wWjs1VMQoWA2Lhq2NWLuFsMI457iqIh56jBmuTtAWHMmAQvwm6
LdE17/4XTElmwOctdFmrfVIVgLHV8ASuTC7ZjiY1KWcMVzRpNNPrPqu/xnfO60sW
g43xxpIeTlMc9eNQSjO53B8elz6+BZQkwO0psSUJ/EAOx3QWNcJHlJGGgm/wIx1U
fBFf/NX//lBN+laUkZwJdhIgv3JqLm/uJQIbhBNy22OuzTt8DvQ1JpgeYwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAq3ewvElXJNjiA7UpEHgMrjC7uiMB8GA1UdIwQY
MBaAFEIUCIx3vRJof9S6n+MVnqgFiI7SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWhRSWpIZTlFbWhfMUxxZjR4V2VxQVdJanRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9iYjVlY2UtMDEyZS00MTk0LTk5ODAt
N2UyMWRiNWEyZWY5LzEvQ3JkN0M4U1ZjazJPSUR0U2tRZUF5dU1MdTZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9iYjVlY2UtMDEyZS00MTk0LTk5ODAtN2UyMWRiNWEyZWY5
LzEvUWhRSWpIZTlFbWhfMUxxZjR4V2VxQVdJanRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQELvwgAwQB
ue0QAwQDvKTYMA0GCSqGSIb3DQEBCwUAA4IBAQA0MBqG97Tzea5CErzfQmJrfZVk
ttjSUgpaLSWN6k2i8AXV6VZAgU9J4g637Ihs1iJUJoRPv+fZi7rLIs3vq77Va3vr
gqiildnE/CWwtimZNeb+tznUNdjic/HXnQj8AoDiHLwvnKmcZqhCKLrsUQQvieGp
L/nlBxYT7ph6LK0rN2iIIKWeb43H/jsm+euYK8NizZHdwFgXn8F3ZzLTkwXfoGqq
DSznnopFRYhdzP9KJ6haV0Ouf2mLfy4CT+kucAbyApOtA36KUXKGRzaIQ2RE5PTR
gW63eMrOEyphCmxL0TsqrolHS9pfGvEApPez8ED5vGUWgxj7MIcdc+9CjnRK
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:10:43 2025 by rpki-client