Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/G1ZoPreJjIkkyyNJWvhlfTtWo1U.roa
File: G1ZoPreJjIkkyyNJWvhlfTtWo1U.roa (raw, json)
Hash identifier: ZGtSGL/7afo62ORK+9uxVq7WnlKM3t68x8dY3Lc6a40=
Subject key identifier: 1B:56:68:3E:B7:89:8C:89:24:CB:23:49:5A:F8:65:7D:3B:56:A3:55
Certificate issuer: /CN=3fffcbec888c1047f221d7cf9396bf1412abaf9b
Certificate serial: 01942C8286DC8258351573453AF19CE5A00C
Authority key identifier: 3F:FF:CB:EC:88:8C:10:47:F2:21:D7:CF:93:96:BF:14:12:AB:AF:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P__L7IiMEEfyIdfPk5a_FBKrr5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/G1ZoPreJjIkkyyNJWvhlfTtWo1U.roa
Signing time: Fri 03 Jan 2025 14:12:19 +0000
ROA not before: Fri 03 Jan 2025 14:12:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212602
IP address blocks: 5.133.114.0/24 maxlen: 32
5.180.112.0/24 maxlen: 32
5.180.113.0/24 maxlen: 32
84.238.160.0/22 maxlen: 32
185.194.208.0/22 maxlen: 32
2a10:7040::/29 maxlen: 29
2a10:7040:2::/64 maxlen: 64
2a10:7041::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:2c:82:86:dc:82:58:35:15:73:45:3a:f1:9c:e5:a0:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fffcbec888c1047f221d7cf9396bf1412abaf9b
Validity
Not Before: Jan 3 14:12:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b56683eb7898c8924cb23495af8657d3b56a355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:ca:13:ad:04:97:c9:62:f2:26:6e:bb:57:d0:
36:0b:97:8b:77:c8:5b:ba:18:c3:40:2c:ad:43:5e:
ad:53:17:6c:38:44:1c:8a:76:1b:08:59:16:17:86:
2c:b2:8e:15:d2:2f:76:4c:96:47:d5:c0:1a:67:75:
58:09:af:4c:ee:d2:ad:90:2b:75:82:a7:6f:b9:59:
fb:0f:58:d4:fc:c4:49:d4:d7:b6:df:9f:d2:2f:3f:
db:62:59:99:8d:c8:6e:f5:7a:17:61:2d:4e:b7:f7:
95:db:ea:4c:29:07:ab:a2:5d:09:e8:78:42:db:df:
07:7f:ba:c0:8e:69:30:32:08:ea:c6:c9:8c:bf:49:
15:b6:28:cf:27:48:eb:67:50:5f:d3:bb:b2:f8:06:
d3:34:c3:9b:6c:1c:ee:d8:1f:11:2e:85:71:b6:62:
a1:ee:dd:68:6b:7c:69:ee:02:38:91:1d:41:c1:da:
5d:bd:8f:6c:7e:2f:dd:e8:b5:47:80:74:11:23:d1:
df:2d:2b:58:e6:30:bf:aa:d4:23:9f:78:e4:41:04:
4a:89:87:58:c3:ae:7f:16:ef:a8:82:c5:86:26:bc:
13:76:5b:c4:74:89:69:0e:57:69:81:d7:f5:b6:e3:
88:58:cf:b6:02:b3:4d:73:2a:99:5c:06:b6:a6:43:
81:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:56:68:3E:B7:89:8C:89:24:CB:23:49:5A:F8:65:7D:3B:56:A3:55
X509v3 Authority Key Identifier:
keyid:3F:FF:CB:EC:88:8C:10:47:F2:21:D7:CF:93:96:BF:14:12:AB:AF:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P__L7IiMEEfyIdfPk5a_FBKrr5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/G1ZoPreJjIkkyyNJWvhlfTtWo1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/P__L7IiMEEfyIdfPk5a_FBKrr5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.114.0/24
5.180.112.0/23
84.238.160.0/22
185.194.208.0/22
IPv6:
2a10:7040::/29
Signature Algorithm: sha256WithRSAEncryption
51:f2:c4:65:9b:f2:1e:80:84:95:30:9b:23:fe:ea:01:4a:52:
1e:39:87:2c:0d:f7:43:c3:0b:ca:33:05:29:18:9a:36:80:d7:
bb:31:cc:cc:0c:36:a9:1b:a4:f9:24:16:db:90:1d:de:47:c5:
4a:f6:4e:86:92:a0:99:62:09:44:fb:59:35:2f:81:87:d9:b2:
fa:dd:51:fa:ab:f2:51:66:10:4f:91:7e:a0:12:f9:42:bf:73:
0f:cf:7c:f7:3a:a3:94:4e:c7:ca:ee:ae:0f:fb:65:63:1b:40:
49:12:8e:70:91:12:4d:97:22:82:1d:ff:6b:3f:25:81:2a:88:
1f:4f:5b:2b:65:2f:2e:31:e3:52:06:20:0d:e6:ac:d2:0e:4c:
19:52:d1:08:57:45:4b:2f:62:b4:35:3b:67:08:77:38:36:8b:
f3:c6:df:d1:8c:6d:05:b8:dc:9c:f4:cb:57:8f:09:1a:57:d5:
dc:62:a2:eb:c7:af:b9:a0:bf:70:a1:ef:99:74:99:8f:a6:29:
db:f8:84:5c:c0:ba:7f:20:eb:5a:c5:3a:e6:c6:3e:f3:8d:28:
ed:6a:93:84:02:ff:07:ab:3d:aa:3b:36:7b:bb:49:8d:80:63:
d6:07:1d:0f:17:08:b9:ed:2f:3d:aa:40:cf:ed:fb:5c:5e:43:
af:d6:22:9c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQsgobcglg1FXNFOvGc5aAMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZmZjYmVjODg4YzEwNDdmMjIxZDdjZjkzOTZiZjE0MTJh
YmFmOWIwHhcNMjUwMTAzMTQxMjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjU2NjgzZWI3ODk4Yzg5MjRjYjIzNDk1YWY4NjU3ZDNiNTZhMzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4MoTrQSXyWLyJm67V9A2C5eLd8hb
uhjDQCytQ16tUxdsOEQcinYbCFkWF4Ysso4V0i92TJZH1cAaZ3VYCa9M7tKtkCt1
gqdvuVn7D1jU/MRJ1Ne235/SLz/bYlmZjchu9XoXYS1Ot/eV2+pMKQerol0J6HhC
298Hf7rAjmkwMgjqxsmMv0kVtijPJ0jrZ1Bf07uy+AbTNMObbBzu2B8RLoVxtmKh
7t1oa3xp7gI4kR1BwdpdvY9sfi/d6LVHgHQRI9HfLStY5jC/qtQjn3jkQQRKiYdY
w65/Fu+ogsWGJrwTdlvEdIlpDldpgdf1tuOIWM+2ArNNcyqZXAa2pkOB/wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBtWaD63iYyJJMsjSVr4ZX07VqNVMB8GA1UdIwQY
MBaAFD//y+yIjBBH8iHXz5OWvxQSq6+bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUF9fTDdJaU1FRWZ5SWRmUGs1YV9GQktycjVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9iYmI3YjYtM2VlNS00NmQ5LWIzN2It
NjE2NjdjNzY5MWIyLzEvRzFab1ByZUpqSWtreXlOSld2aGxmVHRXbzFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9iYmI3YjYtM2VlNS00NmQ5LWIzN2ItNjE2NjdjNzY5MWIy
LzEvUF9fTDdJaU1FRWZ5SWRmUGs1YV9GQktycjVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQABYVyAwQB
BbRwAwQCVO6gAwQCucLQMA0EAgACMAcDBQMqEHBAMA0GCSqGSIb3DQEBCwUAA4IB
AQBR8sRlm/IegISVMJsj/uoBSlIeOYcsDfdDwwvKMwUpGJo2gNe7MczMDDapG6T5
JBbbkB3eR8VK9k6GkqCZYglE+1k1L4GH2bL63VH6q/JRZhBPkX6gEvlCv3MPz3z3
OqOUTsfK7q4P+2VjG0BJEo5wkRJNlyKCHf9rPyWBKogfT1srZS8uMeNSBiAN5qzS
DkwZUtEIV0VLL2K0NTtnCHc4Novzxt/RjG0FuNyc9MtXjwkaV9XcYqLrx6+5oL9w
oe+ZdJmPpinb+IRcwLp/IOtaxTrmxj7zjSjtapOEAv8Hqz2qOzZ7u0mNgGPWBx0P
Fwi57S89qkDP7ftcXkOv1iKc
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:21:11 2025 by rpki-client