Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/i3QBzkSBQXqE1KUhbqTlGV1alRM.roa
File: i3QBzkSBQXqE1KUhbqTlGV1alRM.roa (raw, json)
Hash identifier: CIGq0vRpsPzUMdoNxu3MkZkuvrvIk8NixCm6ZvzmcNI=
Subject key identifier: 8B:74:01:CE:44:81:41:7A:84:D4:A5:21:6E:A4:E5:19:5D:5A:95:13
Certificate issuer: /CN=6dbd51576b4a93460a465af35e6bf550f5548894
Certificate serial: 019425219148267C73D0435089AF494AF5C3
Authority key identifier: 6D:BD:51:57:6B:4A:93:46:0A:46:5A:F3:5E:6B:F5:50:F5:54:88:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/i3QBzkSBQXqE1KUhbqTlGV1alRM.roa
Signing time: Thu 02 Jan 2025 03:49:04 +0000
ROA not before: Thu 02 Jan 2025 03:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207103
IP address blocks: 79.172.16.0/21 maxlen: 24
185.5.140.0/24 maxlen: 24
185.5.141.0/24 maxlen: 24
188.68.88.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:91:48:26:7c:73:d0:43:50:89:af:49:4a:f5:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dbd51576b4a93460a465af35e6bf550f5548894
Validity
Not Before: Jan 2 03:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b7401ce4481417a84d4a5216ea4e5195d5a9513
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:e1:bc:98:e1:1e:3f:77:04:ae:f5:07:70:74:
b4:ba:74:36:bd:4b:25:79:5a:07:c8:72:c5:4b:8b:
26:89:f0:fd:c7:cc:ef:2b:61:8a:79:b1:29:c1:30:
e5:b0:0b:21:9a:c7:e5:a3:c7:67:0b:4c:eb:1a:98:
ad:8f:93:ef:b7:d1:07:89:fb:8a:32:8c:fd:17:ed:
01:2e:90:07:dd:90:f2:4f:f4:9a:83:08:84:d4:fc:
37:45:9f:39:02:46:bc:89:df:dc:9b:e0:68:48:8a:
0e:f2:22:66:3e:c0:e9:9e:a6:ec:c4:c4:94:38:c4:
f8:7c:ab:cc:44:ba:eb:5c:c6:75:b5:05:ba:74:26:
15:1e:79:aa:38:16:ed:98:58:a4:f2:d9:3a:da:a8:
56:5b:c1:c3:64:9b:0f:94:5e:62:3c:cf:0c:fd:36:
a5:d2:a4:51:e3:1b:f1:36:a9:9c:50:4e:df:e9:02:
46:9e:e0:0a:8e:b0:68:b7:d3:d2:d0:bb:a4:0d:9b:
82:f8:81:9c:78:ef:58:4b:30:7c:00:b3:8a:79:73:
da:9f:3f:c6:5c:64:14:f3:a0:78:6c:94:92:d8:b2:
64:6c:30:2d:ad:34:2e:9a:ee:43:e1:f9:ba:e7:e5:
10:0a:20:b9:01:87:ec:2c:d2:7a:41:55:b1:99:df:
a1:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:74:01:CE:44:81:41:7A:84:D4:A5:21:6E:A4:E5:19:5D:5A:95:13
X509v3 Authority Key Identifier:
keyid:6D:BD:51:57:6B:4A:93:46:0A:46:5A:F3:5E:6B:F5:50:F5:54:88:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/i3QBzkSBQXqE1KUhbqTlGV1alRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.16.0/21
185.5.140.0/23
188.68.88.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:48:03:34:ce:48:06:11:6b:73:e0:1e:7c:e3:0c:ca:31:eb:
9f:f8:4d:20:98:2a:f6:fa:ed:3c:51:f3:a7:1e:95:f0:d0:72:
46:55:61:f8:89:3a:0c:60:f3:db:94:d5:ee:73:de:ed:5e:8b:
a2:f9:ff:85:03:07:bc:7d:3f:50:46:40:e3:f5:40:06:c1:24:
b9:e8:20:db:73:eb:8c:67:a6:4d:08:c2:67:ff:ea:40:79:7a:
50:d4:fe:51:b1:44:ce:95:1d:e3:0b:68:26:e4:19:65:1f:31:
90:94:a1:cd:5a:21:26:f0:81:b6:8e:94:2e:6b:ec:1b:f8:63:
05:ef:47:ab:5a:75:79:8d:9a:2b:02:29:4d:80:f9:a8:0a:36:
2a:22:c3:f4:f8:a8:e5:9c:d5:54:80:de:5e:12:b3:da:29:36:
3d:a6:1d:53:9e:d3:bb:be:f9:17:e7:73:80:56:3a:fe:67:ee:
5a:eb:6d:dd:00:35:ab:1b:29:36:53:fe:31:47:64:0a:b9:a2:
ab:60:13:6d:ce:5e:ce:0f:b9:6e:fb:dc:15:2f:20:8c:61:e1:
eb:e8:0b:d8:a1:ba:57:d2:d5:53:6a:62:6b:43:ce:51:eb:a4:
8f:fe:8f:97:dc:ca:22:fa:7f:4d:cd:99:e5:4f:cf:d0:d1:60:
20:60:9f:1e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQlIZFIJnxz0ENQia9JSvXDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkYmQ1MTU3NmI0YTkzNDYwYTQ2NWFmMzVlNmJmNTUwZjU1
NDg4OTQwHhcNMjUwMTAyMDM0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yjc0MDFjZTQ0ODE0MTdhODRkNGE1MjE2ZWE0ZTUxOTVkNWE5NTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1uG8mOEeP3cErvUHcHS0unQ2vUsl
eVoHyHLFS4smifD9x8zvK2GKebEpwTDlsAshmsflo8dnC0zrGpitj5Pvt9EHifuK
Moz9F+0BLpAH3ZDyT/SagwiE1Pw3RZ85Aka8id/cm+BoSIoO8iJmPsDpnqbsxMSU
OMT4fKvMRLrrXMZ1tQW6dCYVHnmqOBbtmFik8tk62qhWW8HDZJsPlF5iPM8M/Tal
0qRR4xvxNqmcUE7f6QJGnuAKjrBot9PS0LukDZuC+IGceO9YSzB8ALOKeXPanz/G
XGQU86B4bJSS2LJkbDAtrTQumu5D4fm65+UQCiC5AYfsLNJ6QVWxmd+hGQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIt0Ac5EgUF6hNSlIW6k5RldWpUTMB8GA1UdIwQY
MBaAFG29UVdrSpNGCkZa815r9VD1VIiUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmIxUlYydEtrMFlLUmxyelhtdjFVUFZVaUpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS84ZmY1MzctNzFlMC00MDNiLTk3OWUt
MWVmN2VmMTdmYTQzLzEvaTNRQnprU0JRWHFFMUtVaGJxVGxHVjFhbFJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS84ZmY1MzctNzFlMC00MDNiLTk3OWUtMWVmN2VmMTdmYTQz
LzEvYmIxUlYydEtrMFlLUmxyelhtdjFVUFZVaUpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDT6wQAwQB
uQWMAwQBvERYMA0GCSqGSIb3DQEBCwUAA4IBAQCaSAM0zkgGEWtz4B584wzKMeuf
+E0gmCr2+u08UfOnHpXw0HJGVWH4iToMYPPblNXuc97tXoui+f+FAwe8fT9QRkDj
9UAGwSS56CDbc+uMZ6ZNCMJn/+pAeXpQ1P5RsUTOlR3jC2gm5BllHzGQlKHNWiEm
8IG2jpQua+wb+GMF70erWnV5jZorAilNgPmoCjYqIsP0+KjlnNVUgN5eErPaKTY9
ph1TntO7vvkX53OAVjr+Z+5a623dADWrGyk2U/4xR2QKuaKrYBNtzl7OD7lu+9wV
LyCMYeHr6AvYobpX0tVTamJrQ85R66SP/o+X3Moi+n9NzZnlT8/Q0WAgYJ8e
-----END CERTIFICATE-----
Generated at Sat Apr 26 10:24:01 2025 by rpki-client