Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/e116c2-8f82-4cba-b5ae-97dcbb0086e3/1/w7QCmizrQXeuidochTL3wPaTPwQ.roa
File: w7QCmizrQXeuidochTL3wPaTPwQ.roa (raw, json)
Hash identifier: H6wbvBF9uFQ8IN4rm+CScPncC9WaN8oR2hYLVqdaZWA=
Subject key identifier: C3:B4:02:9A:2C:EB:41:77:AE:89:DA:1C:85:32:F7:C0:F6:93:3F:04
Certificate issuer: /CN=07c40d70160f308642129a1b72ae5ae52db883c4
Certificate serial: 019424B2AAAB91D172C63A27D52DCE94995C
Authority key identifier: 07:C4:0D:70:16:0F:30:86:42:12:9A:1B:72:AE:5A:E5:2D:B8:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B8QNcBYPMIZCEpobcq5a5S24g8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/e116c2-8f82-4cba-b5ae-97dcbb0086e3/1/w7QCmizrQXeuidochTL3wPaTPwQ.roa
Signing time: Thu 02 Jan 2025 01:47:56 +0000
ROA not before: Thu 02 Jan 2025 01:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48166
IP address blocks: 5.250.232.0/21 maxlen: 21
89.22.16.0/20 maxlen: 20
91.133.0.0/19 maxlen: 19
91.210.84.0/22 maxlen: 22
178.213.192.0/21 maxlen: 21
185.61.92.0/22 maxlen: 22
185.61.92.0/23 maxlen: 23
185.61.94.0/23 maxlen: 23
194.9.224.0/20 maxlen: 20
2a02:7760::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:aa:ab:91:d1:72:c6:3a:27:d5:2d:ce:94:99:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07c40d70160f308642129a1b72ae5ae52db883c4
Validity
Not Before: Jan 2 01:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c3b4029a2ceb4177ae89da1c8532f7c0f6933f04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:fb:25:17:2f:0e:90:dd:f5:b0:a4:b4:04:12:
da:34:6b:ce:84:69:e0:08:43:33:62:23:18:3b:e2:
22:e2:bc:f6:22:91:01:04:c7:3b:bc:bc:eb:f5:c0:
ed:a0:1b:d9:49:f0:1a:86:04:81:8f:9f:76:ff:70:
3a:14:d8:8b:1a:09:d4:3c:46:7c:90:38:8e:ea:0f:
77:9b:3b:96:63:2e:6d:32:97:f7:5d:78:9d:fd:67:
87:61:88:63:fa:a3:02:11:d8:3b:48:28:77:d7:74:
3f:2b:b3:47:71:c1:9d:3a:ca:66:b7:13:d9:f1:8a:
83:64:e9:1c:2d:4b:f9:ff:e9:1b:c4:51:33:48:a6:
e2:3a:87:54:e9:24:1a:4b:4e:ab:31:1a:11:51:9f:
ce:ed:de:46:75:fa:6e:48:9a:58:47:f2:ce:02:15:
cf:6f:2d:38:d8:7b:22:b7:b3:44:65:34:61:5a:ba:
57:ab:d7:1f:77:47:d7:f5:24:0a:ff:00:83:68:a5:
fc:27:84:e9:86:df:38:9e:f6:a8:ff:43:b0:ae:3a:
c2:74:9d:78:9f:3a:e2:cd:88:52:c0:06:f0:a4:26:
f4:b2:2f:5b:d2:bc:73:ba:45:c3:3c:58:bc:70:43:
eb:c2:83:7a:e5:e0:fb:dc:81:91:c4:86:0e:1f:64:
b6:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:B4:02:9A:2C:EB:41:77:AE:89:DA:1C:85:32:F7:C0:F6:93:3F:04
X509v3 Authority Key Identifier:
keyid:07:C4:0D:70:16:0F:30:86:42:12:9A:1B:72:AE:5A:E5:2D:B8:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B8QNcBYPMIZCEpobcq5a5S24g8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e116c2-8f82-4cba-b5ae-97dcbb0086e3/1/w7QCmizrQXeuidochTL3wPaTPwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e116c2-8f82-4cba-b5ae-97dcbb0086e3/1/B8QNcBYPMIZCEpobcq5a5S24g8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.250.232.0/21
89.22.16.0/20
91.133.0.0/19
91.210.84.0/22
178.213.192.0/21
185.61.92.0/22
194.9.224.0/20
IPv6:
2a02:7760::/32
Signature Algorithm: sha256WithRSAEncryption
42:4f:3c:78:1b:23:51:ed:62:c5:a0:db:b9:9b:1f:7a:83:0d:
5e:1a:41:52:00:23:af:9c:00:72:09:df:de:70:25:fe:3c:8c:
84:94:d0:c6:2a:24:a2:50:71:4d:34:c7:dc:a0:1b:6b:f3:64:
70:4a:10:69:6b:a2:11:7c:44:c0:a0:9a:74:60:9c:31:bc:36:
89:81:9b:73:7e:43:14:73:17:0b:4e:05:20:d9:7b:12:f3:5f:
e5:7c:76:4a:bc:82:a4:52:23:13:2a:8b:23:4e:60:d1:66:8b:
82:a0:af:fd:19:21:27:23:ba:10:a4:48:a5:af:b8:53:66:69:
c9:6c:28:b0:01:4f:af:a0:04:d6:c9:fc:53:ca:93:14:98:49:
2e:a9:2a:b6:8b:4f:20:58:0b:b4:ce:42:0e:60:e7:db:06:db:
10:a9:02:98:5d:d6:f9:38:d1:27:f9:7b:c3:15:b4:89:25:a8:
85:db:8b:25:1a:5d:4d:7a:0d:9c:1f:00:8e:c1:8c:b4:2f:39:
25:c6:5c:1e:4d:99:a2:d5:f6:99:db:c4:0f:e4:da:b8:d0:23:
00:ff:96:9e:35:7f:14:15:64:59:cb:f0:27:14:fd:93:e4:5f:
ce:26:ef:e3:48:3e:9f:07:de:f4:c6:8b:08:83:c6:4b:b1:c0:
1d:f8:6a:f3
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZQksqqrkdFyxjon1S3OlJlcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3YzQwZDcwMTYwZjMwODY0MjEyOWExYjcyYWU1YWU1MmRi
ODgzYzQwHhcNMjUwMTAyMDE0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2I0MDI5YTJjZWI0MTc3YWU4OWRhMWM4NTMyZjdjMGY2OTMzZjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/slFy8OkN31sKS0BBLaNGvOhGng
CEMzYiMYO+Ii4rz2IpEBBMc7vLzr9cDtoBvZSfAahgSBj592/3A6FNiLGgnUPEZ8
kDiO6g93mzuWYy5tMpf3XXid/WeHYYhj+qMCEdg7SCh313Q/K7NHccGdOspmtxPZ
8YqDZOkcLUv5/+kbxFEzSKbiOodU6SQaS06rMRoRUZ/O7d5GdfpuSJpYR/LOAhXP
by042Hsit7NEZTRhWrpXq9cfd0fX9SQK/wCDaKX8J4Tpht84nvao/0OwrjrCdJ14
nzrizYhSwAbwpCb0si9b0rxzukXDPFi8cEPrwoN65eD73IGRxIYOH2S2CQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFMO0Apos60F3ronaHIUy98D2kz8EMB8GA1UdIwQY
MBaAFAfEDXAWDzCGQhKaG3KuWuUtuIPEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjhRTmNCWVBNSVpDRXBvYmNxNWE1UzI0ZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9lMTE2YzItOGY4Mi00Y2JhLWI1YWUt
OTdkY2JiMDA4NmUzLzEvdzdRQ21penJRWGV1aWRvY2hUTDN3UGFUUHdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9lMTE2YzItOGY4Mi00Y2JhLWI1YWUtOTdkY2JiMDA4NmUz
LzEvQjhRTmNCWVBNSVpDRXBvYmNxNWE1UzI0ZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDBfroAwQE
WRYQAwQFW4UAAwQCW9JUAwQDstXAAwQCuT1cAwQEwgngMA0EAgACMAcDBQAqAndg
MA0GCSqGSIb3DQEBCwUAA4IBAQBCTzx4GyNR7WLFoNu5mx96gw1eGkFSACOvnABy
Cd/ecCX+PIyElNDGKiSiUHFNNMfcoBtr82RwShBpa6IRfETAoJp0YJwxvDaJgZtz
fkMUcxcLTgUg2XsS81/lfHZKvIKkUiMTKosjTmDRZouCoK/9GSEnI7oQpEilr7hT
ZmnJbCiwAU+voATWyfxTypMUmEkuqSq2i08gWAu0zkIOYOfbBtsQqQKYXdb5ONEn
+XvDFbSJJaiF24slGl1Neg2cHwCOwYy0LzklxlweTZmi1faZ28QP5Nq40CMA/5ae
NX8UFWRZy/AnFP2T5F/OJu/jSD6fB970xosIg8ZLscAd+Grz
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:04:35 2025 by rpki-client