Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/cc47e5-4a21-4f4f-be22-a5c93a7b9fa5/1/oR70fW7uVwWXm6EKAN8uqrlQkQ4.roa
File: oR70fW7uVwWXm6EKAN8uqrlQkQ4.roa (raw, json)
Hash identifier: 0R/vI9KhNQCuJ8a8jzLTXA2DiQsUAT+t0yjMQ7W3gak=
Subject key identifier: A1:1E:F4:7D:6E:EE:57:05:97:9B:A1:0A:00:DF:2E:AA:B9:50:91:0E
Certificate issuer: /CN=7e52fab6d3206eb60a31db96c72d94fc242c0a08
Certificate serial: 0194221F5A3D50BB148D356B373FE670980C
Authority key identifier: 7E:52:FA:B6:D3:20:6E:B6:0A:31:DB:96:C7:2D:94:FC:24:2C:0A:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/flL6ttMgbrYKMduWxy2U_CQsCgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/cc47e5-4a21-4f4f-be22-a5c93a7b9fa5/1/oR70fW7uVwWXm6EKAN8uqrlQkQ4.roa
Signing time: Wed 01 Jan 2025 13:47:47 +0000
ROA not before: Wed 01 Jan 2025 13:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47402
IP address blocks: 84.238.184.0/21 maxlen: 21
84.238.196.0/22 maxlen: 22
84.238.200.0/22 maxlen: 22
84.238.216.0/22 maxlen: 22
84.238.228.0/22 maxlen: 22
84.238.232.0/21 maxlen: 21
84.238.240.0/20 maxlen: 20
185.7.204.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:5a:3d:50:bb:14:8d:35:6b:37:3f:e6:70:98:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e52fab6d3206eb60a31db96c72d94fc242c0a08
Validity
Not Before: Jan 1 13:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a11ef47d6eee5705979ba10a00df2eaab950910e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d5:a5:c7:65:5b:2d:07:4f:5a:7e:e1:82:15:
48:c9:29:95:72:45:f8:90:cd:48:8a:4c:69:2b:2d:
ed:06:a7:99:7b:b3:f3:2a:1c:55:bd:93:f7:c1:90:
21:4d:ee:d4:7b:9c:a6:25:10:f5:8a:04:3d:c1:1d:
b0:e9:16:91:ca:f0:89:98:ae:91:b9:1f:37:51:dd:
c7:52:13:1e:a0:18:7d:97:cb:97:4d:4e:5b:bf:ca:
71:f9:9e:92:61:85:96:ef:27:89:94:cb:0c:78:c2:
b8:bd:1a:db:f3:e3:79:35:b6:94:2d:0b:ec:c2:65:
b0:c8:63:e8:99:a5:39:d2:0b:9a:d6:0c:48:aa:5c:
83:e8:f1:db:6a:5d:6f:7c:87:ae:bc:c0:04:7f:64:
d9:34:b0:d9:5f:d5:68:4a:97:ad:1a:95:2e:f4:8f:
e8:9a:c0:e9:da:76:f2:fb:f6:e5:27:94:0c:ec:4a:
06:66:c7:35:90:aa:7d:3b:6b:3f:0c:cc:54:09:9d:
c2:23:04:1f:73:d3:78:d0:71:b3:0a:b5:ba:18:d0:
f3:55:80:57:aa:89:2f:ff:f1:93:48:20:30:ae:78:
7a:67:de:48:7d:21:a5:f8:08:bd:b9:ad:59:d2:96:
38:7d:f2:d6:fe:4a:e0:f8:1f:57:53:be:6a:a1:0c:
a2:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:1E:F4:7D:6E:EE:57:05:97:9B:A1:0A:00:DF:2E:AA:B9:50:91:0E
X509v3 Authority Key Identifier:
keyid:7E:52:FA:B6:D3:20:6E:B6:0A:31:DB:96:C7:2D:94:FC:24:2C:0A:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/flL6ttMgbrYKMduWxy2U_CQsCgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/cc47e5-4a21-4f4f-be22-a5c93a7b9fa5/1/oR70fW7uVwWXm6EKAN8uqrlQkQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/cc47e5-4a21-4f4f-be22-a5c93a7b9fa5/1/flL6ttMgbrYKMduWxy2U_CQsCgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.238.184.0/21
84.238.196.0-84.238.203.255
84.238.216.0/22
84.238.228.0-84.238.255.255
185.7.204.0/22
Signature Algorithm: sha256WithRSAEncryption
83:72:9c:e7:9c:82:af:09:8b:be:78:75:31:ef:f3:88:2e:be:
b7:a9:87:ca:47:55:57:b8:10:78:82:d0:86:a9:32:65:23:f5:
64:26:c6:d0:71:84:34:06:4a:6f:d7:5a:ab:c9:8b:90:71:dd:
24:d6:5b:2c:a5:93:25:54:90:c5:3b:bb:87:e6:1b:c8:b8:6b:
3e:ed:9b:7f:6c:44:f1:98:68:81:9e:f4:4f:0e:fb:c8:71:c5:
71:e3:57:07:59:f8:14:de:f1:6d:95:84:da:f0:14:20:bd:bb:
24:a5:8e:ce:86:1a:f6:10:0c:e2:12:6a:56:8a:87:2f:60:86:
53:23:a6:5a:08:b1:1d:d9:7f:2b:f6:63:67:9d:d8:a7:4d:db:
77:8b:de:47:68:1e:36:c5:61:55:19:cd:fb:40:fe:e7:ce:1d:
69:8a:a4:d5:58:81:f7:50:c8:6b:2e:e2:9a:1e:a2:63:8f:07:
44:fa:66:88:e8:67:d4:bc:b2:ad:bd:2b:66:f1:ce:50:f9:98:
29:23:62:1f:ae:9a:47:45:90:06:93:dd:f0:9b:6d:24:b6:45:
95:ed:16:a5:ff:cc:b1:c1:00:35:7e:52:c8:23:1d:7c:82:21:
36:61:14:56:d6:b1:45:8f:20:4d:1f:4e:d3:96:d0:d6:9d:13:
43:ab:8b:2d
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQiH1o9ULsUjTVrNz/mcJgMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlNTJmYWI2ZDMyMDZlYjYwYTMxZGI5NmM3MmQ5NGZjMjQy
YzBhMDgwHhcNMjUwMTAxMTM0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTFlZjQ3ZDZlZWU1NzA1OTc5YmExMGEwMGRmMmVhYWI5NTA5MTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNWlx2VbLQdPWn7hghVIySmVckX4
kM1IikxpKy3tBqeZe7PzKhxVvZP3wZAhTe7Ue5ymJRD1igQ9wR2w6RaRyvCJmK6R
uR83Ud3HUhMeoBh9l8uXTU5bv8px+Z6SYYWW7yeJlMsMeMK4vRrb8+N5NbaULQvs
wmWwyGPomaU50gua1gxIqlyD6PHbal1vfIeuvMAEf2TZNLDZX9VoSpetGpUu9I/o
msDp2nby+/blJ5QM7EoGZsc1kKp9O2s/DMxUCZ3CIwQfc9N40HGzCrW6GNDzVYBX
qokv//GTSCAwrnh6Z95IfSGl+Ai9ua1Z0pY4ffLW/krg+B9XU75qoQyiKQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFKEe9H1u7lcFl5uhCgDfLqq5UJEOMB8GA1UdIwQY
MBaAFH5S+rbTIG62CjHblsctlPwkLAoIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmxMNnR0TWdicllLTWR1V3h5MlVfQ1FzQ2dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9jYzQ3ZTUtNGEyMS00ZjRmLWJlMjIt
YTVjOTNhN2I5ZmE1LzEvb1I3MGZXN3VWd1dYbTZFS0FOOHVxcmxRa1E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9jYzQ3ZTUtNGEyMS00ZjRmLWJlMjItYTVjOTNhN2I5ZmE1
LzEvZmxMNnR0TWdicllLTWR1V3h5MlVfQ1FzQ2dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAATAtAwQDVO64MAwD
BAJU7sQDBAJU7sgDBAJU7tgwCwMEAlTu5AMDAFTuAwQCuQfMMA0GCSqGSIb3DQEB
CwUAA4IBAQCDcpznnIKvCYu+eHUx7/OILr63qYfKR1VXuBB4gtCGqTJlI/VkJsbQ
cYQ0Bkpv11qryYuQcd0k1lsspZMlVJDFO7uH5hvIuGs+7Zt/bETxmGiBnvRPDvvI
ccVx41cHWfgU3vFtlYTa8BQgvbskpY7Ohhr2EAziEmpWiocvYIZTI6ZaCLEd2X8r
9mNnndinTdt3i95HaB42xWFVGc37QP7nzh1piqTVWIH3UMhrLuKaHqJjjwdE+maI
6GfUvLKtvStm8c5Q+ZgpI2IfrppHRZAGk93wm20ktkWV7Ral/8yxwQA1flLIIx18
giE2YRRW1rFFjyBNH07TltDWnRNDq4st
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:57:15 2025 by rpki-client