Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/puQ4Sk8pHIWfFKAYZzp1IAYEd0Q.roa
File: puQ4Sk8pHIWfFKAYZzp1IAYEd0Q.roa (raw, json)
Hash identifier: tM5HP1N7Kc8KkaIaBlmp8d2jgH4OgbCHpaIgKSubYgE=
Subject key identifier: A6:E4:38:4A:4F:29:1C:85:9F:14:A0:18:67:3A:75:20:06:04:77:44
Certificate issuer: /CN=3eb1788fe220e46434692d1cc437072d792d7888
Certificate serial: 019423D7433BDFCB77900762F81918A25946
Authority key identifier: 3E:B1:78:8F:E2:20:E4:64:34:69:2D:1C:C4:37:07:2D:79:2D:78:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/puQ4Sk8pHIWfFKAYZzp1IAYEd0Q.roa
Signing time: Wed 01 Jan 2025 21:48:17 +0000
ROA not before: Wed 01 Jan 2025 21:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58069
IP address blocks: 157.180.228.0/22 maxlen: 22
157.180.232.0/22 maxlen: 22
192.108.45.0/24 maxlen: 24
192.108.46.0/23 maxlen: 23
192.108.68.0/24 maxlen: 24
2a00:139c::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:43:3b:df:cb:77:90:07:62:f8:19:18:a2:59:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eb1788fe220e46434692d1cc437072d792d7888
Validity
Not Before: Jan 1 21:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6e4384a4f291c859f14a018673a752006047744
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ae:83:93:cd:73:1d:a2:b4:d6:f5:c9:6a:69:
fc:a9:df:1d:7b:93:fb:7f:63:ef:5e:e6:50:2a:de:
47:ed:01:5d:2c:4e:ac:14:28:e5:ef:90:6a:a8:cf:
a8:2a:04:55:09:27:9d:b3:95:92:4f:06:e5:f2:b2:
c2:29:75:f0:f9:2f:28:7e:ff:49:d6:ba:b9:02:a8:
1b:45:d1:30:0f:aa:8d:83:8f:ba:86:e8:74:0e:13:
fe:40:43:49:82:7c:e1:63:5c:bd:ad:8d:f1:10:38:
4c:ac:f9:e1:16:5f:66:ab:fb:77:17:9a:0d:9a:62:
21:58:46:30:a4:40:37:56:d9:8b:2d:7b:e0:ab:c8:
13:db:40:fe:3c:20:f7:97:40:71:2e:55:1c:dc:e1:
fe:67:09:a7:a7:a4:21:4e:5c:a9:b7:17:fd:a4:2d:
df:e4:f9:66:85:ae:99:f2:27:80:59:42:38:d2:c1:
04:71:e6:21:dd:0a:7f:52:76:ca:b5:cc:c9:04:df:
45:32:4a:3b:81:a4:be:90:7e:4f:25:f8:33:8e:ab:
7c:05:54:0e:e3:b6:ae:ee:09:ca:6c:77:6c:cf:e8:
8b:16:79:08:1e:15:70:07:6c:fe:7c:70:13:e3:2e:
70:77:d1:89:ec:0f:ea:26:b7:76:e4:14:7d:84:19:
a6:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:E4:38:4A:4F:29:1C:85:9F:14:A0:18:67:3A:75:20:06:04:77:44
X509v3 Authority Key Identifier:
keyid:3E:B1:78:8F:E2:20:E4:64:34:69:2D:1C:C4:37:07:2D:79:2D:78:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/puQ4Sk8pHIWfFKAYZzp1IAYEd0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.180.228.0-157.180.235.255
192.108.45.0-192.108.47.255
192.108.68.0/24
IPv6:
2a00:139c::/32
Signature Algorithm: sha256WithRSAEncryption
75:8f:18:61:3c:c4:57:dc:40:00:8f:08:57:82:a2:8b:ca:ba:
51:57:c5:a3:96:c2:e8:4d:52:50:0f:cb:01:53:c2:74:44:ce:
37:0d:bf:b2:ce:dd:2b:fd:48:66:3e:96:c8:97:bf:1e:1b:ca:
1e:7b:2d:d1:d6:b8:70:a5:1e:04:db:b0:bf:4c:3b:27:2e:2f:
36:9a:fa:ce:21:ca:e7:6f:73:de:ac:d9:c4:35:fd:4c:33:df:
d8:69:dc:05:0e:2f:3c:d6:c4:fd:03:79:12:3f:bb:66:ff:16:
de:18:a3:d4:1d:b7:1c:81:2d:34:63:2d:ff:c0:a6:a8:6c:29:
a2:37:2e:4c:60:4c:2b:88:1f:ab:a9:15:27:f8:46:02:60:bc:
43:41:8e:af:d7:d6:85:dc:c1:41:10:b7:8c:3c:86:5e:c2:fe:
25:33:f9:26:8e:14:42:a1:2b:df:f0:9b:eb:0f:cb:6f:37:5e:
af:0d:ae:e8:6e:cd:3c:cb:bf:87:0e:5a:69:1b:30:77:72:24:
35:ff:de:36:c5:e4:12:91:d7:c0:3a:a3:ba:98:29:dd:77:0d:
91:13:88:df:0b:d9:d1:ef:0a:4d:c1:75:c4:77:04:88:b1:d9:
aa:1d:59:6f:48:32:06:f9:8b:e2:a9:04:78:1f:fb:bc:d8:5d:
84:d4:c8:9e
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZQj10M738t3kAdi+BkYollGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYjE3ODhmZTIyMGU0NjQzNDY5MmQxY2M0MzcwNzJkNzky
ZDc4ODgwHhcNMjUwMTAxMjE0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmU0Mzg0YTRmMjkxYzg1OWYxNGEwMTg2NzNhNzUyMDA2MDQ3NzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkq6Dk81zHaK01vXJamn8qd8de5P7
f2PvXuZQKt5H7QFdLE6sFCjl75BqqM+oKgRVCSeds5WSTwbl8rLCKXXw+S8ofv9J
1rq5AqgbRdEwD6qNg4+6huh0DhP+QENJgnzhY1y9rY3xEDhMrPnhFl9mq/t3F5oN
mmIhWEYwpEA3VtmLLXvgq8gT20D+PCD3l0BxLlUc3OH+Zwmnp6QhTlyptxf9pC3f
5Plmha6Z8ieAWUI40sEEceYh3Qp/UnbKtczJBN9FMko7gaS+kH5PJfgzjqt8BVQO
47au7gnKbHdsz+iLFnkIHhVwB2z+fHAT4y5wd9GJ7A/qJrd25BR9hBmmRwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFKbkOEpPKRyFnxSgGGc6dSAGBHdEMB8GA1UdIwQY
MBaAFD6xeI/iIORkNGktHMQ3By15LXiIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHJGNGotSWc1R1EwYVMwY3hEY0hMWGt0ZUlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8yMmY1NzAtMGIyNi00MDA0LThlZDAt
ZDk1MDk0NzMwNzJjLzEvcHVRNFNrOHBISVdmRktBWVp6cDFJQVlFZDBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8yMmY1NzAtMGIyNi00MDA0LThlZDAtZDk1MDk0NzMwNzJj
LzEvUHJGNGotSWc1R1EwYVMwY3hEY0hMWGt0ZUlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAoBAIAATAiMAwDBAKdtOQD
BAKdtOgwDAMEAMBsLQMEBMBsIAMEAMBsRDANBAIAAjAHAwUAKgATnDANBgkqhkiG
9w0BAQsFAAOCAQEAdY8YYTzEV9xAAI8IV4Kii8q6UVfFo5bC6E1SUA/LAVPCdETO
Nw2/ss7dK/1IZj6WyJe/HhvKHnst0da4cKUeBNuwv0w7Jy4vNpr6ziHK529z3qzZ
xDX9TDPf2GncBQ4vPNbE/QN5Ej+7Zv8W3hij1B23HIEtNGMt/8CmqGwpojcuTGBM
K4gfq6kVJ/hGAmC8Q0GOr9fWhdzBQRC3jDyGXsL+JTP5Jo4UQqEr3/Cb6w/Lbzde
rw2u6G7NPMu/hw5aaRswd3IkNf/eNsXkEpHXwDqjupgp3XcNkROI3wvZ0e8KTcF1
xHcEiLHZqh1Zb0gyBvmL4qkEeB/7vNhdhNTIng==
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:00:34 2025 by rpki-client