Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/b04b2e-73e6-4887-8df1-3722df073603/1/j7PmpSFhgBjVYHJZ9v-oJkPT_1s.roa
File: j7PmpSFhgBjVYHJZ9v-oJkPT_1s.roa (raw, json)
Hash identifier: coCXdiUavSzSexx19Rr3HiHaVSAnRm2htTb2x9gwHcc=
Subject key identifier: 8F:B3:E6:A5:21:61:80:18:D5:60:72:59:F6:FF:A8:26:43:D3:FF:5B
Certificate issuer: /CN=e7334ad9b3fc521030be99a5157211b663216c94
Certificate serial: 019420D6222B527B77B8916BE00588263BEC
Authority key identifier: E7:33:4A:D9:B3:FC:52:10:30:BE:99:A5:15:72:11:B6:63:21:6C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5zNK2bP8UhAwvpmlFXIRtmMhbJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/b04b2e-73e6-4887-8df1-3722df073603/1/j7PmpSFhgBjVYHJZ9v-oJkPT_1s.roa
Signing time: Wed 01 Jan 2025 07:48:11 +0000
ROA not before: Wed 01 Jan 2025 07:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204576
IP address blocks: 185.75.221.0/24 maxlen: 24
2a0d:a640::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:22:2b:52:7b:77:b8:91:6b:e0:05:88:26:3b:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7334ad9b3fc521030be99a5157211b663216c94
Validity
Not Before: Jan 1 07:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8fb3e6a521618018d5607259f6ffa82643d3ff5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d3:b8:e9:4d:2b:39:af:9d:98:7d:2c:30:4d:
fd:92:14:8e:1b:40:32:94:7b:74:f5:28:0c:03:b6:
40:f8:f9:49:9f:2e:6b:89:41:10:50:da:86:f7:6b:
36:7d:f7:dd:d3:9b:e4:e0:5c:f9:ee:dd:cc:c1:66:
9d:76:76:de:b5:35:1e:e9:50:c0:7c:0c:5a:b6:42:
e8:8d:13:95:6a:50:6d:ce:2b:f5:bb:54:62:0b:d4:
0d:2f:a1:a2:db:02:73:4d:ec:36:f5:b3:70:1d:30:
23:c9:03:39:68:ca:45:26:10:82:2c:c8:d4:37:b5:
67:0e:f9:88:f1:bb:4d:3b:37:09:eb:74:6b:ca:ef:
ad:14:46:2f:66:72:6c:b6:93:dc:a7:3c:77:f1:8e:
2b:35:b0:00:93:95:e5:1e:47:f1:97:ba:ec:77:83:
6e:88:d7:a2:1d:59:45:bc:a9:91:42:16:dd:9b:b4:
1b:32:54:cd:5b:73:fd:71:dd:a3:03:3b:eb:de:90:
88:e0:f3:41:00:2b:f0:f2:08:b6:ea:24:60:77:97:
1e:54:f6:26:49:3e:49:f1:12:ec:10:ba:44:b9:80:
e5:53:91:f7:da:fa:07:40:ae:6a:7b:c3:7c:77:76:
f2:83:84:8b:11:c6:fe:3d:34:87:d3:c3:7e:8b:7c:
e5:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:B3:E6:A5:21:61:80:18:D5:60:72:59:F6:FF:A8:26:43:D3:FF:5B
X509v3 Authority Key Identifier:
keyid:E7:33:4A:D9:B3:FC:52:10:30:BE:99:A5:15:72:11:B6:63:21:6C:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5zNK2bP8UhAwvpmlFXIRtmMhbJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b04b2e-73e6-4887-8df1-3722df073603/1/j7PmpSFhgBjVYHJZ9v-oJkPT_1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b04b2e-73e6-4887-8df1-3722df073603/1/5zNK2bP8UhAwvpmlFXIRtmMhbJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.221.0/24
IPv6:
2a0d:a640::/29
Signature Algorithm: sha256WithRSAEncryption
7e:73:23:8c:21:81:78:02:cd:74:02:0a:e0:06:21:5a:bf:45:
cf:b3:b4:3a:78:14:44:bb:4f:41:6d:18:32:f9:aa:77:25:61:
b3:1c:3b:a1:47:70:00:8e:7d:d5:3d:c5:25:5f:eb:92:67:93:
17:b0:75:e9:c6:6f:02:32:99:29:c8:45:ad:8c:f9:53:7a:2a:
f6:9a:a0:cc:b0:c0:ed:b2:7d:3f:14:21:58:f3:cb:c9:fb:f0:
19:5a:ca:52:dd:15:b2:e0:19:11:6b:34:a5:03:17:dd:a4:70:
38:9c:61:2a:13:38:98:18:36:43:fc:64:1b:71:dd:1c:7d:73:
e3:fa:9d:7c:19:d3:a4:aa:7f:51:1b:a5:b1:9e:4a:64:ad:b7:
2d:9d:6b:08:a5:8a:65:86:51:a0:2e:49:fa:54:b3:d4:4f:ba:
3c:3e:cf:4c:a6:54:a6:5f:36:60:1f:53:72:4a:31:e2:1a:4a:
6a:ac:de:42:7f:55:60:c9:20:c2:48:3a:88:df:73:1a:eb:6f:
ae:40:66:76:c4:ce:af:c2:90:ce:1d:2f:e4:bb:ad:5f:5a:ad:
f3:2a:d9:d7:fa:22:47:e2:5e:61:4b:54:bb:4a:ef:2b:52:1f:
d4:d2:1d:00:a9:ef:42:db:8f:b7:d2:18:24:38:ec:95:9b:42:
57:07:4e:01
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQg1iIrUnt3uJFr4AWIJjvsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3MzM0YWQ5YjNmYzUyMTAzMGJlOTlhNTE1NzIxMWI2NjMy
MTZjOTQwHhcNMjUwMTAxMDc0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmIzZTZhNTIxNjE4MDE4ZDU2MDcyNTlmNmZmYTgyNjQzZDNmZjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9O46U0rOa+dmH0sME39khSOG0Ay
lHt09SgMA7ZA+PlJny5riUEQUNqG92s2fffd05vk4Fz57t3MwWaddnbetTUe6VDA
fAxatkLojROValBtziv1u1RiC9QNL6Gi2wJzTew29bNwHTAjyQM5aMpFJhCCLMjU
N7VnDvmI8btNOzcJ63Rryu+tFEYvZnJstpPcpzx38Y4rNbAAk5XlHkfxl7rsd4Nu
iNeiHVlFvKmRQhbdm7QbMlTNW3P9cd2jAzvr3pCI4PNBACvw8gi26iRgd5ceVPYm
ST5J8RLsELpEuYDlU5H32voHQK5qe8N8d3byg4SLEcb+PTSH08N+i3zlbwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI+z5qUhYYAY1WByWfb/qCZD0/9bMB8GA1UdIwQY
MBaAFOczStmz/FIQML6ZpRVyEbZjIWyUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXpOSzJiUDhVaEF3dnBtbEZYSVJ0bU1oYkpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iMDRiMmUtNzNlNi00ODg3LThkZjEt
MzcyMmRmMDczNjAzLzEvajdQbXBTRmhnQmpWWUhKWjl2LW9Ka1BUXzFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9iMDRiMmUtNzNlNi00ODg3LThkZjEtMzcyMmRmMDczNjAz
LzEvNXpOSzJiUDhVaEF3dnBtbEZYSVJ0bU1oYkpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuUvdMA0E
AgACMAcDBQMqDaZAMA0GCSqGSIb3DQEBCwUAA4IBAQB+cyOMIYF4As10AgrgBiFa
v0XPs7Q6eBREu09BbRgy+ap3JWGzHDuhR3AAjn3VPcUlX+uSZ5MXsHXpxm8CMpkp
yEWtjPlTeir2mqDMsMDtsn0/FCFY88vJ+/AZWspS3RWy4BkRazSlAxfdpHA4nGEq
EziYGDZD/GQbcd0cfXPj+p18GdOkqn9RG6WxnkpkrbctnWsIpYplhlGgLkn6VLPU
T7o8Ps9MplSmXzZgH1NySjHiGkpqrN5Cf1VgySDCSDqI33Ma62+uQGZ2xM6vwpDO
HS/ku61fWq3zKtnX+iJH4l5hS1S7Su8rUh/U0h0Aqe9C24+30hgkOOyVm0JXB04B
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:35:34 2025 by rpki-client