Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/sxWKrzqIBBqkeo4-v2Jw2EzqS3k.roa
File: sxWKrzqIBBqkeo4-v2Jw2EzqS3k.roa (raw, json)
Hash identifier: DWZadMWJyiM8F0IG02kO3n/vWw1f6vECk5IkRqLr9qY=
Subject key identifier: B3:15:8A:AF:3A:88:04:1A:A4:7A:8E:3E:BF:62:70:D8:4C:EA:4B:79
Certificate issuer: /CN=bd4ad21a0a69dc041c4e1770eb18ba43b6db29ce
Certificate serial: 0194266BB7EA192E04F8C66462FD5675DADF
Authority key identifier: BD:4A:D2:1A:0A:69:DC:04:1C:4E:17:70:EB:18:BA:43:B6:DB:29:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vUrSGgpp3AQcThdw6xi6Q7bbKc4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/sxWKrzqIBBqkeo4-v2Jw2EzqS3k.roa
Signing time: Thu 02 Jan 2025 09:49:41 +0000
ROA not before: Thu 02 Jan 2025 09:49:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209283
IP address blocks: 78.140.252.0/24 maxlen: 24
185.255.76.0/22 maxlen: 22
2a06:4800::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:b7:ea:19:2e:04:f8:c6:64:62:fd:56:75:da:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd4ad21a0a69dc041c4e1770eb18ba43b6db29ce
Validity
Not Before: Jan 2 09:49:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3158aaf3a88041aa47a8e3ebf6270d84cea4b79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a8:cb:61:04:9a:f8:10:1d:db:e1:b7:29:0f:
01:35:f9:be:42:bd:d8:0e:e3:ac:ab:a8:86:3d:44:
de:74:8f:a0:1b:b7:a5:12:05:80:1e:6e:47:dc:29:
10:9f:f5:06:47:ba:7d:d5:16:49:d1:50:48:95:df:
af:e4:da:de:e4:b4:13:71:73:af:57:7d:5d:1a:3d:
67:f1:ee:68:b6:42:2e:92:fe:7b:6f:7d:d8:14:f2:
4e:49:db:ab:e7:cc:26:d1:5f:6d:49:c1:41:e2:a3:
4e:02:07:8d:c7:c8:56:a6:5c:b6:ac:0c:17:64:ac:
6e:01:fa:00:f1:c0:47:02:3a:86:26:e5:ba:a3:78:
d3:57:f3:cf:b4:03:90:80:c2:8c:4e:06:65:dd:af:
2e:63:08:ca:93:e5:b0:9a:19:27:90:fc:42:a7:fe:
01:d8:ea:b6:5d:ef:0f:4b:8b:76:a2:94:7a:01:77:
50:59:e0:27:74:e9:af:b8:32:7d:07:9f:96:8d:b5:
a5:05:0f:df:71:ec:eb:95:3c:09:2f:06:5e:1e:d5:
f5:3c:b1:9c:6c:0a:50:1b:c6:ad:61:a8:fb:8a:18:
8e:d0:25:5d:a6:ea:79:a8:16:89:44:be:f8:a1:a4:
e2:a0:93:ce:31:0e:67:54:71:89:9c:80:73:89:d6:
15:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:15:8A:AF:3A:88:04:1A:A4:7A:8E:3E:BF:62:70:D8:4C:EA:4B:79
X509v3 Authority Key Identifier:
keyid:BD:4A:D2:1A:0A:69:DC:04:1C:4E:17:70:EB:18:BA:43:B6:DB:29:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vUrSGgpp3AQcThdw6xi6Q7bbKc4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/sxWKrzqIBBqkeo4-v2Jw2EzqS3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/vUrSGgpp3AQcThdw6xi6Q7bbKc4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.140.252.0/24
185.255.76.0/22
IPv6:
2a06:4800::/32
Signature Algorithm: sha256WithRSAEncryption
ac:b4:9b:91:9c:fe:14:b5:a5:72:aa:a6:df:a8:1b:28:bf:89:
a4:bf:17:2f:60:9e:05:8f:1b:71:65:3e:ab:13:2e:4f:7e:ac:
a6:59:57:6f:ff:59:a5:19:93:cf:14:72:70:89:9d:1e:4d:0e:
40:b5:66:4e:5b:4a:91:49:47:ba:0d:5f:f3:c9:d2:bb:6f:dd:
77:06:aa:ac:d7:08:d3:ae:48:0a:25:fc:d7:21:bd:1d:07:5f:
ec:12:b4:17:bc:0b:71:e3:ea:21:c4:83:d6:ab:2d:50:04:3d:
01:46:a5:43:84:99:7b:3c:97:ba:0f:84:dd:9c:7a:ff:e3:8f:
79:64:b4:ca:99:73:10:34:d7:cf:5b:1e:04:0c:f0:fe:b9:a3:
8f:ed:e8:10:08:8a:0e:df:90:86:ea:28:55:c0:e9:74:6c:70:
c3:59:a2:6d:2b:30:e9:df:c4:0c:06:ad:e3:b0:2c:fa:3c:bc:
9f:d1:d9:37:e0:bc:eb:8c:9e:06:38:d6:27:70:45:9c:59:b1:
35:8f:15:db:5e:9d:de:ab:c2:83:71:48:c9:bc:03:d7:70:c3:
a5:6c:e8:ee:dd:b8:ed:d9:c0:ea:32:ef:7e:7a:f6:a3:93:1f:
ab:fe:4c:9c:dc:ea:05:81:77:ee:60:fa:ae:a7:c1:37:f4:47:
af:76:23:c1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQma7fqGS4E+MZkYv1WddrfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNGFkMjFhMGE2OWRjMDQxYzRlMTc3MGViMThiYTQzYjZk
YjI5Y2UwHhcNMjUwMTAyMDk0OTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzE1OGFhZjNhODgwNDFhYTQ3YThlM2ViZjYyNzBkODRjZWE0Yjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtajLYQSa+BAd2+G3KQ8BNfm+Qr3Y
DuOsq6iGPUTedI+gG7elEgWAHm5H3CkQn/UGR7p91RZJ0VBIld+v5Nre5LQTcXOv
V31dGj1n8e5otkIukv57b33YFPJOSdur58wm0V9tScFB4qNOAgeNx8hWply2rAwX
ZKxuAfoA8cBHAjqGJuW6o3jTV/PPtAOQgMKMTgZl3a8uYwjKk+WwmhknkPxCp/4B
2Oq2Xe8PS4t2opR6AXdQWeAndOmvuDJ9B5+WjbWlBQ/fcezrlTwJLwZeHtX1PLGc
bApQG8atYaj7ihiO0CVdpup5qBaJRL74oaTioJPOMQ5nVHGJnIBzidYVSQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLMViq86iAQapHqOPr9icNhM6kt5MB8GA1UdIwQY
MBaAFL1K0hoKadwEHE4XcOsYukO22ynOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlVyU0dncHAzQVFjVGhkdzZ4aTZRN2JiS2M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC82N2Y3MDctMDAwNi00NjlkLWIzMTEt
Y2RkNGQ4ZjhkMGQ5LzEvc3hXS3J6cUlCQnFrZW80LXYySncyRXpxUzNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC82N2Y3MDctMDAwNi00NjlkLWIzMTEtY2RkNGQ4ZjhkMGQ5
LzEvdlVyU0dncHAzQVFjVGhkdzZ4aTZRN2JiS2M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAToz8AwQC
uf9MMA0EAgACMAcDBQAqBkgAMA0GCSqGSIb3DQEBCwUAA4IBAQCstJuRnP4UtaVy
qqbfqBsov4mkvxcvYJ4FjxtxZT6rEy5PfqymWVdv/1mlGZPPFHJwiZ0eTQ5AtWZO
W0qRSUe6DV/zydK7b913Bqqs1wjTrkgKJfzXIb0dB1/sErQXvAtx4+ohxIPWqy1Q
BD0BRqVDhJl7PJe6D4TdnHr/4495ZLTKmXMQNNfPWx4EDPD+uaOP7egQCIoO35CG
6ihVwOl0bHDDWaJtKzDp38QMBq3jsCz6PLyf0dk34LzrjJ4GONYncEWcWbE1jxXb
Xp3eq8KDcUjJvAPXcMOlbOju3bjt2cDqMu9+evajkx+r/kyc3OoFgXfuYPqup8E3
9EevdiPB
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:18:37 2025 by rpki-client