Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/3c8da5-a8e9-4a4f-8168-3ce611cb6799/1/K0hhdmIt7Y7kQYBfthadwHAEzT8.roa
File: K0hhdmIt7Y7kQYBfthadwHAEzT8.roa (raw, json)
Hash identifier: e/JVp+UZ3ruylLloiq9C0e2gilOSNxXij9evAIBs/SY=
Subject key identifier: 2B:48:61:76:62:2D:ED:8E:E4:41:80:5F:B6:16:9D:C0:70:04:CD:3F
Certificate issuer: /CN=4f030205fa365e9f49ff4ea7506df912d5ed8360
Certificate serial: 0194221F4BC86A55B3933E587254651D4709
Authority key identifier: 4F:03:02:05:FA:36:5E:9F:49:FF:4E:A7:50:6D:F9:12:D5:ED:83:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TwMCBfo2Xp9J_06nUG35EtXtg2A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/3c8da5-a8e9-4a4f-8168-3ce611cb6799/1/K0hhdmIt7Y7kQYBfthadwHAEzT8.roa
Signing time: Wed 01 Jan 2025 13:47:43 +0000
ROA not before: Wed 01 Jan 2025 13:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28768
IP address blocks: 81.200.32.0/21 maxlen: 21
81.200.40.0/21 maxlen: 21
94.143.216.0/23 maxlen: 23
185.124.216.0/22 maxlen: 22
2a00:1bb0::/32 maxlen: 32
2a03:9060::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:4b:c8:6a:55:b3:93:3e:58:72:54:65:1d:47:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f030205fa365e9f49ff4ea7506df912d5ed8360
Validity
Not Before: Jan 1 13:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b486176622ded8ee441805fb6169dc07004cd3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:93:97:73:4d:8f:46:f7:12:bc:a0:84:de:66:
7d:ad:ba:f6:e8:b0:00:58:26:94:4e:29:37:70:08:
17:7f:36:06:76:a2:87:cb:1a:b4:c5:6e:de:2c:d3:
d7:5b:de:87:c0:79:3f:1c:c3:7f:31:07:2e:b4:f0:
f4:f5:d7:88:84:d9:e9:16:34:bb:7f:92:ec:07:54:
4c:08:e8:d5:68:86:ec:ff:87:8d:d5:82:98:cd:4c:
be:15:f4:b2:76:eb:3d:3e:2d:f0:b2:34:21:c9:f9:
f8:b7:96:53:b0:7d:0b:3f:e4:a1:bf:98:de:4c:2c:
c4:77:04:60:80:b5:fc:98:de:0d:2c:aa:54:b8:7b:
d8:28:f8:01:33:91:bf:34:03:fa:fe:ec:49:3c:03:
46:3c:e6:15:77:e2:84:4e:ac:7e:26:0c:cb:30:6d:
73:db:e9:71:3d:6f:68:71:74:b5:8c:ff:93:cd:86:
d8:ba:b9:6a:95:c0:c9:a8:98:28:1f:ad:70:e2:b6:
7d:51:11:3d:74:3e:17:e7:1c:4d:c6:16:be:27:0b:
3d:04:ae:ba:5b:bc:7a:f2:91:12:1b:43:92:e6:e0:
83:de:b7:eb:a9:82:51:b5:8e:9d:6e:b8:86:a4:81:
ff:bf:75:87:81:7c:7b:54:ba:30:5c:da:aa:e7:cd:
97:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:48:61:76:62:2D:ED:8E:E4:41:80:5F:B6:16:9D:C0:70:04:CD:3F
X509v3 Authority Key Identifier:
keyid:4F:03:02:05:FA:36:5E:9F:49:FF:4E:A7:50:6D:F9:12:D5:ED:83:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TwMCBfo2Xp9J_06nUG35EtXtg2A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/3c8da5-a8e9-4a4f-8168-3ce611cb6799/1/K0hhdmIt7Y7kQYBfthadwHAEzT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/3c8da5-a8e9-4a4f-8168-3ce611cb6799/1/TwMCBfo2Xp9J_06nUG35EtXtg2A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.200.32.0/20
94.143.216.0/23
185.124.216.0/22
IPv6:
2a00:1bb0::/32
2a03:9060::/32
Signature Algorithm: sha256WithRSAEncryption
a4:8e:ff:d4:4e:d0:88:92:10:4b:b8:c3:a9:93:10:83:09:85:
83:62:8c:fb:b8:02:17:b3:0a:71:4a:33:18:78:87:b7:7e:62:
8c:d8:4b:16:f1:03:ed:9e:fe:13:2b:c6:27:cc:19:80:d4:e4:
f1:ba:11:df:51:52:23:32:17:41:be:06:16:da:0a:dc:6d:d4:
2a:4c:93:e0:c0:5c:38:a7:56:42:91:e9:cd:44:97:ef:9b:1e:
82:5b:69:db:c2:7d:03:fd:6d:8a:72:12:69:31:f6:32:5a:68:
c6:f8:b1:d7:9c:15:f0:db:07:9e:ca:61:cf:e6:0e:a9:cc:63:
e7:2e:cc:19:b0:a8:47:b6:5d:69:dd:de:a7:a8:e4:3d:91:bf:
68:b2:97:05:77:cf:d9:7e:91:66:f0:8c:3c:92:00:fb:e7:f7:
1e:de:37:25:f9:35:23:3e:0f:44:8d:d9:95:03:b4:83:30:0a:
9b:78:97:fb:21:f7:29:a1:e4:38:d4:6c:e8:16:f8:47:81:9e:
0e:61:3f:e4:09:e1:80:fe:73:8e:3b:8f:ce:e7:b3:67:2d:49:
4f:e1:46:b0:8b:3f:10:c5:55:97:60:1d:b4:43:1a:70:16:a0:
a3:b9:07:86:e2:a9:5f:b9:cd:cb:8c:41:95:f8:db:c1:8f:31:
87:a0:11:a4
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQiH0vIalWzkz5YclRlHUcJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMDMwMjA1ZmEzNjVlOWY0OWZmNGVhNzUwNmRmOTEyZDVl
ZDgzNjAwHhcNMjUwMTAxMTM0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjQ4NjE3NjYyMmRlZDhlZTQ0MTgwNWZiNjE2OWRjMDcwMDRjZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9JOXc02PRvcSvKCE3mZ9rbr26LAA
WCaUTik3cAgXfzYGdqKHyxq0xW7eLNPXW96HwHk/HMN/MQcutPD09deIhNnpFjS7
f5LsB1RMCOjVaIbs/4eN1YKYzUy+FfSydus9Pi3wsjQhyfn4t5ZTsH0LP+Shv5je
TCzEdwRggLX8mN4NLKpUuHvYKPgBM5G/NAP6/uxJPANGPOYVd+KETqx+JgzLMG1z
2+lxPW9ocXS1jP+TzYbYurlqlcDJqJgoH61w4rZ9URE9dD4X5xxNxha+Jws9BK66
W7x68pESG0OS5uCD3rfrqYJRtY6dbriGpIH/v3WHgXx7VLowXNqq582XuwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFCtIYXZiLe2O5EGAX7YWncBwBM0/MB8GA1UdIwQY
MBaAFE8DAgX6Nl6fSf9Op1Bt+RLV7YNgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHdNQ0JmbzJYcDlKXzA2blVHMzVFdFh0ZzJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8zYzhkYTUtYThlOS00YTRmLTgxNjgt
M2NlNjExY2I2Nzk5LzEvSzBoaGRtSXQ3WTdrUVlCZnRoYWR3SEFFelQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8zYzhkYTUtYThlOS00YTRmLTgxNjgtM2NlNjExY2I2Nzk5
LzEvVHdNQ0JmbzJYcDlKXzA2blVHMzVFdFh0ZzJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQEUcggAwQB
Xo/YAwQCuXzYMBQEAgACMA4DBQAqABuwAwUAKgOQYDANBgkqhkiG9w0BAQsFAAOC
AQEApI7/1E7QiJIQS7jDqZMQgwmFg2KM+7gCF7MKcUozGHiHt35ijNhLFvED7Z7+
EyvGJ8wZgNTk8boR31FSIzIXQb4GFtoK3G3UKkyT4MBcOKdWQpHpzUSX75segltp
28J9A/1tinISaTH2Mlpoxvix15wV8NsHnsphz+YOqcxj5y7MGbCoR7Zdad3ep6jk
PZG/aLKXBXfP2X6RZvCMPJIA++f3Ht43Jfk1Iz4PRI3ZlQO0gzAKm3iX+yH3KaHk
ONRs6Bb4R4GeDmE/5AnhgP5zjjuPzuezZy1JT+FGsIs/EMVVl2AdtEMacBago7kH
huKpX7nNy4xBlfjbwY8xh6ARpA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:06:06 2025 by rpki-client