Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/426b9d-0e61-4fad-98f3-a0c5970a6f76/1/Y8nuK40q8gspzKEGKdATD4upfew.roa
File: Y8nuK40q8gspzKEGKdATD4upfew.roa (raw, json)
Hash identifier: CdjEN/345b+LYc2PCW9vPxbHq+U9gwN+vvetp06PKuA=
Subject key identifier: 63:C9:EE:2B:8D:2A:F2:0B:29:CC:A1:06:29:D0:13:0F:8B:A9:7D:EC
Certificate issuer: /CN=7a8a1e836fa921d29af89c4a6ed6a0450003933c
Certificate serial: 019420D6297B158CEDBEAB13F72FB6B8B837
Authority key identifier: 7A:8A:1E:83:6F:A9:21:D2:9A:F8:9C:4A:6E:D6:A0:45:00:03:93:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eooeg2-pIdKa-JxKbtagRQADkzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/426b9d-0e61-4fad-98f3-a0c5970a6f76/1/Y8nuK40q8gspzKEGKdATD4upfew.roa
Signing time: Wed 01 Jan 2025 07:48:13 +0000
ROA not before: Wed 01 Jan 2025 07:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199284
IP address blocks: 5.102.160.0/21 maxlen: 24
178.19.224.0/20 maxlen: 24
185.97.180.0/22 maxlen: 24
2a01:75c0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:29:7b:15:8c:ed:be:ab:13:f7:2f:b6:b8:b8:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a8a1e836fa921d29af89c4a6ed6a0450003933c
Validity
Not Before: Jan 1 07:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=63c9ee2b8d2af20b29cca10629d0130f8ba97dec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:96:c7:28:73:ba:1b:2e:7c:d0:87:4a:90:17:
bd:06:53:ad:ae:43:d7:3e:99:f2:57:7f:5c:58:e5:
bf:87:8a:73:e5:f0:3c:61:e8:c4:8a:36:19:93:a3:
49:f0:80:19:49:ae:52:ce:63:85:1a:c6:e0:b5:e5:
c7:b9:bd:23:04:ca:39:75:48:49:97:05:8d:98:b6:
67:6e:55:89:4c:10:2b:f4:35:57:35:fc:81:dc:73:
4d:ab:77:e1:d6:94:3c:15:03:50:de:f0:94:4b:72:
34:68:67:27:98:bf:a4:6a:59:1d:63:8c:79:dc:0d:
67:47:ba:7a:52:5c:d9:dc:30:ff:83:f9:3f:78:54:
79:6c:f3:3c:67:58:74:7e:d9:f4:dc:de:71:89:b2:
a0:3f:d0:f3:83:65:97:c5:b5:08:ed:96:ad:8a:4c:
b0:de:ed:e9:c0:5d:db:a6:a0:59:d9:7e:e8:95:f2:
9d:04:b9:25:16:c9:c9:bc:71:3a:4e:6f:57:55:9f:
8e:a4:30:c1:e1:12:b4:17:6a:2a:c7:ed:3f:c6:dc:
5d:32:4b:70:20:b3:4e:1e:b9:7a:c6:8c:cc:cb:44:
f7:18:28:b2:f6:8e:2b:5f:17:3c:fc:61:60:cf:ee:
f3:fb:2b:a3:37:d8:2e:29:b9:93:09:b5:b1:af:12:
65:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:C9:EE:2B:8D:2A:F2:0B:29:CC:A1:06:29:D0:13:0F:8B:A9:7D:EC
X509v3 Authority Key Identifier:
keyid:7A:8A:1E:83:6F:A9:21:D2:9A:F8:9C:4A:6E:D6:A0:45:00:03:93:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eooeg2-pIdKa-JxKbtagRQADkzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/426b9d-0e61-4fad-98f3-a0c5970a6f76/1/Y8nuK40q8gspzKEGKdATD4upfew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/426b9d-0e61-4fad-98f3-a0c5970a6f76/1/eooeg2-pIdKa-JxKbtagRQADkzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.160.0/21
178.19.224.0/20
185.97.180.0/22
IPv6:
2a01:75c0::/29
Signature Algorithm: sha256WithRSAEncryption
6b:85:aa:34:f2:77:f1:05:65:6d:ad:37:f7:24:a4:72:8f:d7:
7a:d1:eb:b8:61:08:f0:24:31:18:43:74:7a:e9:59:31:85:7e:
31:87:28:41:1a:64:0f:7e:31:08:af:84:f5:8d:d5:fd:59:bc:
7f:7c:ac:5b:72:ac:0c:7f:5d:a1:4a:34:f3:94:d6:12:e9:72:
a4:3a:be:f9:26:24:d5:49:cb:63:0e:d2:6a:86:95:8b:98:bf:
ed:b6:96:86:44:8d:4c:da:14:c9:ed:e6:5b:5d:1d:f8:70:b8:
2e:0c:67:3d:68:44:7d:ca:bf:3a:a8:d0:af:7b:44:96:5f:1e:
19:40:b1:41:47:e4:60:7d:78:09:8d:82:e2:f5:40:85:d9:a1:
11:e2:49:fc:8a:e5:8c:c3:ea:d7:7f:22:30:ac:a1:58:cf:86:
ba:62:95:ea:49:c8:38:2f:fd:1b:96:56:4a:45:90:01:da:58:
a2:41:43:ce:35:42:b9:8d:74:fb:0c:f7:c6:15:9c:eb:dc:fb:
af:1f:6e:71:fd:32:90:9b:aa:a1:00:cd:1b:8b:49:40:ff:e4:
07:28:e8:34:18:e5:bc:76:15:39:51:81:00:7d:fb:e3:01:71:
66:94:95:2f:f7:ce:de:9e:52:06:f6:9c:0d:de:44:27:ad:ae:
22:a4:3a:79
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQg1il7FYztvqsT9y+2uLg3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhOGExZTgzNmZhOTIxZDI5YWY4OWM0YTZlZDZhMDQ1MDAw
MzkzM2MwHhcNMjUwMTAxMDc0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2M5ZWUyYjhkMmFmMjBiMjljY2ExMDYyOWQwMTMwZjhiYTk3ZGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4JbHKHO6Gy580IdKkBe9BlOtrkPX
PpnyV39cWOW/h4pz5fA8YejEijYZk6NJ8IAZSa5SzmOFGsbgteXHub0jBMo5dUhJ
lwWNmLZnblWJTBAr9DVXNfyB3HNNq3fh1pQ8FQNQ3vCUS3I0aGcnmL+kalkdY4x5
3A1nR7p6UlzZ3DD/g/k/eFR5bPM8Z1h0ftn03N5xibKgP9Dzg2WXxbUI7Zatikyw
3u3pwF3bpqBZ2X7olfKdBLklFsnJvHE6Tm9XVZ+OpDDB4RK0F2oqx+0/xtxdMktw
ILNOHrl6xozMy0T3GCiy9o4rXxc8/GFgz+7z+yujN9guKbmTCbWxrxJlHwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGPJ7iuNKvILKcyhBinQEw+LqX3sMB8GA1UdIwQY
MBaAFHqKHoNvqSHSmvicSm7WoEUAA5M8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZW9vZWcyLXBJZEthLUp4S2J0YWdSUUFEa3p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi80MjZiOWQtMGU2MS00ZmFkLTk4ZjMt
YTBjNTk3MGE2Zjc2LzEvWThudUs0MHE4Z3NwektFR0tkQVRENHVwZmV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi80MjZiOWQtMGU2MS00ZmFkLTk4ZjMtYTBjNTk3MGE2Zjc2
LzEvZW9vZWcyLXBJZEthLUp4S2J0YWdSUUFEa3p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBWagAwQE
shPgAwQCuWG0MA0EAgACMAcDBQMqAXXAMA0GCSqGSIb3DQEBCwUAA4IBAQBrhao0
8nfxBWVtrTf3JKRyj9d60eu4YQjwJDEYQ3R66VkxhX4xhyhBGmQPfjEIr4T1jdX9
Wbx/fKxbcqwMf12hSjTzlNYS6XKkOr75JiTVSctjDtJqhpWLmL/ttpaGRI1M2hTJ
7eZbXR34cLguDGc9aER9yr86qNCve0SWXx4ZQLFBR+RgfXgJjYLi9UCF2aER4kn8
iuWMw+rXfyIwrKFYz4a6YpXqScg4L/0bllZKRZAB2liiQUPONUK5jXT7DPfGFZzr
3PuvH25x/TKQm6qhAM0bi0lA/+QHKOg0GOW8dhU5UYEAffvjAXFmlJUv987enlIG
9pwN3kQnra4ipDp5
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:32:11 2025 by rpki-client