Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/1IJY47Jxp3xzdGW-myvAlIbZlYE.roa
File: 1IJY47Jxp3xzdGW-myvAlIbZlYE.roa (raw, json)
Hash identifier: 2NXCLhXmbysv0W1FeNdF/X6jxHCl4hDbegCfl9TD5qw=
Subject key identifier: D4:82:58:E3:B2:71:A7:7C:73:74:65:BE:9B:2B:C0:94:86:D9:95:81
Certificate issuer: /CN=abbad3de831da94222c1add104caf4c3247689ac
Certificate serial: 01942826CD62AFD10E3F99F94EAC28AB383C
Authority key identifier: AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/1IJY47Jxp3xzdGW-myvAlIbZlYE.roa
Signing time: Thu 02 Jan 2025 17:53:39 +0000
ROA not before: Thu 02 Jan 2025 17:53:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 212.68.164.0/22 maxlen: 22
212.68.164.0/24 maxlen: 24
212.68.165.0/24 maxlen: 24
212.68.166.0/24 maxlen: 24
212.68.167.0/24 maxlen: 24
212.68.168.0/22 maxlen: 22
212.68.168.0/24 maxlen: 24
212.68.169.0/24 maxlen: 24
212.68.170.0/24 maxlen: 24
212.68.171.0/24 maxlen: 24
212.68.184.0/22 maxlen: 22
212.68.184.0/24 maxlen: 24
212.68.185.0/24 maxlen: 24
212.68.186.0/24 maxlen: 24
212.68.187.0/24 maxlen: 24
212.68.188.0/22 maxlen: 22
212.68.188.0/24 maxlen: 24
212.68.189.0/24 maxlen: 24
212.68.190.0/24 maxlen: 24
212.68.191.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:cd:62:af:d1:0e:3f:99:f9:4e:ac:28:ab:38:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abbad3de831da94222c1add104caf4c3247689ac
Validity
Not Before: Jan 2 17:53:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d48258e3b271a77c737465be9b2bc09486d99581
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:49:8f:bb:98:9a:0d:e0:66:3d:e8:84:d9:1f:
bb:72:48:1b:b4:8e:68:57:2f:cd:06:64:ba:b1:a4:
57:9e:a7:03:0c:b6:50:52:c6:08:f6:9d:c7:0e:0b:
0a:0e:b6:11:af:e8:eb:4f:6b:76:b3:12:6c:56:34:
cc:fd:41:1b:0a:ba:55:78:6b:74:5e:fe:1a:af:5e:
b7:8a:43:94:0c:84:e8:ad:80:39:8d:88:26:bd:3e:
78:bb:29:8f:af:41:30:9c:9e:80:96:fb:9a:f8:54:
de:43:fe:c3:5f:24:ec:36:f1:a8:7f:cf:1c:fe:da:
94:d8:2c:0d:dc:0c:01:55:e5:49:12:00:28:09:10:
0f:5f:14:25:fa:c4:43:e7:b7:54:12:c6:d2:66:1a:
d0:bf:c0:65:b7:8d:c6:b5:11:1e:7f:de:eb:ec:aa:
ba:76:b6:0e:6c:f8:b1:0c:ef:24:b0:d0:d4:fd:db:
c0:11:be:ef:a7:1f:a0:67:85:b6:7f:aa:29:04:6c:
b8:6e:08:79:2e:fc:a0:72:f8:36:63:7a:51:4b:fc:
89:a0:53:0a:da:4a:2d:10:ec:62:47:7b:04:3e:9f:
e4:89:b9:41:0b:3a:2e:4d:b3:4d:d8:c5:4d:d4:bc:
13:1b:4e:9e:80:23:b3:86:72:87:e8:b2:6c:37:c6:
1c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:82:58:E3:B2:71:A7:7C:73:74:65:BE:9B:2B:C0:94:86:D9:95:81
X509v3 Authority Key Identifier:
keyid:AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/1IJY47Jxp3xzdGW-myvAlIbZlYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.164.0-212.68.171.255
212.68.184.0/21
Signature Algorithm: sha256WithRSAEncryption
39:c2:6b:44:41:28:bf:57:7a:53:90:23:9f:78:95:09:e0:39:
4e:59:47:34:3c:ac:69:e3:16:3b:f1:d2:a1:01:a9:4f:e7:cd:
20:b5:d8:2b:11:53:81:65:68:6f:a9:91:c1:d7:81:42:77:18:
90:ec:6f:db:41:d7:1c:60:8c:a4:c3:a6:24:4c:c6:7a:2a:67:
ce:b7:63:64:93:d6:c2:a2:d9:5f:5f:e7:35:a9:d7:fe:bb:9d:
06:3c:9e:83:19:b7:77:13:64:31:cc:fa:ae:69:75:8e:3b:20:
80:15:69:86:a3:ce:1b:69:8f:f6:44:73:4a:cc:5a:6e:b7:d7:
6f:f5:5f:e5:0a:87:b3:23:81:c6:e2:21:2e:f6:c4:3a:19:11:
8a:58:4b:ad:c9:b7:eb:34:24:82:45:75:6a:58:57:63:fd:37:
85:9d:ec:bc:11:34:19:8b:38:48:4a:28:da:f1:85:db:5c:4c:
6f:27:69:30:83:7d:b0:74:38:c1:14:74:02:14:a0:73:95:4b:
7a:5f:b4:c9:1f:b9:78:ff:f2:99:65:fd:9c:5a:e8:3a:c5:9d:
8e:13:9f:87:fa:ab:94:28:ae:c6:63:e3:b3:ff:88:80:b2:2f:
f1:06:9c:7c:5c:c5:b9:6f:f6:1f:04:96:bb:07:3d:4a:e1:c6:
20:ac:ac:32
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQoJs1ir9EOP5n5Tqwoqzg8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYmFkM2RlODMxZGE5NDIyMmMxYWRkMTA0Y2FmNGMzMjQ3
Njg5YWMwHhcNMjUwMTAyMTc1MzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDgyNThlM2IyNzFhNzdjNzM3NDY1YmU5YjJiYzA5NDg2ZDk5NTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukmPu5iaDeBmPeiE2R+7ckgbtI5o
Vy/NBmS6saRXnqcDDLZQUsYI9p3HDgsKDrYRr+jrT2t2sxJsVjTM/UEbCrpVeGt0
Xv4ar163ikOUDITorYA5jYgmvT54uymPr0EwnJ6Alvua+FTeQ/7DXyTsNvGof88c
/tqU2CwN3AwBVeVJEgAoCRAPXxQl+sRD57dUEsbSZhrQv8Blt43GtREef97r7Kq6
drYObPixDO8ksNDU/dvAEb7vpx+gZ4W2f6opBGy4bgh5Lvygcvg2Y3pRS/yJoFMK
2kotEOxiR3sEPp/kiblBCzouTbNN2MVN1LwTG06egCOzhnKH6LJsN8YcvQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNSCWOOycad8c3RlvpsrwJSG2ZWBMB8GA1UdIwQY
MBaAFKu6096DHalCIsGt0QTK9MMkdomsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDct
NTVjNDM0ZWVjOTZjLzEvMUlKWTQ3SnhwM3h6ZEdXLW15dkFsSWJabFlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDctNTVjNDM0ZWVjOTZj
LzEvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBALURKQD
BALURKgDBAPURLgwDQYJKoZIhvcNAQELBQADggEBADnCa0RBKL9XelOQI594lQng
OU5ZRzQ8rGnjFjvx0qEBqU/nzSC12CsRU4FlaG+pkcHXgUJ3GJDsb9tB1xxgjKTD
piRMxnoqZ863Y2ST1sKi2V9f5zWp1/67nQY8noMZt3cTZDHM+q5pdY47IIAVaYaj
zhtpj/ZEc0rMWm6312/1X+UKh7MjgcbiIS72xDoZEYpYS63Jt+s0JIJFdWpYV2P9
N4Wd7LwRNBmLOEhKKNrxhdtcTG8naTCDfbB0OMEUdAIUoHOVS3pftMkfuXj/8pll
/Zxa6DrFnY4Tn4f6q5QorsZj47P/iICyL/EGnHxcxblv9h8ElrsHPUrhxiCsrDI=
-----END CERTIFICATE-----
Generated at Sat Apr 26 05:27:44 2025 by rpki-client