Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/2pE0oMIP3Tz1w2_Xq5HX5IVErYg.roa
File: 2pE0oMIP3Tz1w2_Xq5HX5IVErYg.roa (raw, json)
Hash identifier: imwzpoGiOATUp0Mtdl7n1pWxHoBVgMKLDu0IclMIwM0=
Subject key identifier: DA:91:34:A0:C2:0F:DD:3C:F5:C3:6F:D7:AB:91:D7:E4:85:44:AD:88
Certificate issuer: /CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Certificate serial: 019425FDC67A4ADBED1DCF1A05D57F93B725
Authority key identifier: 47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/2pE0oMIP3Tz1w2_Xq5HX5IVErYg.roa
Signing time: Thu 02 Jan 2025 07:49:35 +0000
ROA not before: Thu 02 Jan 2025 07:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29286
IP address blocks: 128.140.128.0/20 maxlen: 20
185.23.96.0/23 maxlen: 23
185.23.99.0/24 maxlen: 24
213.180.228.0/24 maxlen: 24
213.180.252.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:c6:7a:4a:db:ed:1d:cf:1a:05:d5:7f:93:b7:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Validity
Not Before: Jan 2 07:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da9134a0c20fdd3cf5c36fd7ab91d7e48544ad88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:cd:bf:0a:0c:b6:13:6e:d1:22:a4:c3:c1:30:
83:17:3e:37:9c:b8:84:a6:22:0e:77:ee:b9:50:01:
25:cf:ce:cb:c7:5f:fe:5d:46:76:55:90:8e:e0:82:
1f:23:c5:42:28:41:92:7a:71:41:1a:68:e5:63:14:
df:e8:e4:8c:88:da:62:bd:a7:38:52:62:96:ce:17:
6e:13:6d:26:8f:67:97:ec:51:88:eb:3b:c7:49:29:
79:a8:50:3d:62:b2:69:64:5a:ec:5f:6a:ca:45:a3:
f8:ae:f2:1a:99:19:8e:95:fc:fb:8e:b4:01:cd:81:
01:7a:f0:8d:f7:09:3f:68:ae:d6:ad:0e:c6:4e:1f:
f5:11:d7:6b:06:1b:cf:c9:f8:e2:db:c8:94:09:d0:
bc:28:06:06:7b:5f:6a:9c:8a:9b:51:a1:07:e4:ea:
68:72:a4:ee:eb:d2:13:7c:9a:55:ce:93:09:f1:d3:
11:a2:30:44:35:f6:10:2d:1d:a0:49:d1:90:1f:df:
84:a7:cb:cc:cd:4c:ef:41:f5:d7:c1:cc:94:08:f1:
12:59:90:7d:5d:f0:45:3e:e2:dc:2d:f8:85:c9:d2:
04:3c:36:5b:10:e0:7d:f2:bf:44:ff:84:d8:b6:02:
7d:d8:ac:a3:90:57:c3:ad:af:64:59:d9:78:97:3b:
b1:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:91:34:A0:C2:0F:DD:3C:F5:C3:6F:D7:AB:91:D7:E4:85:44:AD:88
X509v3 Authority Key Identifier:
keyid:47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/2pE0oMIP3Tz1w2_Xq5HX5IVErYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.140.128.0/20
185.23.96.0/23
185.23.99.0/24
213.180.228.0/24
213.180.252.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:b6:9a:4e:bc:e8:c5:0f:17:d6:9e:62:1b:da:55:f6:f8:c4:
53:f0:66:39:d3:22:50:4a:52:d9:2a:4f:a1:54:c0:e8:d5:31:
c3:8f:d5:70:c1:9a:03:27:c3:01:0f:e8:b4:1d:fe:3d:57:df:
56:1c:b6:92:2e:d3:0d:28:d5:bb:ce:f8:6b:73:fb:48:cf:0e:
57:71:77:98:63:5a:80:26:8c:7b:ae:cd:a7:65:a5:44:11:1e:
b7:b1:e2:13:2a:f8:e7:77:be:00:a0:c1:9b:ca:83:cb:d1:9b:
8b:51:d7:10:db:45:03:1a:ca:af:cb:e5:63:31:1b:72:d5:e9:
c6:96:4e:8b:a5:63:cd:ec:3a:12:0a:e5:42:19:e2:3f:c4:ce:
1c:0c:f1:ee:d8:01:9a:53:4b:44:4e:ee:0e:cf:b3:f6:54:3f:
01:bd:47:09:be:c8:16:79:e9:21:9d:40:49:fa:97:e1:fe:46:
45:c7:91:38:b9:47:7c:be:fd:7a:de:9e:de:e0:b6:30:8a:fe:
4f:98:07:ef:59:90:c0:1c:c9:f4:ad:54:c6:38:95:f9:84:bb:
72:3a:38:9c:d8:9b:a7:fa:4b:4e:26:77:c5:7f:fb:c7:4f:a3:
82:46:dc:0f:83:61:35:79:54:c7:97:15:ed:5c:86:aa:dc:15:
ae:da:0e:b1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQl/cZ6StvtHc8aBdV/k7clMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3ZTk0Y2NiN2I2MDFkYTBjYTA5NDY5ZjYwZjY1MzY0MGZl
ZDhjMWMwHhcNMjUwMTAyMDc0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTkxMzRhMGMyMGZkZDNjZjVjMzZmZDdhYjkxZDdlNDg1NDRhZDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiM2/Cgy2E27RIqTDwTCDFz43nLiE
piIOd+65UAElz87Lx1/+XUZ2VZCO4IIfI8VCKEGSenFBGmjlYxTf6OSMiNpivac4
UmKWzhduE20mj2eX7FGI6zvHSSl5qFA9YrJpZFrsX2rKRaP4rvIamRmOlfz7jrQB
zYEBevCN9wk/aK7WrQ7GTh/1EddrBhvPyfji28iUCdC8KAYGe19qnIqbUaEH5Opo
cqTu69ITfJpVzpMJ8dMRojBENfYQLR2gSdGQH9+Ep8vMzUzvQfXXwcyUCPESWZB9
XfBFPuLcLfiFydIEPDZbEOB98r9E/4TYtgJ92KyjkFfDra9kWdl4lzux8QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNqRNKDCD9089cNv16uR1+SFRK2IMB8GA1UdIwQY
MBaAFEfpTMt7YB2gyglGn2D2U2QP7YwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQt
YmQ5MGEzZjA2ZTE2LzEvMnBFMG9NSVAzVHoxdzJfWHE1SFg1SVZFcllnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQtYmQ5MGEzZjA2ZTE2
LzEvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEgIyAAwQB
uRdgAwQAuRdjAwQA1bTkAwQC1bT8MA0GCSqGSIb3DQEBCwUAA4IBAQCctppOvOjF
DxfWnmIb2lX2+MRT8GY50yJQSlLZKk+hVMDo1THDj9VwwZoDJ8MBD+i0Hf49V99W
HLaSLtMNKNW7zvhrc/tIzw5XcXeYY1qAJox7rs2nZaVEER63seITKvjnd74AoMGb
yoPL0ZuLUdcQ20UDGsqvy+VjMRty1enGlk6LpWPN7DoSCuVCGeI/xM4cDPHu2AGa
U0tETu4Oz7P2VD8BvUcJvsgWeekhnUBJ+pfh/kZFx5E4uUd8vv163p7e4LYwiv5P
mAfvWZDAHMn0rVTGOJX5hLtyOjic2Jun+ktOJnfFf/vHT6OCRtwPg2E1eVTHlxXt
XIaq3BWu2g6x
-----END CERTIFICATE-----
Generated at Fri Apr 25 16:44:24 2025 by rpki-client