Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/EWhV2nZzPGULzKvOG2MvhocgovE.roa
File: EWhV2nZzPGULzKvOG2MvhocgovE.roa (raw, json)
Hash identifier: OzQ6WJT3EYS1HSklkK31URXKRNLF47r8BnLvX7yH27s=
Subject key identifier: 11:68:55:DA:76:73:3C:65:0B:CC:AB:CE:1B:63:2F:86:87:20:A2:F1
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01942748558841E4F04F48D2B6662D7E5E1A
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/EWhV2nZzPGULzKvOG2MvhocgovE.roa
Signing time: Thu 02 Jan 2025 13:50:39 +0000
ROA not before: Thu 02 Jan 2025 13:50:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42708
IP address blocks: 192.121.153.0/24 maxlen: 24
192.165.76.0/24 maxlen: 24
193.180.200.0/24 maxlen: 24
194.14.177.0/24 maxlen: 24
194.68.166.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:55:88:41:e4:f0:4f:48:d2:b6:66:2d:7e:5e:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=116855da76733c650bccabce1b632f868720a2f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c7:01:00:95:0a:b7:96:b9:b4:02:18:fc:c5:
b3:8d:10:27:98:be:8e:a5:57:55:67:15:ce:c8:65:
e0:8b:8d:e4:0a:d5:20:39:5f:21:a5:f8:8f:f5:7e:
df:78:93:bb:cb:52:3a:b8:99:e6:8a:f0:6a:83:10:
4e:7a:0c:ff:79:84:49:22:47:db:6b:9a:d4:13:c5:
2d:cc:f7:52:02:0e:70:5a:63:55:9c:b3:be:ee:be:
55:77:ca:0a:17:9d:d9:24:b7:d5:3c:28:1f:ff:84:
0e:d6:51:81:76:da:52:33:8e:14:f7:11:86:77:13:
b6:b1:b6:4a:2e:34:f2:f7:d5:99:a3:43:10:d4:90:
b3:d5:4d:d6:6f:76:67:d7:67:1d:d7:77:19:06:62:
d9:81:9e:57:f6:a4:b8:69:b7:12:0c:06:5b:09:e3:
df:7d:7b:c5:87:de:65:1c:4a:c8:51:05:a3:95:cd:
3b:71:b4:e3:b3:13:71:21:12:55:82:ba:3b:fb:aa:
ea:b1:47:6d:47:be:5c:1f:55:86:08:0b:e7:aa:c5:
1b:3d:ed:6c:89:55:6c:87:ed:69:f4:50:85:0e:b5:
a4:4b:50:ef:0d:e1:5b:b3:c3:37:af:a9:4a:d3:6a:
1f:74:62:3c:7a:68:6e:d2:3b:25:00:68:63:ca:8f:
ae:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:68:55:DA:76:73:3C:65:0B:CC:AB:CE:1B:63:2F:86:87:20:A2:F1
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/EWhV2nZzPGULzKvOG2MvhocgovE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.153.0/24
192.165.76.0/24
193.180.200.0/24
194.14.177.0/24
194.68.166.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:7c:34:2a:27:27:e7:ea:12:ef:9c:06:59:04:85:7d:ac:d0:
0c:77:27:de:d5:bf:3e:8d:e7:b1:b1:b9:0c:f8:63:f9:b6:07:
6b:5a:91:fb:c5:5c:00:93:d4:30:d8:66:7d:64:9e:eb:bd:21:
2a:eb:7b:83:7e:3e:e2:23:3e:41:fb:4c:34:e2:30:0e:27:5a:
69:e4:50:22:6f:93:d7:e8:65:57:be:a4:45:de:93:cb:32:e0:
f2:38:67:46:7b:11:e8:35:f1:24:b0:85:54:93:70:09:61:7e:
e1:29:98:b2:b1:5e:68:d8:e3:1a:6c:03:02:3b:23:f1:d1:09:
af:d5:44:1c:42:fa:76:be:66:f4:c1:fa:1f:96:36:5d:15:06:
85:fb:62:3a:e7:72:b2:f1:89:67:55:34:61:84:b4:92:76:05:
aa:fb:11:7c:fe:8a:f4:87:2a:ef:a7:c3:55:97:44:ee:2e:ea:
c8:24:6b:45:ae:51:17:7c:a3:a7:85:17:b5:ec:b0:b2:17:71:
a1:1f:5f:83:cb:31:b0:d7:01:29:10:c5:32:49:5d:04:1a:a5:
69:3f:2b:54:ee:38:e5:88:72:b5:2e:34:d8:dc:52:63:28:ed:
a3:e6:dc:61:f9:c9:63:58:c6:34:19:09:76:9b:c3:52:c5:1f:
31:99:75:cc
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQnSFWIQeTwT0jStmYtfl4aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTY4NTVkYTc2NzMzYzY1MGJjY2FiY2UxYjYzMmY4Njg3MjBhMmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMcBAJUKt5a5tAIY/MWzjRAnmL6O
pVdVZxXOyGXgi43kCtUgOV8hpfiP9X7feJO7y1I6uJnmivBqgxBOegz/eYRJIkfb
a5rUE8UtzPdSAg5wWmNVnLO+7r5Vd8oKF53ZJLfVPCgf/4QO1lGBdtpSM44U9xGG
dxO2sbZKLjTy99WZo0MQ1JCz1U3Wb3Zn12cd13cZBmLZgZ5X9qS4abcSDAZbCePf
fXvFh95lHErIUQWjlc07cbTjsxNxIRJVgro7+6rqsUdtR75cH1WGCAvnqsUbPe1s
iVVsh+1p9FCFDrWkS1DvDeFbs8M3r6lK02ofdGI8emhu0jslAGhjyo+u2QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBFoVdp2czxlC8yrzhtjL4aHIKLxMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvRVdoVjJuWnpQR1VMekt2T0cyTXZob2Nnb3ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwHmZAwQA
wKVMAwQAwbTIAwQAwg6xAwQBwkSmMA0GCSqGSIb3DQEBCwUAA4IBAQAKfDQqJyfn
6hLvnAZZBIV9rNAMdyfe1b8+jeexsbkM+GP5tgdrWpH7xVwAk9Qw2GZ9ZJ7rvSEq
63uDfj7iIz5B+0w04jAOJ1pp5FAib5PX6GVXvqRF3pPLMuDyOGdGexHoNfEksIVU
k3AJYX7hKZiysV5o2OMabAMCOyPx0Qmv1UQcQvp2vmb0wfofljZdFQaF+2I653Ky
8YlnVTRhhLSSdgWq+xF8/or0hyrvp8NVl0TuLurIJGtFrlEXfKOnhRe17LCyF3Gh
H1+DyzGw1wEpEMUySV0EGqVpPytU7jjliHK1LjTY3FJjKO2j5txh+cljWMY0GQl2
m8NSxR8xmXXM
-----END CERTIFICATE-----
Generated at Sat Apr 26 00:57:01 2025 by rpki-client