Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/3815e3-d3a8-4b3c-a4b2-cb344f1800ed/1/K7A7C17ACPryQjif4dPHFWCYnmw.roa
File: K7A7C17ACPryQjif4dPHFWCYnmw.roa (raw, json)
Hash identifier: yO751NJRBOSn6gMdo40XzsiJt+C4xy6LseVpnpZi3tM=
Subject key identifier: 2B:B0:3B:0B:5E:C0:08:FA:F2:42:38:9F:E1:D3:C7:15:60:98:9E:6C
Certificate issuer: /CN=d3d4e0da68c1446689419d103711b191ded567f4
Certificate serial: 01947D728CB2C56179F70EE54E584C385407
Authority key identifier: D3:D4:E0:DA:68:C1:44:66:89:41:9D:10:37:11:B1:91:DE:D5:67:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/09Tg2mjBRGaJQZ0QNxGxkd7VZ_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/3815e3-d3a8-4b3c-a4b2-cb344f1800ed/1/K7A7C17ACPryQjif4dPHFWCYnmw.roa
Signing time: Sun 19 Jan 2025 07:24:06 +0000
ROA not before: Sun 19 Jan 2025 07:24:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3249
IP address blocks: 45.139.107.0/24 maxlen: 24
46.29.35.0/24 maxlen: 24
2a13:cec0::/48 maxlen: 48
2a13:cec1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:7d:72:8c:b2:c5:61:79:f7:0e:e5:4e:58:4c:38:54:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3d4e0da68c1446689419d103711b191ded567f4
Validity
Not Before: Jan 19 07:24:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2bb03b0b5ec008faf242389fe1d3c71560989e6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:5a:97:c1:f1:3a:66:d7:66:04:2e:2d:81:a1:
8f:f6:a6:2d:5a:0e:2e:95:25:88:bf:b2:fd:7e:87:
88:1f:d1:06:64:72:93:70:51:62:5d:9a:78:96:6d:
d7:41:dc:92:af:cc:d1:53:51:b1:a2:82:95:5d:b6:
47:dc:3f:4a:7f:9b:6c:61:ed:6f:76:e6:3e:f1:ab:
38:3e:40:15:3c:40:a4:ad:22:a3:ca:f7:a4:cb:b7:
b4:89:da:ec:24:f5:0a:46:6c:72:b2:b0:e7:bc:b6:
1f:cd:e8:72:88:db:cb:bd:4b:14:a6:40:70:39:2e:
b9:a8:d0:67:63:8e:64:1d:da:cd:58:8e:44:b4:dc:
f7:0d:7e:09:a0:49:a6:49:39:bc:a4:ef:ca:4c:ba:
d7:b4:ed:47:dc:d5:e9:9f:73:1e:ff:c8:d3:9f:a8:
2b:dc:19:79:6c:7d:63:98:c4:45:45:09:d2:de:8a:
4f:eb:3b:82:e8:68:a2:df:38:e6:28:a6:95:12:8a:
3b:5c:62:8a:92:7a:ad:fe:a9:f7:30:b1:bd:ab:ba:
81:15:df:3f:7e:10:37:1b:15:48:ab:b9:04:05:f2:
78:38:31:4d:bd:3b:5b:48:28:4c:3c:4c:a8:cb:2b:
06:3e:aa:e5:e7:45:25:c2:08:69:7b:25:14:1c:a7:
10:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:B0:3B:0B:5E:C0:08:FA:F2:42:38:9F:E1:D3:C7:15:60:98:9E:6C
X509v3 Authority Key Identifier:
keyid:D3:D4:E0:DA:68:C1:44:66:89:41:9D:10:37:11:B1:91:DE:D5:67:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/09Tg2mjBRGaJQZ0QNxGxkd7VZ_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/3815e3-d3a8-4b3c-a4b2-cb344f1800ed/1/K7A7C17ACPryQjif4dPHFWCYnmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/3815e3-d3a8-4b3c-a4b2-cb344f1800ed/1/09Tg2mjBRGaJQZ0QNxGxkd7VZ_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.107.0/24
46.29.35.0/24
IPv6:
2a13:cec0::/48
2a13:cec1::/48
Signature Algorithm: sha256WithRSAEncryption
ab:3b:29:72:68:4b:d2:5f:ec:94:d3:bc:63:40:2a:35:51:92:
14:13:6f:4c:2d:7d:96:09:ef:5a:4d:b8:53:63:c4:90:d9:6c:
08:d1:22:ca:cc:55:90:d1:40:5e:f8:f2:94:9e:65:58:f7:2e:
e0:fc:a4:a1:26:cc:0a:8f:97:41:12:fd:58:c0:c8:3b:b5:b3:
27:e4:68:ec:e1:09:bf:80:4c:86:60:e3:fa:b6:c9:96:b6:35:
e6:63:b2:f3:8b:d8:74:a0:c7:05:2a:d2:2f:48:3d:64:24:3f:
f3:2e:78:b3:11:d6:48:09:bd:5b:96:54:a3:3d:7f:97:5d:c0:
cd:fc:ae:de:a7:1f:99:12:72:50:56:e3:40:32:53:b5:d7:87:
15:34:a1:ae:07:3b:ca:c0:2b:86:e9:bc:98:45:51:29:75:db:
47:03:7c:7d:ff:92:99:eb:f6:c7:86:4d:d0:36:fd:3c:e0:24:
ed:75:6a:e2:c9:38:7b:a8:e3:7a:a0:ef:ed:6f:9b:60:1b:e3:
e4:17:4f:c6:a7:63:22:de:7c:08:a0:0d:0d:1f:09:64:06:1d:
3a:bc:4f:f2:f0:87:29:49:20:0a:8d:f2:e5:06:cd:40:ec:7c:
a0:92:af:d5:d4:9d:41:87:c0:47:a1:70:60:59:5d:bf:7c:29:
84:3d:7e:c6
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZR9coyyxWF59w7lTlhMOFQHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZDRlMGRhNjhjMTQ0NjY4OTQxOWQxMDM3MTFiMTkxZGVk
NTY3ZjQwHhcNMjUwMTE5MDcyNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmIwM2IwYjVlYzAwOGZhZjI0MjM4OWZlMWQzYzcxNTYwOTg5ZTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1qXwfE6ZtdmBC4tgaGP9qYtWg4u
lSWIv7L9foeIH9EGZHKTcFFiXZp4lm3XQdySr8zRU1GxooKVXbZH3D9Kf5tsYe1v
duY+8as4PkAVPECkrSKjyveky7e0idrsJPUKRmxysrDnvLYfzehyiNvLvUsUpkBw
OS65qNBnY45kHdrNWI5EtNz3DX4JoEmmSTm8pO/KTLrXtO1H3NXpn3Me/8jTn6gr
3Bl5bH1jmMRFRQnS3opP6zuC6Gii3zjmKKaVEoo7XGKKknqt/qn3MLG9q7qBFd8/
fhA3GxVIq7kEBfJ4ODFNvTtbSChMPEyoyysGPqrl50UlwghpeyUUHKcQuwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCuwOwtewAj68kI4n+HTxxVgmJ5sMB8GA1UdIwQY
MBaAFNPU4NpowURmiUGdEDcRsZHe1Wf0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDlUZzJtakJSR2FKUVowUU54R3hrZDdWWl9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8zODE1ZTMtZDNhOC00YjNjLWE0YjIt
Y2IzNDRmMTgwMGVkLzEvSzdBN0MxN0FDUHJ5UWppZjRkUEhGV0NZbm13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8zODE1ZTMtZDNhOC00YjNjLWE0YjItY2IzNDRmMTgwMGVk
LzEvMDlUZzJtakJSR2FKUVowUU54R3hrZDdWWl9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQALYtrAwQA
Lh0jMBgEAgACMBIDBwAqE87AAAADBwAqE87BAAAwDQYJKoZIhvcNAQELBQADggEB
AKs7KXJoS9Jf7JTTvGNAKjVRkhQTb0wtfZYJ71pNuFNjxJDZbAjRIsrMVZDRQF74
8pSeZVj3LuD8pKEmzAqPl0ES/VjAyDu1syfkaOzhCb+ATIZg4/q2yZa2NeZjsvOL
2HSgxwUq0i9IPWQkP/MueLMR1kgJvVuWVKM9f5ddwM38rt6nH5kSclBW40AyU7XX
hxU0oa4HO8rAK4bpvJhFUSl120cDfH3/kpnr9seGTdA2/TzgJO11auLJOHuo43qg
7+1vm2Ab4+QXT8anYyLefAigDQ0fCWQGHTq8T/LwhylJIAqN8uUGzUDsfKCSr9XU
nUGHwEehcGBZXb98KYQ9fsY=
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:22:05 2025 by rpki-client