Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/0d1c33-9117-4a11-bbfe-db81a18e242e/1/dvNIb3T0U0mU22w-yMo6gNRu98k.roa
File: dvNIb3T0U0mU22w-yMo6gNRu98k.roa (raw, json)
Hash identifier: KB6r0yPVxOXp/PVpdxcqc3971j0F/zVlsLjdreh6UUk=
Subject key identifier: 76:F3:48:6F:74:F4:53:49:94:DB:6C:3E:C8:CA:3A:80:D4:6E:F7:C9
Certificate issuer: /CN=7d645e584f1ef9a881f1fbbc4d27a3423de3dff1
Certificate serial: 0194221FB7CDC95AAFE5A8B79799DE6C1717
Authority key identifier: 7D:64:5E:58:4F:1E:F9:A8:81:F1:FB:BC:4D:27:A3:42:3D:E3:DF:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fWReWE8e-aiB8fu8TSejQj3j3_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/0d1c33-9117-4a11-bbfe-db81a18e242e/1/dvNIb3T0U0mU22w-yMo6gNRu98k.roa
Signing time: Wed 01 Jan 2025 13:48:11 +0000
ROA not before: Wed 01 Jan 2025 13:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35369
IP address blocks: 83.164.128.0/17 maxlen: 32
185.121.40.0/22 maxlen: 24
2a00:1860::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:b7:cd:c9:5a:af:e5:a8:b7:97:99:de:6c:17:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d645e584f1ef9a881f1fbbc4d27a3423de3dff1
Validity
Not Before: Jan 1 13:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76f3486f74f4534994db6c3ec8ca3a80d46ef7c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:80:e6:3c:20:38:3a:c8:0b:9c:89:0f:4f:89:
85:17:f4:f3:70:e5:5c:7b:37:df:e7:e6:ef:27:0b:
87:6c:51:d3:9a:75:41:c0:05:8f:43:61:9d:54:83:
7c:72:ba:48:8a:44:6a:40:3f:1a:b3:84:71:26:03:
a3:bf:6c:0b:11:43:89:f3:39:ea:84:16:09:d4:e2:
b3:59:a1:62:a4:fd:1f:f4:61:b9:bc:97:d5:ab:fd:
56:42:66:a1:f3:d3:93:09:ed:56:33:df:e9:96:73:
63:e0:5a:b6:b6:5a:bd:f1:4b:f0:00:2a:20:94:10:
3c:99:01:73:6b:ec:5b:85:7f:1c:76:6b:c5:63:c5:
b4:2d:2d:ea:af:94:1a:1d:54:ec:72:31:8b:a9:f7:
e2:44:2b:24:7d:3a:c7:12:03:db:fb:e0:fb:d3:d9:
d4:0f:66:0c:2a:64:0f:f0:5d:1b:d1:05:b0:25:31:
21:cb:9e:8f:bb:dc:39:5a:34:51:5c:65:02:ee:5e:
5a:13:bb:f0:b8:32:61:f1:86:45:11:14:66:73:ce:
38:3d:7f:65:aa:7f:12:8d:c0:be:ba:92:4d:2d:9c:
ca:f5:4c:94:56:52:61:53:e9:31:8c:25:19:fb:55:
38:0e:ba:91:fe:d1:b7:39:14:cf:2f:33:9a:0b:b0:
21:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:F3:48:6F:74:F4:53:49:94:DB:6C:3E:C8:CA:3A:80:D4:6E:F7:C9
X509v3 Authority Key Identifier:
keyid:7D:64:5E:58:4F:1E:F9:A8:81:F1:FB:BC:4D:27:A3:42:3D:E3:DF:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fWReWE8e-aiB8fu8TSejQj3j3_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/0d1c33-9117-4a11-bbfe-db81a18e242e/1/dvNIb3T0U0mU22w-yMo6gNRu98k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/0d1c33-9117-4a11-bbfe-db81a18e242e/1/fWReWE8e-aiB8fu8TSejQj3j3_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.164.128.0/17
185.121.40.0/22
IPv6:
2a00:1860::/32
Signature Algorithm: sha256WithRSAEncryption
6e:43:7e:c9:c2:7b:db:84:37:a2:de:f9:79:54:11:52:99:d8:
15:28:0d:77:51:9b:c9:c2:85:35:6a:a4:8d:85:d4:0c:d7:5d:
36:28:9e:49:96:01:35:c4:4a:9e:b4:ec:34:a3:04:f1:ef:51:
ad:3d:5c:de:f8:fa:3d:7d:fe:79:11:9f:09:54:24:6a:ae:2e:
09:b6:82:c5:eb:fd:37:50:6d:aa:58:a4:83:81:d5:8d:da:bc:
58:a2:5d:11:ef:98:71:33:f3:2f:1c:3e:d1:2e:9f:f5:e9:a0:
8c:76:44:7e:9f:3a:87:66:18:be:a8:77:6d:04:d8:21:7d:59:
11:62:80:e6:bf:88:09:e1:97:7d:5d:57:a0:cc:30:29:e8:f7:
b5:0d:e5:14:17:33:48:0d:27:60:0d:b3:a9:41:ef:64:2b:34:
0a:cf:80:a1:f5:80:e2:c2:7f:bb:9e:a1:07:91:71:d2:20:22:
26:e3:ca:5f:ea:a5:89:1b:16:0a:35:d3:6e:e1:fb:bb:43:24:
ac:e6:62:7a:e0:b3:b3:a2:d6:c7:29:1c:45:41:24:ad:40:ec:
31:79:e9:83:32:90:4c:bb:dd:00:a6:96:75:de:0f:35:88:17:
ff:66:91:e4:97:63:cc:1f:ac:84:06:3d:11:e6:7a:dd:f3:71:
40:60:5e:55
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQiH7fNyVqv5ai3l5nebBcXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNjQ1ZTU4NGYxZWY5YTg4MWYxZmJiYzRkMjdhMzQyM2Rl
M2RmZjEwHhcNMjUwMTAxMTM0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmYzNDg2Zjc0ZjQ1MzQ5OTRkYjZjM2VjOGNhM2E4MGQ0NmVmN2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+YDmPCA4OsgLnIkPT4mFF/TzcOVc
ezff5+bvJwuHbFHTmnVBwAWPQ2GdVIN8crpIikRqQD8as4RxJgOjv2wLEUOJ8znq
hBYJ1OKzWaFipP0f9GG5vJfVq/1WQmah89OTCe1WM9/plnNj4Fq2tlq98UvwACog
lBA8mQFza+xbhX8cdmvFY8W0LS3qr5QaHVTscjGLqffiRCskfTrHEgPb++D709nU
D2YMKmQP8F0b0QWwJTEhy56Pu9w5WjRRXGUC7l5aE7vwuDJh8YZFERRmc844PX9l
qn8SjcC+upJNLZzK9UyUVlJhU+kxjCUZ+1U4DrqR/tG3ORTPLzOaC7AhtQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHbzSG909FNJlNtsPsjKOoDUbvfJMB8GA1UdIwQY
MBaAFH1kXlhPHvmogfH7vE0no0I949/xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZldSZVdFOGUtYWlCOGZ1OFRTZWpRajNqM19FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8wZDFjMzMtOTExNy00YTExLWJiZmUt
ZGI4MWExOGUyNDJlLzEvZHZOSWIzVDBVMG1VMjJ3LXlNbzZnTlJ1OThrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8wZDFjMzMtOTExNy00YTExLWJiZmUtZGI4MWExOGUyNDJl
LzEvZldSZVdFOGUtYWlCOGZ1OFRTZWpRajNqM19FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHU6SAAwQC
uXkoMA0EAgACMAcDBQAqABhgMA0GCSqGSIb3DQEBCwUAA4IBAQBuQ37JwnvbhDei
3vl5VBFSmdgVKA13UZvJwoU1aqSNhdQM1102KJ5JlgE1xEqetOw0owTx71GtPVze
+Po9ff55EZ8JVCRqri4JtoLF6/03UG2qWKSDgdWN2rxYol0R75hxM/MvHD7RLp/1
6aCMdkR+nzqHZhi+qHdtBNghfVkRYoDmv4gJ4Zd9XVegzDAp6Pe1DeUUFzNIDSdg
DbOpQe9kKzQKz4Ch9YDiwn+7nqEHkXHSICIm48pf6qWJGxYKNdNu4fu7QySs5mJ6
4LOzotbHKRxFQSStQOwxeemDMpBMu90AppZ13g81iBf/ZpHkl2PMH6yEBj0R5nrd
83FAYF5V
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:22:23 2025 by rpki-client