Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/b79777-4a04-4dab-a1dc-25374494ceee/1/7j43t3dg2tP3DSKOOyDvFDPSQ0E.roa
File: 7j43t3dg2tP3DSKOOyDvFDPSQ0E.roa (raw, json)
Hash identifier: +Rb8Ckbhx24K2SYro30q4c7lAYAS1/PtJbtnZ0q2YK8=
Subject key identifier: EE:3E:37:B7:77:60:DA:D3:F7:0D:22:8E:3B:20:EF:14:33:D2:43:41
Certificate issuer: /CN=0cd2cabeb1d724e7a48dd61e9a7e0c50a4e9bf50
Certificate serial: 019426D91B2D5C2FBCA91845D4E4694C2C4F
Authority key identifier: 0C:D2:CA:BE:B1:D7:24:E7:A4:8D:D6:1E:9A:7E:0C:50:A4:E9:BF:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DNLKvrHXJOekjdYemn4MUKTpv1A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/b79777-4a04-4dab-a1dc-25374494ceee/1/7j43t3dg2tP3DSKOOyDvFDPSQ0E.roa
Signing time: Thu 02 Jan 2025 11:49:09 +0000
ROA not before: Thu 02 Jan 2025 11:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209772
IP address blocks: 185.68.128.0/23 maxlen: 23
185.68.128.0/24 maxlen: 24
185.68.129.0/24 maxlen: 24
185.68.130.0/23 maxlen: 23
185.68.130.0/24 maxlen: 24
185.68.131.0/24 maxlen: 24
185.207.160.0/23 maxlen: 23
185.207.160.0/24 maxlen: 24
185.207.161.0/24 maxlen: 24
185.207.162.0/23 maxlen: 23
185.207.162.0/24 maxlen: 24
185.207.163.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:1b:2d:5c:2f:bc:a9:18:45:d4:e4:69:4c:2c:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cd2cabeb1d724e7a48dd61e9a7e0c50a4e9bf50
Validity
Not Before: Jan 2 11:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee3e37b77760dad3f70d228e3b20ef1433d24341
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:03:8b:a9:bd:e4:8f:28:7d:71:92:c8:4d:bc:
58:44:cc:69:b8:ea:dc:05:04:91:bf:ab:85:df:eb:
95:ad:0d:9c:5a:9b:32:32:b6:48:fc:fe:48:f9:6e:
42:93:18:10:d6:e0:d5:8d:40:8c:b2:9a:2f:05:ea:
e3:b1:21:f5:c6:14:0b:3c:70:f3:33:7b:23:d9:31:
af:fd:25:16:3b:32:58:3e:70:49:9f:a5:fe:da:ef:
dc:57:a8:2a:67:c0:e8:ea:e5:4e:0c:68:62:40:b3:
27:2c:52:bd:35:57:6b:ea:ff:5f:65:02:a2:ae:15:
26:33:42:a6:db:ad:2a:42:59:a3:94:6f:a6:2b:2d:
a1:94:8a:0b:38:5e:6f:f1:7e:49:84:ea:b1:6b:0d:
97:fb:06:bd:7b:71:5c:05:53:a3:76:03:66:7b:ed:
53:69:55:a1:69:15:9c:b1:b7:4d:df:fd:f8:2e:61:
9d:67:bd:6c:19:92:d9:40:f3:47:38:88:83:64:84:
aa:f4:d5:a8:b7:82:1a:9b:28:32:8e:59:0c:98:67:
d9:82:07:6c:54:6b:c1:9c:15:c3:1f:2a:6d:cf:dd:
ed:f0:b4:4e:39:47:1a:5d:e7:90:7a:a2:1d:a1:50:
60:be:17:d6:c6:5c:ca:91:73:af:2e:28:24:5e:01:
8f:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:3E:37:B7:77:60:DA:D3:F7:0D:22:8E:3B:20:EF:14:33:D2:43:41
X509v3 Authority Key Identifier:
keyid:0C:D2:CA:BE:B1:D7:24:E7:A4:8D:D6:1E:9A:7E:0C:50:A4:E9:BF:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DNLKvrHXJOekjdYemn4MUKTpv1A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b79777-4a04-4dab-a1dc-25374494ceee/1/7j43t3dg2tP3DSKOOyDvFDPSQ0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b79777-4a04-4dab-a1dc-25374494ceee/1/DNLKvrHXJOekjdYemn4MUKTpv1A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.128.0/22
185.207.160.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:23:88:c9:94:34:6d:ff:f8:38:a9:e8:72:b4:fd:e5:c5:5f:
54:1f:cd:48:0c:e5:c4:e4:b4:c7:1f:52:66:55:4b:58:22:96:
fc:ac:bb:bb:3b:aa:2f:05:f7:64:b3:ea:ba:7d:fd:c2:81:2f:
d1:6f:93:07:4a:6d:54:6c:7c:80:c0:98:e4:94:54:e8:08:5f:
1a:11:5e:61:bd:2e:c1:4b:6c:8f:2e:14:f2:34:08:87:ee:3e:
c8:f1:df:6f:06:86:a8:bc:14:9e:2f:94:99:b5:1a:f6:68:97:
87:02:3e:e3:db:ff:1c:10:6a:84:89:a3:7d:83:25:0f:f9:d1:
2b:fc:2c:21:eb:02:97:94:39:c7:08:be:ec:83:a3:3d:18:e6:
93:d6:02:98:9b:c2:97:13:95:3d:9c:4b:c4:e7:3c:2f:6e:98:
f7:06:46:af:af:67:61:1c:c1:fc:c5:78:18:51:b3:16:44:0c:
2a:05:ef:95:2a:41:e9:19:6e:1b:4d:51:fd:d9:87:27:72:47:
e5:85:63:10:e6:4b:67:1e:f8:df:fd:c9:e0:fa:77:6b:e4:cf:
96:b2:1b:ee:47:93:fb:47:3f:cf:3c:55:84:a2:35:f4:59:5c:
dc:4b:a2:3a:1e:f5:f2:5a:71:0d:fc:f9:76:b7:b5:44:57:11:
17:ce:a4:41
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQm2RstXC+8qRhF1ORpTCxPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZDJjYWJlYjFkNzI0ZTdhNDhkZDYxZTlhN2UwYzUwYTRl
OWJmNTAwHhcNMjUwMTAyMTE0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTNlMzdiNzc3NjBkYWQzZjcwZDIyOGUzYjIwZWYxNDMzZDI0MzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQOLqb3kjyh9cZLITbxYRMxpuOrc
BQSRv6uF3+uVrQ2cWpsyMrZI/P5I+W5CkxgQ1uDVjUCMspovBerjsSH1xhQLPHDz
M3sj2TGv/SUWOzJYPnBJn6X+2u/cV6gqZ8Do6uVODGhiQLMnLFK9NVdr6v9fZQKi
rhUmM0Km260qQlmjlG+mKy2hlIoLOF5v8X5JhOqxaw2X+wa9e3FcBVOjdgNme+1T
aVWhaRWcsbdN3/34LmGdZ71sGZLZQPNHOIiDZISq9NWot4IamygyjlkMmGfZggds
VGvBnBXDHyptz93t8LROOUcaXeeQeqIdoVBgvhfWxlzKkXOvLigkXgGP4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO4+N7d3YNrT9w0ijjsg7xQz0kNBMB8GA1UdIwQY
MBaAFAzSyr6x1yTnpI3WHpp+DFCk6b9QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE5MS3ZySFhKT2VramRZZW1uNE1VS1RwdjFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9iNzk3NzctNGEwNC00ZGFiLWExZGMt
MjUzNzQ0OTRjZWVlLzEvN2o0M3QzZGcydFAzRFNLT095RHZGRFBTUTBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9iNzk3NzctNGEwNC00ZGFiLWExZGMtMjUzNzQ0OTRjZWVl
LzEvRE5MS3ZySFhKT2VramRZZW1uNE1VS1RwdjFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuUSAAwQC
uc+gMA0GCSqGSIb3DQEBCwUAA4IBAQBLI4jJlDRt//g4qehytP3lxV9UH81IDOXE
5LTHH1JmVUtYIpb8rLu7O6ovBfdks+q6ff3CgS/Rb5MHSm1UbHyAwJjklFToCF8a
EV5hvS7BS2yPLhTyNAiH7j7I8d9vBoaovBSeL5SZtRr2aJeHAj7j2/8cEGqEiaN9
gyUP+dEr/Cwh6wKXlDnHCL7sg6M9GOaT1gKYm8KXE5U9nEvE5zwvbpj3Bkavr2dh
HMH8xXgYUbMWRAwqBe+VKkHpGW4bTVH92YcnckflhWMQ5ktnHvjf/cng+ndr5M+W
shvuR5P7Rz/PPFWEojX0WVzcS6I6HvXyWnEN/Pl2t7VEVxEXzqRB
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:42:22 2025 by rpki-client