Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/82e656-14a3-4e3a-9d6e-af406086b89b/1/rf7Y9BfnjDYuwCtely2bugyEpys.roa
File: rf7Y9BfnjDYuwCtely2bugyEpys.roa (raw, json)
Hash identifier: 9y+7Sb1Y7U3Xr15ca0JClSv0KalX6Si92Kt+rNAmTHY=
Subject key identifier: AD:FE:D8:F4:17:E7:8C:36:2E:C0:2B:5E:97:2D:9B:BA:0C:84:A7:2B
Certificate issuer: /CN=3f7954d88c0ae3f6398697bfdfc1956a753e83d8
Certificate serial: 019424453C48073969FB24171258022FA3B8
Authority key identifier: 3F:79:54:D8:8C:0A:E3:F6:39:86:97:BF:DF:C1:95:6A:75:3E:83:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P3lU2IwK4_Y5hpe_38GVanU-g9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/82e656-14a3-4e3a-9d6e-af406086b89b/1/rf7Y9BfnjDYuwCtely2bugyEpys.roa
Signing time: Wed 01 Jan 2025 23:48:24 +0000
ROA not before: Wed 01 Jan 2025 23:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41765
IP address blocks: 31.172.164.0/22 maxlen: 22
45.8.233.0/24 maxlen: 24
45.8.234.0/24 maxlen: 24
45.8.235.0/24 maxlen: 24
185.4.63.0/24 maxlen: 24
185.84.112.0/22 maxlen: 24
185.233.48.0/22 maxlen: 22
185.233.48.0/24 maxlen: 24
185.233.48.10/32 maxlen: 32
185.233.50.0/23 maxlen: 23
188.65.168.0/21 maxlen: 21
193.33.46.0/23 maxlen: 23
193.37.150.0/24 maxlen: 24
193.57.96.0/24 maxlen: 24
2a02:2288::/29 maxlen: 29
2a02:2288::/32 maxlen: 32
2a0c:d500::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:3c:48:07:39:69:fb:24:17:12:58:02:2f:a3:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f7954d88c0ae3f6398697bfdfc1956a753e83d8
Validity
Not Before: Jan 1 23:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=adfed8f417e78c362ec02b5e972d9bba0c84a72b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3d:ad:62:58:c0:f4:d1:19:b0:c2:83:e4:57:
dd:d6:d2:ae:ea:09:c9:18:0f:fe:33:49:14:3c:03:
f7:b8:b6:c8:3d:61:22:7a:06:56:b8:c7:d7:b5:38:
22:ff:be:24:dc:2e:ba:5c:00:56:40:09:c7:1d:d1:
6f:c9:26:6b:a8:56:2d:9a:c3:8f:7b:c6:08:8b:d1:
af:d7:94:a6:d8:b4:a7:c7:4a:d9:8b:29:cb:15:95:
11:da:79:9c:34:20:f6:2d:03:7e:4c:2e:58:1f:1c:
e5:3b:91:78:6f:bb:40:5b:c9:4a:2d:a6:33:46:20:
72:89:1a:91:ce:4a:40:67:1d:77:d0:8a:f0:f6:8e:
a1:b7:79:40:4d:e2:71:74:a6:ed:fa:35:8c:23:f7:
32:8e:a1:0c:5a:11:9d:05:10:81:4f:61:bf:6a:8a:
40:96:58:fe:29:2a:a5:95:37:56:b2:9e:38:70:65:
e7:19:68:a3:2f:3c:aa:88:55:6c:36:39:72:9a:4c:
d4:9a:86:53:39:7a:f7:76:fd:c3:cf:fb:f4:8c:de:
f2:3d:14:ec:90:71:6e:a1:4d:e1:d3:16:6b:00:63:
35:d9:66:59:cc:0c:06:45:6d:49:37:2b:ed:e3:21:
f0:70:64:fa:4d:2d:ce:b6:53:60:fe:53:2f:4f:1b:
20:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:FE:D8:F4:17:E7:8C:36:2E:C0:2B:5E:97:2D:9B:BA:0C:84:A7:2B
X509v3 Authority Key Identifier:
keyid:3F:79:54:D8:8C:0A:E3:F6:39:86:97:BF:DF:C1:95:6A:75:3E:83:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P3lU2IwK4_Y5hpe_38GVanU-g9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/82e656-14a3-4e3a-9d6e-af406086b89b/1/rf7Y9BfnjDYuwCtely2bugyEpys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/82e656-14a3-4e3a-9d6e-af406086b89b/1/P3lU2IwK4_Y5hpe_38GVanU-g9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.164.0/22
45.8.233.0-45.8.235.255
185.4.63.0/24
185.84.112.0/22
185.233.48.0/22
188.65.168.0/21
193.33.46.0/23
193.37.150.0/24
193.57.96.0/24
IPv6:
2a02:2288::/29
2a0c:d500::/29
Signature Algorithm: sha256WithRSAEncryption
10:11:3c:b8:41:d4:ff:6b:8c:12:ed:41:46:da:61:91:54:88:
c4:24:f6:44:ab:e3:26:b0:05:4f:85:46:08:39:49:44:4c:5a:
3a:9e:d0:e3:02:af:c9:0d:cd:fc:24:c6:46:a3:7f:98:2e:8c:
ad:a2:1a:48:d5:ab:34:ba:73:0a:d5:6e:90:6c:0f:43:25:2d:
a4:40:70:e4:a0:82:c4:7e:6d:79:91:bc:f4:5b:a6:b2:72:6e:
7d:d6:18:70:ec:07:38:6d:24:a2:db:50:2f:7b:cb:6a:f6:55:
b0:c5:43:2f:8f:08:5e:15:34:d5:7c:df:e8:8d:a5:9f:19:20:
69:02:80:f5:2e:b6:8b:ea:a6:45:be:ac:f6:36:12:0e:61:f9:
8d:5b:3e:96:4a:61:b6:41:17:63:e0:f7:ad:07:05:93:80:87:
bd:67:d7:11:d9:59:2b:ed:a1:e4:3e:73:4a:40:f2:85:08:53:
81:b6:f8:b3:0c:79:3e:5d:db:df:95:da:c1:2f:cb:35:92:e3:
d9:94:20:e2:73:0a:cf:3a:fa:28:c9:cb:7d:c7:51:46:22:50:
65:59:b2:a6:48:e1:d8:0e:d8:80:c8:f9:34:dd:5e:0d:73:26:
4b:e2:95:1d:d5:47:16:24:12:8d:e3:44:c9:65:8c:2f:86:04:
a7:8d:ff:04
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZQkRTxIBzlp+yQXElgCL6O4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmNzk1NGQ4OGMwYWUzZjYzOTg2OTdiZmRmYzE5NTZhNzUz
ZTgzZDgwHhcNMjUwMTAxMjM0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGZlZDhmNDE3ZTc4YzM2MmVjMDJiNWU5NzJkOWJiYTBjODRhNzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoT2tYljA9NEZsMKD5Ffd1tKu6gnJ
GA/+M0kUPAP3uLbIPWEiegZWuMfXtTgi/74k3C66XABWQAnHHdFvySZrqFYtmsOP
e8YIi9Gv15Sm2LSnx0rZiynLFZUR2nmcNCD2LQN+TC5YHxzlO5F4b7tAW8lKLaYz
RiByiRqRzkpAZx130Irw9o6ht3lATeJxdKbt+jWMI/cyjqEMWhGdBRCBT2G/aopA
llj+KSqllTdWsp44cGXnGWijLzyqiFVsNjlymkzUmoZTOXr3dv3Dz/v0jN7yPRTs
kHFuoU3h0xZrAGM12WZZzAwGRW1JNyvt4yHwcGT6TS3OtlNg/lMvTxsgrQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFK3+2PQX54w2LsArXpctm7oMhKcrMB8GA1UdIwQY
MBaAFD95VNiMCuP2OYaXv9/BlWp1PoPYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDNsVTJJd0s0X1k1aHBlXzM4R1ZhblUtZzlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy84MmU2NTYtMTRhMy00ZTNhLTlkNmUt
YWY0MDYwODZiODliLzEvcmY3WTlCZm5qRFl1d0N0ZWx5MmJ1Z3lFcHlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy84MmU2NTYtMTRhMy00ZTNhLTlkNmUtYWY0MDYwODZiODli
LzEvUDNsVTJJd0s0X1k1aHBlXzM4R1ZhblUtZzlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBEBAIAATA+AwQCH6ykMAwD
BAAtCOkDBAItCOgDBAC5BD8DBAK5VHADBAK56TADBAO8QagDBAHBIS4DBADBJZYD
BADBOWAwFAQCAAIwDgMFAyoCIogDBQMqDNUAMA0GCSqGSIb3DQEBCwUAA4IBAQAQ
ETy4QdT/a4wS7UFG2mGRVIjEJPZEq+MmsAVPhUYIOUlETFo6ntDjAq/JDc38JMZG
o3+YLoytohpI1as0unMK1W6QbA9DJS2kQHDkoILEfm15kbz0W6aycm591hhw7Ac4
bSSi21Ave8tq9lWwxUMvjwheFTTVfN/ojaWfGSBpAoD1LraL6qZFvqz2NhIOYfmN
Wz6WSmG2QRdj4PetBwWTgIe9Z9cR2Vkr7aHkPnNKQPKFCFOBtvizDHk+XdvfldrB
L8s1kuPZlCDicwrPOvooyct9x1FGIlBlWbKmSOHYDtiAyPk03V4NcyZL4pUd1UcW
JBKN40TJZYwvhgSnjf8E
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:05:40 2025 by rpki-client