Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/9e1a77-7c17-4481-877c-7788748f67cb/1/J7Gy2XDgfHPCSDMpGX8qtAkzxgw.roa
File: J7Gy2XDgfHPCSDMpGX8qtAkzxgw.roa (raw, json)
Hash identifier: 6l+CaQcFJnHqVrHhZ9HMXXYDvAoiNAEfMopwPsMkNsc=
Subject key identifier: 27:B1:B2:D9:70:E0:7C:73:C2:48:33:29:19:7F:2A:B4:09:33:C6:0C
Certificate issuer: /CN=843be8639f4039993c1f6e7879f4729e47dc37ae
Certificate serial: 019425FDD5F01BE9BFCDAD88F758A5CB28DF
Authority key identifier: 84:3B:E8:63:9F:40:39:99:3C:1F:6E:78:79:F4:72:9E:47:DC:37:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hDvoY59AOZk8H254efRynkfcN64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/9e1a77-7c17-4481-877c-7788748f67cb/1/J7Gy2XDgfHPCSDMpGX8qtAkzxgw.roa
Signing time: Thu 02 Jan 2025 07:49:39 +0000
ROA not before: Thu 02 Jan 2025 07:49:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199800
IP address blocks: 185.45.140.0/22 maxlen: 24
185.45.140.0/23 maxlen: 23
185.45.142.0/24 maxlen: 24
185.45.143.0/24 maxlen: 24
2a01:8020::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:d5:f0:1b:e9:bf:cd:ad:88:f7:58:a5:cb:28:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=843be8639f4039993c1f6e7879f4729e47dc37ae
Validity
Not Before: Jan 2 07:49:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=27b1b2d970e07c73c2483329197f2ab40933c60c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:2f:df:e4:ba:e7:2f:ed:b5:4b:07:cc:89:33:
17:43:93:b2:c3:ad:b8:8d:c1:2e:2e:0f:d0:79:16:
84:89:04:6b:b4:37:a9:1c:e6:5e:a6:c0:fa:48:77:
dd:b5:dd:a3:44:b4:16:de:1f:c9:3e:19:fa:c6:c4:
ed:7e:d9:01:c6:b8:c4:63:e4:97:98:00:23:51:89:
fc:f3:99:0b:11:25:6c:13:58:fb:0b:22:58:de:54:
d0:a0:99:24:f7:0a:6e:10:6d:2b:dc:01:82:ff:c9:
6b:a9:b9:b0:73:08:33:be:e7:6d:96:e7:8d:a8:c5:
3d:13:fc:ab:03:39:8d:22:0e:dc:ab:c1:5d:f8:aa:
9b:62:37:f5:b1:47:f5:eb:43:85:00:bc:57:c2:11:
c0:a8:67:64:ef:c8:94:44:d5:11:ba:71:f9:8c:d9:
70:00:57:97:83:b8:5f:89:2c:78:44:00:f8:cb:b9:
60:1e:d1:4d:1d:0d:1a:82:15:15:4c:03:89:7e:c3:
26:49:6c:a2:e0:40:a9:92:2e:84:f0:89:06:b2:0c:
bd:e1:8a:37:b6:e3:7f:87:19:c2:24:58:f4:ed:c9:
06:4a:23:11:e5:71:8a:59:84:a2:41:42:43:36:34:
8e:60:5e:eb:f4:03:07:ca:62:e7:66:50:65:11:bf:
4a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:B1:B2:D9:70:E0:7C:73:C2:48:33:29:19:7F:2A:B4:09:33:C6:0C
X509v3 Authority Key Identifier:
keyid:84:3B:E8:63:9F:40:39:99:3C:1F:6E:78:79:F4:72:9E:47:DC:37:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hDvoY59AOZk8H254efRynkfcN64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/9e1a77-7c17-4481-877c-7788748f67cb/1/J7Gy2XDgfHPCSDMpGX8qtAkzxgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/9e1a77-7c17-4481-877c-7788748f67cb/1/hDvoY59AOZk8H254efRynkfcN64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.45.140.0/22
IPv6:
2a01:8020::/32
Signature Algorithm: sha256WithRSAEncryption
25:cc:1e:32:8b:a4:57:df:a7:a4:23:87:fe:62:66:c2:6a:96:
1b:06:62:ce:e7:b3:a7:2b:2e:aa:e1:89:e3:0a:12:3a:93:7d:
dc:23:22:ee:47:30:ff:87:95:d4:e0:99:1c:3e:e7:cb:d7:76:
e4:3a:c4:80:44:ac:43:b5:7b:2c:07:09:05:e1:13:12:b1:ff:
de:d9:ea:47:30:b1:c0:15:9c:48:25:13:34:85:cb:ae:a4:0a:
0d:31:5d:32:f3:24:11:7d:74:ce:92:09:b8:78:d6:de:c0:24:
6e:8d:9f:eb:59:53:2b:c9:26:23:1d:3f:74:e4:db:b0:e5:6b:
ff:2b:50:9a:2f:1b:a8:3c:57:b6:3d:57:6d:e1:52:0a:f9:dc:
4d:76:a2:cc:fc:2f:3e:ad:27:52:36:02:e5:34:83:76:f5:1e:
4b:4f:e6:93:5e:fe:5d:18:06:20:87:58:0f:90:f4:0f:21:3d:
28:99:ec:f2:4a:2f:66:ac:09:e4:61:13:90:f9:f8:cc:6b:5f:
27:c9:61:15:55:1b:66:82:11:57:f2:ab:80:aa:46:7e:dd:d9:
a4:af:33:33:08:0d:7a:2d:57:f1:ed:7a:ec:73:7f:b1:57:b0:
60:a8:c9:f8:25:b6:1b:d0:89:65:b6:de:1f:36:d3:20:90:45:
60:98:ce:43
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQl/dXwG+m/za2I91ilyyjfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0M2JlODYzOWY0MDM5OTkzYzFmNmU3ODc5ZjQ3MjllNDdk
YzM3YWUwHhcNMjUwMTAyMDc0OTM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2IxYjJkOTcwZTA3YzczYzI0ODMzMjkxOTdmMmFiNDA5MzNjNjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmi/f5LrnL+21SwfMiTMXQ5Oyw624
jcEuLg/QeRaEiQRrtDepHOZepsD6SHfdtd2jRLQW3h/JPhn6xsTtftkBxrjEY+SX
mAAjUYn885kLESVsE1j7CyJY3lTQoJkk9wpuEG0r3AGC/8lrqbmwcwgzvudtlueN
qMU9E/yrAzmNIg7cq8Fd+KqbYjf1sUf160OFALxXwhHAqGdk78iURNURunH5jNlw
AFeXg7hfiSx4RAD4y7lgHtFNHQ0aghUVTAOJfsMmSWyi4ECpki6E8IkGsgy94Yo3
tuN/hxnCJFj07ckGSiMR5XGKWYSiQUJDNjSOYF7r9AMHymLnZlBlEb9KyQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCexstlw4HxzwkgzKRl/KrQJM8YMMB8GA1UdIwQY
MBaAFIQ76GOfQDmZPB9ueHn0cp5H3DeuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaER2b1k1OUFPWms4SDI1NGVmUnlua2ZjTjY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi85ZTFhNzctN2MxNy00NDgxLTg3N2Mt
Nzc4ODc0OGY2N2NiLzEvSjdHeTJYRGdmSFBDU0RNcEdYOHF0QWt6eGd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi85ZTFhNzctN2MxNy00NDgxLTg3N2MtNzc4ODc0OGY2N2Ni
LzEvaER2b1k1OUFPWms4SDI1NGVmUnlua2ZjTjY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuS2MMA0E
AgACMAcDBQAqAYAgMA0GCSqGSIb3DQEBCwUAA4IBAQAlzB4yi6RX36ekI4f+YmbC
apYbBmLO57OnKy6q4YnjChI6k33cIyLuRzD/h5XU4JkcPufL13bkOsSARKxDtXss
BwkF4RMSsf/e2epHMLHAFZxIJRM0hcuupAoNMV0y8yQRfXTOkgm4eNbewCRujZ/r
WVMrySYjHT905Nuw5Wv/K1CaLxuoPFe2PVdt4VIK+dxNdqLM/C8+rSdSNgLlNIN2
9R5LT+aTXv5dGAYgh1gPkPQPIT0omezySi9mrAnkYROQ+fjMa18nyWEVVRtmghFX
8quAqkZ+3dmkrzMzCA16LVfx7Xrsc3+xV7BgqMn4JbYb0Illtt4fNtMgkEVgmM5D
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:04:18 2025 by rpki-client