Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/278b7d-cf43-4ac2-ad6b-7bc12a62a0d3/1/CF9g-zHrIl6sH7ffAFMheYKTmgE.roa
File: CF9g-zHrIl6sH7ffAFMheYKTmgE.roa (raw, json)
Hash identifier: 8JftFhjM60lS0dv+t4PfyHWDIpIU5Mke1ZAPszJPPn0=
Subject key identifier: 08:5F:60:FB:31:EB:22:5E:AC:1F:B7:DF:00:53:21:79:82:93:9A:01
Certificate issuer: /CN=427b5406ecdab8e5b40ddc54bc615ca2a70922f1
Certificate serial: 019427B53FFA66E01908339B8F470FDE0D97
Authority key identifier: 42:7B:54:06:EC:DA:B8:E5:B4:0D:DC:54:BC:61:5C:A2:A7:09:22:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QntUBuzauOW0DdxUvGFcoqcJIvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/278b7d-cf43-4ac2-ad6b-7bc12a62a0d3/1/CF9g-zHrIl6sH7ffAFMheYKTmgE.roa
Signing time: Thu 02 Jan 2025 15:49:37 +0000
ROA not before: Thu 02 Jan 2025 15:49:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47864
IP address blocks: 185.217.60.0/24 maxlen: 24
2a10:bb00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:3f:fa:66:e0:19:08:33:9b:8f:47:0f:de:0d:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=427b5406ecdab8e5b40ddc54bc615ca2a70922f1
Validity
Not Before: Jan 2 15:49:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=085f60fb31eb225eac1fb7df0053217982939a01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b5:f1:c0:49:53:3d:ff:0c:f3:ac:17:df:47:
45:47:42:3c:fa:30:12:d2:92:34:f2:4e:fe:1a:45:
92:e2:a9:41:01:9e:e0:82:e8:c5:5d:e4:75:86:24:
41:24:fb:ae:4c:e1:a3:d8:61:66:c0:2a:82:92:18:
35:5a:cf:57:02:8b:e8:43:54:0a:01:a0:74:77:dc:
72:69:ca:b8:c6:eb:6d:2a:f0:b4:2c:b2:44:99:6e:
c9:7c:2f:ad:27:50:e3:76:f6:fd:d2:b2:17:ef:d7:
df:c0:74:98:5e:23:f7:46:cd:26:97:98:4b:b7:9c:
42:55:79:16:0c:60:00:77:d3:c2:62:41:55:9a:9b:
02:93:6c:32:98:ff:e6:68:3f:ad:f6:18:fb:b0:3d:
ba:44:02:4f:72:e9:9e:c2:01:34:9b:f9:b7:fd:75:
46:0e:bb:13:fa:90:e9:c0:45:f8:3e:b2:13:0b:71:
49:3a:09:dd:07:35:d3:75:db:99:27:03:36:2d:4f:
f1:d1:46:f9:6e:b0:c9:bf:0e:46:ef:86:ba:f5:2d:
eb:2a:a7:97:bd:4e:a2:d3:1b:f5:97:45:20:a5:35:
fd:75:d9:d7:2f:c0:a3:78:36:22:ae:39:7c:3c:10:
e7:29:89:5d:5f:35:87:76:c4:95:8f:2b:44:48:ff:
a5:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:5F:60:FB:31:EB:22:5E:AC:1F:B7:DF:00:53:21:79:82:93:9A:01
X509v3 Authority Key Identifier:
keyid:42:7B:54:06:EC:DA:B8:E5:B4:0D:DC:54:BC:61:5C:A2:A7:09:22:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QntUBuzauOW0DdxUvGFcoqcJIvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/278b7d-cf43-4ac2-ad6b-7bc12a62a0d3/1/CF9g-zHrIl6sH7ffAFMheYKTmgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/278b7d-cf43-4ac2-ad6b-7bc12a62a0d3/1/QntUBuzauOW0DdxUvGFcoqcJIvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.60.0/24
IPv6:
2a10:bb00::/29
Signature Algorithm: sha256WithRSAEncryption
8a:c6:45:0a:58:ee:ca:18:a5:d0:0f:c2:95:2e:15:a9:36:3f:
65:3a:95:ea:63:b9:44:ab:22:6d:f5:3b:50:5c:c7:1a:83:89:
f6:7d:e6:29:c8:86:73:66:bd:16:9d:2e:4e:d4:80:9e:e9:50:
c6:ee:16:96:fb:22:34:8a:1c:a6:f8:0e:1f:37:b5:08:1e:54:
0b:dc:2d:18:4e:a5:20:fe:30:c9:5e:ae:27:c4:3b:eb:0e:dc:
2e:26:cf:a3:00:41:bd:b3:99:02:cd:1f:c4:bb:d1:b2:89:90:
a7:95:32:fa:58:a8:57:06:69:9f:e5:ed:f2:07:17:b0:3e:a1:
f0:1f:76:1d:16:3b:3a:75:ea:e9:8e:ca:bc:4d:e4:64:3d:c4:
be:70:64:ab:95:16:b5:17:1a:81:dd:c0:d1:4e:30:66:49:36:
99:c7:67:cd:8b:14:c8:75:19:6c:14:9f:4d:d9:eb:ac:a1:70:
57:58:38:a2:73:fd:57:61:a3:45:99:f4:64:38:46:ec:23:cf:
1f:43:f6:62:ac:3a:3a:50:c8:6c:9a:9c:18:91:ae:f3:ad:2c:
ff:f2:a1:5f:84:ce:da:c7:4a:9e:1a:3d:b3:2c:38:d6:2d:ef:
c6:94:53:e2:46:a2:5b:bd:2c:3e:98:3b:89:97:99:d5:7b:50:
07:7a:ed:3e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQntT/6ZuAZCDObj0cP3g2XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyN2I1NDA2ZWNkYWI4ZTViNDBkZGM1NGJjNjE1Y2EyYTcw
OTIyZjEwHhcNMjUwMTAyMTU0OTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODVmNjBmYjMxZWIyMjVlYWMxZmI3ZGYwMDUzMjE3OTgyOTM5YTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorXxwElTPf8M86wX30dFR0I8+jAS
0pI08k7+GkWS4qlBAZ7ggujFXeR1hiRBJPuuTOGj2GFmwCqCkhg1Ws9XAovoQ1QK
AaB0d9xyacq4xuttKvC0LLJEmW7JfC+tJ1Djdvb90rIX79ffwHSYXiP3Rs0ml5hL
t5xCVXkWDGAAd9PCYkFVmpsCk2wymP/maD+t9hj7sD26RAJPcumewgE0m/m3/XVG
DrsT+pDpwEX4PrITC3FJOgndBzXTdduZJwM2LU/x0Ub5brDJvw5G74a69S3rKqeX
vU6i0xv1l0UgpTX9ddnXL8CjeDYirjl8PBDnKYldXzWHdsSVjytESP+l+wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAhfYPsx6yJerB+33wBTIXmCk5oBMB8GA1UdIwQY
MBaAFEJ7VAbs2rjltA3cVLxhXKKnCSLxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW50VUJ1emF1T1cwRGR4VXZHRmNvcWNKSXZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8yNzhiN2QtY2Y0My00YWMyLWFkNmIt
N2JjMTJhNjJhMGQzLzEvQ0Y5Zy16SHJJbDZzSDdmZkFGTWhlWUtUbWdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8yNzhiN2QtY2Y0My00YWMyLWFkNmItN2JjMTJhNjJhMGQz
LzEvUW50VUJ1emF1T1cwRGR4VXZHRmNvcWNKSXZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAudk8MA0E
AgACMAcDBQMqELsAMA0GCSqGSIb3DQEBCwUAA4IBAQCKxkUKWO7KGKXQD8KVLhWp
Nj9lOpXqY7lEqyJt9TtQXMcag4n2feYpyIZzZr0WnS5O1ICe6VDG7haW+yI0ihym
+A4fN7UIHlQL3C0YTqUg/jDJXq4nxDvrDtwuJs+jAEG9s5kCzR/Eu9GyiZCnlTL6
WKhXBmmf5e3yBxewPqHwH3YdFjs6derpjsq8TeRkPcS+cGSrlRa1FxqB3cDRTjBm
STaZx2fNixTIdRlsFJ9N2eusoXBXWDiic/1XYaNFmfRkOEbsI88fQ/ZirDo6UMhs
mpwYka7zrSz/8qFfhM7ax0qeGj2zLDjWLe/GlFPiRqJbvSw+mDuJl5nVe1AHeu0+
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:46 2025 by rpki-client on console.sobornost.net