Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/d4bd8b-55f4-4765-ad22-3460cc26480b/1/aMPRUufSIC3BSpnCaSjB3R1EWjU.roa
File: aMPRUufSIC3BSpnCaSjB3R1EWjU.roa (raw, json)
Hash identifier: PznJuTDoIXsWz9HXtvvwD92eU5XcI97tyAGmTVxGT4c=
Subject key identifier: 68:C3:D1:52:E7:D2:20:2D:C1:4A:99:C2:69:28:C1:DD:1D:44:5A:35
Certificate issuer: /CN=97bd9b86531e544afa0309d8be2a7ba69163f9ad
Certificate serial: 01960BA4C50801D9E32AFE638D779BC53501
Authority key identifier: 97:BD:9B:86:53:1E:54:4A:FA:03:09:D8:BE:2A:7B:A6:91:63:F9:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l72bhlMeVEr6AwnYvip7ppFj-a0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/d4bd8b-55f4-4765-ad22-3460cc26480b/1/aMPRUufSIC3BSpnCaSjB3R1EWjU.roa
Signing time: Sun 06 Apr 2025 15:07:49 +0000
ROA not before: Sun 06 Apr 2025 15:07:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198949
IP address blocks: 141.226.110.0/24 maxlen: 24
185.139.240.0/22 maxlen: 24
2a07:1980::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:0b:a4:c5:08:01:d9:e3:2a:fe:63:8d:77:9b:c5:35:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97bd9b86531e544afa0309d8be2a7ba69163f9ad
Validity
Not Before: Apr 6 15:07:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68c3d152e7d2202dc14a99c26928c1dd1d445a35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:53:dd:73:01:df:a3:71:b9:36:69:80:76:d1:
44:4b:14:cd:9b:9b:16:87:a8:b5:b1:ec:e5:73:c5:
74:0b:1b:6c:07:a9:8d:33:65:d2:61:85:4e:60:ee:
ec:e4:c6:7b:98:6c:9f:e5:a2:6e:36:b4:fa:cb:f0:
0a:a2:03:c4:ab:2f:b2:73:00:01:d8:48:db:7a:82:
dd:c2:ec:9b:0c:99:29:43:57:38:04:65:89:1d:94:
5a:f2:f7:18:46:0d:ea:62:55:8e:a5:6f:36:49:03:
b1:4a:d9:41:2b:dd:f7:ad:6a:d2:16:70:a4:14:76:
d5:ec:db:fa:57:08:df:da:af:61:bc:1b:73:0d:86:
ad:19:b9:e0:1d:83:db:13:38:96:57:87:91:89:17:
2c:9d:cb:e4:0b:b6:c8:f9:73:8d:9c:01:97:74:d1:
ff:4a:a8:d2:ec:84:94:6c:f0:5b:83:39:7e:f2:b8:
f3:4f:32:1d:b0:f7:8a:c0:34:09:91:a2:9b:60:b8:
92:3b:05:56:15:87:6f:d2:2b:89:0b:ba:0c:2f:12:
b7:5d:88:e8:cf:2a:47:2e:35:43:b1:da:48:7d:5d:
7b:32:99:7c:b2:63:90:44:95:4f:e7:7d:09:54:56:
c4:13:98:77:63:14:95:6b:bf:84:0a:a5:cc:3a:27:
5e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:C3:D1:52:E7:D2:20:2D:C1:4A:99:C2:69:28:C1:DD:1D:44:5A:35
X509v3 Authority Key Identifier:
keyid:97:BD:9B:86:53:1E:54:4A:FA:03:09:D8:BE:2A:7B:A6:91:63:F9:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l72bhlMeVEr6AwnYvip7ppFj-a0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/d4bd8b-55f4-4765-ad22-3460cc26480b/1/aMPRUufSIC3BSpnCaSjB3R1EWjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/d4bd8b-55f4-4765-ad22-3460cc26480b/1/l72bhlMeVEr6AwnYvip7ppFj-a0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.226.110.0/24
185.139.240.0/22
IPv6:
2a07:1980::/29
Signature Algorithm: sha256WithRSAEncryption
7d:55:3f:f8:56:c1:9c:8b:23:f1:4e:fa:07:73:13:fe:6b:90:
2d:d7:d7:6f:b6:82:c3:d7:bd:5b:cb:80:8c:4c:40:fe:49:4a:
bc:e0:a4:be:a4:bd:d7:01:4a:13:c5:9b:3f:88:bd:0c:ea:06:
70:08:8e:15:93:4e:e6:98:f3:d0:65:31:72:ae:ca:44:6d:1b:
42:dc:4c:55:be:36:f2:07:87:e3:78:f2:ce:00:cd:32:2b:aa:
f2:3e:bf:77:4f:d7:9e:7e:bc:87:8b:24:b1:ef:7b:e5:d1:8d:
26:88:fa:a5:9a:46:a7:c9:74:86:21:65:da:95:21:4f:97:43:
5b:7e:dc:33:8b:e9:4f:11:6d:a6:7e:ae:4a:99:a5:a2:e7:53:
f1:aa:c3:f5:57:b6:2c:d3:e0:18:7a:94:b5:a0:8f:5b:5e:12:
0a:cf:76:38:d9:fa:5e:3f:e8:8e:79:be:57:26:0d:2c:3f:97:
56:08:25:f6:12:b1:de:ec:23:c6:76:e0:c4:6a:3a:a6:b3:52:
e2:42:b4:45:31:db:c6:1a:cf:5e:5c:91:47:24:3b:c9:a5:32:
16:95:07:5c:4e:e5:73:40:7d:18:9d:0f:98:b0:04:c5:b8:e7:
33:42:11:8c:eb:b7:5e:1a:13:fc:74:c9:1c:f2:64:b5:4b:3e:
c9:1c:87:c2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZYLpMUIAdnjKv5jjXebxTUBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3YmQ5Yjg2NTMxZTU0NGFmYTAzMDlkOGJlMmE3YmE2OTE2
M2Y5YWQwHhcNMjUwNDA2MTUwNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGMzZDE1MmU3ZDIyMDJkYzE0YTk5YzI2OTI4YzFkZDFkNDQ1YTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFPdcwHfo3G5NmmAdtFESxTNm5sW
h6i1sezlc8V0CxtsB6mNM2XSYYVOYO7s5MZ7mGyf5aJuNrT6y/AKogPEqy+ycwAB
2EjbeoLdwuybDJkpQ1c4BGWJHZRa8vcYRg3qYlWOpW82SQOxStlBK933rWrSFnCk
FHbV7Nv6Vwjf2q9hvBtzDYatGbngHYPbEziWV4eRiRcsncvkC7bI+XONnAGXdNH/
SqjS7ISUbPBbgzl+8rjzTzIdsPeKwDQJkaKbYLiSOwVWFYdv0iuJC7oMLxK3XYjo
zypHLjVDsdpIfV17Mpl8smOQRJVP530JVFbEE5h3YxSVa7+ECqXMOideXwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGjD0VLn0iAtwUqZwmkowd0dRFo1MB8GA1UdIwQY
MBaAFJe9m4ZTHlRK+gMJ2L4qe6aRY/mtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDcyYmhsTWVWRXI2QXduWXZpcDdwcEZqLWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9kNGJkOGItNTVmNC00NzY1LWFkMjIt
MzQ2MGNjMjY0ODBiLzEvYU1QUlV1ZlNJQzNCU3BuQ2FTakIzUjFFV2pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9kNGJkOGItNTVmNC00NzY1LWFkMjItMzQ2MGNjMjY0ODBi
LzEvbDcyYmhsTWVWRXI2QXduWXZpcDdwcEZqLWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAjeJuAwQC
uYvwMA0EAgACMAcDBQMqBxmAMA0GCSqGSIb3DQEBCwUAA4IBAQB9VT/4VsGciyPx
TvoHcxP+a5At19dvtoLD171by4CMTED+SUq84KS+pL3XAUoTxZs/iL0M6gZwCI4V
k07mmPPQZTFyrspEbRtC3ExVvjbyB4fjePLOAM0yK6ryPr93T9eefryHiySx73vl
0Y0miPqlmkanyXSGIWXalSFPl0Nbftwzi+lPEW2mfq5KmaWi51PxqsP1V7Ys0+AY
epS1oI9bXhIKz3Y42fpeP+iOeb5XJg0sP5dWCCX2ErHe7CPGduDEajqms1LiQrRF
MdvGGs9eXJFHJDvJpTIWlQdcTuVzQH0YnQ+YsATFuOczQhGM67deGhP8dMkc8mS1
Sz7JHIfC
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:02 2025 by rpki-client on console.sobornost.net