Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/f3EQDAp01aGz4ygf13OnfmgCiyU.roa
File: f3EQDAp01aGz4ygf13OnfmgCiyU.roa (raw, json)
Hash identifier: K8CWfwsXMWBETuXajB8y0tfb/O1sIwj6IWVOuqi5a0s=
Subject key identifier: 7F:71:10:0C:0A:74:D5:A1:B3:E3:28:1F:D7:73:A7:7E:68:02:8B:25
Certificate issuer: /CN=3d8a553e05f0319bf452fa206c14ccda87304654
Certificate serial: 0194228E33D7A4EB46D8AD137753D9D7BC3B
Authority key identifier: 3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/f3EQDAp01aGz4ygf13OnfmgCiyU.roa
Signing time: Wed 01 Jan 2025 15:48:52 +0000
ROA not before: Wed 01 Jan 2025 15:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50998
IP address blocks: 178.248.160.0/21 maxlen: 24
185.175.180.0/22 maxlen: 24
2a03:2200:2000::/39 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:33:d7:a4:eb:46:d8:ad:13:77:53:d9:d7:bc:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8a553e05f0319bf452fa206c14ccda87304654
Validity
Not Before: Jan 1 15:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7f71100c0a74d5a1b3e3281fd773a77e68028b25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b2:39:d1:3f:9c:f2:df:aa:1c:df:29:b0:02:
23:33:36:19:9b:19:77:7b:8e:09:11:23:82:71:4f:
bb:d5:2b:a5:5c:25:09:be:9a:a8:e7:80:97:9b:d0:
9d:c2:56:fe:a6:2d:3c:c1:f3:b1:82:ff:63:02:fb:
1d:a6:4f:24:64:3a:0d:6a:13:39:a8:b6:62:62:7e:
b9:bb:83:6e:9f:cd:22:ef:e0:9c:2a:da:a9:3b:cd:
86:6e:13:d0:ea:b3:3b:5b:1e:da:ad:b7:91:48:05:
27:7e:18:49:be:fb:f1:e9:7a:33:19:6d:f8:32:1d:
b2:dc:f9:a7:ec:5e:03:3c:72:f7:75:bc:1e:c6:1d:
ed:5a:9b:2a:21:98:12:2b:7f:e7:a5:42:41:6d:09:
10:0a:99:5f:15:77:8b:fd:93:ce:67:2c:eb:e3:b8:
96:7d:8e:2d:03:2d:5d:24:59:22:17:64:55:d7:92:
0e:14:b5:47:32:03:52:75:8e:11:3f:72:e5:5d:23:
79:b7:a8:8b:d4:15:8f:e1:0d:58:d9:85:cd:ac:7d:
ec:5f:28:03:0e:45:a9:19:be:74:39:73:7b:3a:10:
7f:b6:e0:ce:13:a7:c3:93:e7:29:fd:d8:9c:6e:18:
62:ba:3d:96:d7:6c:b6:a4:34:4e:8f:c8:3a:ad:71:
45:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:71:10:0C:0A:74:D5:A1:B3:E3:28:1F:D7:73:A7:7E:68:02:8B:25
X509v3 Authority Key Identifier:
keyid:3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/f3EQDAp01aGz4ygf13OnfmgCiyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.248.160.0/21
185.175.180.0/22
IPv6:
2a03:2200:2000::/39
Signature Algorithm: sha256WithRSAEncryption
92:40:33:bc:a1:fb:39:d7:7a:02:8e:e4:31:67:ec:39:0c:d7:
ff:2d:d8:89:86:3a:39:4b:74:30:2e:40:8c:84:d8:e9:78:fa:
6d:1a:b4:39:ad:24:39:ae:55:fc:06:98:bc:d6:97:9d:ad:fd:
91:d8:4a:c9:fe:53:be:20:05:42:45:f3:a4:47:9b:34:ea:cf:
34:8a:d5:09:5c:a7:65:c5:68:81:f0:65:62:e7:11:7a:59:46:
93:64:ca:f6:12:52:3a:b6:18:ad:76:80:ae:38:49:07:62:75:
6d:bb:fb:30:f0:1e:19:b5:29:e0:c5:88:ea:a3:05:1b:43:10:
34:ce:06:b4:29:ac:42:7b:ff:49:d5:e4:e0:31:21:3b:2c:97:
2a:b8:22:42:3b:bf:23:09:42:ab:32:0f:4c:ad:d5:3a:d8:b2:
dc:72:c1:81:e5:dd:95:a1:77:20:ad:27:7d:ec:0c:1c:61:5b:
99:e9:e7:88:87:99:18:d2:31:5c:6a:76:89:43:34:2b:c9:c0:
e1:e7:86:91:11:94:58:b7:bd:fe:be:7c:b3:5d:9e:6a:46:e5:
ac:fc:08:75:3c:23:3b:fe:4a:9f:36:33:64:ac:6f:52:1d:ba:
67:a3:5e:63:eb:d1:2f:84:54:63:2d:3e:00:4a:9b:1e:f3:d6:
19:cb:47:46
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQijjPXpOtG2K0Td1PZ17w7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGE1NTNlMDVmMDMxOWJmNDUyZmEyMDZjMTRjY2RhODcz
MDQ2NTQwHhcNMjUwMTAxMTU0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjcxMTAwYzBhNzRkNWExYjNlMzI4MWZkNzczYTc3ZTY4MDI4YjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7I50T+c8t+qHN8psAIjMzYZmxl3
e44JESOCcU+71SulXCUJvpqo54CXm9Cdwlb+pi08wfOxgv9jAvsdpk8kZDoNahM5
qLZiYn65u4Nun80i7+CcKtqpO82GbhPQ6rM7Wx7arbeRSAUnfhhJvvvx6XozGW34
Mh2y3Pmn7F4DPHL3dbwexh3tWpsqIZgSK3/npUJBbQkQCplfFXeL/ZPOZyzr47iW
fY4tAy1dJFkiF2RV15IOFLVHMgNSdY4RP3LlXSN5t6iL1BWP4Q1Y2YXNrH3sXygD
DkWpGb50OXN7OhB/tuDOE6fDk+cp/dicbhhiuj2W12y2pDROj8g6rXFFuQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFH9xEAwKdNWhs+MoH9dzp35oAoslMB8GA1UdIwQY
MBaAFD2KVT4F8DGb9FL6IGwUzNqHMEZUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81MmNlNTQtZTQ5Yy00MTFjLTg1Mjct
MGZiNDgyM2Y1Yjg3LzEvZjNFUURBcDAxYUd6NHlnZjEzT25mbWdDaXlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81MmNlNTQtZTQ5Yy00MTFjLTg1MjctMGZiNDgyM2Y1Yjg3
LzEvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQDsvigAwQC
ua+0MA4EAgACMAgDBgEqAyIAIDANBgkqhkiG9w0BAQsFAAOCAQEAkkAzvKH7Odd6
Ao7kMWfsOQzX/y3YiYY6OUt0MC5AjITY6Xj6bRq0Oa0kOa5V/AaYvNaXna39kdhK
yf5TviAFQkXzpEebNOrPNIrVCVynZcVogfBlYucRellGk2TK9hJSOrYYrXaArjhJ
B2J1bbv7MPAeGbUp4MWI6qMFG0MQNM4GtCmsQnv/SdXk4DEhOyyXKrgiQju/IwlC
qzIPTK3VOtiy3HLBgeXdlaF3IK0nfewMHGFbmenniIeZGNIxXGp2iUM0K8nA4eeG
kRGUWLe9/r58s12eakblrPwIdTwjO/5KnzYzZKxvUh26Z6NeY+vRL4RUYy0+AEqb
HvPWGctHRg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:28 2025 by rpki-client on console.sobornost.net