Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/42d89c-00dd-4a95-8c02-dc15a3bd3fd8/1/gftyZIbGJJvIldI7y6vKfDszvWo.roa
File: gftyZIbGJJvIldI7y6vKfDszvWo.roa (raw, json)
Hash identifier: 66AqTqAgn0uVEPk3CKdDXln5x89sw+2YZ2vdd28qlqA=
Subject key identifier: 81:FB:72:64:86:C6:24:9B:C8:95:D2:3B:CB:AB:CA:7C:3B:33:BD:6A
Certificate issuer: /CN=d6142a2c320aaff0dddbfc3a0ba38faccbc1267b
Certificate serial: 01856F42D830F513B3A77A48E1C954FB32AF
Authority key identifier: D6:14:2A:2C:32:0A:AF:F0:DD:DB:FC:3A:0B:A3:8F:AC:CB:C1:26:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1hQqLDIKr_Dd2_w6C6OPrMvBJns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/42d89c-00dd-4a95-8c02-dc15a3bd3fd8/1/gftyZIbGJJvIldI7y6vKfDszvWo.roa
Signing time: Sun 01 Jan 2023 21:35:29 +0000
ROA not before: Sun 01 Jan 2023 21:35:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197393
IP address blocks: 193.138.152.0/22 maxlen: 32
185.138.68.0/22 maxlen: 32
2a07:bc0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:d8:30:f5:13:b3:a7:7a:48:e1:c9:54:fb:32:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6142a2c320aaff0dddbfc3a0ba38faccbc1267b
Validity
Not Before: Jan 1 21:35:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81fb726486c6249bc895d23bcbabca7c3b33bd6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:6a:b0:88:43:ac:94:94:3e:0e:e8:39:d9:61:
1f:c8:a6:cb:cf:97:e7:1e:09:95:5b:b0:80:ee:07:
56:3a:16:ed:73:26:76:17:3b:05:6f:a1:70:df:ba:
24:ba:92:97:2a:c2:de:4f:6e:6c:ed:25:ff:d4:8e:
3d:b1:d2:db:e9:94:ab:1c:d9:9e:ad:95:35:d1:cb:
d3:31:a8:57:c6:24:c8:89:18:c0:a4:21:25:8c:a5:
ee:f4:96:db:6d:16:da:0b:50:ac:2a:37:bb:00:39:
cd:b0:8a:4c:6e:16:bf:f5:2c:62:86:45:c4:3f:fb:
a9:78:58:98:2a:f2:66:57:e4:c3:98:08:ff:9b:d1:
0e:d4:46:18:68:05:d7:68:24:e0:b1:31:48:72:92:
e4:fe:d3:12:1e:cd:cb:a7:0c:55:75:75:97:28:c7:
b5:13:b1:06:aa:9f:23:bb:aa:e2:f5:70:f4:7f:01:
31:0f:65:cc:aa:0b:a9:5f:57:d1:ab:a0:c4:aa:bf:
cf:13:56:37:91:9d:ee:09:88:1b:94:bf:b6:be:08:
f4:80:aa:47:cd:71:51:9f:dc:13:e9:f9:d6:93:56:
09:d7:4c:8b:c5:47:4c:2f:b7:72:74:7c:60:3e:00:
8b:ce:b4:65:78:01:e6:55:e6:a8:c2:7b:3d:34:f5:
09:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:FB:72:64:86:C6:24:9B:C8:95:D2:3B:CB:AB:CA:7C:3B:33:BD:6A
X509v3 Authority Key Identifier:
keyid:D6:14:2A:2C:32:0A:AF:F0:DD:DB:FC:3A:0B:A3:8F:AC:CB:C1:26:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1hQqLDIKr_Dd2_w6C6OPrMvBJns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/42d89c-00dd-4a95-8c02-dc15a3bd3fd8/1/gftyZIbGJJvIldI7y6vKfDszvWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/42d89c-00dd-4a95-8c02-dc15a3bd3fd8/1/1hQqLDIKr_Dd2_w6C6OPrMvBJns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.68.0/22
193.138.152.0/22
IPv6:
2a07:bc0::/29
Signature Algorithm: sha256WithRSAEncryption
45:0b:5a:8f:88:5c:09:e1:8b:78:ad:18:ef:bf:93:62:31:2f:
d6:2b:bf:3a:ae:dd:d6:75:1a:c3:bc:25:89:58:f5:81:cb:33:
f2:ae:6c:a6:1f:1f:5e:a8:9a:46:bd:c0:a7:a3:8a:de:19:f2:
41:90:9d:76:36:60:93:57:24:17:60:f4:ff:a8:6f:77:8f:2c:
e4:1d:e7:75:dc:09:f5:0c:4e:b0:5c:5e:b1:ab:d0:43:29:96:
51:48:3c:2e:5c:71:ac:52:2e:33:e1:d3:9f:22:9d:88:4b:df:
ad:64:32:ee:44:43:56:0c:aa:43:69:5a:06:72:09:e5:ee:31:
84:8f:54:e9:d6:fc:b3:c8:a0:38:a7:c4:7c:cb:1a:c8:75:05:
53:a3:73:cc:b3:f6:9f:eb:0a:73:f2:1e:d8:b6:f7:40:73:2c:
3d:07:87:82:2b:95:f8:df:8e:c7:e2:ed:ae:43:f8:7c:82:72:
01:2a:63:40:a2:22:58:45:c0:1d:d3:20:f2:3a:bd:34:46:78:
d5:28:45:80:da:64:f7:66:22:4a:ba:de:a0:4d:ec:86:fd:07:
ca:3b:ef:7c:85:39:c6:9d:b5:27:c9:4d:b0:33:99:79:d6:01:
80:dc:17:1e:56:21:27:3d:15:1e:f2:e9:35:61:76:e9:4e:02:
52:20:fb:13
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvQtgw9ROzp3pI4clU+zKvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MTQyYTJjMzIwYWFmZjBkZGRiZmMzYTBiYTM4ZmFjY2Jj
MTI2N2IwHhcNMjMwMTAxMjEzNTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWZiNzI2NDg2YzYyNDliYzg5NWQyM2JjYmFiY2E3YzNiMzNiZDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmqwiEOslJQ+Dug52WEfyKbLz5fn
HgmVW7CA7gdWOhbtcyZ2FzsFb6Fw37okupKXKsLeT25s7SX/1I49sdLb6ZSrHNme
rZU10cvTMahXxiTIiRjApCEljKXu9JbbbRbaC1CsKje7ADnNsIpMbha/9SxihkXE
P/upeFiYKvJmV+TDmAj/m9EO1EYYaAXXaCTgsTFIcpLk/tMSHs3LpwxVdXWXKMe1
E7EGqp8ju6ri9XD0fwExD2XMqgupX1fRq6DEqr/PE1Y3kZ3uCYgblL+2vgj0gKpH
zXFRn9wT6fnWk1YJ10yLxUdML7dydHxgPgCLzrRleAHmVeaowns9NPUJRQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIH7cmSGxiSbyJXSO8urynw7M71qMB8GA1UdIwQY
MBaAFNYUKiwyCq/w3dv8Ogujj6zLwSZ7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWhRcUxESUtyX0RkMl93NkM2T1ByTXZCSm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC80MmQ4OWMtMDBkZC00YTk1LThjMDIt
ZGMxNWEzYmQzZmQ4LzEvZ2Z0eVpJYkdKSnZJbGRJN3k2dktmRHN6dldvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC80MmQ4OWMtMDBkZC00YTk1LThjMDItZGMxNWEzYmQzZmQ4
LzEvMWhRcUxESUtyX0RkMl93NkM2T1ByTXZCSm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuYpEAwQC
wYqYMA0EAgACMAcDBQMqBwvAMA0GCSqGSIb3DQEBCwUAA4IBAQBFC1qPiFwJ4Yt4
rRjvv5NiMS/WK786rt3WdRrDvCWJWPWByzPyrmymHx9eqJpGvcCno4reGfJBkJ12
NmCTVyQXYPT/qG93jyzkHed13An1DE6wXF6xq9BDKZZRSDwuXHGsUi4z4dOfIp2I
S9+tZDLuRENWDKpDaVoGcgnl7jGEj1Tp1vyzyKA4p8R8yxrIdQVTo3PMs/af6wpz
8h7YtvdAcyw9B4eCK5X4347H4u2uQ/h8gnIBKmNAoiJYRcAd0yDyOr00RnjVKEWA
2mT3ZiJKut6gTeyG/QfKO+98hTnGnbUnyU2wM5l51gGA3BceViEnPRUe8uk1YXbp
TgJSIPsT
-----END CERTIFICATE-----
Generated at Fri May 9 01:03:44 2025 by rpki-client