Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/dcfa2a-76f7-4443-a495-6bb30a8730ed/1/GHFbzhN5A39LfUCJr_vBQfRwFQs.roa
File: GHFbzhN5A39LfUCJr_vBQfRwFQs.roa (raw, json)
Hash identifier: QCjdgD4mHCnlqNlndbDlIyIRI2CaR+9caLETtvP3FOA=
Subject key identifier: 18:71:5B:CE:13:79:03:7F:4B:7D:40:89:AF:FB:C1:41:F4:70:15:0B
Certificate issuer: /CN=3556e7fb5772f979edd5e5c5aa63eb2b9c0ddc8e
Certificate serial: 019424B3AC015E5B56641EF2AB68FE7A54ED
Authority key identifier: 35:56:E7:FB:57:72:F9:79:ED:D5:E5:C5:AA:63:EB:2B:9C:0D:DC:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NVbn-1dy-Xnt1eXFqmPrK5wN3I4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/dcfa2a-76f7-4443-a495-6bb30a8730ed/1/GHFbzhN5A39LfUCJr_vBQfRwFQs.roa
Signing time: Thu 02 Jan 2025 01:49:02 +0000
ROA not before: Thu 02 Jan 2025 01:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61135
IP address blocks: 46.31.76.0/24 maxlen: 24
185.17.112.0/24 maxlen: 24
185.17.113.0/24 maxlen: 32
185.17.114.0/24 maxlen: 24
185.17.115.0/24 maxlen: 24
185.73.200.0/24 maxlen: 24
185.73.201.0/24 maxlen: 24
185.73.202.0/24 maxlen: 32
185.73.203.0/24 maxlen: 24
2a04:7c0::/29 maxlen: 48
2a04:7c0::/33 maxlen: 48
2a04:7c0:1::/48 maxlen: 48
2a04:7c0:2::/48 maxlen: 48
2a05:4640::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:ac:01:5e:5b:56:64:1e:f2:ab:68:fe:7a:54:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3556e7fb5772f979edd5e5c5aa63eb2b9c0ddc8e
Validity
Not Before: Jan 2 01:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=18715bce1379037f4b7d4089affbc141f470150b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d6:eb:09:ab:61:2a:1b:c7:8a:ad:43:62:2f:
b0:1d:32:87:f8:7e:db:cd:3c:29:68:cf:ac:cb:26:
26:fc:79:85:3d:ce:b2:64:93:1d:e1:69:37:76:0a:
3d:d8:8d:7e:23:f4:f5:b0:7c:9c:6a:10:3b:4b:63:
ae:a5:1e:2d:1f:6b:ad:91:72:6a:80:c5:d2:67:21:
3a:99:57:9d:54:58:5c:68:85:ad:ee:7c:31:83:e1:
b3:6d:57:c1:a1:39:af:cf:fb:f6:75:00:a0:f5:c0:
fa:11:78:3b:48:83:95:36:cf:18:5a:24:43:04:3b:
95:eb:7b:be:7b:dd:8a:99:44:07:c9:a0:72:1a:6a:
49:6b:d5:b5:10:48:33:af:aa:65:f4:54:b4:86:97:
6e:44:41:05:c6:53:d5:00:c5:61:fd:21:77:d7:91:
de:bf:26:99:28:af:c6:96:66:72:21:c2:ef:26:c9:
3e:4e:3a:87:3c:4c:09:55:11:e3:d8:5d:51:1a:79:
3e:ba:8d:55:b0:d5:10:6b:ca:f2:1d:12:13:84:02:
95:6c:d9:b4:98:4e:8a:32:93:4c:89:67:cf:4d:9d:
dc:f4:99:97:e5:c5:1a:98:fb:7c:1a:48:2e:ab:98:
aa:9c:39:06:f8:0e:dc:2e:6f:bb:ad:ac:c3:ee:d6:
1c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:71:5B:CE:13:79:03:7F:4B:7D:40:89:AF:FB:C1:41:F4:70:15:0B
X509v3 Authority Key Identifier:
keyid:35:56:E7:FB:57:72:F9:79:ED:D5:E5:C5:AA:63:EB:2B:9C:0D:DC:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NVbn-1dy-Xnt1eXFqmPrK5wN3I4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/dcfa2a-76f7-4443-a495-6bb30a8730ed/1/GHFbzhN5A39LfUCJr_vBQfRwFQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/dcfa2a-76f7-4443-a495-6bb30a8730ed/1/NVbn-1dy-Xnt1eXFqmPrK5wN3I4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.76.0/24
185.17.112.0/22
185.73.200.0/22
IPv6:
2a04:7c0::/29
2a05:4640::/29
Signature Algorithm: sha256WithRSAEncryption
36:ad:ae:5e:d3:8d:00:54:d9:ff:18:ba:d3:6e:1f:76:3a:d1:
b8:d7:19:61:ce:ed:b5:e1:e6:89:e2:09:65:fd:a4:e5:83:c4:
c8:c3:b5:b3:2d:02:9b:28:bd:9b:3b:c0:28:a3:c2:05:60:ed:
a4:81:75:70:92:20:6b:7c:7f:79:e8:1e:c5:8d:42:29:25:43:
81:48:02:6c:70:4c:76:59:76:eb:cb:06:87:47:84:13:cc:59:
8c:c2:46:b1:06:61:b6:14:9d:8c:de:03:70:5b:47:20:be:00:
06:24:e2:ab:df:88:0f:b8:99:5e:d9:02:f5:1a:23:ab:46:6d:
36:1e:83:d4:fd:98:40:95:5a:c4:95:b4:f7:d4:37:cb:1a:0a:
1b:ee:32:8a:16:7a:69:93:07:08:f2:a7:54:9b:81:68:ba:9e:
c9:f0:f3:8c:cf:cf:12:f0:40:90:db:4f:d4:0f:fb:b8:64:6e:
a2:95:c6:47:74:1b:12:9c:42:93:ad:59:5c:bd:4d:60:f2:3b:
b0:84:e9:a4:94:50:76:eb:89:a5:8f:d8:a3:bd:dc:37:fa:77:
d0:de:97:e4:30:13:53:2e:17:cc:0c:33:31:67:c2:d4:97:c5:
47:2b:08:f5:0a:5b:8f:57:3d:1b:28:69:ed:68:ed:de:07:93:
ab:7e:76:84
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQks6wBXltWZB7yq2j+elTtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NTZlN2ZiNTc3MmY5NzllZGQ1ZTVjNWFhNjNlYjJiOWMw
ZGRjOGUwHhcNMjUwMTAyMDE0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODcxNWJjZTEzNzkwMzdmNGI3ZDQwODlhZmZiYzE0MWY0NzAxNTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNbrCathKhvHiq1DYi+wHTKH+H7b
zTwpaM+syyYm/HmFPc6yZJMd4Wk3dgo92I1+I/T1sHycahA7S2OupR4tH2utkXJq
gMXSZyE6mVedVFhcaIWt7nwxg+GzbVfBoTmvz/v2dQCg9cD6EXg7SIOVNs8YWiRD
BDuV63u+e92KmUQHyaByGmpJa9W1EEgzr6pl9FS0hpduREEFxlPVAMVh/SF315He
vyaZKK/GlmZyIcLvJsk+TjqHPEwJVRHj2F1RGnk+uo1VsNUQa8ryHRIThAKVbNm0
mE6KMpNMiWfPTZ3c9JmX5cUamPt8Gkguq5iqnDkG+A7cLm+7razD7tYcSwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFBhxW84TeQN/S31Aia/7wUH0cBULMB8GA1UdIwQY
MBaAFDVW5/tXcvl57dXlxapj6yucDdyOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlZibi0xZHktWG50MWVYRnFtUHJLNXdOM0k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9kY2ZhMmEtNzZmNy00NDQzLWE0OTUt
NmJiMzBhODczMGVkLzEvR0hGYnpoTjVBMzlMZlVDSnJfdkJRZlJ3RlFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9kY2ZhMmEtNzZmNy00NDQzLWE0OTUtNmJiMzBhODczMGVk
LzEvTlZibi0xZHktWG50MWVYRnFtUHJLNXdOM0k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQALh9MAwQC
uRFwAwQCuUnIMBQEAgACMA4DBQMqBAfAAwUDKgVGQDANBgkqhkiG9w0BAQsFAAOC
AQEANq2uXtONAFTZ/xi6024fdjrRuNcZYc7tteHmieIJZf2k5YPEyMO1sy0Cmyi9
mzvAKKPCBWDtpIF1cJIga3x/eegexY1CKSVDgUgCbHBMdll268sGh0eEE8xZjMJG
sQZhthSdjN4DcFtHIL4ABiTiq9+ID7iZXtkC9Rojq0ZtNh6D1P2YQJVaxJW099Q3
yxoKG+4yihZ6aZMHCPKnVJuBaLqeyfDzjM/PEvBAkNtP1A/7uGRuopXGR3QbEpxC
k61ZXL1NYPI7sITppJRQduuJpY/Yo73cN/p30N6X5DATUy4XzAwzMWfC1JfFRysI
9Qpbj1c9Gyhp7Wjt3geTq352hA==
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:26:34 2025 by rpki-client