Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/1-Gozw0B9Es8Qh2XZ6-i72p9hfXs.roa
File: 1-Gozw0B9Es8Qh2XZ6-i72p9hfXs.roa (raw, json)
Hash identifier: xTLReM400TQ2Y4MTK4NUap/tADa+H9TQIAaol/LpbHs=
Subject key identifier: F8:6A:33:C3:40:7D:12:CF:10:87:65:D9:EB:E8:BB:DA:9F:61:7D:7B
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 0195818964FB3111E96C7E365019059723DF
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/1-Gozw0B9Es8Qh2XZ6-i72p9hfXs.roa
Signing time: Mon 10 Mar 2025 19:30:19 +0000
ROA not before: Mon 10 Mar 2025 19:30:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47734
IP address blocks: 185.86.66.0/24 maxlen: 24
2a05:b680:13::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:81:89:64:fb:31:11:e9:6c:7e:36:50:19:05:97:23:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Mar 10 19:30:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f86a33c3407d12cf108765d9ebe8bbda9f617d7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:e7:72:20:d6:cf:05:5a:7f:60:7a:f0:84:dd:
fc:08:ea:39:01:4a:6a:5e:93:25:26:58:74:34:88:
13:9e:fa:96:be:20:01:86:61:c1:9b:37:82:fb:75:
24:26:d2:8c:66:5d:68:9c:f3:d8:9e:a8:f5:c3:bb:
f5:2c:68:19:26:a8:2b:1f:00:03:9a:f9:28:7d:38:
53:d2:12:74:f7:7b:b3:0e:b1:0f:6e:4c:f5:57:ac:
bb:f6:86:2b:c3:ef:40:d3:9d:ce:c1:8f:13:64:59:
e2:29:54:42:c8:3d:66:12:29:a0:c6:01:ca:74:ef:
78:9d:12:ea:33:83:d6:80:fd:0e:84:f3:0a:de:09:
0d:4d:bc:3f:76:dd:0c:79:91:58:7c:3e:d6:ff:29:
6b:bc:e5:6b:92:44:88:91:80:74:d2:f2:12:1f:78:
e4:18:44:7e:0d:a4:be:d8:7d:2e:e7:44:d3:f9:f9:
8b:f0:ad:50:da:62:8d:a5:8d:95:5b:5d:9b:7d:d3:
38:df:c6:a9:1d:9a:3f:32:9a:54:a1:eb:c8:61:71:
a0:68:81:93:72:c5:96:bf:e3:e5:99:d2:d7:e1:7f:
c0:d3:2c:e7:6a:bf:00:13:ea:e8:b8:4a:4a:f3:7a:
b7:10:57:28:40:b2:e8:39:29:e2:ae:34:1a:da:be:
d4:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:6A:33:C3:40:7D:12:CF:10:87:65:D9:EB:E8:BB:DA:9F:61:7D:7B
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/1-Gozw0B9Es8Qh2XZ6-i72p9hfXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.66.0/24
IPv6:
2a05:b680:13::/48
Signature Algorithm: sha256WithRSAEncryption
70:9b:93:4c:ff:3f:f9:16:78:e6:e4:59:3b:d1:22:bb:10:13:
e7:d0:ff:12:e1:29:9a:3b:8a:5a:c0:82:88:4e:ea:2f:46:9a:
aa:7d:cf:31:1c:09:5d:79:2f:a9:63:6a:6e:fd:76:8c:a5:25:
83:ee:47:72:c0:c7:08:6c:61:08:02:b8:5c:19:d2:f1:8e:d0:
01:88:c1:89:bd:37:3b:f3:47:84:79:bb:b6:e7:cf:54:f7:d9:
9f:cb:35:a4:82:db:77:4c:89:7a:90:b0:2a:92:10:b6:6e:9b:
59:65:78:b4:8a:3c:ae:08:2e:cc:01:a5:11:bd:54:af:01:e4:
e1:6c:a4:a8:4f:c8:2d:b9:a6:4b:b8:6b:7e:0a:02:c2:b1:96:
0e:ce:32:e7:51:ff:12:3b:ab:50:23:14:16:d8:64:1d:53:d2:
37:73:d7:0d:c7:40:e4:4b:5f:9e:df:8c:e2:8d:73:64:0e:41:
40:8c:c6:5d:43:c0:42:e0:e5:55:42:d5:1f:62:07:01:44:ee:
21:8e:fe:8c:9c:94:ff:78:e4:c9:af:bd:63:3e:40:34:5b:5d:
d2:59:9e:ea:df:1d:42:d5:7d:62:5e:e9:e9:ce:f6:cc:7f:d2:
f8:c0:cb:c2:88:a1:a8:9f:09:ad:b1:3c:01:b4:22:03:c3:9d:
b3:33:43:84
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZWBiWT7MRHpbH42UBkFlyPfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjUwMzEwMTkzMDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODZhMzNjMzQwN2QxMmNmMTA4NzY1ZDllYmU4YmJkYTlmNjE3ZDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1OdyINbPBVp/YHrwhN38COo5AUpq
XpMlJlh0NIgTnvqWviABhmHBmzeC+3UkJtKMZl1onPPYnqj1w7v1LGgZJqgrHwAD
mvkofThT0hJ093uzDrEPbkz1V6y79oYrw+9A053OwY8TZFniKVRCyD1mEimgxgHK
dO94nRLqM4PWgP0OhPMK3gkNTbw/dt0MeZFYfD7W/ylrvOVrkkSIkYB00vISH3jk
GER+DaS+2H0u50TT+fmL8K1Q2mKNpY2VW12bfdM438apHZo/MppUoevIYXGgaIGT
csWWv+PlmdLX4X/A0yznar8AE+rouEpK83q3EFcoQLLoOSnirjQa2r7U5QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPhqM8NAfRLPEIdl2evou9qfYX17MB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvMS1Hb3p3MEI5RXM4UWgyWFo2LWk3MnA5aGZYcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzAvYjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3
My8xL19saVZMVGs1TmZEVHZPZ1VfWkY0MEVhVHJyay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEALlWQjAP
BAIAAjAJAwcAKgW2gAATMA0GCSqGSIb3DQEBCwUAA4IBAQBwm5NM/z/5Fnjm5Fk7
0SK7EBPn0P8S4SmaO4pawIKITuovRpqqfc8xHAldeS+pY2pu/XaMpSWD7kdywMcI
bGEIArhcGdLxjtABiMGJvTc780eEebu2589U99mfyzWkgtt3TIl6kLAqkhC2bptZ
ZXi0ijyuCC7MAaURvVSvAeThbKSoT8gtuaZLuGt+CgLCsZYOzjLnUf8SO6tQIxQW
2GQdU9I3c9cNx0DkS1+e34zijXNkDkFAjMZdQ8BC4OVVQtUfYgcBRO4hjv6MnJT/
eOTJr71jPkA0W13SWZ7q3x1C1X1iXunpzvbMf9L4wMvCiKGonwmtsTwBtCIDw52z
M0OE
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:00:53 2025 by rpki-client