Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/7aedad-b4cf-469c-aebf-cae6a709d14a/1/2Hcj0ac-2VPUQm6MAjkwJIIrflI.roa
File: 2Hcj0ac-2VPUQm6MAjkwJIIrflI.roa (raw, json)
Hash identifier: qp66s4r7nxhRRHNo4vHow9LReUAp/h/x3jaDV1HCAjY=
Subject key identifier: D8:77:23:D1:A7:3E:D9:53:D4:42:6E:8C:02:39:30:24:82:2B:7E:52
Certificate issuer: /CN=18e937c103db046f22553ef99438fa2959240da5
Certificate serial: 0194221F57D83C8877F77C4AC96806116E5B
Authority key identifier: 18:E9:37:C1:03:DB:04:6F:22:55:3E:F9:94:38:FA:29:59:24:0D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GOk3wQPbBG8iVT75lDj6KVkkDaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/7aedad-b4cf-469c-aebf-cae6a709d14a/1/2Hcj0ac-2VPUQm6MAjkwJIIrflI.roa
Signing time: Wed 01 Jan 2025 13:47:46 +0000
ROA not before: Wed 01 Jan 2025 13:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 46489
IP address blocks: 185.42.204.0/22 maxlen: 24
2a01:62e0::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:57:d8:3c:88:77:f7:7c:4a:c9:68:06:11:6e:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18e937c103db046f22553ef99438fa2959240da5
Validity
Not Before: Jan 1 13:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d87723d1a73ed953d4426e8c02393024822b7e52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:87:5f:1d:2b:83:67:d4:6f:68:df:8f:4c:44:
06:f6:8f:cf:55:b9:77:b9:01:21:8c:9c:81:dd:b3:
ba:a7:41:e6:23:c1:4f:cb:fa:80:6e:df:53:24:6f:
0f:93:d4:b0:1d:ae:04:4f:2e:c0:7f:c4:ac:b2:57:
ab:30:9c:68:22:d0:49:ed:d6:33:45:8e:6a:2e:66:
90:47:a5:1f:b6:c4:78:b4:66:29:85:66:42:ad:43:
35:98:d2:3e:cb:43:49:77:97:b1:c9:c2:a2:c3:e4:
2f:42:d8:25:f8:b6:b2:5f:fa:76:ea:e1:55:66:17:
ae:50:67:ce:d1:d5:58:44:46:05:4d:9e:f3:fc:6a:
81:52:6a:80:31:91:b5:73:80:4b:f2:db:8c:9c:be:
a5:d8:45:f5:3f:4e:e6:eb:8c:26:15:c4:72:29:5b:
70:4d:f7:16:c7:72:95:61:72:0d:4a:71:36:c9:97:
3e:e5:57:eb:f2:3d:f8:be:7e:c0:0e:bd:9b:7f:05:
75:7d:a6:f5:04:f5:26:a9:74:26:9d:d0:50:91:c4:
f3:a2:43:76:d5:be:6d:7c:07:fb:93:e3:92:e9:44:
4c:f7:7d:50:f4:ba:30:39:32:3d:63:75:e6:0a:c1:
68:dd:05:cf:5f:18:33:40:3a:d1:8e:d2:66:50:31:
cb:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:77:23:D1:A7:3E:D9:53:D4:42:6E:8C:02:39:30:24:82:2B:7E:52
X509v3 Authority Key Identifier:
keyid:18:E9:37:C1:03:DB:04:6F:22:55:3E:F9:94:38:FA:29:59:24:0D:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GOk3wQPbBG8iVT75lDj6KVkkDaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/7aedad-b4cf-469c-aebf-cae6a709d14a/1/2Hcj0ac-2VPUQm6MAjkwJIIrflI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/7aedad-b4cf-469c-aebf-cae6a709d14a/1/GOk3wQPbBG8iVT75lDj6KVkkDaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.42.204.0/22
IPv6:
2a01:62e0::/32
Signature Algorithm: sha256WithRSAEncryption
2d:a4:68:75:32:68:84:a5:1b:c0:51:9a:a2:8e:50:9a:e5:5e:
c9:99:9d:16:25:07:d5:59:be:17:6c:2c:cd:c0:af:0f:66:66:
da:d1:68:53:c7:cb:c2:5f:49:64:ff:8c:0f:63:32:d7:7a:0e:
24:84:1a:07:37:58:95:c8:c3:d0:2a:30:5a:a0:a8:e0:f1:08:
e7:e9:b9:29:65:6c:77:ee:a8:17:98:dc:b7:0b:32:b8:74:f8:
cb:dd:41:a6:3f:f1:31:79:ec:2d:4a:30:d4:9f:ba:ff:6e:fc:
fb:16:db:5f:77:d3:70:0d:6c:83:ca:13:d2:89:c2:92:6a:2b:
01:a6:4e:7d:de:11:87:97:43:fa:fe:9b:f1:37:59:7b:85:a2:
ab:67:91:7e:f6:34:2b:c5:83:51:28:ef:b5:65:88:6e:62:f1:
83:c0:fe:fc:9a:cc:32:a3:d3:42:0a:5a:5c:0a:45:b4:ab:9e:
e6:02:2b:d0:a9:21:d0:b5:db:ec:67:94:c4:9a:d6:72:b5:a1:
e8:5b:ec:7f:79:23:60:80:43:dc:51:de:84:70:9f:d4:eb:f6:
61:19:f2:b9:e7:57:bb:b9:13:8b:da:16:bb:91:63:cd:5c:9b:
d9:29:d9:37:76:f8:c8:2f:2b:73:7d:2e:74:5c:02:27:1e:53:
5e:d2:77:cc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQiH1fYPIh393xKyWgGEW5bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZTkzN2MxMDNkYjA0NmYyMjU1M2VmOTk0MzhmYTI5NTky
NDBkYTUwHhcNMjUwMTAxMTM0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODc3MjNkMWE3M2VkOTUzZDQ0MjZlOGMwMjM5MzAyNDgyMmI3ZTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYdfHSuDZ9RvaN+PTEQG9o/PVbl3
uQEhjJyB3bO6p0HmI8FPy/qAbt9TJG8Pk9SwHa4ETy7Af8SsslerMJxoItBJ7dYz
RY5qLmaQR6UftsR4tGYphWZCrUM1mNI+y0NJd5exycKiw+QvQtgl+LayX/p26uFV
ZheuUGfO0dVYREYFTZ7z/GqBUmqAMZG1c4BL8tuMnL6l2EX1P07m64wmFcRyKVtw
TfcWx3KVYXINSnE2yZc+5Vfr8j34vn7ADr2bfwV1fab1BPUmqXQmndBQkcTzokN2
1b5tfAf7k+OS6URM931Q9LowOTI9Y3XmCsFo3QXPXxgzQDrRjtJmUDHLlQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNh3I9GnPtlT1EJujAI5MCSCK35SMB8GA1UdIwQY
MBaAFBjpN8ED2wRvIlU++ZQ4+ilZJA2lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR09rM3dRUGJCRzhpVlQ3NWxEajZLVmtrRGFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83YWVkYWQtYjRjZi00NjljLWFlYmYt
Y2FlNmE3MDlkMTRhLzEvMkhjajBhYy0yVlBVUW02TUFqa3dKSUlyZmxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83YWVkYWQtYjRjZi00NjljLWFlYmYtY2FlNmE3MDlkMTRh
LzEvR09rM3dRUGJCRzhpVlQ3NWxEajZLVmtrRGFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSrMMA0E
AgACMAcDBQAqAWLgMA0GCSqGSIb3DQEBCwUAA4IBAQAtpGh1MmiEpRvAUZqijlCa
5V7JmZ0WJQfVWb4XbCzNwK8PZmba0WhTx8vCX0lk/4wPYzLXeg4khBoHN1iVyMPQ
KjBaoKjg8Qjn6bkpZWx37qgXmNy3CzK4dPjL3UGmP/ExeewtSjDUn7r/bvz7Fttf
d9NwDWyDyhPSicKSaisBpk593hGHl0P6/pvxN1l7haKrZ5F+9jQrxYNRKO+1ZYhu
YvGDwP78mswyo9NCClpcCkW0q57mAivQqSHQtdvsZ5TEmtZytaHoW+x/eSNggEPc
Ud6EcJ/U6/ZhGfK551e7uROL2ha7kWPNXJvZKdk3dvjILytzfS50XAInHlNe0nfM
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:04:23 2025 by rpki-client