Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/aQTW2xIeYuZvcEH7gsYJNqz73Xs.roa
File: aQTW2xIeYuZvcEH7gsYJNqz73Xs.roa (raw, json)
Hash identifier: ga2DmH5h7HfJ0XIXHVbsof3jQ3Sa9KHt/wMuvsxWtEk=
Subject key identifier: 69:04:D6:DB:12:1E:62:E6:6F:70:41:FB:82:C6:09:36:AC:FB:DD:7B
Certificate issuer: /CN=a8801be2363f211bd2f57818adeaf9c0dbe14bdb
Certificate serial: 01942068257855C94B4B0C9EE4502DD746B6
Authority key identifier: A8:80:1B:E2:36:3F:21:1B:D2:F5:78:18:AD:EA:F9:C0:DB:E1:4B:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qIAb4jY_IRvS9XgYrer5wNvhS9s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/aQTW2xIeYuZvcEH7gsYJNqz73Xs.roa
Signing time: Wed 01 Jan 2025 05:48:03 +0000
ROA not before: Wed 01 Jan 2025 05:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 82.115.214.0/24 maxlen: 24
185.66.202.0/24 maxlen: 24
185.66.203.0/24 maxlen: 24
185.237.4.0/24 maxlen: 24
185.237.5.0/24 maxlen: 24
185.237.6.0/24 maxlen: 24
185.237.7.0/24 maxlen: 24
2a07:e3c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:25:78:55:c9:4b:4b:0c:9e:e4:50:2d:d7:46:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8801be2363f211bd2f57818adeaf9c0dbe14bdb
Validity
Not Before: Jan 1 05:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6904d6db121e62e66f7041fb82c60936acfbdd7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:8b:36:e2:e9:0f:b5:3a:9d:6e:41:e3:9e:ab:
1d:59:51:7e:ed:5c:46:63:d9:c4:69:f7:b7:a9:74:
8c:a9:45:66:a1:c8:09:04:7f:f4:5c:85:2a:99:00:
d2:81:26:2e:a2:c9:90:bb:63:3a:e0:aa:66:0b:8b:
c9:f7:4d:c9:70:aa:73:a8:e5:c6:44:f7:34:88:00:
b0:a4:ae:88:a4:29:6a:22:73:22:1d:ce:15:5d:ee:
f8:7f:c1:60:19:9d:ba:d8:81:72:3a:72:25:8c:06:
ce:a4:36:2a:be:54:74:86:03:24:c3:5f:7d:13:87:
76:ef:8b:79:f3:3a:e1:49:52:08:48:b2:e6:2a:13:
e5:f2:27:4b:84:e7:c4:de:7d:ec:5e:46:be:f5:4f:
c7:81:2f:87:fe:8c:a6:78:01:7a:9c:8c:88:e6:3a:
d8:f9:73:0b:0c:44:e2:3c:75:5b:be:08:90:90:a6:
42:26:a4:db:a7:34:a4:6f:cb:5d:95:ae:06:45:b1:
58:b2:29:20:8b:db:30:87:e6:5b:99:b8:ea:34:1c:
5b:26:06:f8:74:da:75:42:01:b6:86:51:ab:9a:1a:
0c:b5:c1:a2:42:2c:b3:d8:ef:02:63:93:ca:b2:5a:
96:0f:3c:0c:95:77:04:11:47:40:37:de:64:7d:29:
3e:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:04:D6:DB:12:1E:62:E6:6F:70:41:FB:82:C6:09:36:AC:FB:DD:7B
X509v3 Authority Key Identifier:
keyid:A8:80:1B:E2:36:3F:21:1B:D2:F5:78:18:AD:EA:F9:C0:DB:E1:4B:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qIAb4jY_IRvS9XgYrer5wNvhS9s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/aQTW2xIeYuZvcEH7gsYJNqz73Xs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/qIAb4jY_IRvS9XgYrer5wNvhS9s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.214.0/24
185.66.202.0/23
185.237.4.0/22
IPv6:
2a07:e3c0::/48
Signature Algorithm: sha256WithRSAEncryption
26:ff:10:27:b2:33:07:43:6d:28:13:37:87:55:14:20:2a:e3:
33:6e:9d:78:b8:cc:dd:c1:2c:3f:0c:2e:bd:b2:24:e4:63:53:
2a:7b:ff:fa:54:95:41:ad:60:64:8b:26:ef:ea:5f:05:3e:c0:
35:39:7b:e4:c2:90:cc:d5:27:87:62:95:43:9c:76:22:c4:b5:
39:22:4d:e9:e3:dd:e6:63:d4:3e:5a:c8:ad:da:cc:a0:d1:17:
69:79:73:4f:98:ed:bb:99:72:f6:c5:49:1f:35:5f:cc:14:06:
50:9a:3e:ee:3b:6a:f5:f4:d1:a6:47:bd:1d:74:39:63:41:0f:
98:12:12:5f:44:42:65:f3:f3:85:fb:cb:7f:18:aa:f3:7b:d7:
10:2f:31:c0:be:68:8d:58:09:f9:a7:79:d3:75:de:d4:ee:4c:
f5:5c:72:6f:95:c9:a4:6b:ac:0c:ed:29:af:00:a2:f3:85:28:
e6:8a:12:f6:cd:8a:c6:c3:5e:9a:c3:e1:a6:fc:a0:bf:94:65:
41:15:e9:22:9e:af:2a:6e:77:77:a9:bc:34:fa:ab:d8:77:84:
e5:79:ae:fe:03:5a:db:20:20:73:0a:ec:38:28:30:8b:7b:dd:
d9:44:5b:cb:62:e1:ba:00:cf:4b:21:da:a2:34:9a:94:af:d4:
f2:16:2d:69
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQgaCV4VclLSwye5FAt10a2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4ODAxYmUyMzYzZjIxMWJkMmY1NzgxOGFkZWFmOWMwZGJl
MTRiZGIwHhcNMjUwMTAxMDU0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTA0ZDZkYjEyMWU2MmU2NmY3MDQxZmI4MmM2MDkzNmFjZmJkZDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA64s24ukPtTqdbkHjnqsdWVF+7VxG
Y9nEafe3qXSMqUVmocgJBH/0XIUqmQDSgSYuosmQu2M64KpmC4vJ903JcKpzqOXG
RPc0iACwpK6IpClqInMiHc4VXe74f8FgGZ262IFyOnIljAbOpDYqvlR0hgMkw199
E4d274t58zrhSVIISLLmKhPl8idLhOfE3n3sXka+9U/HgS+H/oymeAF6nIyI5jrY
+XMLDETiPHVbvgiQkKZCJqTbpzSkb8tdla4GRbFYsikgi9swh+ZbmbjqNBxbJgb4
dNp1QgG2hlGrmhoMtcGiQiyz2O8CY5PKslqWDzwMlXcEEUdAN95kfSk+YwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFGkE1tsSHmLmb3BB+4LGCTas+917MB8GA1UdIwQY
MBaAFKiAG+I2PyEb0vV4GK3q+cDb4UvbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUlBYjRqWV9JUnZTOVhnWXJlcjV3TnZoUzlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS84MTFlNzMtY2YzMC00OTRkLWFjYWMt
ODQyMGFlOWUwNjIyLzEvYVFUVzJ4SWVZdVp2Y0VIN2dzWUpOcXo3M1hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS84MTFlNzMtY2YzMC00OTRkLWFjYWMtODQyMGFlOWUwNjIy
LzEvcUlBYjRqWV9JUnZTOVhnWXJlcjV3TnZoUzlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAUnPWAwQB
uULKAwQCue0EMA8EAgACMAkDBwAqB+PAAAAwDQYJKoZIhvcNAQELBQADggEBACb/
ECeyMwdDbSgTN4dVFCAq4zNunXi4zN3BLD8MLr2yJORjUyp7//pUlUGtYGSLJu/q
XwU+wDU5e+TCkMzVJ4dilUOcdiLEtTkiTenj3eZj1D5ayK3azKDRF2l5c0+Y7buZ
cvbFSR81X8wUBlCaPu47avX00aZHvR10OWNBD5gSEl9EQmXz84X7y38YqvN71xAv
McC+aI1YCfmnedN13tTuTPVccm+VyaRrrAztKa8AovOFKOaKEvbNisbDXprD4ab8
oL+UZUEV6SKerypud3epvDT6q9h3hOV5rv4DWtsgIHMK7DgoMIt73dlEW8ti4boA
z0sh2qI0mpSv1PIWLWk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:50:03 2025 by rpki-client