Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/44c365-6ced-45d9-865d-04fcecad70ec/1/1EKO08t3Z9nlIgriObmmD60gwS4.roa
File: 1EKO08t3Z9nlIgriObmmD60gwS4.roa (raw, json)
Hash identifier: GhRL3PpvS/3V9MnssSh8wyX1VbIpwoy88Gmt2c9/PH0=
Subject key identifier: D4:42:8E:D3:CB:77:67:D9:E5:22:0A:E2:39:B9:A6:0F:AD:20:C1:2E
Certificate issuer: /CN=7e13414bdc2312400dfa9f50650d51ee0443df16
Certificate serial: 0194221F7420EDB5F91FB7D1641A82B0BAF0
Authority key identifier: 7E:13:41:4B:DC:23:12:40:0D:FA:9F:50:65:0D:51:EE:04:43:DF:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fhNBS9wjEkAN-p9QZQ1R7gRD3xY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/44c365-6ced-45d9-865d-04fcecad70ec/1/1EKO08t3Z9nlIgriObmmD60gwS4.roa
Signing time: Wed 01 Jan 2025 13:47:54 +0000
ROA not before: Wed 01 Jan 2025 13:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205086
IP address blocks: 185.231.20.0/24 maxlen: 24
185.231.21.0/24 maxlen: 24
185.231.22.0/24 maxlen: 24
185.231.23.0/24 maxlen: 24
2a0a:9580::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:74:20:ed:b5:f9:1f:b7:d1:64:1a:82:b0:ba:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e13414bdc2312400dfa9f50650d51ee0443df16
Validity
Not Before: Jan 1 13:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4428ed3cb7767d9e5220ae239b9a60fad20c12e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:8e:00:af:4d:33:d9:c6:72:e2:dd:34:0a:cd:
6b:1b:83:dd:5e:bc:37:e4:d1:51:15:8f:2f:eb:9d:
1f:60:34:fc:6a:ad:73:95:7a:64:4d:c8:3c:fe:ff:
49:9a:73:4f:66:bb:62:83:eb:7d:05:d4:a0:b7:de:
24:a3:6f:0b:f7:fd:97:29:cf:5a:ce:08:7a:b0:23:
dc:6e:de:24:82:4e:cd:a7:59:9b:f5:dd:8b:fc:3f:
de:bb:b8:4d:d5:a2:84:f3:a1:29:2e:5c:ef:3e:3a:
bb:7e:b0:49:32:bc:de:dd:e8:0a:bc:80:29:51:39:
ad:35:ec:b0:f4:58:f1:5a:99:93:bc:a0:8f:24:0d:
38:99:bb:20:42:19:13:70:66:5e:d0:79:d7:98:dd:
84:b9:5c:29:95:7e:11:16:7b:cc:16:a2:0d:aa:ed:
80:9a:09:be:aa:35:5b:fa:6a:1c:2f:48:88:cb:a8:
27:fa:d9:c5:38:dd:e3:3d:2f:02:9e:ce:6c:23:7d:
77:05:80:7b:08:ea:29:17:4d:d5:af:4b:d3:c0:e7:
6e:05:47:d0:85:16:18:3e:3a:1b:96:c0:2c:92:6c:
4a:d1:08:57:2f:70:c4:50:33:b1:69:33:c0:34:b3:
4a:64:d9:fa:fc:7c:18:d9:60:de:bf:44:d2:0d:40:
12:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:42:8E:D3:CB:77:67:D9:E5:22:0A:E2:39:B9:A6:0F:AD:20:C1:2E
X509v3 Authority Key Identifier:
keyid:7E:13:41:4B:DC:23:12:40:0D:FA:9F:50:65:0D:51:EE:04:43:DF:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fhNBS9wjEkAN-p9QZQ1R7gRD3xY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/44c365-6ced-45d9-865d-04fcecad70ec/1/1EKO08t3Z9nlIgriObmmD60gwS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/44c365-6ced-45d9-865d-04fcecad70ec/1/fhNBS9wjEkAN-p9QZQ1R7gRD3xY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.20.0/22
IPv6:
2a0a:9580::/29
Signature Algorithm: sha256WithRSAEncryption
7a:d0:ca:e0:83:99:05:2c:08:9f:69:bc:df:fe:ad:c8:2a:07:
5d:f8:62:76:a4:71:87:7a:26:36:38:b2:17:07:ec:a2:ab:a2:
2f:73:95:2a:79:d4:43:78:5e:e1:c9:cb:ac:0f:08:11:51:ee:
9f:ba:df:72:40:13:1c:1c:60:8c:16:bd:d0:c6:d2:eb:c1:83:
0f:55:b4:da:98:bf:8d:40:d7:56:68:ca:86:b6:95:4c:49:62:
14:ec:c2:f1:2e:1e:f5:1d:65:42:c5:f0:21:db:35:aa:dc:c6:
ad:a7:6c:87:37:3c:8c:7c:5a:80:dd:a5:71:ea:d5:4d:9e:97:
3b:75:ba:53:57:04:e7:57:6f:86:ea:41:9d:ca:59:e7:78:5e:
c5:60:e1:08:12:61:2b:cc:ac:db:0e:2a:18:f7:34:d0:bb:04:
1d:75:a5:63:e8:f6:98:f8:31:ca:0b:29:8f:ca:c6:1e:aa:2d:
c1:36:8b:75:c0:fc:1c:22:42:d6:fe:2f:c1:2d:14:3a:30:96:
57:e6:6d:17:42:0c:62:aa:3c:5e:88:9e:95:7f:20:a1:12:79:
5e:59:4e:d9:66:b1:4c:79:f6:b0:5b:fa:08:c8:14:d5:d5:bf:
a5:01:b1:fe:2d:f6:f9:b9:d0:ce:5d:a6:f6:86:f3:c9:8c:43:
04:30:cb:98
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQiH3Qg7bX5H7fRZBqCsLrwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMTM0MTRiZGMyMzEyNDAwZGZhOWY1MDY1MGQ1MWVlMDQ0
M2RmMTYwHhcNMjUwMTAxMTM0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDQyOGVkM2NiNzc2N2Q5ZTUyMjBhZTIzOWI5YTYwZmFkMjBjMTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+I4Ar00z2cZy4t00Cs1rG4PdXrw3
5NFRFY8v650fYDT8aq1zlXpkTcg8/v9JmnNPZrtig+t9BdSgt94ko28L9/2XKc9a
zgh6sCPcbt4kgk7Np1mb9d2L/D/eu7hN1aKE86EpLlzvPjq7frBJMrze3egKvIAp
UTmtNeyw9FjxWpmTvKCPJA04mbsgQhkTcGZe0HnXmN2EuVwplX4RFnvMFqINqu2A
mgm+qjVb+mocL0iIy6gn+tnFON3jPS8Cns5sI313BYB7COopF03Vr0vTwOduBUfQ
hRYYPjoblsAskmxK0QhXL3DEUDOxaTPANLNKZNn6/HwY2WDev0TSDUAS/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNRCjtPLd2fZ5SIK4jm5pg+tIMEuMB8GA1UdIwQY
MBaAFH4TQUvcIxJADfqfUGUNUe4EQ98WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmhOQlM5d2pFa0FOLXA5UVpRMVI3Z1JEM3hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi80NGMzNjUtNmNlZC00NWQ5LTg2NWQt
MDRmY2VjYWQ3MGVjLzEvMUVLTzA4dDNaOW5sSWdyaU9ibW1ENjBnd1M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi80NGMzNjUtNmNlZC00NWQ5LTg2NWQtMDRmY2VjYWQ3MGVj
LzEvZmhOQlM5d2pFa0FOLXA5UVpRMVI3Z1JEM3hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuecUMA0E
AgACMAcDBQMqCpWAMA0GCSqGSIb3DQEBCwUAA4IBAQB60Mrgg5kFLAifabzf/q3I
Kgdd+GJ2pHGHeiY2OLIXB+yiq6Ivc5UqedRDeF7hycusDwgRUe6fut9yQBMcHGCM
Fr3QxtLrwYMPVbTamL+NQNdWaMqGtpVMSWIU7MLxLh71HWVCxfAh2zWq3Matp2yH
NzyMfFqA3aVx6tVNnpc7dbpTVwTnV2+G6kGdylnneF7FYOEIEmErzKzbDioY9zTQ
uwQddaVj6PaY+DHKCymPysYeqi3BNot1wPwcIkLW/i/BLRQ6MJZX5m0XQgxiqjxe
iJ6VfyChEnleWU7ZZrFMefawW/oIyBTV1b+lAbH+Lfb5udDOXab2hvPJjEMEMMuY
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:38:47 2025 by rpki-client