Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/DBUEsMbUBbrOYrLwsjQd2fgNgQ0.roa
File: DBUEsMbUBbrOYrLwsjQd2fgNgQ0.roa (raw, json)
Hash identifier: BFgftP0Iqiz4p1YwPjrFX1V4YWIovqOFp45C1kiDgkI=
Subject key identifier: 0C:15:04:B0:C6:D4:05:BA:CE:62:B2:F0:B2:34:1D:D9:F8:0D:81:0D
Certificate issuer: /CN=b49bd84da17997cbb286af9022ab2e05ba08b442
Certificate serial: 01941FFA5CE7B23C4A07F1A9B03CB649B971
Authority key identifier: B4:9B:D8:4D:A1:79:97:CB:B2:86:AF:90:22:AB:2E:05:BA:08:B4:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tJvYTaF5l8uyhq-QIqsuBboItEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/DBUEsMbUBbrOYrLwsjQd2fgNgQ0.roa
Signing time: Wed 01 Jan 2025 03:48:09 +0000
ROA not before: Wed 01 Jan 2025 03:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 393559
IP address blocks: 185.230.180.0/22 maxlen: 24
185.230.181.0/24 maxlen: 24
2a13:d00::/29 maxlen: 48
2a13:d00:cf00::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:5c:e7:b2:3c:4a:07:f1:a9:b0:3c:b6:49:b9:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b49bd84da17997cbb286af9022ab2e05ba08b442
Validity
Not Before: Jan 1 03:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c1504b0c6d405bace62b2f0b2341dd9f80d810d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:98:62:ef:ed:02:3b:9b:7c:b2:57:1b:6b:71:
1b:82:60:4f:87:76:10:e7:a8:aa:03:28:86:ad:c6:
d3:99:b2:b5:3c:bf:5b:ad:07:83:16:3f:50:fd:17:
e4:c2:0f:40:a1:0d:0a:3d:92:24:b9:e8:9d:f1:ed:
70:af:17:80:8e:39:32:cf:69:cf:be:5d:89:39:b0:
8b:92:31:ab:e6:08:3b:0a:ae:39:31:4b:90:d5:61:
c1:4b:33:88:db:7c:a0:a5:de:53:e6:bd:0b:de:f7:
85:3b:99:6b:ed:c6:c7:83:80:ad:68:15:7a:22:b3:
d8:dd:85:8a:ea:35:51:60:21:2b:42:78:c5:c3:5d:
91:ef:ba:45:2d:95:c6:f7:c6:25:ba:1f:35:3f:ee:
41:d9:36:9e:ba:b5:fe:84:7c:c1:1c:95:2f:48:9d:
a9:7e:92:a6:2a:00:86:53:10:5e:94:30:ca:64:ee:
7c:de:18:18:55:19:f4:29:a8:be:56:d4:d2:dd:00:
b2:67:96:d7:78:eb:be:9d:40:d0:0b:18:cd:4b:7b:
70:ec:f0:af:bc:3a:cd:63:24:6f:03:21:53:93:8b:
6a:fc:7e:e6:95:b0:bd:2b:78:4f:bb:67:37:00:76:
23:8a:4d:38:d6:a0:cd:d5:11:fc:c0:d2:26:aa:51:
03:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:15:04:B0:C6:D4:05:BA:CE:62:B2:F0:B2:34:1D:D9:F8:0D:81:0D
X509v3 Authority Key Identifier:
keyid:B4:9B:D8:4D:A1:79:97:CB:B2:86:AF:90:22:AB:2E:05:BA:08:B4:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tJvYTaF5l8uyhq-QIqsuBboItEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/DBUEsMbUBbrOYrLwsjQd2fgNgQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/tJvYTaF5l8uyhq-QIqsuBboItEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.180.0/22
IPv6:
2a13:d00::/29
Signature Algorithm: sha256WithRSAEncryption
5a:ba:4b:24:47:57:89:da:be:25:de:1d:a9:3e:87:a2:b7:f7:
cb:da:0c:bc:90:73:20:9d:af:a9:35:e6:83:ac:4d:95:a2:38:
6e:a0:8b:c5:b7:4d:b0:19:b0:c7:ab:13:fa:95:30:73:0e:81:
b6:a0:0d:3a:ba:f9:82:6e:93:27:5f:9b:50:2d:be:f1:05:e2:
13:db:55:ef:fd:0d:ff:05:b5:f8:43:77:b0:18:c2:9f:31:a2:
b8:de:18:7b:ba:d0:8c:e4:2d:65:9c:e8:e2:37:e2:ed:a7:84:
03:b8:33:0e:af:99:96:97:7d:a0:a1:0c:f5:3e:aa:98:60:ed:
03:09:bb:e2:aa:29:e4:bd:9f:ad:f3:6c:b3:1d:ad:86:7c:9b:
58:37:e6:8f:e8:23:54:cf:76:26:39:80:09:f1:cb:29:bd:7c:
d6:79:d9:1f:7e:3f:96:a2:a2:35:57:b1:84:fa:84:2d:16:5d:
52:ab:95:32:4c:6a:b9:ce:41:b8:1a:5a:95:93:4a:fc:1e:6e:
79:89:d9:4a:41:20:00:ef:32:dc:2e:04:73:7d:5c:1c:24:58:
8e:18:40:42:0e:2e:fc:c7:14:e9:88:8a:ab:9b:2b:3e:f1:67:
cb:0a:f9:10:2b:52:5a:da:89:a4:31:2f:f9:dc:5d:8e:07:f6:
23:07:18:a8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQf+lznsjxKB/GpsDy2SblxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0OWJkODRkYTE3OTk3Y2JiMjg2YWY5MDIyYWIyZTA1YmEw
OGI0NDIwHhcNMjUwMTAxMDM0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzE1MDRiMGM2ZDQwNWJhY2U2MmIyZjBiMjM0MWRkOWY4MGQ4MTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5hi7+0CO5t8slcba3EbgmBPh3YQ
56iqAyiGrcbTmbK1PL9brQeDFj9Q/Rfkwg9AoQ0KPZIkueid8e1wrxeAjjkyz2nP
vl2JObCLkjGr5gg7Cq45MUuQ1WHBSzOI23ygpd5T5r0L3veFO5lr7cbHg4CtaBV6
IrPY3YWK6jVRYCErQnjFw12R77pFLZXG98Yluh81P+5B2TaeurX+hHzBHJUvSJ2p
fpKmKgCGUxBelDDKZO583hgYVRn0Kai+VtTS3QCyZ5bXeOu+nUDQCxjNS3tw7PCv
vDrNYyRvAyFTk4tq/H7mlbC9K3hPu2c3AHYjik041qDN1RH8wNImqlEDdwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAwVBLDG1AW6zmKy8LI0Hdn4DYENMB8GA1UdIwQY
MBaAFLSb2E2heZfLsoavkCKrLgW6CLRCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEp2WVRhRjVsOHV5aHEtUUlxc3VCYm9JdEVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lZTU0ZDEtNWIxNS00ZjkzLTg5N2It
MGM5MDliZjViZTRkLzEvREJVRXNNYlVCYnJPWXJMd3NqUWQyZmdOZ1EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lZTU0ZDEtNWIxNS00ZjkzLTg5N2ItMGM5MDliZjViZTRk
LzEvdEp2WVRhRjVsOHV5aHEtUUlxc3VCYm9JdEVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuea0MA0E
AgACMAcDBQMqEw0AMA0GCSqGSIb3DQEBCwUAA4IBAQBaukskR1eJ2r4l3h2pPoei
t/fL2gy8kHMgna+pNeaDrE2VojhuoIvFt02wGbDHqxP6lTBzDoG2oA06uvmCbpMn
X5tQLb7xBeIT21Xv/Q3/BbX4Q3ewGMKfMaK43hh7utCM5C1lnOjiN+Ltp4QDuDMO
r5mWl32goQz1PqqYYO0DCbviqinkvZ+t82yzHa2GfJtYN+aP6CNUz3YmOYAJ8csp
vXzWedkffj+WoqI1V7GE+oQtFl1Sq5UyTGq5zkG4GlqVk0r8Hm55idlKQSAA7zLc
LgRzfVwcJFiOGEBCDi78xxTpiIqrmys+8WfLCvkQK1Ja2omkMS/53F2OB/YjBxio
-----END CERTIFICATE-----
Generated at Sun Apr 6 22:40:18 2025 by rpki-client