Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/64a053-26ff-48a6-aeda-14702a4d2660/1/GerACxDWw1b6KGz6kGs5iVp2ois.roa
File: GerACxDWw1b6KGz6kGs5iVp2ois.roa (raw, json)
Hash identifier: 4GcODZKqecND9v8xjlb0j4xGLtBy9xZhAi6ymZShRcQ=
Subject key identifier: 19:EA:C0:0B:10:D6:C3:56:FA:28:6C:FA:90:6B:39:89:5A:76:A2:2B
Certificate issuer: /CN=2b237c5affe93543ae2fe6e1ffed182396eb9bb3
Certificate serial: 01942444940F060A0656C15E780330295952
Authority key identifier: 2B:23:7C:5A:FF:E9:35:43:AE:2F:E6:E1:FF:ED:18:23:96:EB:9B:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KyN8Wv_pNUOuL-bh_-0YI5brm7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/64a053-26ff-48a6-aeda-14702a4d2660/1/GerACxDWw1b6KGz6kGs5iVp2ois.roa
Signing time: Wed 01 Jan 2025 23:47:41 +0000
ROA not before: Wed 01 Jan 2025 23:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200425
IP address blocks: 185.107.196.0/23 maxlen: 23
185.107.196.0/24 maxlen: 24
185.107.197.0/24 maxlen: 24
2a06:45c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:94:0f:06:0a:06:56:c1:5e:78:03:30:29:59:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b237c5affe93543ae2fe6e1ffed182396eb9bb3
Validity
Not Before: Jan 1 23:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=19eac00b10d6c356fa286cfa906b39895a76a22b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:c1:9f:fc:28:3e:9b:e8:74:ef:87:0e:e4:55:
d6:e4:de:2c:68:56:ad:bc:26:97:fb:de:a1:34:ca:
c3:62:bc:82:92:4d:00:35:a7:d4:6d:cf:41:6b:f9:
9e:f3:ed:83:9a:c5:16:d5:23:36:65:53:60:8b:1b:
d7:c9:a3:1d:b6:98:b9:8b:73:dd:6e:3c:51:45:f8:
fa:09:2d:c6:ce:a4:2b:b5:2b:91:18:4b:cc:b3:04:
c2:1f:1a:ba:3f:57:95:64:71:d7:70:43:d5:97:89:
35:a3:ba:dc:04:90:ad:ff:35:85:b2:5b:3b:61:0e:
48:83:d6:fb:6f:ba:6c:52:50:27:93:e7:2a:9e:d6:
49:30:29:f6:57:1b:80:b7:f3:7f:7c:5f:41:e0:04:
15:34:aa:bc:22:c3:8a:a2:20:0b:ad:3d:00:86:47:
ad:24:be:3f:8e:14:3e:4f:17:2f:5b:9a:7f:d4:09:
46:1f:bc:a8:fa:2d:b5:1e:e1:83:e3:da:da:c9:9a:
c0:e4:ec:c8:f7:7e:b9:24:2a:fe:08:0f:0a:d2:bc:
a5:3c:2b:cb:fa:cf:03:3b:fd:48:ee:45:1e:05:2c:
7d:6a:e4:fb:9e:bc:5a:b7:2a:49:ad:68:fc:99:db:
a9:aa:7d:de:e7:47:bb:21:a4:81:5b:f5:7a:81:97:
06:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:EA:C0:0B:10:D6:C3:56:FA:28:6C:FA:90:6B:39:89:5A:76:A2:2B
X509v3 Authority Key Identifier:
keyid:2B:23:7C:5A:FF:E9:35:43:AE:2F:E6:E1:FF:ED:18:23:96:EB:9B:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KyN8Wv_pNUOuL-bh_-0YI5brm7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/64a053-26ff-48a6-aeda-14702a4d2660/1/GerACxDWw1b6KGz6kGs5iVp2ois.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/64a053-26ff-48a6-aeda-14702a4d2660/1/KyN8Wv_pNUOuL-bh_-0YI5brm7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.196.0/23
IPv6:
2a06:45c0::/32
Signature Algorithm: sha256WithRSAEncryption
86:40:3e:7e:cf:c8:e3:e8:f1:f0:0a:11:90:40:35:fd:cb:ab:
23:75:dd:c9:a2:00:b1:dc:9a:12:dc:fb:bc:aa:62:14:b9:65:
50:00:57:bd:3a:f2:8c:52:50:08:e4:6a:d5:56:33:fa:86:55:
a5:2f:59:32:52:61:bf:f7:57:65:bf:53:e1:9b:0e:4f:66:8b:
87:ec:c8:9e:12:f0:59:47:19:89:05:44:c8:b6:c0:1f:c2:8d:
8d:56:43:fa:42:86:1d:29:a7:49:4f:9a:5b:77:5e:16:d2:44:
73:09:b4:39:28:32:17:b7:6f:3f:d5:cc:aa:6f:f3:80:71:49:
f4:91:5c:b9:fc:54:1d:2f:69:db:d1:49:c3:ea:86:e5:e3:3d:
94:55:71:2c:74:a9:a7:01:1e:e2:48:1b:26:f7:ac:17:69:cc:
90:c9:aa:af:f1:9c:03:f5:46:69:84:3c:43:23:68:a3:dd:de:
c3:ee:46:bb:5e:99:25:63:a9:62:0c:d3:91:44:a8:90:ed:f7:
6a:36:e6:2e:c5:60:28:a8:d0:34:c0:0b:6f:89:4b:12:d7:28:
37:27:7e:6d:75:71:f1:dd:4b:35:d9:47:c0:ec:1c:30:f2:66:
88:87:2d:c4:d8:df:5e:2b:52:25:b7:4e:93:2d:7a:9c:84:21:
04:93:ee:0a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQkRJQPBgoGVsFeeAMwKVlSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMjM3YzVhZmZlOTM1NDNhZTJmZTZlMWZmZWQxODIzOTZl
YjliYjMwHhcNMjUwMTAxMjM0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWVhYzAwYjEwZDZjMzU2ZmEyODZjZmE5MDZiMzk4OTVhNzZhMjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzsGf/Cg+m+h074cO5FXW5N4saFat
vCaX+96hNMrDYryCkk0ANafUbc9Ba/me8+2DmsUW1SM2ZVNgixvXyaMdtpi5i3Pd
bjxRRfj6CS3GzqQrtSuRGEvMswTCHxq6P1eVZHHXcEPVl4k1o7rcBJCt/zWFsls7
YQ5Ig9b7b7psUlAnk+cqntZJMCn2VxuAt/N/fF9B4AQVNKq8IsOKoiALrT0Ahket
JL4/jhQ+TxcvW5p/1AlGH7yo+i21HuGD49rayZrA5OzI9365JCr+CA8K0rylPCvL
+s8DO/1I7kUeBSx9auT7nrxatypJrWj8mdupqn3e50e7IaSBW/V6gZcG7wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBnqwAsQ1sNW+ihs+pBrOYladqIrMB8GA1UdIwQY
MBaAFCsjfFr/6TVDri/m4f/tGCOW65uzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3lOOFd2X3BOVU91TC1iaF8tMFlJNWJybTdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi82NGEwNTMtMjZmZi00OGE2LWFlZGEt
MTQ3MDJhNGQyNjYwLzEvR2VyQUN4RFd3MWI2S0d6NmtHczVpVnAyb2lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi82NGEwNTMtMjZmZi00OGE2LWFlZGEtMTQ3MDJhNGQyNjYw
LzEvS3lOOFd2X3BOVU91TC1iaF8tMFlJNWJybTdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuWvEMA0E
AgACMAcDBQAqBkXAMA0GCSqGSIb3DQEBCwUAA4IBAQCGQD5+z8jj6PHwChGQQDX9
y6sjdd3JogCx3JoS3Pu8qmIUuWVQAFe9OvKMUlAI5GrVVjP6hlWlL1kyUmG/91dl
v1Phmw5PZouH7MieEvBZRxmJBUTItsAfwo2NVkP6QoYdKadJT5pbd14W0kRzCbQ5
KDIXt28/1cyqb/OAcUn0kVy5/FQdL2nb0UnD6obl4z2UVXEsdKmnAR7iSBsm96wX
acyQyaqv8ZwD9UZphDxDI2ij3d7D7ka7XpklY6liDNORRKiQ7fdqNuYuxWAoqNA0
wAtviUsS1yg3J35tdXHx3Us12UfA7Bww8maIhy3E2N9eK1Ilt06TLXqchCEEk+4K
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:18:17 2025 by rpki-client