Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/5596b0-a8a7-45b0-b245-0fe7a0ee6bd3/1/hL__7lcp69gjaM4kDfVqSenQ5T0.roa
File: hL__7lcp69gjaM4kDfVqSenQ5T0.roa (raw, json)
Hash identifier: rq0h9r9MsJZ2d1oMlgt1f2tP65ZT9bv8lzzUA9F7MmE=
Subject key identifier: 84:BF:FF:EE:57:29:EB:D8:23:68:CE:24:0D:F5:6A:49:E9:D0:E5:3D
Certificate issuer: /CN=eaf9788c995130d70eac46c06b226672d25d4185
Certificate serial: 019427466F5B1500BCE5E331AC0703AE8B07
Authority key identifier: EA:F9:78:8C:99:51:30:D7:0E:AC:46:C0:6B:22:66:72:D2:5D:41:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6vl4jJlRMNcOrEbAayJmctJdQYU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/5596b0-a8a7-45b0-b245-0fe7a0ee6bd3/1/hL__7lcp69gjaM4kDfVqSenQ5T0.roa
Signing time: Thu 02 Jan 2025 13:48:34 +0000
ROA not before: Thu 02 Jan 2025 13:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28753
IP address blocks: 185.49.68.0/22 maxlen: 22
2a01:9260::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:46:6f:5b:15:00:bc:e5:e3:31:ac:07:03:ae:8b:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaf9788c995130d70eac46c06b226672d25d4185
Validity
Not Before: Jan 2 13:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84bfffee5729ebd82368ce240df56a49e9d0e53d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:e0:f4:27:f6:c5:db:67:e3:64:2a:de:2a:c5:
b1:4d:c4:98:92:b5:eb:27:32:4b:18:df:9a:2e:94:
f9:62:7a:7c:dd:b1:72:b7:f0:34:06:29:9f:da:60:
d8:80:e5:a3:af:6e:00:a8:eb:e2:a4:0b:7c:08:b7:
95:56:5d:a1:50:a6:f1:42:f7:6a:f1:9b:70:c7:b9:
ab:4d:92:36:c6:61:4b:8e:ec:f0:99:d3:3a:cd:28:
bf:88:e7:f6:5f:f8:e5:c1:9f:d2:e8:4a:36:62:86:
47:77:57:2e:32:64:6a:85:b4:a8:3c:cd:c7:11:4f:
e1:7b:ce:f2:ae:e5:59:8a:53:fd:da:42:05:47:53:
be:d5:7d:33:2b:ea:3d:27:d0:82:5c:38:c9:87:ee:
24:cb:6a:8f:4d:a3:81:60:af:76:29:24:41:22:78:
4e:34:72:53:11:61:ef:bc:4b:78:e1:52:12:ab:5b:
90:18:04:bd:12:e8:99:8c:8b:a6:03:dd:96:c5:ec:
a5:54:00:2e:59:42:85:c9:69:32:41:60:73:47:25:
6a:94:eb:16:bd:1d:89:e0:66:4f:a5:e1:c2:a0:4d:
12:66:82:24:5f:8c:54:3d:5b:7c:2c:f5:15:84:4c:
19:9a:f3:68:61:46:2c:93:52:79:6f:9a:ee:f6:7b:
49:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:BF:FF:EE:57:29:EB:D8:23:68:CE:24:0D:F5:6A:49:E9:D0:E5:3D
X509v3 Authority Key Identifier:
keyid:EA:F9:78:8C:99:51:30:D7:0E:AC:46:C0:6B:22:66:72:D2:5D:41:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6vl4jJlRMNcOrEbAayJmctJdQYU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/5596b0-a8a7-45b0-b245-0fe7a0ee6bd3/1/hL__7lcp69gjaM4kDfVqSenQ5T0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/5596b0-a8a7-45b0-b245-0fe7a0ee6bd3/1/6vl4jJlRMNcOrEbAayJmctJdQYU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.68.0/22
IPv6:
2a01:9260::/32
Signature Algorithm: sha256WithRSAEncryption
21:0c:1c:a1:71:31:1a:e4:d7:aa:ec:b4:09:f2:d8:dd:a7:37:
13:2e:9f:36:d8:80:a1:61:05:86:4a:4c:b9:67:ae:9a:4e:73:
0f:a9:8f:ad:ef:4d:85:2c:4c:f2:e1:60:15:fd:a4:3c:e7:28:
68:43:a9:8c:a1:4c:d4:08:c0:33:41:80:52:28:ad:6d:60:bc:
2d:27:93:9f:a5:59:79:28:ad:d1:51:31:50:30:70:15:fc:45:
3a:a3:38:0e:da:72:64:db:00:0b:2b:fb:d4:14:65:0c:89:d8:
f0:b1:91:ce:7f:48:29:2f:80:a6:ed:c8:4b:eb:8b:00:0f:b5:
00:44:e1:fa:73:80:26:97:48:4b:f8:d6:d8:f1:00:2c:e7:af:
f5:e8:0b:0d:fb:81:51:a9:92:a2:13:d3:2e:8e:14:2c:59:fb:
42:00:3a:0d:0b:2c:aa:a6:12:6a:e0:5d:61:7d:ef:c3:40:c0:
46:d0:03:a4:4e:c3:23:43:3f:0c:12:14:a0:4d:59:29:eb:e0:
ee:c0:02:ef:1d:db:8b:37:e3:78:66:f0:7b:16:8d:68:50:7b:
97:fa:e2:e5:2a:31:be:57:70:4a:48:6f:05:66:3b:ca:d8:e3:
24:e2:a3:ce:3e:ba:b2:1d:50:70:f2:45:c9:bd:c1:b5:b5:81:
27:09:5c:d8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnRm9bFQC85eMxrAcDrosHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhZjk3ODhjOTk1MTMwZDcwZWFjNDZjMDZiMjI2NjcyZDI1
ZDQxODUwHhcNMjUwMTAyMTM0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGJmZmZlZTU3MjllYmQ4MjM2OGNlMjQwZGY1NmE0OWU5ZDBlNTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6eD0J/bF22fjZCreKsWxTcSYkrXr
JzJLGN+aLpT5Ynp83bFyt/A0Bimf2mDYgOWjr24AqOvipAt8CLeVVl2hUKbxQvdq
8Ztwx7mrTZI2xmFLjuzwmdM6zSi/iOf2X/jlwZ/S6Eo2YoZHd1cuMmRqhbSoPM3H
EU/he87yruVZilP92kIFR1O+1X0zK+o9J9CCXDjJh+4ky2qPTaOBYK92KSRBInhO
NHJTEWHvvEt44VISq1uQGAS9EuiZjIumA92WxeylVAAuWUKFyWkyQWBzRyVqlOsW
vR2J4GZPpeHCoE0SZoIkX4xUPVt8LPUVhEwZmvNoYUYsk1J5b5ru9ntJlwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIS//+5XKevYI2jOJA31aknp0OU9MB8GA1UdIwQY
MBaAFOr5eIyZUTDXDqxGwGsiZnLSXUGFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnZsNGpKbFJNTmNPckViQWF5Sm1jdEpkUVlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy81NTk2YjAtYThhNy00NWIwLWIyNDUt
MGZlN2EwZWU2YmQzLzEvaExfXzdsY3A2OWdqYU00a0RmVnFTZW5RNVQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy81NTk2YjAtYThhNy00NWIwLWIyNDUtMGZlN2EwZWU2YmQz
LzEvNnZsNGpKbFJNTmNPckViQWF5Sm1jdEpkUVlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTFEMA0E
AgACMAcDBQAqAZJgMA0GCSqGSIb3DQEBCwUAA4IBAQAhDByhcTEa5Neq7LQJ8tjd
pzcTLp822IChYQWGSky5Z66aTnMPqY+t702FLEzy4WAV/aQ85yhoQ6mMoUzUCMAz
QYBSKK1tYLwtJ5OfpVl5KK3RUTFQMHAV/EU6ozgO2nJk2wALK/vUFGUMidjwsZHO
f0gpL4Cm7chL64sAD7UAROH6c4Aml0hL+NbY8QAs56/16AsN+4FRqZKiE9MujhQs
WftCADoNCyyqphJq4F1hfe/DQMBG0AOkTsMjQz8MEhSgTVkp6+DuwALvHduLN+N4
ZvB7Fo1oUHuX+uLlKjG+V3BKSG8FZjvK2OMk4qPOPrqyHVBw8kXJvcG1tYEnCVzY
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:30:18 2025 by rpki-client