Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/hg2Ps6LFSparyJWx3GTYmUPm3pA.roa
File: hg2Ps6LFSparyJWx3GTYmUPm3pA.roa (raw, json)
Hash identifier: QXdyI8bAesp03A33q/sHoHZRnlP3monnDF28zjvU5M8=
Subject key identifier: 86:0D:8F:B3:A2:C5:4A:96:AB:C8:95:B1:DC:64:D8:99:43:E6:DE:90
Certificate issuer: /CN=827af17f0499627e4b3c8cc5c333ec4b8e7635e0
Certificate serial: 01956D96949011005A7F1C065E8CDBC45D89
Authority key identifier: 82:7A:F1:7F:04:99:62:7E:4B:3C:8C:C5:C3:33:EC:4B:8E:76:35:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnrxfwSZYn5LPIzFwzPsS452NeA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/hg2Ps6LFSparyJWx3GTYmUPm3pA.roa
Signing time: Thu 06 Mar 2025 22:32:19 +0000
ROA not before: Thu 06 Mar 2025 22:32:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 185.195.0.0/22 maxlen: 24
2a01:77c0:1619::/48 maxlen: 48
2a01:77c0:7135::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6d:96:94:90:11:00:5a:7f:1c:06:5e:8c:db:c4:5d:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827af17f0499627e4b3c8cc5c333ec4b8e7635e0
Validity
Not Before: Mar 6 22:32:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=860d8fb3a2c54a96abc895b1dc64d89943e6de90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:de:d5:46:9e:c3:be:cd:02:30:3f:10:09:ad:
a8:cb:ce:53:89:0d:3c:1b:c6:e4:09:75:b2:6b:27:
3f:96:4b:5a:64:e6:40:2a:1c:d8:5e:9a:84:6c:80:
05:bb:0b:28:c2:0b:6d:1b:f9:99:5d:10:e6:2b:97:
f5:8a:a1:49:d5:90:4a:46:03:98:e9:e9:24:79:b2:
23:25:fe:94:5b:6c:7b:ab:80:ed:9a:9f:dc:f2:2f:
76:a2:21:62:58:42:ac:e8:04:11:15:5e:ae:13:ef:
de:fe:d9:ed:4f:2f:5b:bb:83:78:2c:f2:0c:8d:45:
0a:01:9b:83:5b:3c:ff:ca:1c:b4:0c:6d:65:bc:a9:
87:5a:50:64:4d:c4:0b:4a:f7:9b:e6:d6:3f:a8:e3:
46:27:58:21:01:eb:d5:4e:f0:6c:f9:b0:3d:1a:8b:
d7:16:4d:91:88:e8:c8:10:81:34:db:55:53:ef:03:
ba:af:d5:9e:13:28:f6:22:df:63:f2:13:94:c4:da:
50:70:61:3a:71:03:e7:4e:18:81:77:65:3c:53:e3:
d5:55:0b:c5:70:34:9f:2e:fe:59:c1:59:8d:82:8a:
54:54:60:66:4d:51:df:f0:4b:5e:c7:00:62:7b:82:
c3:7d:77:a5:19:d6:7f:74:e9:bd:f9:20:37:43:fc:
7e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:0D:8F:B3:A2:C5:4A:96:AB:C8:95:B1:DC:64:D8:99:43:E6:DE:90
X509v3 Authority Key Identifier:
keyid:82:7A:F1:7F:04:99:62:7E:4B:3C:8C:C5:C3:33:EC:4B:8E:76:35:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnrxfwSZYn5LPIzFwzPsS452NeA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/hg2Ps6LFSparyJWx3GTYmUPm3pA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/gnrxfwSZYn5LPIzFwzPsS452NeA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.0.0/22
IPv6:
2a01:77c0:1619::/48
2a01:77c0:7135::/48
Signature Algorithm: sha256WithRSAEncryption
45:dd:1d:a6:07:62:9a:84:f4:7d:9c:b2:06:14:2c:08:c6:49:
cd:98:1e:b0:4d:be:8e:1f:19:d9:c6:e9:71:8a:4c:42:8e:cd:
88:b8:23:13:bc:3e:e4:33:75:82:0d:f0:db:d8:c3:38:9a:c9:
42:65:6c:05:63:4b:c8:3a:46:2b:47:6e:cf:73:76:a7:1a:85:
fc:fe:f5:34:4b:19:87:ff:22:af:61:37:94:7b:b1:2e:f9:89:
14:1b:ad:8f:55:36:7c:9b:67:bc:05:5b:4e:db:c9:a3:c3:f2:
cf:68:85:eb:cd:71:ec:0b:21:7c:4d:35:24:52:17:31:91:91:
0c:b1:18:a8:e7:94:0c:ff:54:bf:ab:fc:2a:04:dc:d6:76:07:
d7:22:12:48:92:c6:ea:e1:c8:b5:67:0e:2b:12:84:3a:6f:bf:
94:0b:94:5f:72:98:a4:76:8d:50:24:33:30:91:33:36:35:cd:
6d:33:7f:48:6b:01:fc:d6:d3:d0:48:79:39:56:e4:24:3d:e4:
a7:47:0a:81:f3:c5:31:a6:4a:6f:2a:b1:af:78:af:ac:23:37:
e4:0f:79:bc:05:f8:2f:1a:ae:19:1c:54:d8:26:1f:8d:a3:b7:
14:12:f0:cf:d1:d0:95:e8:62:2a:28:28:c1:f7:0e:df:7b:01:
86:6a:ae:c2
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZVtlpSQEQBafxwGXozbxF2JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyN2FmMTdmMDQ5OTYyN2U0YjNjOGNjNWMzMzNlYzRiOGU3
NjM1ZTAwHhcNMjUwMzA2MjIzMjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjBkOGZiM2EyYzU0YTk2YWJjODk1YjFkYzY0ZDg5OTQzZTZkZTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyt7VRp7Dvs0CMD8QCa2oy85TiQ08
G8bkCXWyayc/lktaZOZAKhzYXpqEbIAFuwsowgttG/mZXRDmK5f1iqFJ1ZBKRgOY
6ekkebIjJf6UW2x7q4Dtmp/c8i92oiFiWEKs6AQRFV6uE+/e/tntTy9bu4N4LPIM
jUUKAZuDWzz/yhy0DG1lvKmHWlBkTcQLSveb5tY/qONGJ1ghAevVTvBs+bA9GovX
Fk2RiOjIEIE021VT7wO6r9WeEyj2It9j8hOUxNpQcGE6cQPnThiBd2U8U+PVVQvF
cDSfLv5ZwVmNgopUVGBmTVHf8EtexwBie4LDfXelGdZ/dOm9+SA3Q/x+wQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIYNj7OixUqWq8iVsdxk2JlD5t6QMB8GA1UdIwQY
MBaAFIJ68X8EmWJ+SzyMxcMz7EuOdjXgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25yeGZ3U1pZbjVMUEl6Rnd6UHNTNDUyTmVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9jMmFlM2QtOThiNC00NDZmLWFiMjgt
NzMxM2M3ZjNjYTNmLzEvaGcyUHM2TEZTcGFyeUpXeDNHVFltVVBtM3BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9jMmFlM2QtOThiNC00NDZmLWFiMjgtNzMxM2M3ZjNjYTNm
LzEvZ25yeGZ3U1pZbjVMUEl6Rnd6UHNTNDUyTmVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCucMAMBgE
AgACMBIDBwAqAXfAFhkDBwAqAXfAcTUwDQYJKoZIhvcNAQELBQADggEBAEXdHaYH
YpqE9H2csgYULAjGSc2YHrBNvo4fGdnG6XGKTEKOzYi4IxO8PuQzdYIN8NvYwzia
yUJlbAVjS8g6RitHbs9zdqcahfz+9TRLGYf/Iq9hN5R7sS75iRQbrY9VNnybZ7wF
W07byaPD8s9ohevNcewLIXxNNSRSFzGRkQyxGKjnlAz/VL+r/CoE3NZ2B9ciEkiS
xurhyLVnDisShDpvv5QLlF9ymKR2jVAkMzCRMzY1zW0zf0hrAfzW09BIeTlW5CQ9
5KdHCoHzxTGmSm8qsa94r6wjN+QPebwF+C8arhkcVNgmH42jtxQS8M/R0JXoYioo
KMH3Dt97AYZqrsI=
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:23:43 2025 by rpki-client