Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/264934-2a7f-428b-afe5-81d214edf298/1/i7TTR0PMX6DAq8x2EEX7tvYEy2w.roa
File: i7TTR0PMX6DAq8x2EEX7tvYEy2w.roa (raw, json)
Hash identifier: iWmz0ZT2uDCkIA/K5JDubPnWXPlf7zxHizjmswntW2Y=
Subject key identifier: 8B:B4:D3:47:43:CC:5F:A0:C0:AB:CC:76:10:45:FB:B6:F6:04:CB:6C
Certificate issuer: /CN=b4dd6d658e14571e839f7813da31f2217422818e
Certificate serial: 019424B3D89134A61D0C7157CD57C34D5881
Authority key identifier: B4:DD:6D:65:8E:14:57:1E:83:9F:78:13:DA:31:F2:21:74:22:81:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tN1tZY4UVx6Dn3gT2jHyIXQigY4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/264934-2a7f-428b-afe5-81d214edf298/1/i7TTR0PMX6DAq8x2EEX7tvYEy2w.roa
Signing time: Thu 02 Jan 2025 01:49:13 +0000
ROA not before: Thu 02 Jan 2025 01:49:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50304
IP address blocks: 185.213.52.0/22 maxlen: 24
2a0b:8340::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:d8:91:34:a6:1d:0c:71:57:cd:57:c3:4d:58:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4dd6d658e14571e839f7813da31f2217422818e
Validity
Not Before: Jan 2 01:49:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8bb4d34743cc5fa0c0abcc761045fbb6f604cb6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:6b:05:1c:72:df:06:f3:01:86:02:bd:0d:85:
5d:cb:c5:80:5f:66:ea:bb:ab:1a:03:4a:d0:f1:d0:
c2:ac:9d:ba:71:e9:65:bc:c5:17:70:c3:08:67:4c:
15:7e:94:9d:78:9e:54:db:b6:12:98:d4:f1:3a:3a:
66:cc:33:ca:77:53:a6:82:4f:f6:6b:d4:ca:57:52:
6d:75:d9:a4:49:5c:06:0c:e9:5b:6c:51:27:07:64:
5e:47:27:25:8d:2b:81:1f:15:fd:f8:ac:4e:9e:a7:
9b:7b:21:e6:dc:22:9c:66:2b:27:12:37:2f:fa:69:
b2:e9:32:f3:88:1a:11:23:fe:20:0c:74:d7:3f:f1:
0e:4d:b8:69:26:49:21:9f:c1:68:76:b6:62:ec:38:
01:a7:e9:c7:df:d7:08:3d:95:f3:1b:8b:0d:2d:90:
f4:cb:54:22:8e:ce:8b:fc:09:d2:92:31:d8:f2:f8:
ac:5b:f0:02:fc:76:92:c0:12:dc:b4:e3:58:d1:7c:
0e:29:4e:e4:2f:85:07:28:ed:b9:ae:ab:5e:4e:2b:
9f:40:70:9b:ea:00:75:32:93:9b:36:72:16:8e:a0:
b4:45:ae:aa:dd:fa:05:a4:b7:0e:83:34:7f:b0:a7:
f6:66:36:5e:8f:90:54:77:64:ff:f7:a5:ad:a3:94:
30:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:B4:D3:47:43:CC:5F:A0:C0:AB:CC:76:10:45:FB:B6:F6:04:CB:6C
X509v3 Authority Key Identifier:
keyid:B4:DD:6D:65:8E:14:57:1E:83:9F:78:13:DA:31:F2:21:74:22:81:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tN1tZY4UVx6Dn3gT2jHyIXQigY4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/264934-2a7f-428b-afe5-81d214edf298/1/i7TTR0PMX6DAq8x2EEX7tvYEy2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/264934-2a7f-428b-afe5-81d214edf298/1/tN1tZY4UVx6Dn3gT2jHyIXQigY4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.52.0/22
IPv6:
2a0b:8340::/29
Signature Algorithm: sha256WithRSAEncryption
18:1e:8c:06:93:19:78:06:e6:96:42:fa:7e:51:34:6b:b1:0d:
fd:a0:6a:c2:4f:3b:b1:74:a4:47:92:e6:86:77:fc:6e:37:df:
29:93:e4:8a:19:e9:93:00:f4:28:8c:c3:71:e4:7d:a2:9d:bf:
96:07:63:51:0a:9a:e2:c5:cb:76:1f:c2:38:2c:c7:5b:5b:96:
fb:22:19:b0:03:c9:6a:bf:e5:7e:76:dc:f9:8a:d2:79:6a:ff:
38:57:fd:25:d9:70:33:80:0c:bd:85:a1:b6:42:9f:33:b5:39:
5b:e2:7e:4c:1b:35:40:50:9d:9d:12:c0:6d:b3:f2:fa:cd:de:
be:5c:59:5c:30:55:12:56:0c:d8:6b:f1:3d:36:04:35:96:4b:
4f:29:33:ff:7d:d6:ca:3e:73:34:14:6d:aa:b5:25:2d:5b:17:
52:9b:2b:c2:6b:5b:ee:64:f7:7e:52:04:fd:78:b2:9d:21:c9:
36:43:67:ab:d8:2e:ae:f2:68:47:8c:4f:2f:e1:b8:bf:82:9e:
c7:d7:eb:30:22:a4:32:6f:d1:de:dd:17:b5:9b:67:68:30:af:
a1:2b:01:af:1a:fc:d5:90:73:c8:93:31:aa:eb:ef:1b:c2:47:
70:0b:01:64:3b:5f:4e:4f:90:dc:47:da:31:09:07:5a:45:aa:
e6:96:0a:b1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQks9iRNKYdDHFXzVfDTViBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZGQ2ZDY1OGUxNDU3MWU4MzlmNzgxM2RhMzFmMjIxNzQy
MjgxOGUwHhcNMjUwMTAyMDE0OTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmI0ZDM0NzQzY2M1ZmEwYzBhYmNjNzYxMDQ1ZmJiNmY2MDRjYjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7GsFHHLfBvMBhgK9DYVdy8WAX2bq
u6saA0rQ8dDCrJ26cellvMUXcMMIZ0wVfpSdeJ5U27YSmNTxOjpmzDPKd1Omgk/2
a9TKV1JtddmkSVwGDOlbbFEnB2ReRycljSuBHxX9+KxOnqebeyHm3CKcZisnEjcv
+mmy6TLziBoRI/4gDHTXP/EOTbhpJkkhn8FodrZi7DgBp+nH39cIPZXzG4sNLZD0
y1Qijs6L/AnSkjHY8visW/AC/HaSwBLctONY0XwOKU7kL4UHKO25rqteTiufQHCb
6gB1MpObNnIWjqC0Ra6q3foFpLcOgzR/sKf2ZjZej5BUd2T/96Wto5Qw1QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIu000dDzF+gwKvMdhBF+7b2BMtsMB8GA1UdIwQY
MBaAFLTdbWWOFFceg594E9ox8iF0IoGOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE4xdFpZNFVWeDZEbjNnVDJqSHlJWFFpZ1k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8yNjQ5MzQtMmE3Zi00MjhiLWFmZTUt
ODFkMjE0ZWRmMjk4LzEvaTdUVFIwUE1YNkRBcTh4MkVFWDd0dllFeTJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8yNjQ5MzQtMmE3Zi00MjhiLWFmZTUtODFkMjE0ZWRmMjk4
LzEvdE4xdFpZNFVWeDZEbjNnVDJqSHlJWFFpZ1k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudU0MA0E
AgACMAcDBQMqC4NAMA0GCSqGSIb3DQEBCwUAA4IBAQAYHowGkxl4BuaWQvp+UTRr
sQ39oGrCTzuxdKRHkuaGd/xuN98pk+SKGemTAPQojMNx5H2inb+WB2NRCprixct2
H8I4LMdbW5b7IhmwA8lqv+V+dtz5itJ5av84V/0l2XAzgAy9haG2Qp8ztTlb4n5M
GzVAUJ2dEsBts/L6zd6+XFlcMFUSVgzYa/E9NgQ1lktPKTP/fdbKPnM0FG2qtSUt
WxdSmyvCa1vuZPd+UgT9eLKdIck2Q2er2C6u8mhHjE8v4bi/gp7H1+swIqQyb9He
3Re1m2doMK+hKwGvGvzVkHPIkzGq6+8bwkdwCwFkO19OT5DcR9oxCQdaRarmlgqx
-----END CERTIFICATE-----
Generated at Sun Apr 6 23:35:23 2025 by rpki-client