Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/6KpfPRVUGyFsCkAEFBqf-wSXAyw.roa
File: 6KpfPRVUGyFsCkAEFBqf-wSXAyw.roa (raw, json)
Hash identifier: kWhiEuOzAfB/QvRqngqpda0Xfcej2KhLVFQbnAjy7tQ=
Subject key identifier: E8:AA:5F:3D:15:54:1B:21:6C:0A:40:04:14:1A:9F:FB:04:97:03:2C
Certificate issuer: /CN=40fc07299711adfa222e27b128b76d1d97450582
Certificate serial: 0194266C2FBFDA9E22C6E06D00718BC01A11
Authority key identifier: 40:FC:07:29:97:11:AD:FA:22:2E:27:B1:28:B7:6D:1D:97:45:05:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QPwHKZcRrfoiLiexKLdtHZdFBYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/6KpfPRVUGyFsCkAEFBqf-wSXAyw.roa
Signing time: Thu 02 Jan 2025 09:50:11 +0000
ROA not before: Thu 02 Jan 2025 09:50:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204158
IP address blocks: 185.112.4.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:2f:bf:da:9e:22:c6:e0:6d:00:71:8b:c0:1a:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40fc07299711adfa222e27b128b76d1d97450582
Validity
Not Before: Jan 2 09:50:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e8aa5f3d15541b216c0a4004141a9ffb0497032c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:db:b6:76:4d:e7:ee:5f:31:0b:21:7c:f1:18:
ba:d8:e6:56:50:24:9a:29:c8:d5:a2:8d:a7:34:27:
85:d3:bf:08:2c:90:2c:42:1c:24:c9:52:53:05:44:
c5:ca:77:ec:38:aa:55:e6:84:95:96:9b:b1:e8:09:
84:88:85:35:1f:cd:7b:bc:35:9d:3c:57:dd:bd:e1:
3d:1a:d4:22:80:16:24:a1:64:75:a6:b7:01:c8:82:
7a:53:bc:c0:81:e7:94:bf:d7:60:ee:ba:93:d8:93:
65:fc:a0:2d:50:a0:0c:69:3e:a6:72:72:cf:65:f2:
34:72:ac:15:96:3b:71:c5:10:60:11:78:e0:88:54:
8c:35:a6:05:77:9a:97:f7:06:a3:ce:65:a9:24:02:
3a:35:6c:e8:ce:0f:22:0a:b0:12:4b:63:66:69:6f:
68:17:13:15:c3:72:fa:40:4f:77:c9:e2:0b:fb:3d:
6d:ac:bd:5b:3b:a4:9d:fb:ef:04:80:25:ab:1f:ec:
3d:a5:81:45:07:cc:e0:be:1e:4c:9a:de:ef:32:92:
c3:f5:cd:3f:24:fa:98:99:33:fb:65:2d:50:b0:86:
11:f9:de:8f:cb:38:dc:2f:e8:3a:8d:21:de:07:1f:
39:c3:d6:d8:8f:7a:11:e9:ec:a6:00:32:6a:fa:14:
8f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:AA:5F:3D:15:54:1B:21:6C:0A:40:04:14:1A:9F:FB:04:97:03:2C
X509v3 Authority Key Identifier:
keyid:40:FC:07:29:97:11:AD:FA:22:2E:27:B1:28:B7:6D:1D:97:45:05:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QPwHKZcRrfoiLiexKLdtHZdFBYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/6KpfPRVUGyFsCkAEFBqf-wSXAyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/QPwHKZcRrfoiLiexKLdtHZdFBYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.4.0/22
Signature Algorithm: sha256WithRSAEncryption
09:b1:39:90:7e:bc:87:79:8f:f8:9a:24:c7:ed:04:1e:a4:2b:
db:29:c2:7f:b1:6b:21:22:99:5c:f4:2a:1e:ef:8a:82:f9:bf:
ed:13:bc:e0:c0:c3:4b:f3:15:df:d7:07:e3:1d:0c:e1:d6:d0:
93:0f:1b:36:bb:05:ee:aa:49:6c:70:13:ff:9d:54:54:a7:5b:
8b:b9:59:ca:ca:75:5c:49:8b:e0:6d:54:93:db:73:7a:0e:6e:
13:f6:04:7b:de:74:ae:b2:5f:43:e3:d6:6d:5b:77:5a:5d:0f:
6b:e4:53:01:cd:5f:7f:99:b6:a5:ed:60:e9:cb:6d:df:b5:a5:
30:73:6d:b5:bb:4e:40:aa:cc:eb:6d:8b:b8:58:13:35:b9:18:
fb:30:86:b7:06:6c:32:98:09:b8:bf:36:61:51:45:b1:af:2a:
ad:28:81:29:54:57:91:d7:c9:b0:87:c0:4c:e7:62:95:23:c1:
c5:ab:f0:a8:71:53:e7:0a:b3:76:32:b8:b6:d6:de:f4:9d:b9:
7d:d8:56:05:af:57:a7:2f:20:24:31:66:fc:f1:df:e2:59:49:
cd:26:0b:9c:02:96:08:53:2f:cb:14:6e:b9:b6:d5:1a:8f:10:
0d:fc:ed:60:7f:92:cf:06:f4:04:df:da:f6:5b:18:25:8a:aa:
64:c9:e0:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbC+/2p4ixuBtAHGLwBoRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZmMwNzI5OTcxMWFkZmEyMjJlMjdiMTI4Yjc2ZDFkOTc0
NTA1ODIwHhcNMjUwMTAyMDk1MDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGFhNWYzZDE1NTQxYjIxNmMwYTQwMDQxNDFhOWZmYjA0OTcwMzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltu2dk3n7l8xCyF88Ri62OZWUCSa
KcjVoo2nNCeF078ILJAsQhwkyVJTBUTFynfsOKpV5oSVlpux6AmEiIU1H817vDWd
PFfdveE9GtQigBYkoWR1prcByIJ6U7zAgeeUv9dg7rqT2JNl/KAtUKAMaT6mcnLP
ZfI0cqwVljtxxRBgEXjgiFSMNaYFd5qX9wajzmWpJAI6NWzozg8iCrASS2NmaW9o
FxMVw3L6QE93yeIL+z1trL1bO6Sd++8EgCWrH+w9pYFFB8zgvh5Mmt7vMpLD9c0/
JPqYmTP7ZS1QsIYR+d6PyzjcL+g6jSHeBx85w9bYj3oR6eymADJq+hSPHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOiqXz0VVBshbApABBQan/sElwMsMB8GA1UdIwQY
MBaAFED8BymXEa36Ii4nsSi3bR2XRQWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVB3SEtaY1JyZm9pTGlleEtMZHRIWmRGQllJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi81ZGM4N2EtZjMyOS00YzQ0LTgyMzUt
NzdlM2JlYWI2MWViLzEvNktwZlBSVlVHeUZzQ2tBRUZCcWYtd1NYQXl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi81ZGM4N2EtZjMyOS00YzQ0LTgyMzUtNzdlM2JlYWI2MWVi
LzEvUVB3SEtaY1JyZm9pTGlleEtMZHRIWmRGQllJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXAEMA0G
CSqGSIb3DQEBCwUAA4IBAQAJsTmQfryHeY/4miTH7QQepCvbKcJ/sWshIplc9Coe
74qC+b/tE7zgwMNL8xXf1wfjHQzh1tCTDxs2uwXuqklscBP/nVRUp1uLuVnKynVc
SYvgbVST23N6Dm4T9gR73nSusl9D49ZtW3daXQ9r5FMBzV9/mbal7WDpy23ftaUw
c221u05AqszrbYu4WBM1uRj7MIa3BmwymAm4vzZhUUWxryqtKIEpVFeR18mwh8BM
52KVI8HFq/CocVPnCrN2Mri21t70nbl92FYFr1enLyAkMWb88d/iWUnNJgucApYI
Uy/LFG65ttUajxAN/O1gf5LPBvQE39r2WxgliqpkyeD2
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:12 2025 by rpki-client