Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/Il6sw8RhfCXvm6Cob9piJ6Tof38.roa
File: Il6sw8RhfCXvm6Cob9piJ6Tof38.roa (raw, json)
Hash identifier: uQUNJgau18FI9kUMvqpvmB8TvJ5qi/9GPc9O1whwtNs=
Subject key identifier: 22:5E:AC:C3:C4:61:7C:25:EF:9B:A0:A8:6F:DA:62:27:A4:E8:7F:7F
Certificate issuer: /CN=bb4731884ba0f573fa618b6e7ad503a12c965af3
Certificate serial: 019420D5A8F1A2E0A3BB2BDEA359A62F601E
Authority key identifier: BB:47:31:88:4B:A0:F5:73:FA:61:8B:6E:7A:D5:03:A1:2C:96:5A:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u0cxiEug9XP6YYtuetUDoSyWWvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/Il6sw8RhfCXvm6Cob9piJ6Tof38.roa
Signing time: Wed 01 Jan 2025 07:47:40 +0000
ROA not before: Wed 01 Jan 2025 07:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200308
IP address blocks: 185.248.28.0/22 maxlen: 22
195.189.245.0/24 maxlen: 24
2a0d:dd80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:a8:f1:a2:e0:a3:bb:2b:de:a3:59:a6:2f:60:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb4731884ba0f573fa618b6e7ad503a12c965af3
Validity
Not Before: Jan 1 07:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=225eacc3c4617c25ef9ba0a86fda6227a4e87f7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:72:09:76:2f:62:11:8b:30:dc:f9:3e:94:7f:
96:d8:56:e1:48:aa:24:55:33:49:61:0e:a1:2d:e4:
97:77:c8:ed:78:4e:ec:aa:97:b6:8d:e3:98:29:3d:
2e:6c:fe:df:e7:0e:c8:0b:9d:15:9f:f8:42:b4:8c:
2c:66:e8:bb:21:9f:b2:7e:8e:b6:ab:3c:21:7b:f0:
82:df:92:ee:d5:c7:73:78:8e:9b:74:49:f9:b5:07:
2e:16:5a:c6:96:e1:dd:e6:7d:f9:02:36:98:09:b3:
0d:d3:76:2a:95:ce:81:cd:e9:f8:50:b3:3b:1b:1b:
d0:97:97:e4:3a:5f:63:35:9e:ce:6b:cf:84:b1:a8:
71:9d:19:cb:40:b7:12:cd:eb:96:24:7f:28:3e:5e:
e1:eb:e1:81:bb:b8:fc:34:9b:45:f1:2e:a9:54:dd:
be:32:20:7e:d9:67:87:a3:a3:51:47:b1:6a:00:6a:
8d:4d:c4:51:62:99:98:f3:58:8e:ca:51:fa:00:71:
33:27:57:14:50:26:17:70:eb:67:ce:1c:78:13:25:
61:02:16:21:38:ce:73:3d:dc:8e:80:a6:fe:41:b0:
b3:14:fc:19:69:c2:f6:ca:be:5f:e1:e6:f5:8a:92:
90:ae:56:8a:1d:2f:a8:8b:34:5e:15:17:75:25:e6:
77:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:5E:AC:C3:C4:61:7C:25:EF:9B:A0:A8:6F:DA:62:27:A4:E8:7F:7F
X509v3 Authority Key Identifier:
keyid:BB:47:31:88:4B:A0:F5:73:FA:61:8B:6E:7A:D5:03:A1:2C:96:5A:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0cxiEug9XP6YYtuetUDoSyWWvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/Il6sw8RhfCXvm6Cob9piJ6Tof38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/u0cxiEug9XP6YYtuetUDoSyWWvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.28.0/22
195.189.245.0/24
IPv6:
2a0d:dd80::/29
Signature Algorithm: sha256WithRSAEncryption
8f:2f:1e:94:d5:19:2d:78:66:2f:82:64:eb:f9:27:cf:cf:ef:
81:31:d4:ac:a2:b6:e8:03:e2:dd:34:4c:8f:f6:1d:73:24:b7:
49:58:16:2e:fd:a5:85:17:25:1c:07:8b:b0:c8:73:cb:80:20:
30:e1:9f:d5:99:ad:c1:86:47:e9:45:03:de:66:a7:3d:f2:ee:
cf:31:7c:b9:62:1c:fd:af:a7:91:ad:39:2d:fd:3c:0e:4b:91:
42:3d:ad:dd:ba:7c:ce:99:fb:dc:5b:a0:24:22:dd:71:dd:a3:
3c:c9:72:60:37:71:b8:51:df:54:04:30:6a:ea:16:53:93:8e:
f5:ad:9c:86:b9:e2:ec:b3:d1:f0:69:0d:9c:65:3b:bb:6a:a8:
5a:a3:51:1e:c1:2a:78:d5:8f:ff:c0:0d:82:e7:22:e2:02:8d:
b7:b7:e5:eb:2d:13:d0:48:13:5f:db:c9:d2:2f:75:15:8e:d9:
c9:db:b2:6b:f1:75:fc:28:4a:eb:d6:02:e5:31:6b:da:06:72:
37:03:af:ee:1f:e9:59:53:91:c7:44:96:da:8e:49:f9:01:f4:
88:e6:53:84:4b:21:09:d8:f9:50:b3:41:e0:cc:a7:14:e1:0f:
21:a8:66:21:7b:aa:dd:55:11:5a:e2:a7:02:7a:e5:f1:ec:4e:
45:d0:9c:1c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQg1ajxouCjuyveo1mmL2AeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNDczMTg4NGJhMGY1NzNmYTYxOGI2ZTdhZDUwM2ExMmM5
NjVhZjMwHhcNMjUwMTAxMDc0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjVlYWNjM2M0NjE3YzI1ZWY5YmEwYTg2ZmRhNjIyN2E0ZTg3ZjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXIJdi9iEYsw3Pk+lH+W2FbhSKok
VTNJYQ6hLeSXd8jteE7sqpe2jeOYKT0ubP7f5w7IC50Vn/hCtIwsZui7IZ+yfo62
qzwhe/CC35Lu1cdzeI6bdEn5tQcuFlrGluHd5n35AjaYCbMN03Yqlc6Bzen4ULM7
GxvQl5fkOl9jNZ7Oa8+EsahxnRnLQLcSzeuWJH8oPl7h6+GBu7j8NJtF8S6pVN2+
MiB+2WeHo6NRR7FqAGqNTcRRYpmY81iOylH6AHEzJ1cUUCYXcOtnzhx4EyVhAhYh
OM5zPdyOgKb+QbCzFPwZacL2yr5f4eb1ipKQrlaKHS+oizReFRd1JeZ3OwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCJerMPEYXwl75ugqG/aYiek6H9/MB8GA1UdIwQY
MBaAFLtHMYhLoPVz+mGLbnrVA6EsllrzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTBjeGlFdWc5WFA2WVl0dWV0VURvU3lXV3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9jMjEyYTItMzdlOS00YWQ2LWJiZTYt
ODM1YTU4NDJiOTRjLzEvSWw2c3c4UmhmQ1h2bTZDb2I5cGlKNlRvZjM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9jMjEyYTItMzdlOS00YWQ2LWJiZTYtODM1YTU4NDJiOTRj
LzEvdTBjeGlFdWc5WFA2WVl0dWV0VURvU3lXV3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCufgcAwQA
w731MA0EAgACMAcDBQMqDd2AMA0GCSqGSIb3DQEBCwUAA4IBAQCPLx6U1RkteGYv
gmTr+SfPz++BMdSsorboA+LdNEyP9h1zJLdJWBYu/aWFFyUcB4uwyHPLgCAw4Z/V
ma3BhkfpRQPeZqc98u7PMXy5Yhz9r6eRrTkt/TwOS5FCPa3dunzOmfvcW6AkIt1x
3aM8yXJgN3G4Ud9UBDBq6hZTk471rZyGueLss9HwaQ2cZTu7aqhao1EewSp41Y//
wA2C5yLiAo23t+XrLRPQSBNf28nSL3UVjtnJ27Jr8XX8KErr1gLlMWvaBnI3A6/u
H+lZU5HHRJbajkn5AfSI5lOESyEJ2PlQs0HgzKcU4Q8hqGYhe6rdVRFa4qcCeuXx
7E5F0Jwc
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:31 2025 by rpki-client