Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/abc103-ce66-4fcc-8fe1-3c91ad4b3e08/1/1PJhAmr4L-ICtBMJRLXv9Y_xOyw.roa
File: 1PJhAmr4L-ICtBMJRLXv9Y_xOyw.roa (raw, json)
Hash identifier: jH6dNQsK1d9mmyP0BMdwyC4O3JBopXcfL8RZmEaPWBg=
Subject key identifier: D4:F2:61:02:6A:F8:2F:E2:02:B4:13:09:44:B5:EF:F5:8F:F1:3B:2C
Certificate issuer: /CN=05881f357ea6680dde52a2a9bfbbb6ed4385d8d9
Certificate serial: 0194236A2B08A99FCC9369736F951A7EDCAF
Authority key identifier: 05:88:1F:35:7E:A6:68:0D:DE:52:A2:A9:BF:BB:B6:ED:43:85:D8:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BYgfNX6maA3eUqKpv7u27UOF2Nk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/abc103-ce66-4fcc-8fe1-3c91ad4b3e08/1/1PJhAmr4L-ICtBMJRLXv9Y_xOyw.roa
Signing time: Wed 01 Jan 2025 19:49:07 +0000
ROA not before: Wed 01 Jan 2025 19:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8240
IP address blocks: 185.161.84.0/22 maxlen: 22
185.161.87.0/24 maxlen: 24
185.172.24.0/22 maxlen: 22
195.80.96.0/19 maxlen: 19
213.184.32.0/19 maxlen: 19
2a02:88::/32 maxlen: 32
2a0b:6c00::/29 maxlen: 29
2a0b:6c00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:2b:08:a9:9f:cc:93:69:73:6f:95:1a:7e:dc:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05881f357ea6680dde52a2a9bfbbb6ed4385d8d9
Validity
Not Before: Jan 1 19:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4f261026af82fe202b4130944b5eff58ff13b2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:02:23:4e:e8:00:82:67:00:9c:2b:e4:53:f8:
e7:46:5b:f4:dd:74:68:3e:ad:e2:db:1f:00:ce:51:
97:39:45:26:fe:bd:28:18:41:23:3b:7d:d7:c6:d1:
80:fc:34:b4:4d:d9:29:4a:b2:80:cc:aa:e5:bd:80:
70:29:85:60:f1:a4:2b:1f:a9:fe:9f:af:60:6f:42:
e0:23:17:77:10:94:b1:3f:65:a2:d7:a1:3f:02:66:
2b:b9:68:61:11:d4:9e:b6:22:a9:8a:e4:f5:d7:2e:
62:02:e1:06:73:dd:57:a6:77:2f:7a:35:97:00:b5:
b8:0e:b1:76:0b:15:b1:94:b9:4a:d5:99:1e:21:69:
45:58:43:2d:20:d1:17:66:f2:33:04:42:e9:36:32:
c8:c3:7e:bb:8f:c5:f7:6c:47:35:9f:0f:e7:7b:61:
00:b8:88:8f:cf:8f:65:92:62:ea:e1:ee:4f:ea:cb:
46:ae:25:06:28:44:ae:c9:05:fa:9a:6e:f8:16:3d:
30:10:a0:dc:57:26:35:4b:cb:ed:b3:a9:39:26:00:
6b:c3:d1:14:3b:4b:58:c1:1d:c0:3c:45:03:ab:fd:
91:e2:78:02:77:09:65:61:b6:13:13:ca:c4:be:66:
26:cd:f9:64:ff:70:93:d3:96:62:73:5a:fc:a4:22:
26:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:F2:61:02:6A:F8:2F:E2:02:B4:13:09:44:B5:EF:F5:8F:F1:3B:2C
X509v3 Authority Key Identifier:
keyid:05:88:1F:35:7E:A6:68:0D:DE:52:A2:A9:BF:BB:B6:ED:43:85:D8:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BYgfNX6maA3eUqKpv7u27UOF2Nk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/abc103-ce66-4fcc-8fe1-3c91ad4b3e08/1/1PJhAmr4L-ICtBMJRLXv9Y_xOyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/abc103-ce66-4fcc-8fe1-3c91ad4b3e08/1/BYgfNX6maA3eUqKpv7u27UOF2Nk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.84.0/22
185.172.24.0/22
195.80.96.0/19
213.184.32.0/19
IPv6:
2a02:88::/32
2a0b:6c00::/29
Signature Algorithm: sha256WithRSAEncryption
59:6c:7a:39:04:56:d7:5b:e9:08:bd:f2:64:dc:c1:6a:8d:a8:
f3:e9:47:da:b8:60:07:46:73:47:f0:c3:10:15:1e:55:03:cb:
51:2c:93:e1:80:fc:ca:07:de:39:77:7e:c0:c6:4e:4d:25:12:
51:bd:cc:b4:a7:d3:c5:f5:ff:0c:ac:42:0e:a6:48:b1:54:70:
4f:8e:64:39:fd:c1:0b:9e:49:f7:24:ae:4a:35:97:91:35:a8:
fa:cf:7a:26:5e:98:ff:6d:6d:7e:b7:bd:8f:08:e3:4a:be:d5:
10:c2:58:9a:8c:7b:1e:fc:df:ef:b4:cd:58:dd:ab:d0:f1:ba:
b8:41:08:31:3f:ec:03:75:9c:ad:e5:39:47:f8:31:cb:0e:23:
97:c2:e8:a9:cd:24:b5:af:d4:4f:a7:87:e1:34:94:05:5b:ee:
a7:f6:be:2d:22:64:dd:e9:71:bd:53:df:3d:cb:47:06:86:97:
24:5a:db:88:10:3f:27:62:7e:4f:44:6e:40:e5:e0:1d:cb:04:
55:d1:f9:0f:ac:4f:10:95:a1:dd:81:76:55:65:d7:6b:98:24:
e2:db:3e:93:5c:9f:5e:5e:24:12:c9:cb:c5:14:da:53:5a:fc:
de:0d:ad:f3:60:86:dd:81:05:a2:dd:ea:62:4d:0f:47:d5:b3:
2c:16:8c:fe
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZQjaisIqZ/Mk2lzb5UaftyvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ODgxZjM1N2VhNjY4MGRkZTUyYTJhOWJmYmJiNmVkNDM4
NWQ4ZDkwHhcNMjUwMTAxMTk0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGYyNjEwMjZhZjgyZmUyMDJiNDEzMDk0NGI1ZWZmNThmZjEzYjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQIjTugAgmcAnCvkU/jnRlv03XRo
Pq3i2x8AzlGXOUUm/r0oGEEjO33XxtGA/DS0TdkpSrKAzKrlvYBwKYVg8aQrH6n+
n69gb0LgIxd3EJSxP2Wi16E/AmYruWhhEdSetiKpiuT11y5iAuEGc91XpncvejWX
ALW4DrF2CxWxlLlK1ZkeIWlFWEMtINEXZvIzBELpNjLIw367j8X3bEc1nw/ne2EA
uIiPz49lkmLq4e5P6stGriUGKESuyQX6mm74Fj0wEKDcVyY1S8vts6k5JgBrw9EU
O0tYwR3APEUDq/2R4ngCdwllYbYTE8rEvmYmzflk/3CT05Zic1r8pCImqQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFNTyYQJq+C/iArQTCUS17/WP8TssMB8GA1UdIwQY
MBaAFAWIHzV+pmgN3lKiqb+7tu1DhdjZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQllnZk5YNm1hQTNlVXFLcHY3dTI3VU9GMk5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9hYmMxMDMtY2U2Ni00ZmNjLThmZTEt
M2M5MWFkNGIzZTA4LzEvMVBKaEFtcjRMLUlDdEJNSlJMWHY5WV94T3l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9hYmMxMDMtY2U2Ni00ZmNjLThmZTEtM2M5MWFkNGIzZTA4
LzEvQllnZk5YNm1hQTNlVXFLcHY3dTI3VU9GMk5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQCuaFUAwQC
uawYAwQFw1BgAwQF1bggMBQEAgACMA4DBQAqAgCIAwUDKgtsADANBgkqhkiG9w0B
AQsFAAOCAQEAWWx6OQRW11vpCL3yZNzBao2o8+lH2rhgB0ZzR/DDEBUeVQPLUSyT
4YD8ygfeOXd+wMZOTSUSUb3MtKfTxfX/DKxCDqZIsVRwT45kOf3BC55J9ySuSjWX
kTWo+s96Jl6Y/21tfre9jwjjSr7VEMJYmox7Hvzf77TNWN2r0PG6uEEIMT/sA3Wc
reU5R/gxyw4jl8Loqc0kta/UT6eH4TSUBVvup/a+LSJk3elxvVPfPctHBoaXJFrb
iBA/J2J+T0RuQOXgHcsEVdH5D6xPEJWh3YF2VWXXa5gk4ts+k1yfXl4kEsnLxRTa
U1r83g2t82CG3YEFot3qYk0PR9WzLBaM/g==
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:31:12 2025 by rpki-client