Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/p3wgvrtQnusPg-02AGpJuCVwIa0.roa
File: p3wgvrtQnusPg-02AGpJuCVwIa0.roa (raw, json)
Hash identifier: oFqOFoJpqofnXxel+apdf7Tu1IS9TI7qHjWxYOA7gaQ=
Subject key identifier: A7:7C:20:BE:BB:50:9E:EB:0F:83:ED:36:00:6A:49:B8:25:70:21:AD
Certificate issuer: /CN=ddbe6e0adae8bb478393aab175b638644c74ccb7
Certificate serial: 019427B37661AB3605854C9283FF2C375F02
Authority key identifier: DD:BE:6E:0A:DA:E8:BB:47:83:93:AA:B1:75:B6:38:64:4C:74:CC:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3b5uCtrou0eDk6qxdbY4ZEx0zLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/p3wgvrtQnusPg-02AGpJuCVwIa0.roa
Signing time: Thu 02 Jan 2025 15:47:40 +0000
ROA not before: Thu 02 Jan 2025 15:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204229
IP address blocks: 185.191.60.0/23 maxlen: 23
185.191.62.0/23 maxlen: 23
185.241.116.0/23 maxlen: 23
185.241.118.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:76:61:ab:36:05:85:4c:92:83:ff:2c:37:5f:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddbe6e0adae8bb478393aab175b638644c74ccb7
Validity
Not Before: Jan 2 15:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a77c20bebb509eeb0f83ed36006a49b8257021ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:fe:4d:d1:ce:41:3a:e8:12:8c:a9:01:bc:ef:
23:54:c3:78:4c:59:f3:1a:c1:f7:3c:a5:38:5a:be:
17:17:23:ad:c7:b9:68:35:2f:99:05:a2:cd:c1:61:
32:e5:84:24:2d:8d:06:0f:19:01:36:1f:ce:0b:72:
d5:4c:22:94:e4:a6:7e:5b:78:f5:1f:89:b4:f3:27:
1a:af:ed:f0:5d:60:ed:22:81:b0:69:c3:93:20:d2:
27:15:49:db:83:39:73:c8:43:ed:77:62:41:2c:07:
f9:23:3c:ba:21:7d:01:ed:0c:08:30:1a:be:9b:a8:
40:3e:38:74:8c:19:3d:f2:a3:7f:94:55:02:f5:8c:
10:d9:b5:c8:18:b6:f5:df:f9:ab:4a:03:76:7b:b2:
0c:9d:94:46:de:07:71:02:d2:9d:a6:b0:1a:15:14:
5f:82:b6:e7:c5:fd:94:8e:4f:d7:83:7d:c3:c7:b6:
28:ee:41:d8:68:c5:af:d9:89:69:ef:a9:e6:4d:24:
af:1f:fb:f2:66:d4:f0:1c:0e:47:20:9b:7c:91:f2:
91:6a:55:b8:ff:f3:06:90:4b:70:d9:9c:7a:3c:a8:
15:c3:64:61:8c:d4:26:37:eb:b4:a1:fe:53:e1:f3:
82:4e:5c:8a:b2:dd:9a:c9:d3:71:2d:7b:5d:1c:1a:
ec:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:7C:20:BE:BB:50:9E:EB:0F:83:ED:36:00:6A:49:B8:25:70:21:AD
X509v3 Authority Key Identifier:
keyid:DD:BE:6E:0A:DA:E8:BB:47:83:93:AA:B1:75:B6:38:64:4C:74:CC:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b5uCtrou0eDk6qxdbY4ZEx0zLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/p3wgvrtQnusPg-02AGpJuCVwIa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/3b5uCtrou0eDk6qxdbY4ZEx0zLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.60.0/22
185.241.116.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:d3:6f:ef:a5:fb:5a:3f:7e:2d:40:56:21:1d:36:1d:6b:1d:
61:25:b8:d3:30:0e:8d:9f:29:8e:87:c6:ae:13:66:3c:ad:7b:
69:2c:c6:11:33:38:62:fd:2e:92:eb:a1:a1:54:fe:ed:cb:40:
40:10:75:7f:50:eb:ef:cb:8f:aa:fb:1e:08:16:38:1a:c9:ab:
8a:71:7a:20:73:91:38:fe:a8:f0:89:16:6a:f0:71:73:6e:da:
e1:8f:81:cd:71:ac:9f:2e:bb:ea:fc:1c:e0:f2:d2:5f:92:58:
fe:a6:3b:ec:f5:4b:00:9b:c7:8f:42:b0:b2:d3:a8:d1:67:71:
ce:55:60:02:9c:2f:76:ed:fc:bb:d2:a0:69:e7:79:88:f1:42:
63:bf:b7:45:ac:0a:ac:20:e3:11:98:d2:c3:60:78:c5:7c:bd:
0b:82:90:9c:72:42:71:34:29:9c:a2:b2:8b:13:b6:43:c1:e9:
23:be:0a:28:43:19:96:46:df:b5:0f:cf:3f:bb:d0:1f:35:5e:
b6:97:f6:a0:1e:02:ba:30:15:57:4d:49:36:ef:ae:6f:9e:ec:
64:d9:96:8c:c8:fd:6b:a8:0f:fc:32:bf:3b:22:cb:cc:d0:0f:
b5:48:c6:07:ab:9d:d8:f4:31:0b:46:37:9a:4f:fb:3e:16:ee:
ef:fa:37:50
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQns3ZhqzYFhUySg/8sN18CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkYmU2ZTBhZGFlOGJiNDc4MzkzYWFiMTc1YjYzODY0NGM3
NGNjYjcwHhcNMjUwMTAyMTU0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzdjMjBiZWJiNTA5ZWViMGY4M2VkMzYwMDZhNDliODI1NzAyMWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwv5N0c5BOugSjKkBvO8jVMN4TFnz
GsH3PKU4Wr4XFyOtx7loNS+ZBaLNwWEy5YQkLY0GDxkBNh/OC3LVTCKU5KZ+W3j1
H4m08ycar+3wXWDtIoGwacOTINInFUnbgzlzyEPtd2JBLAf5Izy6IX0B7QwIMBq+
m6hAPjh0jBk98qN/lFUC9YwQ2bXIGLb13/mrSgN2e7IMnZRG3gdxAtKdprAaFRRf
grbnxf2Ujk/Xg33Dx7Yo7kHYaMWv2Ylp76nmTSSvH/vyZtTwHA5HIJt8kfKRalW4
//MGkEtw2Zx6PKgVw2RhjNQmN+u0of5T4fOCTlyKst2aydNxLXtdHBrsRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKd8IL67UJ7rD4PtNgBqSbglcCGtMB8GA1UdIwQY
MBaAFN2+bgra6LtHg5OqsXW2OGRMdMy3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2I1dUN0cm91MGVEazZxeGRiWTRaRXgwekxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNjdiNzgtNThjOC00MzExLTllNjkt
NmJhYTNiNTQ4ZDIzLzEvcDN3Z3ZydFFudXNQZy0wMkFHcEp1Q1Z3SWEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNjdiNzgtNThjOC00MzExLTllNjktNmJhYTNiNTQ4ZDIz
LzEvM2I1dUN0cm91MGVEazZxeGRiWTRaRXgwekxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCub88AwQC
ufF0MA0GCSqGSIb3DQEBCwUAA4IBAQAc02/vpftaP34tQFYhHTYdax1hJbjTMA6N
nymOh8auE2Y8rXtpLMYRMzhi/S6S66GhVP7ty0BAEHV/UOvvy4+q+x4IFjgayauK
cXogc5E4/qjwiRZq8HFzbtrhj4HNcayfLrvq/Bzg8tJfklj+pjvs9UsAm8ePQrCy
06jRZ3HOVWACnC927fy70qBp53mI8UJjv7dFrAqsIOMRmNLDYHjFfL0LgpCcckJx
NCmcorKLE7ZDwekjvgooQxmWRt+1D88/u9AfNV62l/agHgK6MBVXTUk2765vnuxk
2ZaMyP1rqA/8Mr87IsvM0A+1SMYHq53Y9DELRjeaT/s+Fu7v+jdQ
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:17:46 2025 by rpki-client