Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/e4f3ef-7bfc-4055-b798-028a2b0a53d5/1/n60UwFRR1GBkJeWW6TyEPviSqRg.roa
File: n60UwFRR1GBkJeWW6TyEPviSqRg.roa (raw, json)
Hash identifier: 1Igyo5YmuM6qjLho9mnJYZI0b/XVpfl/12bJjKoYl+o=
Subject key identifier: 9F:AD:14:C0:54:51:D4:60:64:25:E5:96:E9:3C:84:3E:F8:92:A9:18
Certificate issuer: /CN=b0a7252aa643d0dbc42da410e9c20f5703368cd8
Certificate serial: 019425FCAE07CE9273757BC5F4E06F611AA2
Authority key identifier: B0:A7:25:2A:A6:43:D0:DB:C4:2D:A4:10:E9:C2:0F:57:03:36:8C:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sKclKqZD0NvELaQQ6cIPVwM2jNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/e4f3ef-7bfc-4055-b798-028a2b0a53d5/1/n60UwFRR1GBkJeWW6TyEPviSqRg.roa
Signing time: Thu 02 Jan 2025 07:48:24 +0000
ROA not before: Thu 02 Jan 2025 07:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21067
IP address blocks: 185.110.148.0/22 maxlen: 24
2a06:5840::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:ae:07:ce:92:73:75:7b:c5:f4:e0:6f:61:1a:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0a7252aa643d0dbc42da410e9c20f5703368cd8
Validity
Not Before: Jan 2 07:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9fad14c05451d4606425e596e93c843ef892a918
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e1:8d:81:30:80:b9:2e:3a:93:16:15:71:05:
a4:aa:fd:da:26:85:b7:c1:46:70:eb:f4:42:5c:53:
63:f5:07:d1:69:55:20:6a:2c:07:3b:68:fe:a3:7e:
48:cd:e4:10:9f:01:fc:a6:4d:01:32:55:bd:80:1e:
b6:70:db:8b:ef:fa:bb:18:3f:d9:ee:de:f7:be:ea:
33:92:7d:d5:f5:86:87:2d:36:19:fa:2a:30:66:58:
57:1c:13:97:0b:a9:0d:2a:e0:b7:a2:40:4e:f5:f9:
e9:76:d9:21:36:61:fc:a4:e2:de:03:84:65:21:73:
86:ba:f8:d8:db:b1:0e:0e:c9:14:dc:7d:6e:28:74:
f5:b6:85:77:56:00:9b:a3:2d:ad:46:c6:b4:1e:e4:
5e:1f:54:f8:f4:89:2a:d2:3a:dc:a2:93:bb:b6:50:
8e:2d:d2:06:42:6e:bb:ae:f4:47:25:d2:66:b9:38:
88:e1:0f:d7:be:49:9b:f3:e6:26:f0:63:4e:4d:4f:
4e:33:18:6e:82:1b:92:3e:f5:cf:80:bf:4a:cf:36:
b4:43:3e:4d:56:a0:81:1b:a9:34:20:b6:69:93:33:
0c:d9:e3:23:a4:67:52:64:04:9b:97:de:e8:c6:f6:
e6:1c:83:30:5c:f9:c0:f0:c4:61:ea:4a:c0:b9:7b:
cd:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:AD:14:C0:54:51:D4:60:64:25:E5:96:E9:3C:84:3E:F8:92:A9:18
X509v3 Authority Key Identifier:
keyid:B0:A7:25:2A:A6:43:D0:DB:C4:2D:A4:10:E9:C2:0F:57:03:36:8C:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sKclKqZD0NvELaQQ6cIPVwM2jNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e4f3ef-7bfc-4055-b798-028a2b0a53d5/1/n60UwFRR1GBkJeWW6TyEPviSqRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e4f3ef-7bfc-4055-b798-028a2b0a53d5/1/sKclKqZD0NvELaQQ6cIPVwM2jNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.148.0/22
IPv6:
2a06:5840::/29
Signature Algorithm: sha256WithRSAEncryption
62:5d:56:5b:15:fe:9d:a6:50:fb:3b:ce:be:04:d2:7d:50:fe:
7a:08:a3:79:5f:04:4d:b7:76:6e:0f:c5:75:55:b9:b8:f9:f4:
67:94:6f:b1:69:94:a1:2f:e1:13:18:3f:85:e9:b4:d9:e5:26:
57:bc:54:70:b7:fd:a9:d1:ca:b6:b9:41:cb:1e:f0:12:95:f4:
d5:3c:2d:55:86:ed:7d:58:a9:85:21:63:84:60:b5:66:22:1c:
c1:fd:6c:e7:e1:db:c8:c8:2c:35:01:a1:bf:df:bd:cc:6d:91:
d7:8f:05:95:28:48:aa:c6:02:7c:24:04:06:d8:e1:b0:46:30:
db:89:0c:9b:b2:5a:16:c9:aa:5e:5a:71:60:e2:7d:d0:e8:49:
25:89:59:9d:82:03:cb:dc:a6:66:e3:02:fd:6d:b4:5f:fc:38:
f3:26:7a:0f:f9:1f:f2:29:fe:c5:6b:4b:2b:c4:4b:c5:ea:bd:
be:59:80:a2:66:a3:30:57:2b:60:27:2d:f5:c4:a5:74:28:7e:
01:43:84:9c:27:c8:56:fd:a7:e4:0e:72:f8:e9:4b:5f:d9:ce:
24:3f:0d:7c:8f:a8:f5:46:ca:d9:2d:59:7b:a4:14:5a:23:df:
b8:bd:b1:e6:42:31:54:e3:ee:81:f0:cc:b1:f5:c9:e5:81:ca:
e4:8b:67:ef
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQl/K4HzpJzdXvF9OBvYRqiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYTcyNTJhYTY0M2QwZGJjNDJkYTQxMGU5YzIwZjU3MDMz
NjhjZDgwHhcNMjUwMTAyMDc0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmFkMTRjMDU0NTFkNDYwNjQyNWU1OTZlOTNjODQzZWY4OTJhOTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeGNgTCAuS46kxYVcQWkqv3aJoW3
wUZw6/RCXFNj9QfRaVUgaiwHO2j+o35IzeQQnwH8pk0BMlW9gB62cNuL7/q7GD/Z
7t73vuozkn3V9YaHLTYZ+iowZlhXHBOXC6kNKuC3okBO9fnpdtkhNmH8pOLeA4Rl
IXOGuvjY27EODskU3H1uKHT1toV3VgCboy2tRsa0HuReH1T49Ikq0jrcopO7tlCO
LdIGQm67rvRHJdJmuTiI4Q/Xvkmb8+Ym8GNOTU9OMxhughuSPvXPgL9Kzza0Qz5N
VqCBG6k0ILZpkzMM2eMjpGdSZASbl97oxvbmHIMwXPnA8MRh6krAuXvNkwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ+tFMBUUdRgZCXlluk8hD74kqkYMB8GA1UdIwQY
MBaAFLCnJSqmQ9DbxC2kEOnCD1cDNozYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0tjbEtxWkQwTnZFTGFRUTZjSVBWd00yak5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lNGYzZWYtN2JmYy00MDU1LWI3OTgt
MDI4YTJiMGE1M2Q1LzEvbjYwVXdGUlIxR0JrSmVXVzZUeUVQdmlTcVJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lNGYzZWYtN2JmYy00MDU1LWI3OTgtMDI4YTJiMGE1M2Q1
LzEvc0tjbEtxWkQwTnZFTGFRUTZjSVBWd00yak5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuW6UMA0E
AgACMAcDBQMqBlhAMA0GCSqGSIb3DQEBCwUAA4IBAQBiXVZbFf6dplD7O86+BNJ9
UP56CKN5XwRNt3ZuD8V1Vbm4+fRnlG+xaZShL+ETGD+F6bTZ5SZXvFRwt/2p0cq2
uUHLHvASlfTVPC1Vhu19WKmFIWOEYLVmIhzB/Wzn4dvIyCw1AaG/373MbZHXjwWV
KEiqxgJ8JAQG2OGwRjDbiQybsloWyapeWnFg4n3Q6EkliVmdggPL3KZm4wL9bbRf
/DjzJnoP+R/yKf7Fa0srxEvF6r2+WYCiZqMwVytgJy31xKV0KH4BQ4ScJ8hW/afk
DnL46Utf2c4kPw18j6j1RsrZLVl7pBRaI9+4vbHmQjFU4+6B8Myx9cnlgcrki2fv
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:38:13 2025 by rpki-client