Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/606ea9-4834-4b63-9e0a-f25604c4be82/1/eQln2gyPHcf4EO6ghntXtdBYOnk.roa
File: eQln2gyPHcf4EO6ghntXtdBYOnk.roa (raw, json)
Hash identifier: 3h3iGT+qDa8BZFSxaF7qtEXbq8C31F2h5lA2lfYDX8E=
Subject key identifier: 79:09:67:DA:0C:8F:1D:C7:F8:10:EE:A0:86:7B:57:B5:D0:58:3A:79
Certificate issuer: /CN=dbd7fc50548287deaea7ce92099e47a04a70d451
Certificate serial: 060D22FF
Authority key identifier: DB:D7:FC:50:54:82:87:DE:AE:A7:CE:92:09:9E:47:A0:4A:70:D4:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/29f8UFSCh96up86SCZ5HoEpw1FE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/606ea9-4834-4b63-9e0a-f25604c4be82/1/eQln2gyPHcf4EO6ghntXtdBYOnk.roa
Signing time: Sat 01 Jan 2022 08:59:12 +0000
ROA not before: Sat 01 Jan 2022 08:59:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 185.73.224.0/24 maxlen: 24
2a10:f80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101524223 (0x60d22ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbd7fc50548287deaea7ce92099e47a04a70d451
Validity
Not Before: Jan 1 08:59:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=790967da0c8f1dc7f810eea0867b57b5d0583a79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:05:e3:47:75:10:00:ff:39:6f:d8:64:61:f2:
e3:b5:80:86:4a:3e:53:03:86:2b:1b:50:96:6d:70:
28:dd:1f:40:51:fb:d0:2f:4d:35:52:64:67:74:7c:
82:f2:5d:7a:ec:fb:61:e1:4d:93:b2:1f:06:9b:f8:
8a:f6:74:50:b3:fc:3d:d8:e1:5f:6d:ed:e6:a4:3b:
74:21:8b:54:37:1f:5f:f8:dd:be:a5:28:a3:86:c8:
7c:01:59:f6:dd:3e:be:b3:a4:9b:5a:d1:8e:93:c8:
b2:bb:f6:59:98:ce:1f:c8:64:1d:b4:dc:71:8f:c9:
a1:a4:55:98:dd:e5:6e:2b:81:ac:d3:1f:69:69:ca:
62:c7:70:d5:3d:19:77:dd:18:28:30:6e:14:1d:22:
60:bb:0a:5d:95:96:4f:35:6a:4f:61:ee:3b:12:e6:
0c:c9:d0:ac:f3:e5:8f:da:51:7c:9f:6a:17:f5:79:
4d:d2:e8:ae:a4:b2:b4:de:ce:e6:75:55:34:fa:80:
3f:31:fb:f2:ad:de:78:24:3c:8c:9b:3b:7c:74:47:
08:79:a6:82:27:e8:ba:93:67:29:74:b7:a3:51:c8:
7b:2e:13:5c:0e:35:bf:3d:c0:4c:c6:01:57:c5:79:
2a:de:eb:03:ba:0e:89:12:1a:7f:63:cf:65:3c:68:
33:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:09:67:DA:0C:8F:1D:C7:F8:10:EE:A0:86:7B:57:B5:D0:58:3A:79
X509v3 Authority Key Identifier:
keyid:DB:D7:FC:50:54:82:87:DE:AE:A7:CE:92:09:9E:47:A0:4A:70:D4:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29f8UFSCh96up86SCZ5HoEpw1FE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/606ea9-4834-4b63-9e0a-f25604c4be82/1/eQln2gyPHcf4EO6ghntXtdBYOnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/606ea9-4834-4b63-9e0a-f25604c4be82/1/29f8UFSCh96up86SCZ5HoEpw1FE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.224.0/24
IPv6:
2a10:f80::/32
Signature Algorithm: sha256WithRSAEncryption
8d:bf:e1:4f:c8:24:b8:33:15:8c:b9:f1:cd:dc:ca:d1:89:48:
fb:fe:e3:cb:43:1a:3b:1f:04:30:cb:06:e0:e8:36:d9:56:8e:
0b:70:7f:ae:13:43:ca:4f:e5:90:fe:63:7c:03:94:cf:2b:d8:
b0:dc:59:48:49:22:a0:7b:3a:9f:f7:ac:b7:5b:8e:eb:cf:0b:
76:45:4c:0e:5e:f1:9b:d4:4d:5b:84:ba:5b:c4:eb:5b:c1:81:
d2:2f:3d:27:2f:91:a9:f4:d2:e8:83:fa:7a:5e:86:73:33:e1:
b2:85:a6:47:1d:8b:60:ff:9a:5f:28:e5:24:2f:84:a5:82:b1:
00:4c:ea:b3:09:c6:cc:62:c4:c0:e2:73:ae:7c:c0:cc:d3:2d:
a6:90:a6:08:3f:f1:86:81:38:05:3a:7f:7e:3e:3b:c7:22:d6:
98:4e:1b:cd:41:d9:93:49:77:bb:4b:af:25:a1:35:84:b8:22:
01:47:eb:67:98:6a:21:1f:02:d7:5c:31:52:34:3e:f9:b5:5e:
e4:f4:d8:20:2d:05:d7:d8:b6:d1:ff:c5:a6:8d:cd:4c:b3:ec:
26:47:7b:c1:05:31:2b:c6:de:c0:ec:16:4f:9e:f1:9b:f8:18:
26:7e:12:28:48:e5:86:11:1b:43:fb:ae:ec:53:83:f0:da:1d:
b9:b2:70:f4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBg0i/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YmQ3ZmM1MDU0ODI4N2RlYWVhN2NlOTIwOTllNDdhMDRhNzBkNDUxMB4XDTIyMDEw
MTA4NTkxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzkwOTY3ZGEwYzhm
MWRjN2Y4MTBlZWEwODY3YjU3YjVkMDU4M2E3OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKIF40d1EAD/OW/YZGHy47WAhko+UwOGKxtQlm1wKN0fQFH7
0C9NNVJkZ3R8gvJdeuz7YeFNk7IfBpv4ivZ0ULP8PdjhX23t5qQ7dCGLVDcfX/jd
vqUoo4bIfAFZ9t0+vrOkm1rRjpPIsrv2WZjOH8hkHbTccY/JoaRVmN3lbiuBrNMf
aWnKYsdw1T0Zd90YKDBuFB0iYLsKXZWWTzVqT2HuOxLmDMnQrPPlj9pRfJ9qF/V5
TdLorqSytN7O5nVVNPqAPzH78q3eeCQ8jJs7fHRHCHmmgifoupNnKXS3o1HIey4T
XA41vz3ATMYBV8V5Kt7rA7oOiRIaf2PPZTxoMyECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBR5CWfaDI8dx/gQ7qCGe1e10Fg6eTAfBgNVHSMEGDAWgBTb1/xQVIKH3q6n
zpIJnkegSnDUUTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzI5ZjhVRlNDaDk2dXA4NlNDWjVIb0VwdzFGRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2EvNjA2ZWE5LTQ4MzQtNGI2My05ZTBhLWYyNTYwNGM0YmU4Mi8x
L2VRbG4yZ3lQSGNmNEVPNmdobnRYdGRCWU9uay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Ev
NjA2ZWE5LTQ4MzQtNGI2My05ZTBhLWYyNTYwNGM0YmU4Mi8xLzI5ZjhVRlNDaDk2
dXA4NlNDWjVIb0VwdzFGRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEALlJ4DANBAIAAjAHAwUAKhAPgDAN
BgkqhkiG9w0BAQsFAAOCAQEAjb/hT8gkuDMVjLnxzdzK0YlI+/7jy0MaOx8EMMsG
4Og22VaOC3B/rhNDyk/lkP5jfAOUzyvYsNxZSEkioHs6n/est1uO688LdkVMDl7x
m9RNW4S6W8TrW8GB0i89Jy+RqfTS6IP6el6GczPhsoWmRx2LYP+aXyjlJC+EpYKx
AEzqswnGzGLEwOJzrnzAzNMtppCmCD/xhoE4BTp/fj47xyLWmE4bzUHZk0l3u0uv
JaE1hLgiAUfrZ5hqIR8C11wxUjQ++bVe5PTYIC0F19i20f/Fpo3NTLPsJkd7wQUx
K8bewOwWT57xm/gYJn4SKEjlhhEbQ/uu7FOD8NodubJw9A==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:40:25 2025 by rpki-client