Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/3e73a6-1da7-47f6-a38c-0ee847d3fb79/1/1qXoS3ZyJIxcOWhfODj10DLjQ_U.roa
File: 1qXoS3ZyJIxcOWhfODj10DLjQ_U.roa (raw, json)
Hash identifier: GFEaUvVwjsTkY2CZy9se0kItacxeC4v59hUMVKrNWa8=
Subject key identifier: D6:A5:E8:4B:76:72:24:8C:5C:39:68:5F:38:38:F5:D0:32:E3:43:F5
Certificate issuer: /CN=a065e65749caa5fbb491e906977db18d3559bf43
Certificate serial: 0194266BB280E3C1BB0F118A374AC08FFC83
Authority key identifier: A0:65:E6:57:49:CA:A5:FB:B4:91:E9:06:97:7D:B1:8D:35:59:BF:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oGXmV0nKpfu0kekGl32xjTVZv0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/3e73a6-1da7-47f6-a38c-0ee847d3fb79/1/1qXoS3ZyJIxcOWhfODj10DLjQ_U.roa
Signing time: Thu 02 Jan 2025 09:49:39 +0000
ROA not before: Thu 02 Jan 2025 09:49:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44045
IP address blocks: 185.79.60.0/22 maxlen: 22
185.79.60.0/24 maxlen: 24
185.79.61.0/24 maxlen: 24
185.79.62.0/24 maxlen: 24
185.79.63.0/24 maxlen: 24
2a05:7200::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:b2:80:e3:c1:bb:0f:11:8a:37:4a:c0:8f:fc:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a065e65749caa5fbb491e906977db18d3559bf43
Validity
Not Before: Jan 2 09:49:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d6a5e84b7672248c5c39685f3838f5d032e343f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:65:5c:40:6f:35:a5:09:86:4d:40:8b:90:c4:
2f:62:59:e5:04:fd:f5:db:5d:7e:dc:e2:73:a2:20:
02:7c:5f:2b:7b:5f:d8:47:d1:6b:32:eb:09:61:bc:
d4:2f:4d:9c:09:97:70:7c:27:33:9e:46:f6:c4:bc:
f9:a8:34:4b:14:65:f3:7e:9b:9f:04:15:40:a2:07:
9b:3e:87:b2:61:a6:22:c8:4e:3b:94:d0:a1:fc:b2:
5e:95:c6:0d:e1:a1:2a:93:61:21:54:b6:cd:46:72:
74:32:fe:5f:d8:03:cc:30:d0:31:63:ee:c1:22:a5:
e7:c2:17:3a:c4:9a:79:be:b0:be:12:33:f2:a9:22:
c0:56:69:6e:5f:cf:c3:53:d2:46:18:c0:3b:ca:6b:
fe:1e:6f:70:ab:23:1d:08:5f:bb:42:60:bd:ed:0a:
f2:fc:22:90:8f:30:0d:66:1f:00:83:0b:fd:52:cc:
78:78:84:72:4e:e0:1d:8e:7d:85:1c:86:f7:e0:a4:
3a:cb:74:63:3e:20:ab:bb:2e:ee:41:b0:71:54:11:
b9:1e:21:2d:e4:4e:1a:1f:2e:8f:29:67:6a:2a:49:
7d:b0:03:6f:5d:d4:60:af:50:1c:ac:70:b7:fd:38:
1d:f8:ca:13:21:9a:b4:e0:8d:4e:c3:90:f3:c3:05:
e4:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:A5:E8:4B:76:72:24:8C:5C:39:68:5F:38:38:F5:D0:32:E3:43:F5
X509v3 Authority Key Identifier:
keyid:A0:65:E6:57:49:CA:A5:FB:B4:91:E9:06:97:7D:B1:8D:35:59:BF:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oGXmV0nKpfu0kekGl32xjTVZv0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/3e73a6-1da7-47f6-a38c-0ee847d3fb79/1/1qXoS3ZyJIxcOWhfODj10DLjQ_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/3e73a6-1da7-47f6-a38c-0ee847d3fb79/1/oGXmV0nKpfu0kekGl32xjTVZv0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.60.0/22
IPv6:
2a05:7200::/29
Signature Algorithm: sha256WithRSAEncryption
4b:39:0a:82:41:23:9f:71:61:eb:02:e8:b0:f4:3d:dd:c9:9c:
a1:46:e6:2d:67:26:75:7a:0f:8b:be:57:94:07:e1:80:78:bf:
75:5e:52:76:da:7c:d3:00:e6:00:dd:34:e7:1d:1d:87:0f:d2:
97:fc:1e:af:9c:99:bc:ff:54:ed:20:c2:7f:f9:50:da:2f:07:
3a:6a:49:d3:8e:18:2c:88:4f:54:89:e7:28:25:ac:6a:46:43:
f4:66:84:d9:18:b5:1f:7e:d1:ee:1f:a2:70:71:b1:f8:04:b0:
1c:dd:28:da:97:08:f4:b3:4c:9b:51:65:33:49:86:b8:52:3d:
4e:e7:81:da:9e:cf:00:cb:fd:c8:8b:76:bb:d9:84:80:00:2c:
23:99:25:14:6b:73:dc:06:00:4d:28:62:bb:c1:9b:24:cc:df:
cb:4d:19:bb:ee:cf:56:47:b2:f0:de:cd:b2:d7:61:04:20:9c:
85:ad:2b:a8:d5:1c:5b:c6:97:37:f3:96:72:66:e1:90:a5:1f:
3d:b6:b7:4b:40:5c:a3:b5:d7:3d:c0:ba:c6:55:0d:50:b4:49:
3c:aa:53:a4:3a:07:5a:2b:26:5c:2e:96:61:59:b1:fd:ee:19:
f3:3d:5f:af:99:4c:67:0b:bf:21:c9:cc:b4:f7:59:89:8d:05:
0e:43:dd:d3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQma7KA48G7DxGKN0rAj/yDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNjVlNjU3NDljYWE1ZmJiNDkxZTkwNjk3N2RiMThkMzU1
OWJmNDMwHhcNMjUwMTAyMDk0OTM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmE1ZTg0Yjc2NzIyNDhjNWMzOTY4NWYzODM4ZjVkMDMyZTM0M2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGVcQG81pQmGTUCLkMQvYlnlBP31
211+3OJzoiACfF8re1/YR9FrMusJYbzUL02cCZdwfCcznkb2xLz5qDRLFGXzfpuf
BBVAogebPoeyYaYiyE47lNCh/LJelcYN4aEqk2EhVLbNRnJ0Mv5f2APMMNAxY+7B
IqXnwhc6xJp5vrC+EjPyqSLAVmluX8/DU9JGGMA7ymv+Hm9wqyMdCF+7QmC97Qry
/CKQjzANZh8Agwv9Usx4eIRyTuAdjn2FHIb34KQ6y3RjPiCruy7uQbBxVBG5HiEt
5E4aHy6PKWdqKkl9sANvXdRgr1AcrHC3/Tgd+MoTIZq04I1Ow5DzwwXkOQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNal6Et2ciSMXDloXzg49dAy40P1MB8GA1UdIwQY
MBaAFKBl5ldJyqX7tJHpBpd9sY01Wb9DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0dYbVYwbktwZnUwa2VrR2wzMnhqVFZadjBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8zZTczYTYtMWRhNy00N2Y2LWEzOGMt
MGVlODQ3ZDNmYjc5LzEvMXFYb1MzWnlKSXhjT1doZk9EajEwRExqUV9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8zZTczYTYtMWRhNy00N2Y2LWEzOGMtMGVlODQ3ZDNmYjc5
LzEvb0dYbVYwbktwZnUwa2VrR2wzMnhqVFZadjBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuU88MA0E
AgACMAcDBQMqBXIAMA0GCSqGSIb3DQEBCwUAA4IBAQBLOQqCQSOfcWHrAuiw9D3d
yZyhRuYtZyZ1eg+LvleUB+GAeL91XlJ22nzTAOYA3TTnHR2HD9KX/B6vnJm8/1Tt
IMJ/+VDaLwc6aknTjhgsiE9UiecoJaxqRkP0ZoTZGLUfftHuH6JwcbH4BLAc3Sja
lwj0s0ybUWUzSYa4Uj1O54Hans8Ay/3Ii3a72YSAACwjmSUUa3PcBgBNKGK7wZsk
zN/LTRm77s9WR7Lw3s2y12EEIJyFrSuo1Rxbxpc385ZyZuGQpR89trdLQFyjtdc9
wLrGVQ1QtEk8qlOkOgdaKyZcLpZhWbH97hnzPV+vmUxnC78hycy091mJjQUOQ93T
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:57:22 2025 by rpki-client