Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/4ffe77-6f3d-41ca-8d8b-4a2aad796fc1/1/9Z2k6-B5fT-JFkb7JCimAhAFay4.roa
File: 9Z2k6-B5fT-JFkb7JCimAhAFay4.roa (raw, json)
Hash identifier: 7/siTVHnRUrddQ1qAyrIyQw5b4soUTycTBeQ7NP38PI=
Subject key identifier: F5:9D:A4:EB:E0:79:7D:3F:89:16:46:FB:24:28:A6:02:10:05:6B:2E
Certificate issuer: /CN=151e6c3dc5d6754fe4f60a82b1cc551ab780df8b
Certificate serial: 112411BF
Authority key identifier: 15:1E:6C:3D:C5:D6:75:4F:E4:F6:0A:82:B1:CC:55:1A:B7:80:DF:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FR5sPcXWdU_k9gqCscxVGreA34s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/4ffe77-6f3d-41ca-8d8b-4a2aad796fc1/1/9Z2k6-B5fT-JFkb7JCimAhAFay4.roa
Signing time: Sat 01 Jan 2022 05:53:29 +0000
ROA not before: Sat 01 Jan 2022 05:53:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207097
IP address blocks: 185.166.26.0/24 maxlen: 24
185.166.27.0/24 maxlen: 24
185.166.25.0/24 maxlen: 24
185.166.24.0/24 maxlen: 24
2a0a:6a02::/32 maxlen: 32
2a0a:6a00::/32 maxlen: 32
2a0a:6a01::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 287576511 (0x112411bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=151e6c3dc5d6754fe4f60a82b1cc551ab780df8b
Validity
Not Before: Jan 1 05:53:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f59da4ebe0797d3f891646fb2428a60210056b2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:4b:0a:69:49:f3:29:6c:11:cc:c0:f6:4b:5e:
3a:33:9b:4f:b1:f5:f9:04:2a:ee:19:b1:50:07:ef:
5e:2f:49:e6:9e:fb:a3:4c:cf:d9:85:5b:e4:eb:15:
fc:3c:8e:4e:56:ab:33:94:7d:3d:6b:b8:33:48:a9:
2b:fd:c7:8d:a7:be:59:ec:ef:c1:e2:1e:b7:04:ea:
0c:7a:aa:75:24:38:76:21:d5:66:e4:ac:18:ae:6c:
c0:64:b8:3b:d3:86:1a:6d:f6:e6:6d:3c:a0:1a:e1:
48:72:8d:6c:6e:72:9e:9d:a7:01:0c:70:94:a1:0f:
00:14:0d:bd:34:cb:05:4f:b5:00:79:0a:46:2c:fe:
eb:4b:a5:94:ae:1f:6d:15:13:d5:1b:d0:2d:fa:60:
02:89:dd:9e:8a:5c:3c:b9:89:bf:f7:6d:55:ab:c8:
a9:c1:d0:4f:24:01:f5:6e:b6:6a:38:fd:56:ac:d0:
94:cc:4d:fa:d6:05:4f:5b:b5:12:d7:fa:4f:93:31:
34:e5:d7:f9:9a:ab:f1:18:22:cf:a7:4c:eb:7d:66:
c2:ff:4e:c5:cc:30:7a:2e:09:0e:57:af:d9:69:62:
5c:8c:09:9f:36:49:44:c6:f5:4e:2a:cd:c3:6c:ac:
df:d5:81:cb:21:bd:55:35:09:0d:2f:e4:d6:6c:e7:
a1:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:9D:A4:EB:E0:79:7D:3F:89:16:46:FB:24:28:A6:02:10:05:6B:2E
X509v3 Authority Key Identifier:
keyid:15:1E:6C:3D:C5:D6:75:4F:E4:F6:0A:82:B1:CC:55:1A:B7:80:DF:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FR5sPcXWdU_k9gqCscxVGreA34s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/4ffe77-6f3d-41ca-8d8b-4a2aad796fc1/1/9Z2k6-B5fT-JFkb7JCimAhAFay4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/4ffe77-6f3d-41ca-8d8b-4a2aad796fc1/1/FR5sPcXWdU_k9gqCscxVGreA34s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.24.0/22
IPv6:
2a0a:6a00::-2a0a:6a02:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2e:ff:10:5e:ec:5b:9d:8b:1c:83:42:5e:9d:40:b8:cd:d4:fc:
5e:38:f6:1e:d8:c1:53:fd:e9:1f:79:9e:d4:8e:86:19:7f:bc:
9b:7e:d4:21:07:49:5d:1a:bd:35:3f:49:52:04:7d:f8:ed:c2:
ef:bf:5d:0e:72:03:8e:8a:c7:f9:22:cf:b1:8c:5d:a4:f8:5e:
88:96:e5:dc:71:49:2d:98:b6:0b:44:af:45:bd:11:57:fe:41:
5c:c5:e4:40:87:ec:d3:3c:b2:9a:36:ce:46:57:42:eb:bc:1f:
49:42:71:68:52:72:65:8e:61:fe:3b:78:f3:a5:f4:32:54:f4:
aa:37:4f:32:8a:b6:e7:20:52:6a:bd:fe:bb:32:a9:d3:1a:ff:
bd:20:b0:32:d0:b1:e4:ac:60:69:27:d4:e0:88:9f:f9:fa:f7:
08:00:19:90:99:3c:8c:f7:f2:86:c6:3a:b8:e9:30:38:b3:02:
dd:4b:98:85:6a:b3:73:b8:88:a7:23:79:33:ea:93:ba:d7:e9:
ad:cc:05:47:b7:23:76:e6:62:12:d0:7a:ce:40:69:cd:1f:e9:
af:d4:4e:04:87:59:45:2c:3d:9c:df:cd:3f:61:15:94:0e:37:
20:1c:3c:78:ba:e9:39:a6:b6:92:b3:91:5d:b3:0b:85:97:b1:
84:91:f4:41
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEESQRvzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NTFlNmMzZGM1ZDY3NTRmZTRmNjBhODJiMWNjNTUxYWI3ODBkZjhiMB4XDTIyMDEw
MTA1NTMyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjU5ZGE0ZWJlMDc5
N2QzZjg5MTY0NmZiMjQyOGE2MDIxMDA1NmIyZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJZLCmlJ8ylsEczA9kteOjObT7H1+QQq7hmxUAfvXi9J5p77
o0zP2YVb5OsV/DyOTlarM5R9PWu4M0ipK/3Hjae+WezvweIetwTqDHqqdSQ4diHV
ZuSsGK5swGS4O9OGGm325m08oBrhSHKNbG5ynp2nAQxwlKEPABQNvTTLBU+1AHkK
Riz+60ullK4fbRUT1RvQLfpgAondnopcPLmJv/dtVavIqcHQTyQB9W62ajj9VqzQ
lMxN+tYFT1u1Etf6T5MxNOXX+Zqr8Rgiz6dM631mwv9Oxcwwei4JDlev2WliXIwJ
nzZJRMb1TirNw2ys39WByyG9VTUJDS/k1mznoecCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBT1naTr4Hl9P4kWRvskKKYCEAVrLjAfBgNVHSMEGDAWgBQVHmw9xdZ1T+T2
CoKxzFUat4DfizAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZSNXNQY1hXZFVfazlncUNzY3hWR3JlQTM0cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDQvNGZmZTc3LTZmM2QtNDFjYS04ZDhiLTRhMmFhZDc5NmZjMS8x
LzlaMms2LUI1ZlQtSkZrYjdKQ2ltQWhBRmF5NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQv
NGZmZTc3LTZmM2QtNDFjYS04ZDhiLTRhMmFhZDc5NmZjMS8xL0ZSNXNQY1hXZFVf
azlncUNzY3hWR3JlQTM0cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwDAQCAAEwBgMEArmmGDAVBAIAAjAPMA0DBAEqCmoD
BQAqCmoCMA0GCSqGSIb3DQEBCwUAA4IBAQAu/xBe7FudixyDQl6dQLjN1PxeOPYe
2MFT/ekfeZ7UjoYZf7ybftQhB0ldGr01P0lSBH347cLvv10OcgOOisf5Is+xjF2k
+F6IluXccUktmLYLRK9FvRFX/kFcxeRAh+zTPLKaNs5GV0LrvB9JQnFoUnJljmH+
O3jzpfQyVPSqN08yirbnIFJqvf67MqnTGv+9ILAy0LHkrGBpJ9TgiJ/5+vcIABmQ
mTyM9/KGxjq46TA4swLdS5iFarNzuIinI3kz6pO61+mtzAVHtyN25mIS0HrOQGnN
H+mv1E4Eh1lFLD2c380/YRWUDjcgHDx4uuk5praSs5FdswuFl7GEkfRB
-----END CERTIFICATE-----
Generated at Mon Apr 7 11:50:19 2025 by rpki-client