Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/b544d5-fefa-4240-bf40-68ef24cf5ef9/1/6rszyN8yZZcIFadBDy7iWBsKHqI.roa
File: 6rszyN8yZZcIFadBDy7iWBsKHqI.roa (raw, json)
Hash identifier: dWt4x4jxo9KCoGxn2Sm9VBzQBMC43sDUxeYLn9feg7U=
Subject key identifier: EA:BB:33:C8:DF:32:65:97:08:15:A7:41:0F:2E:E2:58:1B:0A:1E:A2
Certificate issuer: /CN=8685e05d80592c6cf11320eb5029cac04a4d9bb4
Certificate serial: 0194236A09ED08AFAD2DAB855FB20F248240
Authority key identifier: 86:85:E0:5D:80:59:2C:6C:F1:13:20:EB:50:29:CA:C0:4A:4D:9B:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hoXgXYBZLGzxEyDrUCnKwEpNm7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/b544d5-fefa-4240-bf40-68ef24cf5ef9/1/6rszyN8yZZcIFadBDy7iWBsKHqI.roa
Signing time: Wed 01 Jan 2025 19:48:59 +0000
ROA not before: Wed 01 Jan 2025 19:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211007
IP address blocks: 185.207.244.0/22 maxlen: 24
212.6.40.0/24 maxlen: 24
2a10:1f40::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:09:ed:08:af:ad:2d:ab:85:5f:b2:0f:24:82:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8685e05d80592c6cf11320eb5029cac04a4d9bb4
Validity
Not Before: Jan 1 19:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eabb33c8df3265970815a7410f2ee2581b0a1ea2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:63:af:b4:07:6b:b7:b6:77:69:1e:70:9d:b3:
ad:ca:d4:db:33:87:14:35:a5:ac:16:a2:24:79:fe:
e4:db:d3:88:92:dd:b6:41:6d:4e:5f:c4:dd:c1:bc:
7a:ba:d5:df:9e:c3:95:9d:23:8d:e8:1f:96:2e:49:
b3:ea:c0:a4:ed:2e:b8:5b:30:38:fa:3b:3a:e9:8c:
0e:fd:5e:07:d0:f3:ab:40:c6:28:eb:db:49:08:36:
02:e3:01:a3:ab:04:e6:b7:4f:d3:7e:4e:63:11:7d:
ae:cd:23:e9:1f:45:5b:95:5c:bc:74:13:29:f5:16:
55:20:10:23:df:be:b9:49:b0:8e:27:51:53:78:31:
bd:bd:44:76:0f:c2:a2:3b:9c:3e:82:eb:b1:90:78:
61:34:25:ed:df:0f:3c:96:63:db:22:dc:8a:b8:1c:
59:96:a0:5f:c7:63:7b:78:33:79:f7:c5:73:1a:eb:
b1:66:dc:c9:c5:e0:21:a4:16:7f:5b:c3:cb:c0:c0:
8d:5b:0f:f9:30:86:c9:1d:1e:5c:d3:25:2a:81:8c:
7a:a7:88:bf:bd:22:80:47:ca:bf:40:44:d2:0c:3c:
6b:54:b6:3f:e1:32:69:52:7a:e0:d4:df:75:c7:ed:
64:f6:6e:56:d7:81:b1:f8:0b:29:2b:49:bf:75:da:
e1:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:BB:33:C8:DF:32:65:97:08:15:A7:41:0F:2E:E2:58:1B:0A:1E:A2
X509v3 Authority Key Identifier:
keyid:86:85:E0:5D:80:59:2C:6C:F1:13:20:EB:50:29:CA:C0:4A:4D:9B:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hoXgXYBZLGzxEyDrUCnKwEpNm7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/b544d5-fefa-4240-bf40-68ef24cf5ef9/1/6rszyN8yZZcIFadBDy7iWBsKHqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/b544d5-fefa-4240-bf40-68ef24cf5ef9/1/hoXgXYBZLGzxEyDrUCnKwEpNm7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.207.244.0/22
212.6.40.0/24
IPv6:
2a10:1f40::/29
Signature Algorithm: sha256WithRSAEncryption
03:0b:c1:c4:73:2b:7a:d1:45:1c:df:9f:92:fe:ce:86:d1:ec:
c1:22:7a:e7:57:0b:a4:51:eb:b7:51:09:df:e6:eb:6b:27:94:
e7:e8:fd:95:75:2e:34:8c:50:e5:39:ca:60:10:72:a5:bd:a1:
d0:2d:cc:cc:12:e4:6a:eb:36:51:03:43:35:1a:61:4a:81:9d:
39:a2:20:ca:74:35:58:b4:cd:ee:5f:b3:2b:83:31:16:cb:1e:
b3:10:6f:16:8e:e9:99:0b:9f:aa:a8:78:f1:82:f5:b7:61:08:
47:53:59:25:b5:39:1e:29:d0:30:94:5f:19:ed:1c:2d:fe:b3:
fa:e4:7d:50:54:71:ef:1c:fe:3a:59:f9:58:bd:6c:f1:f4:f9:
37:05:a1:21:f9:bf:9d:07:f9:da:12:7f:14:60:24:04:5f:04:
70:97:63:dc:00:ea:46:99:4d:ea:6c:1c:a1:db:d8:e1:69:9d:
c4:ca:ea:67:cc:78:ad:75:81:86:36:1b:c1:20:ac:6b:c0:5e:
09:2d:0f:bf:93:b6:44:3c:87:1b:e8:c1:f6:28:8d:7d:fd:bb:
73:d8:ba:a0:13:65:67:7d:73:e4:5c:de:62:c2:a2:40:60:22:
39:e3:f2:6b:c9:0d:24:bc:23:e4:ae:ad:71:94:fb:c3:68:21:
f8:28:42:45
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQjagntCK+tLauFX7IPJIJAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ODVlMDVkODA1OTJjNmNmMTEzMjBlYjUwMjljYWMwNGE0
ZDliYjQwHhcNMjUwMTAxMTk0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWJiMzNjOGRmMzI2NTk3MDgxNWE3NDEwZjJlZTI1ODFiMGExZWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGOvtAdrt7Z3aR5wnbOtytTbM4cU
NaWsFqIkef7k29OIkt22QW1OX8Tdwbx6utXfnsOVnSON6B+WLkmz6sCk7S64WzA4
+js66YwO/V4H0POrQMYo69tJCDYC4wGjqwTmt0/Tfk5jEX2uzSPpH0VblVy8dBMp
9RZVIBAj3765SbCOJ1FTeDG9vUR2D8KiO5w+guuxkHhhNCXt3w88lmPbItyKuBxZ
lqBfx2N7eDN598VzGuuxZtzJxeAhpBZ/W8PLwMCNWw/5MIbJHR5c0yUqgYx6p4i/
vSKAR8q/QETSDDxrVLY/4TJpUnrg1N91x+1k9m5W14Gx+AspK0m/ddrhswIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOq7M8jfMmWXCBWnQQ8u4lgbCh6iMB8GA1UdIwQY
MBaAFIaF4F2AWSxs8RMg61ApysBKTZu0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaG9YZ1hZQlpMR3p4RXlEclVDbkt3RXBObTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9iNTQ0ZDUtZmVmYS00MjQwLWJmNDAt
NjhlZjI0Y2Y1ZWY5LzEvNnJzenlOOHlaWmNJRmFkQkR5N2lXQnNLSHFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9iNTQ0ZDUtZmVmYS00MjQwLWJmNDAtNjhlZjI0Y2Y1ZWY5
LzEvaG9YZ1hZQlpMR3p4RXlEclVDbkt3RXBObTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuc/0AwQA
1AYoMA0EAgACMAcDBQMqEB9AMA0GCSqGSIb3DQEBCwUAA4IBAQADC8HEcyt60UUc
35+S/s6G0ezBInrnVwukUeu3UQnf5utrJ5Tn6P2VdS40jFDlOcpgEHKlvaHQLczM
EuRq6zZRA0M1GmFKgZ05oiDKdDVYtM3uX7MrgzEWyx6zEG8WjumZC5+qqHjxgvW3
YQhHU1kltTkeKdAwlF8Z7Rwt/rP65H1QVHHvHP46WflYvWzx9Pk3BaEh+b+dB/na
En8UYCQEXwRwl2PcAOpGmU3qbByh29jhaZ3EyupnzHitdYGGNhvBIKxrwF4JLQ+/
k7ZEPIcb6MH2KI19/btz2LqgE2VnfXPkXN5iwqJAYCI54/JryQ0kvCPkrq1xlPvD
aCH4KEJF
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:59:37 2025 by rpki-client