Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/2c7499-cd42-4321-bc40-88f641688e0f/1/r2i6LbAhlbTcgRsB8rSZkcrF6lU.roa
File: r2i6LbAhlbTcgRsB8rSZkcrF6lU.roa (raw, json)
Hash identifier: PJ1IbFsa6xc/CmUBVF12AqCmg0La+qLnFRg5In031II=
Subject key identifier: AF:68:BA:2D:B0:21:95:B4:DC:81:1B:01:F2:B4:99:91:CA:C5:EA:55
Certificate issuer: /CN=d1e96962142480cbb1d38411771eb4ff3e39839f
Certificate serial: 019420D5D67C4F0D26F6C8C9D5D1C1BE6618
Authority key identifier: D1:E9:69:62:14:24:80:CB:B1:D3:84:11:77:1E:B4:FF:3E:39:83:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0elpYhQkgMux04QRdx60_z45g58.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/2c7499-cd42-4321-bc40-88f641688e0f/1/r2i6LbAhlbTcgRsB8rSZkcrF6lU.roa
Signing time: Wed 01 Jan 2025 07:47:52 +0000
ROA not before: Wed 01 Jan 2025 07:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211057
IP address blocks: 185.203.66.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:d6:7c:4f:0d:26:f6:c8:c9:d5:d1:c1:be:66:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1e96962142480cbb1d38411771eb4ff3e39839f
Validity
Not Before: Jan 1 07:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af68ba2db02195b4dc811b01f2b49991cac5ea55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a4:36:bc:1d:db:75:c2:63:38:50:95:b7:12:
52:6e:18:c8:aa:35:d6:90:77:fd:cb:a0:6a:1d:a1:
c0:bf:2c:f7:81:2b:43:3c:49:7b:07:a2:96:82:ad:
c9:14:41:2c:95:d9:f8:3f:4a:88:13:bc:e4:1c:ba:
bb:c2:ee:b2:ee:05:46:9d:5d:0f:fc:2b:b2:c7:ee:
be:0b:0c:86:81:22:b8:ea:23:7e:36:fd:ba:5c:75:
45:7e:62:a7:8e:17:6f:90:23:50:39:31:41:c0:7d:
08:c8:9c:7c:8b:47:59:60:e0:58:1d:55:33:f0:01:
bc:76:18:b5:8e:f4:1e:f7:b6:b1:15:85:4f:e6:2a:
a7:c3:9e:31:e3:ec:11:d0:0a:47:d3:e3:68:dd:ea:
56:12:b8:c4:73:92:a2:d5:b7:1e:77:89:93:ec:3e:
c7:0b:4d:02:2d:d5:73:17:b4:25:e4:2c:90:4b:5e:
30:14:d6:9d:5f:4a:77:ec:a3:98:9a:42:20:d6:96:
3c:46:40:4c:6b:53:7b:2d:df:92:7f:e8:31:ab:56:
36:8c:0d:11:a3:da:1c:18:6a:9a:e9:73:00:bc:c4:
41:8e:8d:ee:a3:a9:5f:5b:77:a1:c8:52:03:72:e9:
49:10:43:7e:6e:c1:ef:4f:e6:ae:00:94:f2:85:a7:
ae:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:68:BA:2D:B0:21:95:B4:DC:81:1B:01:F2:B4:99:91:CA:C5:EA:55
X509v3 Authority Key Identifier:
keyid:D1:E9:69:62:14:24:80:CB:B1:D3:84:11:77:1E:B4:FF:3E:39:83:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0elpYhQkgMux04QRdx60_z45g58.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/2c7499-cd42-4321-bc40-88f641688e0f/1/r2i6LbAhlbTcgRsB8rSZkcrF6lU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/2c7499-cd42-4321-bc40-88f641688e0f/1/0elpYhQkgMux04QRdx60_z45g58.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.66.0/24
Signature Algorithm: sha256WithRSAEncryption
05:5e:d0:c4:45:f9:ab:1b:27:ad:93:2b:2f:85:d4:92:2e:ad:
97:29:9f:f7:0b:8f:95:77:54:de:ef:35:13:27:e5:35:b5:68:
40:db:6d:22:6e:3d:78:18:4c:a5:b9:3f:30:09:75:e1:8a:58:
48:04:09:b1:e8:7f:35:98:a3:1d:4e:b1:62:19:da:0b:58:b2:
5e:02:85:c4:c2:65:0b:3b:b0:b5:4c:84:84:cf:93:9b:5d:7e:
b1:dc:d5:fa:09:b5:9d:b0:bc:3c:2f:c7:7a:01:87:5b:bb:32:
1e:13:4e:5d:e4:0e:87:8a:e7:2a:a2:71:00:c8:0c:a8:be:e1:
a7:a8:fa:d2:b3:35:b6:31:bf:b4:83:09:92:c4:2f:0d:30:8a:
64:74:2c:a3:3f:3e:ac:ef:86:8e:47:5b:00:49:8d:a0:d5:14:
3d:14:18:5d:74:f9:49:66:a8:4d:67:8f:68:00:ed:3a:93:3a:
ab:2c:94:77:14:73:9b:7c:1c:1b:03:fd:24:dd:3a:1c:4e:78:
0b:72:30:41:05:9b:9f:87:ae:c4:bd:11:51:bf:12:c7:a7:75:
7b:59:5d:aa:40:d3:e3:8e:ee:39:05:b3:8c:cc:50:43:5d:44:
3b:9d:76:db:3f:41:92:35:37:58:c8:56:49:ad:3c:b6:55:bd:
27:fd:e9:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1dZ8Tw0m9sjJ1dHBvmYYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZTk2OTYyMTQyNDgwY2JiMWQzODQxMTc3MWViNGZmM2Uz
OTgzOWYwHhcNMjUwMTAxMDc0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjY4YmEyZGIwMjE5NWI0ZGM4MTFiMDFmMmI0OTk5MWNhYzVlYTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6Q2vB3bdcJjOFCVtxJSbhjIqjXW
kHf9y6BqHaHAvyz3gStDPEl7B6KWgq3JFEEsldn4P0qIE7zkHLq7wu6y7gVGnV0P
/Cuyx+6+CwyGgSK46iN+Nv26XHVFfmKnjhdvkCNQOTFBwH0IyJx8i0dZYOBYHVUz
8AG8dhi1jvQe97axFYVP5iqnw54x4+wR0ApH0+No3epWErjEc5Ki1bced4mT7D7H
C00CLdVzF7Ql5CyQS14wFNadX0p37KOYmkIg1pY8RkBMa1N7Ld+Sf+gxq1Y2jA0R
o9ocGGqa6XMAvMRBjo3uo6lfW3ehyFIDculJEEN+bsHvT+auAJTyhaeuJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK9oui2wIZW03IEbAfK0mZHKxepVMB8GA1UdIwQY
MBaAFNHpaWIUJIDLsdOEEXcetP8+OYOfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGVscFloUWtnTXV4MDRRUmR4NjBfejQ1ZzU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8yYzc0OTktY2Q0Mi00MzIxLWJjNDAt
ODhmNjQxNjg4ZTBmLzEvcjJpNkxiQWhsYlRjZ1JzQjhyU1prY3JGNmxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8yYzc0OTktY2Q0Mi00MzIxLWJjNDAtODhmNjQxNjg4ZTBm
LzEvMGVscFloUWtnTXV4MDRRUmR4NjBfejQ1ZzU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuctCMA0G
CSqGSIb3DQEBCwUAA4IBAQAFXtDERfmrGyetkysvhdSSLq2XKZ/3C4+Vd1Te7zUT
J+U1tWhA220ibj14GEyluT8wCXXhilhIBAmx6H81mKMdTrFiGdoLWLJeAoXEwmUL
O7C1TISEz5ObXX6x3NX6CbWdsLw8L8d6AYdbuzIeE05d5A6HiucqonEAyAyovuGn
qPrSszW2Mb+0gwmSxC8NMIpkdCyjPz6s74aOR1sASY2g1RQ9FBhddPlJZqhNZ49o
AO06kzqrLJR3FHObfBwbA/0k3TocTngLcjBBBZufh67EvRFRvxLHp3V7WV2qQNPj
ju45BbOMzFBDXUQ7nXbbP0GSNTdYyFZJrTy2Vb0n/el9
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:32:34 2025 by rpki-client