Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/iHslhtFiuKaugZuIjgDSTM4F6Sk.roa
File: iHslhtFiuKaugZuIjgDSTM4F6Sk.roa (raw, json)
Hash identifier: 43DehRvyD4BSrfqUpPUdy+zsjmfPk1hQcSdYylB1zpo=
Subject key identifier: 88:7B:25:86:D1:62:B8:A6:AE:81:9B:88:8E:00:D2:4C:CE:05:E9:29
Certificate issuer: /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial: 019423D7EA74E8C891EDB9373FE071BF00A2
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/iHslhtFiuKaugZuIjgDSTM4F6Sk.roa
Signing time: Wed 01 Jan 2025 21:49:00 +0000
ROA not before: Wed 01 Jan 2025 21:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209805
IP address blocks: 185.65.200.0/24 maxlen: 24
212.22.70.0/24 maxlen: 24
212.22.94.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:ea:74:e8:c8:91:ed:b9:37:3f:e0:71:bf:00:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
Validity
Not Before: Jan 1 21:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=887b2586d162b8a6ae819b888e00d24cce05e929
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:4f:4b:4f:52:c0:8d:cd:e5:88:a8:57:70:06:
d3:61:47:eb:cf:70:78:ee:94:2e:0c:de:85:f1:6d:
a3:42:43:cb:1d:25:c9:6f:80:a0:f3:d2:48:a0:80:
63:36:39:f4:2e:86:8f:34:39:a2:60:b0:1a:26:fa:
73:32:ad:c0:a9:4b:05:4b:56:54:ae:a2:f7:20:ed:
37:40:6b:b7:09:35:b6:e3:80:70:20:4c:7a:a7:5e:
c1:a6:56:6b:b9:53:3a:b5:11:8f:26:ed:ab:c6:8b:
44:dd:02:65:87:9f:55:01:a5:71:1c:2c:5d:62:6c:
f0:72:ca:25:f4:96:bf:fb:dc:f5:6b:de:8d:a2:dd:
65:e4:6e:ab:f0:a3:95:49:e1:45:f4:a7:6f:52:22:
52:ea:8f:a7:2d:70:7e:2d:49:0c:79:1b:16:49:30:
cd:f1:f0:b6:8c:89:f4:d1:3a:dc:bd:cd:5d:1a:ea:
12:63:72:c4:b0:e8:4a:67:85:df:01:4d:7d:13:b8:
80:0c:61:3f:7b:7d:9b:2e:41:42:92:e0:1f:5f:18:
29:79:9f:d3:01:d3:cd:05:91:c1:16:c9:ee:3b:92:
b9:f5:0b:ff:d1:8d:18:b2:59:56:cb:e7:17:f9:f3:
84:a6:fe:cd:84:f1:99:a6:f6:27:2b:8e:d5:80:23:
33:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:7B:25:86:D1:62:B8:A6:AE:81:9B:88:8E:00:D2:4C:CE:05:E9:29
X509v3 Authority Key Identifier:
keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/iHslhtFiuKaugZuIjgDSTM4F6Sk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.200.0/24
212.22.70.0/24
212.22.94.0/24
Signature Algorithm: sha256WithRSAEncryption
06:e0:8d:4a:07:95:59:80:42:ee:f5:25:b4:3c:df:65:54:33:
4c:76:23:de:37:39:8d:f8:5e:29:fb:bf:78:94:fb:ab:c0:54:
00:8f:fe:88:66:cf:cb:de:28:ed:0f:3f:5c:14:7a:b1:7d:22:
28:47:67:cb:f5:f8:68:eb:f5:99:4a:9e:a7:80:86:b0:c0:50:
54:c1:39:75:55:04:84:f6:0d:a0:2c:9f:7f:10:fb:22:23:23:
65:c9:27:7d:f3:28:9c:f4:34:cf:c1:81:dd:78:f5:62:55:1f:
5f:7c:24:11:2d:b5:e6:09:f3:44:13:88:76:dc:ed:dd:77:d6:
39:3e:93:d7:a8:11:d8:eb:a6:9e:c4:ba:a1:a7:fd:fb:64:c5:
13:bf:9a:1f:e1:40:ca:76:06:6a:2f:2d:a8:b8:8c:66:66:6a:
c6:7b:66:dc:68:67:84:76:8f:c0:d5:68:8f:c0:71:35:b7:e1:
0b:20:ae:9d:5c:67:5d:7a:64:92:86:ff:01:f4:62:26:11:2d:
7e:1d:13:aa:62:13:04:78:ba:43:63:b3:fd:3a:09:a1:8d:06:
2d:53:08:ea:41:38:c7:eb:fb:78:e2:8c:49:d4:b9:7a:35:94:
7d:6f:58:4d:d6:9f:d0:e9:a6:ec:13:c0:27:b8:1b:26:ff:06:
78:b7:ed:c1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQj1+p06MiR7bk3P+BxvwCiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm
YmViOWEwHhcNMjUwMTAxMjE0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODdiMjU4NmQxNjJiOGE2YWU4MTliODg4ZTAwZDI0Y2NlMDVlOTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr09LT1LAjc3liKhXcAbTYUfrz3B4
7pQuDN6F8W2jQkPLHSXJb4Cg89JIoIBjNjn0LoaPNDmiYLAaJvpzMq3AqUsFS1ZU
rqL3IO03QGu3CTW244BwIEx6p17BplZruVM6tRGPJu2rxotE3QJlh59VAaVxHCxd
Ymzwcsol9Ja/+9z1a96Not1l5G6r8KOVSeFF9KdvUiJS6o+nLXB+LUkMeRsWSTDN
8fC2jIn00Trcvc1dGuoSY3LEsOhKZ4XfAU19E7iADGE/e32bLkFCkuAfXxgpeZ/T
AdPNBZHBFsnuO5K59Qv/0Y0YsllWy+cX+fOEpv7NhPGZpvYnK47VgCMzawIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIh7JYbRYrimroGbiI4A0kzOBekpMB8GA1UdIwQY
MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt
NmE0ZWNhZjhiM2IxLzEvaUhzbGh0Rml1S2F1Z1p1SWpnRFNUTTRGNlNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGItNmE0ZWNhZjhiM2Ix
LzEvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuUHIAwQA
1BZGAwQA1BZeMA0GCSqGSIb3DQEBCwUAA4IBAQAG4I1KB5VZgELu9SW0PN9lVDNM
diPeNzmN+F4p+794lPurwFQAj/6IZs/L3ijtDz9cFHqxfSIoR2fL9fho6/WZSp6n
gIawwFBUwTl1VQSE9g2gLJ9/EPsiIyNlySd98yic9DTPwYHdePViVR9ffCQRLbXm
CfNEE4h23O3dd9Y5PpPXqBHY66aexLqhp/37ZMUTv5of4UDKdgZqLy2ouIxmZmrG
e2bcaGeEdo/A1WiPwHE1t+ELIK6dXGddemSShv8B9GImES1+HROqYhMEeLpDY7P9
OgmhjQYtUwjqQTjH6/t44oxJ1Ll6NZR9b1hN1p/Q6absE8AnuBsm/wZ4t+3B
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:58:16 2025 by rpki-client