Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1336d4-4281-4763-af29-47fe9c7a4d84/1/2l0vUoO7jWeMq5OND7FxpauNzdw.roa
File: 2l0vUoO7jWeMq5OND7FxpauNzdw.roa (raw, json)
Hash identifier: FcQBCADKb7L0qwLcPrueSC9FuXOQStumJL4vMPBe/ZQ=
Subject key identifier: DA:5D:2F:52:83:BB:8D:67:8C:AB:93:8D:0F:B1:71:A5:AB:8D:CD:DC
Certificate issuer: /CN=ba04db2fcb0c5b55651f1c1bbb4d95c745578dcf
Certificate serial: 28C17B
Authority key identifier: BA:04:DB:2F:CB:0C:5B:55:65:1F:1C:1B:BB:4D:95:C7:45:57:8D:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ugTbL8sMW1VlHxwbu02Vx0VXjc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/1336d4-4281-4763-af29-47fe9c7a4d84/1/2l0vUoO7jWeMq5OND7FxpauNzdw.roa
Signing time: Sat 01 Jan 2022 00:51:17 +0000
ROA not before: Sat 01 Jan 2022 00:51:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60675
IP address blocks: 185.114.84.0/22 maxlen: 24
185.142.192.0/22 maxlen: 24
185.27.136.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2670971 (0x28c17b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba04db2fcb0c5b55651f1c1bbb4d95c745578dcf
Validity
Not Before: Jan 1 00:51:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da5d2f5283bb8d678cab938d0fb171a5ab8dcddc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:55:09:a1:1b:43:71:b8:9c:e6:e4:7e:72:74:
93:b1:83:f2:00:55:ba:65:e4:59:e0:bf:84:65:d2:
fe:3b:46:8b:70:16:e7:4e:e3:01:89:33:36:d6:c3:
39:a5:f6:b7:1d:37:3b:35:77:54:c9:52:e9:dc:df:
1b:ad:25:cf:07:4c:1d:13:de:6e:bb:7c:ae:51:40:
e6:41:03:6b:98:89:a1:83:75:d6:20:31:50:0b:33:
bb:e7:7e:b9:61:08:e3:1d:2c:7f:f4:78:0d:e2:6e:
b9:d4:31:4f:3a:4e:84:d6:c2:64:78:f2:67:79:f0:
f5:7d:9c:78:60:9c:39:ca:97:c7:03:c3:d9:74:a2:
f8:e3:44:64:af:12:92:eb:e7:f0:11:dd:48:de:b1:
c7:b6:7d:86:6e:fd:78:50:80:15:78:97:74:ba:b1:
d9:ae:fa:bd:d0:19:7a:2a:18:88:cc:f7:dc:71:55:
49:50:70:d7:d3:79:76:a7:20:bf:aa:c0:d1:4b:96:
cb:f3:71:88:3a:4b:1f:85:ac:45:02:26:cb:b7:6a:
58:b9:58:9e:ff:df:51:fa:81:a9:b4:c0:9e:ec:cc:
eb:5e:23:8e:16:fa:9d:a4:30:f1:60:39:e3:98:bf:
97:59:6c:4b:25:2f:29:8c:eb:d9:e0:c4:f5:6c:7d:
13:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:5D:2F:52:83:BB:8D:67:8C:AB:93:8D:0F:B1:71:A5:AB:8D:CD:DC
X509v3 Authority Key Identifier:
keyid:BA:04:DB:2F:CB:0C:5B:55:65:1F:1C:1B:BB:4D:95:C7:45:57:8D:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ugTbL8sMW1VlHxwbu02Vx0VXjc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1336d4-4281-4763-af29-47fe9c7a4d84/1/2l0vUoO7jWeMq5OND7FxpauNzdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1336d4-4281-4763-af29-47fe9c7a4d84/1/ugTbL8sMW1VlHxwbu02Vx0VXjc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.27.136.0/22
185.114.84.0/22
185.142.192.0/22
Signature Algorithm: sha256WithRSAEncryption
19:b4:49:c2:90:2b:5f:00:f9:6e:b3:8c:25:0d:f0:95:79:09:
8d:96:69:70:82:a1:01:4f:e7:aa:8c:e9:50:b4:51:99:95:16:
b3:b2:e5:fd:be:07:0a:d6:21:40:2b:ef:95:93:ad:42:9e:ba:
9c:3c:ab:d0:dd:ff:0f:9c:76:6e:1c:de:63:90:1c:79:b0:b4:
32:15:8d:46:46:95:44:9b:42:bb:6c:0e:02:6f:42:a9:72:cc:
ba:96:97:37:b6:7e:c2:db:27:e7:ff:99:ee:71:ae:2a:97:38:
46:c0:95:5d:e9:b5:20:12:b5:a7:9f:86:4e:a5:8e:3e:ca:f8:
89:70:f2:2a:17:3d:19:dc:9b:2e:6e:a9:60:10:d3:fb:36:db:
11:c3:8e:65:17:4a:36:b0:98:7c:eb:44:29:c0:8b:83:6c:e2:
9a:aa:83:72:fd:c5:12:35:14:e4:f8:e6:37:28:4f:02:ea:f1:
df:9e:05:b0:5b:2a:37:ab:60:1f:2f:53:04:f7:1c:04:be:8f:
aa:ce:5b:f3:79:28:06:5f:0f:6c:09:8b:99:62:36:0c:fd:b5:
ca:28:72:a6:de:1e:9f:f2:9e:ec:a0:e9:a5:5c:7d:b6:27:b4:
68:96:7b:0f:04:3c:1e:14:91:7b:ef:bc:70:81:38:eb:d3:28:
27:55:5d:7d
-----BEGIN CERTIFICATE-----
MIIE+jCCA+KgAwIBAgIDKMF7MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJh
MDRkYjJmY2IwYzViNTU2NTFmMWMxYmJiNGQ5NWM3NDU1NzhkY2YwHhcNMjIwMTAx
MDA1MTE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkYTVkMmY1MjgzYmI4
ZDY3OGNhYjkzOGQwZmIxNzFhNWFiOGRjZGRjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtlUJoRtDcbic5uR+cnSTsYPyAFW6ZeRZ4L+EZdL+O0aLcBbn
TuMBiTM21sM5pfa3HTc7NXdUyVLp3N8brSXPB0wdE95uu3yuUUDmQQNrmImhg3XW
IDFQCzO75365YQjjHSx/9HgN4m651DFPOk6E1sJkePJnefD1fZx4YJw5ypfHA8PZ
dKL440RkrxKS6+fwEd1I3rHHtn2Gbv14UIAVeJd0urHZrvq90Bl6KhiIzPfccVVJ
UHDX03l2pyC/qsDRS5bL83GIOksfhaxFAibLt2pYuVie/99R+oGptMCe7MzrXiOO
FvqdpDDxYDnjmL+XWWxLJS8pjOvZ4MT1bH0T1QIDAQABo4ICFTCCAhEwHQYDVR0O
BBYEFNpdL1KDu41njKuTjQ+xcaWrjc3cMB8GA1UdIwQYMBaAFLoE2y/LDFtVZR8c
G7tNlcdFV43PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
dWdUYkw4c01XMVZsSHh3YnUwMlZ4MFZYamM4LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC82NC8xMzM2ZDQtNDI4MS00NzYzLWFmMjktNDdmZTljN2E0ZDg0LzEv
MmwwdlVvTzdqV2VNcTVPTkQ3RnhwYXVOemR3LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8x
MzM2ZDQtNDI4MS00NzYzLWFmMjktNDdmZTljN2E0ZDg0LzEvdWdUYkw4c01XMVZs
SHh3YnUwMlZ4MFZYamM4LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsG
CCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuRuIAwQCuXJUAwQCuY7AMA0GCSqG
SIb3DQEBCwUAA4IBAQAZtEnCkCtfAPlus4wlDfCVeQmNlmlwgqEBT+eqjOlQtFGZ
lRazsuX9vgcK1iFAK++Vk61CnrqcPKvQ3f8PnHZuHN5jkBx5sLQyFY1GRpVEm0K7
bA4Cb0Kpcsy6lpc3tn7C2yfn/5nuca4qlzhGwJVd6bUgErWnn4ZOpY4+yviJcPIq
Fz0Z3JsubqlgENP7NtsRw45lF0o2sJh860QpwIuDbOKaqoNy/cUSNRTk+OY3KE8C
6vHfngWwWyo3q2AfL1ME9xwEvo+qzlvzeSgGXw9sCYuZYjYM/bXKKHKm3h6f8p7s
oOmlXH22J7RolnsPBDweFJF777xwgTjr0ygnVV19
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:58:13 2025 by rpki-client