Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/5iKleEq4X0taicKilu5zHqgLbGc.roa
File: 5iKleEq4X0taicKilu5zHqgLbGc.roa (raw, json)
Hash identifier: eAAuKlXsIvAt0qag85YneBufwMZHzVvi0CfWI6071M0=
Subject key identifier: E6:22:A5:78:4A:B8:5F:4B:5A:89:C2:A2:96:EE:73:1E:A8:0B:6C:67
Certificate issuer: /CN=2f7a464b894841b3b940e0b357b865e393b1dd46
Certificate serial: 018B2E44B10954FB207806C1D81D8BB1BF4F
Authority key identifier: 2F:7A:46:4B:89:48:41:B3:B9:40:E0:B3:57:B8:65:E3:93:B1:DD:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L3pGS4lIQbO5QOCzV7hl45Ox3UY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/5iKleEq4X0taicKilu5zHqgLbGc.roa
Signing time: Sat 14 Oct 2023 12:58:55 +0000
ROA not before: Sat 14 Oct 2023 12:58:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60672
IP address blocks: 185.137.222.0/24 maxlen: 24
185.137.220.0/24 maxlen: 24
2a0a:a500::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:2e:44:b1:09:54:fb:20:78:06:c1:d8:1d:8b:b1:bf:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f7a464b894841b3b940e0b357b865e393b1dd46
Validity
Not Before: Oct 14 12:58:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e622a5784ab85f4b5a89c2a296ee731ea80b6c67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:0d:28:46:c7:4b:f5:e5:6c:54:3e:60:dd:d7:
a2:a0:f7:70:15:0c:59:da:a5:03:06:ad:80:e2:b3:
5c:2e:21:2a:7b:df:82:a5:dc:68:ca:70:70:6e:b8:
1b:bd:02:63:89:14:15:ff:4a:de:15:98:0c:ef:0d:
1c:b6:af:89:4c:9a:e7:97:fe:62:2f:25:b9:93:15:
38:fa:25:f5:c3:58:29:3b:a8:fc:ba:7f:d1:73:6f:
f5:60:cd:6a:0f:ec:44:1b:7c:cf:c9:b0:55:62:af:
38:3b:07:aa:34:cd:ce:02:b6:d9:ce:62:9a:0a:f8:
dc:84:36:16:8f:61:bb:ec:5e:4f:5d:f9:c7:0f:6b:
bc:cf:24:1e:7a:00:78:7a:bc:80:34:9e:fe:6e:d8:
ae:43:4b:da:7d:b5:35:0a:d1:93:54:7e:81:d9:c4:
ee:76:ad:fe:fe:a5:82:b6:8e:b6:73:ad:ef:5a:b8:
fb:d1:c8:9d:e2:f2:72:e0:cf:c5:e6:b6:e1:b2:4b:
ca:69:6c:5b:d1:2a:e3:66:08:cb:b5:0b:85:2c:cb:
dc:b9:28:6e:66:95:6b:4f:05:6d:f8:ef:ae:74:6d:
85:41:7e:23:dd:fa:1b:64:c1:98:c4:b7:e9:a5:e3:
f0:4e:cb:da:64:96:1e:b1:54:33:c5:17:62:4f:27:
e1:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:22:A5:78:4A:B8:5F:4B:5A:89:C2:A2:96:EE:73:1E:A8:0B:6C:67
X509v3 Authority Key Identifier:
keyid:2F:7A:46:4B:89:48:41:B3:B9:40:E0:B3:57:B8:65:E3:93:B1:DD:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L3pGS4lIQbO5QOCzV7hl45Ox3UY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/5iKleEq4X0taicKilu5zHqgLbGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/L3pGS4lIQbO5QOCzV7hl45Ox3UY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.220.0/24
185.137.222.0/24
IPv6:
2a0a:a500::/48
Signature Algorithm: sha256WithRSAEncryption
0e:0f:42:7d:a5:92:e0:e2:bc:3f:35:1a:42:d4:98:7b:75:69:
88:51:c3:00:1e:f7:64:fb:9a:f6:2a:67:e3:18:fe:d9:c0:17:
f0:43:b6:67:23:2a:1a:22:b3:61:ea:35:22:d8:f2:18:f2:31:
f5:8c:81:7a:c9:42:3b:e2:39:60:55:c8:c5:6c:33:45:dd:ff:
75:8b:46:ce:b7:2a:2d:dc:f4:7f:2b:ed:d5:80:76:65:c4:c6:
16:c2:50:f5:f7:90:9c:c7:4e:9f:e2:a6:60:4f:48:cd:e9:b7:
29:15:85:97:e8:4b:b8:48:2c:d3:68:d3:ee:d4:8e:f3:d5:b0:
f3:e6:4c:a3:90:21:bd:d3:02:a2:98:dd:94:75:35:b5:8d:bc:
a8:97:b5:bb:92:77:53:d9:e4:ab:3d:c1:2e:3a:98:51:38:69:
e4:74:52:86:02:21:5f:eb:e0:60:b5:1c:ab:1c:f9:4e:4a:1e:
08:00:01:f7:79:f9:3b:8f:de:67:7d:22:0d:a6:f4:2d:58:2e:
36:67:4a:a5:89:b0:62:d1:26:c3:54:93:5d:e1:e5:0a:7a:7d:
e6:8f:aa:31:a5:3d:93:94:6c:a5:62:d7:6b:b1:94:b8:0d:26:
dd:0e:01:65:f8:24:6c:fd:b5:58:35:e9:ec:99:7a:ab:23:86:
de:81:1b:64
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYsuRLEJVPsgeAbB2B2Lsb9PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmN2E0NjRiODk0ODQxYjNiOTQwZTBiMzU3Yjg2NWUzOTNi
MWRkNDYwHhcNMjMxMDE0MTI1ODU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjIyYTU3ODRhYjg1ZjRiNWE4OWMyYTI5NmVlNzMxZWE4MGI2YzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQ0oRsdL9eVsVD5g3deioPdwFQxZ
2qUDBq2A4rNcLiEqe9+CpdxoynBwbrgbvQJjiRQV/0reFZgM7w0ctq+JTJrnl/5i
LyW5kxU4+iX1w1gpO6j8un/Rc2/1YM1qD+xEG3zPybBVYq84OweqNM3OArbZzmKa
CvjchDYWj2G77F5PXfnHD2u8zyQeegB4eryANJ7+btiuQ0vafbU1CtGTVH6B2cTu
dq3+/qWCto62c63vWrj70cid4vJy4M/F5rbhskvKaWxb0SrjZgjLtQuFLMvcuShu
ZpVrTwVt+O+udG2FQX4j3fobZMGYxLfppePwTsvaZJYesVQzxRdiTyfhswIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFOYipXhKuF9LWonCopbucx6oC2xnMB8GA1UdIwQY
MBaAFC96RkuJSEGzuUDgs1e4ZeOTsd1GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDNwR1M0bElRYk81UU9DelY3aGw0NU94M1VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iMmY3YTAtMDZjNC00YWI1LTg1YWEt
MTAxNDRjMWJjYWZjLzEvNWlLbGVFcTRYMHRhaWNLaWx1NXpIcWdMYkdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iMmY3YTAtMDZjNC00YWI1LTg1YWEtMTAxNDRjMWJjYWZj
LzEvTDNwR1M0bElRYk81UU9DelY3aGw0NU94M1VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuYncAwQA
uYneMA8EAgACMAkDBwAqCqUAAAAwDQYJKoZIhvcNAQELBQADggEBAA4PQn2lkuDi
vD81GkLUmHt1aYhRwwAe92T7mvYqZ+MY/tnAF/BDtmcjKhois2HqNSLY8hjyMfWM
gXrJQjviOWBVyMVsM0Xd/3WLRs63Ki3c9H8r7dWAdmXExhbCUPX3kJzHTp/ipmBP
SM3ptykVhZfoS7hILNNo0+7UjvPVsPPmTKOQIb3TAqKY3ZR1NbWNvKiXtbuSd1PZ
5Ks9wS46mFE4aeR0UoYCIV/r4GC1HKsc+U5KHggAAfd5+TuP3md9Ig2m9C1YLjZn
SqWJsGLRJsNUk13h5Qp6feaPqjGlPZOUbKVi12uxlLgNJt0OAWX4JGz9tVg16eyZ
eqsjht6BG2Q=
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:24:14 2025 by rpki-client