Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/Aqp8uTSTnibAmpOp2sBanVlvvNs.roa
File: Aqp8uTSTnibAmpOp2sBanVlvvNs.roa (raw, json)
Hash identifier: cMnur1KELmy+RSYzYfRu9NgELGYKasLuCbT1n5LoRew=
Subject key identifier: 02:AA:7C:B9:34:93:9E:26:C0:9A:93:A9:DA:C0:5A:9D:59:6F:BC:DB
Certificate issuer: /CN=2f7a464b894841b3b940e0b357b865e393b1dd46
Certificate serial: 01942521EAEC6E47B180A6C68D5674D8DE60
Authority key identifier: 2F:7A:46:4B:89:48:41:B3:B9:40:E0:B3:57:B8:65:E3:93:B1:DD:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L3pGS4lIQbO5QOCzV7hl45Ox3UY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/Aqp8uTSTnibAmpOp2sBanVlvvNs.roa
Signing time: Thu 02 Jan 2025 03:49:27 +0000
ROA not before: Thu 02 Jan 2025 03:49:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210619
IP address blocks: 185.137.221.0/24 maxlen: 24
185.137.223.0/24 maxlen: 24
2a0a:a501::/32 maxlen: 32
2a0a:a501::/48 maxlen: 48
2a0a:a502::/32 maxlen: 32
2a0a:a502::/48 maxlen: 48
2a0a:a503::/32 maxlen: 32
2a0a:a504::/32 maxlen: 32
2a0a:a505::/32 maxlen: 32
2a0a:a506::/32 maxlen: 32
2a0a:a507::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:ea:ec:6e:47:b1:80:a6:c6:8d:56:74:d8:de:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f7a464b894841b3b940e0b357b865e393b1dd46
Validity
Not Before: Jan 2 03:49:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=02aa7cb934939e26c09a93a9dac05a9d596fbcdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d6:d2:4e:9a:85:c3:b4:02:db:94:37:8d:ff:
ca:aa:c4:2d:d0:6c:c1:0d:c4:88:22:94:30:48:22:
f2:7b:c1:a6:6e:51:dd:47:0b:54:76:ee:24:cc:88:
74:f6:4e:5a:73:bb:6f:f6:7a:54:3e:63:d4:76:d8:
8d:40:ab:85:5c:09:b1:56:cb:99:34:2e:29:0c:67:
90:09:98:d3:ea:3c:45:7f:97:3c:93:e9:f8:19:a0:
a9:5d:f0:2d:c2:3c:2d:43:5e:0b:a8:76:3d:e2:29:
35:57:d5:d0:a7:60:af:1d:e5:49:cc:fc:34:c2:8f:
ce:e0:1c:88:a6:1b:33:25:55:09:d4:a9:c1:91:e7:
71:a6:db:ca:f8:5b:d0:51:b1:31:55:a1:b6:8c:c1:
00:fb:88:a9:21:53:53:79:9e:40:69:a6:d3:75:e6:
d7:fb:c9:21:6a:8e:65:b7:38:0a:0e:73:a1:fc:2d:
95:98:37:74:d0:8d:78:1e:54:33:d4:5f:2b:39:38:
6a:25:c9:59:8f:19:eb:ab:de:bf:3c:23:50:4f:9e:
c7:e6:fc:ad:07:bd:24:5a:10:c6:49:a6:4d:d3:eb:
6a:cb:04:c0:c0:46:96:67:51:b0:4d:97:25:5c:9d:
bb:42:b8:15:16:24:29:37:b9:d2:07:59:34:54:47:
c5:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:AA:7C:B9:34:93:9E:26:C0:9A:93:A9:DA:C0:5A:9D:59:6F:BC:DB
X509v3 Authority Key Identifier:
keyid:2F:7A:46:4B:89:48:41:B3:B9:40:E0:B3:57:B8:65:E3:93:B1:DD:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L3pGS4lIQbO5QOCzV7hl45Ox3UY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/Aqp8uTSTnibAmpOp2sBanVlvvNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/L3pGS4lIQbO5QOCzV7hl45Ox3UY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.221.0/24
185.137.223.0/24
IPv6:
2a0a:a501::-2a0a:a507:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a2:5b:85:3b:b6:4f:92:14:c3:71:37:a4:ef:f4:08:dd:ce:03:
eb:8c:99:b4:03:4f:a0:bd:44:3b:d5:ca:61:4d:68:40:29:6f:
ee:df:9c:89:34:14:81:89:2e:9f:83:ad:f0:34:55:06:e2:cd:
37:2c:0c:09:4c:54:9d:e4:b4:13:52:26:ab:df:55:c4:5b:5f:
57:90:b5:19:07:b5:cd:44:e6:c3:08:bc:34:83:48:22:f5:3d:
60:ad:48:ad:f1:f0:2d:7e:5d:e4:97:71:0b:bb:a0:27:10:c1:
71:c9:b4:c9:c0:5c:5b:e0:eb:60:92:b3:13:84:ee:98:e0:22:
61:ea:f0:7a:6b:f8:e7:cf:28:45:1b:af:fe:19:fe:43:d0:f6:
c1:40:6f:4c:05:ba:43:5f:44:97:d1:be:76:b8:61:3d:8a:2d:
6f:a1:48:f1:20:d2:cf:c4:28:9d:97:b8:ad:24:21:c3:e6:8e:
90:bb:7c:ae:b9:c6:c7:10:85:c0:e4:b8:b6:d2:7e:e3:45:bd:
a8:e0:d2:00:f2:dd:57:f6:7e:1b:d7:64:5b:33:18:2f:b6:ad:
b4:01:24:14:57:49:70:2a:49:91:a2:ee:89:2e:82:72:08:84:
99:21:94:8c:38:41:40:c1:bd:94:db:10:b1:d0:75:2c:7c:18:
de:64:cf:ea
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQlIersbkexgKbGjVZ02N5gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmN2E0NjRiODk0ODQxYjNiOTQwZTBiMzU3Yjg2NWUzOTNi
MWRkNDYwHhcNMjUwMTAyMDM0OTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmFhN2NiOTM0OTM5ZTI2YzA5YTkzYTlkYWMwNWE5ZDU5NmZiY2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttbSTpqFw7QC25Q3jf/KqsQt0GzB
DcSIIpQwSCLye8GmblHdRwtUdu4kzIh09k5ac7tv9npUPmPUdtiNQKuFXAmxVsuZ
NC4pDGeQCZjT6jxFf5c8k+n4GaCpXfAtwjwtQ14LqHY94ik1V9XQp2CvHeVJzPw0
wo/O4ByIphszJVUJ1KnBkedxptvK+FvQUbExVaG2jMEA+4ipIVNTeZ5AaabTdebX
+8khao5ltzgKDnOh/C2VmDd00I14HlQz1F8rOThqJclZjxnrq96/PCNQT57H5vyt
B70kWhDGSaZN0+tqywTAwEaWZ1GwTZclXJ27QrgVFiQpN7nSB1k0VEfFrwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAKqfLk0k54mwJqTqdrAWp1Zb7zbMB8GA1UdIwQY
MBaAFC96RkuJSEGzuUDgs1e4ZeOTsd1GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDNwR1M0bElRYk81UU9DelY3aGw0NU94M1VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iMmY3YTAtMDZjNC00YWI1LTg1YWEt
MTAxNDRjMWJjYWZjLzEvQXFwOHVUU1RuaWJBbXBPcDJzQmFuVmx2dk5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iMmY3YTAtMDZjNC00YWI1LTg1YWEtMTAxNDRjMWJjYWZj
LzEvTDNwR1M0bElRYk81UU9DelY3aGw0NU94M1VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAuYndAwQA
uYnfMBYEAgACMBAwDgMFACoKpQEDBQMqCqUAMA0GCSqGSIb3DQEBCwUAA4IBAQCi
W4U7tk+SFMNxN6Tv9AjdzgPrjJm0A0+gvUQ71cphTWhAKW/u35yJNBSBiS6fg63w
NFUG4s03LAwJTFSd5LQTUiar31XEW19XkLUZB7XNRObDCLw0g0gi9T1grUit8fAt
fl3kl3ELu6AnEMFxybTJwFxb4OtgkrMThO6Y4CJh6vB6a/jnzyhFG6/+Gf5D0PbB
QG9MBbpDX0SX0b52uGE9ii1voUjxINLPxCidl7itJCHD5o6Qu3yuucbHEIXA5Li2
0n7jRb2o4NIA8t1X9n4b12RbMxgvtq20ASQUV0lwKkmRou6JLoJyCISZIZSMOEFA
wb2U2xCx0HUsfBjeZM/q
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:31:03 2025 by rpki-client