Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/Q4ZBrCGAGcuPghtItjiNwVZY7x0.roa
File: Q4ZBrCGAGcuPghtItjiNwVZY7x0.roa (raw, json)
Hash identifier: lonZgBeOqq76Qx67t4Gb4RI9yLxGa5OnjvdESN2ipdE=
Subject key identifier: 43:86:41:AC:21:80:19:CB:8F:82:1B:48:B6:38:8D:C1:56:58:EF:1D
Certificate issuer: /CN=2f7a464b894841b3b940e0b357b865e393b1dd46
Certificate serial: 0186DF1B000061A1E756A2939D82B7EFCF38
Authority key identifier: 2F:7A:46:4B:89:48:41:B3:B9:40:E0:B3:57:B8:65:E3:93:B1:DD:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L3pGS4lIQbO5QOCzV7hl45Ox3UY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/Q4ZBrCGAGcuPghtItjiNwVZY7x0.roa
Signing time: Tue 14 Mar 2023 07:52:14 +0000
ROA not before: Tue 14 Mar 2023 07:52:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60672
IP address blocks: 185.137.222.0/24 maxlen: 24
185.137.220.0/23 maxlen: 23
2a0a:a500::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:df:1b:00:00:61:a1:e7:56:a2:93:9d:82:b7:ef:cf:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f7a464b894841b3b940e0b357b865e393b1dd46
Validity
Not Before: Mar 14 07:52:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=438641ac218019cb8f821b48b6388dc15658ef1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:07:78:7d:80:df:ba:9d:6a:1f:7e:56:f8:85:
1d:ed:93:20:f6:bc:a3:9b:38:b9:98:77:5d:88:c5:
86:e3:9e:5d:ec:8a:a7:04:a7:20:ae:78:fc:fd:3d:
ba:33:ec:0c:6d:8f:ee:65:8a:6d:42:d1:3c:18:57:
2d:9e:e2:02:d8:ee:59:69:0a:c7:df:43:73:16:e7:
13:d5:19:1a:94:c6:8e:22:02:ac:26:87:85:a2:5d:
0b:c7:c9:85:5a:6c:2f:ee:fb:ed:3f:1f:49:19:0a:
25:86:db:40:9e:cb:ff:8c:1e:e9:b0:78:6e:05:c8:
85:d5:ac:ec:e6:03:c4:c7:bd:df:ab:82:cf:a7:8a:
1c:0b:ba:e3:da:be:af:fd:ef:a9:5e:38:74:96:59:
06:67:69:20:80:a7:17:3d:56:c9:e5:8a:ad:01:be:
41:c1:0d:28:08:5c:80:39:52:17:1d:6c:17:b4:16:
1a:c1:39:4d:a7:df:c6:8c:3d:82:a6:ce:2f:f3:28:
08:4e:ad:a6:b0:6f:b0:8f:f5:83:cf:af:39:27:ae:
ef:fc:bb:af:16:05:20:4a:71:13:4e:30:e2:74:3f:
b1:52:fd:3a:e2:8b:3c:08:90:c5:c0:3a:fa:b9:5a:
49:f4:4e:af:c3:54:bd:92:49:4c:8d:e0:99:e0:89:
ae:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:86:41:AC:21:80:19:CB:8F:82:1B:48:B6:38:8D:C1:56:58:EF:1D
X509v3 Authority Key Identifier:
keyid:2F:7A:46:4B:89:48:41:B3:B9:40:E0:B3:57:B8:65:E3:93:B1:DD:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L3pGS4lIQbO5QOCzV7hl45Ox3UY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/Q4ZBrCGAGcuPghtItjiNwVZY7x0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/L3pGS4lIQbO5QOCzV7hl45Ox3UY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.220.0-185.137.222.255
IPv6:
2a0a:a500::/48
Signature Algorithm: sha256WithRSAEncryption
6d:ff:aa:97:8f:66:ca:f6:bd:93:2a:e9:fa:62:9e:39:fb:04:
13:a8:ac:b9:4f:09:f7:f1:bd:93:84:74:73:3d:6f:fd:55:4f:
86:8f:06:eb:2d:cb:22:4e:dd:49:8a:81:be:16:69:af:4c:d3:
fc:9b:ed:b5:9d:66:38:68:45:98:f3:95:68:c8:51:18:a7:d4:
2f:28:fd:22:69:0f:c6:a0:de:c9:07:90:c7:b3:b2:29:e2:bf:
98:ba:b8:20:79:73:f8:8f:b1:76:00:f1:4f:16:6f:b1:f9:95:
82:dc:9b:c7:b2:40:87:d6:6c:99:67:ad:c9:3e:81:bf:11:f5:
2e:64:f7:6c:36:31:26:2a:f5:95:0c:2e:8e:91:7c:bc:2c:34:
7c:a1:16:b8:6f:ea:2c:2a:14:3e:ae:4b:fe:f7:f7:76:fb:94:
33:78:0c:d4:a7:ff:ca:02:8b:bc:fb:0f:a0:06:0f:3f:f2:13:
c4:aa:7c:7c:05:b8:b5:88:2d:e7:e3:22:39:d3:e9:c8:91:23:
dd:e4:1b:66:86:8c:37:5a:23:9a:c7:c1:21:0d:02:ae:ba:cd:
ec:fc:81:0e:38:4e:89:07:de:f9:18:a2:8d:e5:e9:c3:bd:82:
9f:63:0d:87:95:85:6f:5c:80:fe:60:93:29:c2:45:ef:77:f8:
2c:d6:1e:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYbfGwAAYaHnVqKTnYK37884MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmN2E0NjRiODk0ODQxYjNiOTQwZTBiMzU3Yjg2NWUzOTNi
MWRkNDYwHhcNMjMwMzE0MDc1MjE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mzg2NDFhYzIxODAxOWNiOGY4MjFiNDhiNjM4OGRjMTU2NThlZjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQd4fYDfup1qH35W+IUd7ZMg9ryj
mzi5mHddiMWG455d7IqnBKcgrnj8/T26M+wMbY/uZYptQtE8GFctnuIC2O5ZaQrH
30NzFucT1RkalMaOIgKsJoeFol0Lx8mFWmwv7vvtPx9JGQolhttAnsv/jB7psHhu
BciF1azs5gPEx73fq4LPp4ocC7rj2r6v/e+pXjh0llkGZ2kggKcXPVbJ5YqtAb5B
wQ0oCFyAOVIXHWwXtBYawTlNp9/GjD2Cps4v8ygITq2msG+wj/WDz685J67v/Luv
FgUgSnETTjDidD+xUv064os8CJDFwDr6uVpJ9E6vw1S9kklMjeCZ4ImuvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEOGQawhgBnLj4IbSLY4jcFWWO8dMB8GA1UdIwQY
MBaAFC96RkuJSEGzuUDgs1e4ZeOTsd1GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDNwR1M0bElRYk81UU9DelY3aGw0NU94M1VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iMmY3YTAtMDZjNC00YWI1LTg1YWEt
MTAxNDRjMWJjYWZjLzEvUTRaQnJDR0FHY3VQZ2h0SXRqaU53VlpZN3gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iMmY3YTAtMDZjNC00YWI1LTg1YWEtMTAxNDRjMWJjYWZj
LzEvTDNwR1M0bElRYk81UU9DelY3aGw0NU94M1VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAK5idwD
BAC5id4wDwQCAAIwCQMHACoKpQAAADANBgkqhkiG9w0BAQsFAAOCAQEAbf+ql49m
yva9kyrp+mKeOfsEE6isuU8J9/G9k4R0cz1v/VVPho8G6y3LIk7dSYqBvhZpr0zT
/JvttZ1mOGhFmPOVaMhRGKfULyj9ImkPxqDeyQeQx7OyKeK/mLq4IHlz+I+xdgDx
TxZvsfmVgtybx7JAh9ZsmWetyT6BvxH1LmT3bDYxJir1lQwujpF8vCw0fKEWuG/q
LCoUPq5L/vf3dvuUM3gM1Kf/ygKLvPsPoAYPP/ITxKp8fAW4tYgt5+MiOdPpyJEj
3eQbZoaMN1ojmsfBIQ0CrrrN7PyBDjhOiQfe+RiijeXpw72Cn2MNh5WFb1yA/mCT
KcJF73f4LNYezA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:06:40 2025 by rpki-client