Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/stUq7gYH9NfZQ4B1KVB6RamW1EM.roa
File: stUq7gYH9NfZQ4B1KVB6RamW1EM.roa (raw, json)
Hash identifier: X7R1W+q8OH558Nu3tMUpicaplOedBToalyC+wIt23j8=
Subject key identifier: B2:D5:2A:EE:06:07:F4:D7:D9:43:80:75:29:50:7A:45:A9:96:D4:43
Certificate issuer: /CN=2f7a464b894841b3b940e0b357b865e393b1dd46
Certificate serial: 0193C53DCFCD35666A21042DB76CD96AEE5A
Authority key identifier: 2F:7A:46:4B:89:48:41:B3:B9:40:E0:B3:57:B8:65:E3:93:B1:DD:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L3pGS4lIQbO5QOCzV7hl45Ox3UY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/stUq7gYH9NfZQ4B1KVB6RamW1EM.roa
Signing time: Sat 14 Dec 2024 12:56:22 +0000
ROA not before: Sat 14 Dec 2024 12:56:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210619
IP address blocks: 185.137.221.0/24 maxlen: 24
185.137.223.0/24 maxlen: 24
2a0a:a501::/32 maxlen: 32
2a0a:a501::/48 maxlen: 48
2a0a:a502::/32 maxlen: 32
2a0a:a502::/48 maxlen: 48
2a0a:a503::/32 maxlen: 32
2a0a:a504::/32 maxlen: 32
2a0a:a505::/32 maxlen: 32
2a0a:a506::/32 maxlen: 32
2a0a:a507::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c5:3d:cf:cd:35:66:6a:21:04:2d:b7:6c:d9:6a:ee:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f7a464b894841b3b940e0b357b865e393b1dd46
Validity
Not Before: Dec 14 12:56:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b2d52aee0607f4d7d943807529507a45a996d443
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a1:86:f4:6e:76:62:05:81:99:11:83:b3:9c:
99:e5:64:5a:a8:47:e4:05:c0:fa:ea:4c:5d:65:d9:
4b:a7:01:e9:61:11:88:b9:b6:48:a7:8e:12:8c:a9:
21:f8:7f:22:f3:26:89:38:ba:66:9e:a2:97:44:bc:
df:37:02:4d:fe:a7:9b:f4:f2:d5:06:86:c9:e0:a5:
99:68:1f:d9:45:1f:14:15:f8:eb:44:36:6f:92:c1:
14:be:82:14:a5:a5:4a:75:4a:03:40:c7:58:0b:72:
0b:25:8a:ae:d7:cb:dd:13:b2:d6:eb:c3:e6:7b:eb:
6b:b0:70:c2:ea:02:1b:d2:f0:e9:97:e3:c0:13:f5:
d2:d8:0e:55:58:05:6f:a0:3b:2f:c8:d6:18:39:0d:
1f:bb:c2:78:99:f8:0d:bb:30:2d:24:c3:1f:e1:f7:
d0:72:b2:43:37:a1:c2:3b:a6:f0:cf:9f:26:15:e9:
a2:c3:a4:ee:44:3f:43:d2:bb:31:ef:e9:4e:85:56:
e0:97:1e:42:76:a8:5b:b7:0c:c8:16:be:11:7a:05:
3f:6d:5a:6d:d9:40:c0:de:11:69:e6:56:8d:a9:11:
45:b5:52:2f:a7:11:f7:f5:9d:62:c7:16:41:d2:a7:
8f:b0:87:02:f4:04:8c:b1:50:27:2e:a2:12:b4:82:
ff:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:D5:2A:EE:06:07:F4:D7:D9:43:80:75:29:50:7A:45:A9:96:D4:43
X509v3 Authority Key Identifier:
keyid:2F:7A:46:4B:89:48:41:B3:B9:40:E0:B3:57:B8:65:E3:93:B1:DD:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L3pGS4lIQbO5QOCzV7hl45Ox3UY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/stUq7gYH9NfZQ4B1KVB6RamW1EM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/L3pGS4lIQbO5QOCzV7hl45Ox3UY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.221.0/24
185.137.223.0/24
IPv6:
2a0a:a501::-2a0a:a507:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
32:ba:8a:12:8a:0e:81:69:5c:1f:f0:2b:92:54:5b:13:0f:b9:
34:1c:28:cc:68:a0:ac:ca:0e:b8:a7:f2:df:1c:bc:f1:7d:a7:
58:30:a8:cd:b7:6e:ad:2e:89:4f:82:b8:c5:17:d0:d5:91:7b:
d9:91:06:a3:2e:dc:95:cb:e4:4f:8a:12:29:b4:6d:11:31:f1:
6a:72:f6:de:c8:15:a2:20:18:7c:70:ee:b4:04:45:8c:43:10:
ff:87:cc:9c:cd:53:70:b7:58:34:47:73:f2:c5:59:8d:09:ef:
d3:92:4e:5c:0f:28:2a:0a:93:c4:53:e0:d9:d2:89:17:3b:fe:
64:35:55:bf:6f:74:7b:10:5c:cf:1c:32:b0:22:a7:e5:a0:78:
47:d9:ba:c9:d4:44:ba:f5:72:ae:32:6d:56:20:bf:ad:45:e8:
7f:9c:66:f0:74:77:47:7a:7e:f8:d9:b3:87:38:49:b4:dd:b0:
55:83:ac:10:d0:2b:83:cf:a6:8c:55:c2:c8:9f:b4:00:38:b6:
f5:e0:1e:36:02:c6:77:5c:f1:37:b1:8b:ca:07:95:25:48:54:
7c:65:e8:55:71:43:b3:21:1b:dc:b6:0f:c9:fc:6f:dc:e7:38:
67:31:fb:f3:e3:12:98:98:84:6d:c7:11:b9:25:a4:b7:7c:a5:
0b:aa:ea:12
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZPFPc/NNWZqIQQtt2zZau5aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmN2E0NjRiODk0ODQxYjNiOTQwZTBiMzU3Yjg2NWUzOTNi
MWRkNDYwHhcNMjQxMjE0MTI1NjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmQ1MmFlZTA2MDdmNGQ3ZDk0MzgwNzUyOTUwN2E0NWE5OTZkNDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqGG9G52YgWBmRGDs5yZ5WRaqEfk
BcD66kxdZdlLpwHpYRGIubZIp44SjKkh+H8i8yaJOLpmnqKXRLzfNwJN/qeb9PLV
BobJ4KWZaB/ZRR8UFfjrRDZvksEUvoIUpaVKdUoDQMdYC3ILJYqu18vdE7LW68Pm
e+trsHDC6gIb0vDpl+PAE/XS2A5VWAVvoDsvyNYYOQ0fu8J4mfgNuzAtJMMf4ffQ
crJDN6HCO6bwz58mFemiw6TuRD9D0rsx7+lOhVbglx5CdqhbtwzIFr4RegU/bVpt
2UDA3hFp5laNqRFFtVIvpxH39Z1ixxZB0qePsIcC9ASMsVAnLqIStIL/dQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLLVKu4GB/TX2UOAdSlQekWpltRDMB8GA1UdIwQY
MBaAFC96RkuJSEGzuUDgs1e4ZeOTsd1GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDNwR1M0bElRYk81UU9DelY3aGw0NU94M1VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iMmY3YTAtMDZjNC00YWI1LTg1YWEt
MTAxNDRjMWJjYWZjLzEvc3RVcTdnWUg5TmZaUTRCMUtWQjZSYW1XMUVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iMmY3YTAtMDZjNC00YWI1LTg1YWEtMTAxNDRjMWJjYWZj
LzEvTDNwR1M0bElRYk81UU9DelY3aGw0NU94M1VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAuYndAwQA
uYnfMBYEAgACMBAwDgMFACoKpQEDBQMqCqUAMA0GCSqGSIb3DQEBCwUAA4IBAQAy
uooSig6BaVwf8CuSVFsTD7k0HCjMaKCsyg64p/LfHLzxfadYMKjNt26tLolPgrjF
F9DVkXvZkQajLtyVy+RPihIptG0RMfFqcvbeyBWiIBh8cO60BEWMQxD/h8yczVNw
t1g0R3PyxVmNCe/Tkk5cDygqCpPEU+DZ0okXO/5kNVW/b3R7EFzPHDKwIqfloHhH
2brJ1ES69XKuMm1WIL+tReh/nGbwdHdHen742bOHOEm03bBVg6wQ0CuDz6aMVcLI
n7QAOLb14B42AsZ3XPE3sYvKB5UlSFR8ZehVcUOzIRvctg/J/G/c5zhnMfvz4xKY
mIRtxxG5JaS3fKULquoS
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:03:55 2025 by rpki-client