Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/tX7pIK0_Y0DkC_cQB792D8KfMpI.roa
File: tX7pIK0_Y0DkC_cQB792D8KfMpI.roa (raw, json)
Hash identifier: 6bt98IzDmAFpK9cQatBo1xPLFut1eb0d15KmkgIc6Y0=
Subject key identifier: B5:7E:E9:20:AD:3F:63:40:E4:0B:F7:10:07:BF:76:0F:C2:9F:32:92
Certificate issuer: /CN=dac79d2855b897418208d47ba6e51460015b5d7b
Certificate serial: 0194244597AEC4C53360108D8F850BC527B1
Authority key identifier: DA:C7:9D:28:55:B8:97:41:82:08:D4:7B:A6:E5:14:60:01:5B:5D:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2sedKFW4l0GCCNR7puUUYAFbXXs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/tX7pIK0_Y0DkC_cQB792D8KfMpI.roa
Signing time: Wed 01 Jan 2025 23:48:48 +0000
ROA not before: Wed 01 Jan 2025 23:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 185.154.216.0/22 maxlen: 24
213.184.80.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:97:ae:c4:c5:33:60:10:8d:8f:85:0b:c5:27:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dac79d2855b897418208d47ba6e51460015b5d7b
Validity
Not Before: Jan 1 23:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b57ee920ad3f6340e40bf71007bf760fc29f3292
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:e2:e8:b1:ef:96:91:76:71:24:dd:c5:a0:84:
57:a4:e7:ff:9e:32:10:66:b5:ee:69:71:93:1d:72:
e3:ed:ea:e0:d8:41:e3:44:a2:62:d0:41:03:e5:45:
12:4b:f3:b3:0f:42:70:43:33:00:50:22:6e:4f:41:
16:c4:b1:de:15:5f:5a:7e:39:cc:c4:3c:99:6a:5c:
c2:e9:75:ef:6b:bd:3f:d5:2d:b9:ea:d1:46:50:d5:
0f:de:3b:9c:6b:d9:8c:41:08:8d:57:72:6b:30:b9:
1b:4a:5e:fa:af:a8:52:8d:6c:7a:1b:e0:a4:77:9e:
76:68:5d:75:1d:53:db:4c:1f:b0:7b:44:13:d2:b0:
82:93:5e:bd:e6:23:68:ff:87:2d:0e:4b:c3:36:d2:
0b:0d:cc:bf:4a:1a:bd:05:12:17:d6:e6:7e:39:ab:
e6:02:74:4e:9a:2a:84:3f:ce:99:6b:5b:8d:17:c8:
d5:61:3d:a3:61:86:13:78:50:f6:72:09:2b:c9:4e:
83:af:81:62:35:c4:29:c5:eb:fe:96:69:8e:e8:67:
59:8f:68:d3:11:40:09:b9:f7:2f:87:aa:fc:a9:e2:
c8:5a:41:98:85:7f:09:a6:e2:8b:bd:40:3b:fb:9b:
4c:1c:10:0b:4c:64:71:b7:71:aa:b9:a8:2d:f4:2e:
39:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:7E:E9:20:AD:3F:63:40:E4:0B:F7:10:07:BF:76:0F:C2:9F:32:92
X509v3 Authority Key Identifier:
keyid:DA:C7:9D:28:55:B8:97:41:82:08:D4:7B:A6:E5:14:60:01:5B:5D:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2sedKFW4l0GCCNR7puUUYAFbXXs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/tX7pIK0_Y0DkC_cQB792D8KfMpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/2sedKFW4l0GCCNR7puUUYAFbXXs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.216.0/22
213.184.80.0/22
Signature Algorithm: sha256WithRSAEncryption
08:2a:24:6c:c0:2b:e5:6b:7c:89:f4:fb:38:4c:b5:40:63:aa:
6f:bf:18:f0:3d:1f:be:46:4b:a5:d8:a4:35:59:43:a2:41:6c:
df:d8:bb:d5:64:46:f5:58:cb:da:6f:85:85:9b:cf:00:ac:53:
4d:fc:60:21:31:13:af:9b:91:b9:eb:8f:dc:c7:db:28:9a:d4:
25:53:ef:56:75:95:13:14:20:eb:2f:2f:0c:f9:de:0c:f8:81:
2c:9c:62:fb:88:9a:95:81:b4:e8:82:46:ad:ae:e4:ef:14:cb:
1b:59:e7:c9:41:4f:d8:1e:7c:fb:4a:51:26:ac:9a:24:e5:6e:
9f:06:a6:e3:54:0f:2d:ff:f3:5a:1a:93:a0:67:25:77:ad:a3:
2c:de:7c:f5:92:03:e8:a8:35:c1:f5:8a:94:f9:91:77:ac:2f:
ce:7a:0c:e8:a8:41:5b:91:08:89:56:f4:2e:c8:01:d5:61:96:
89:33:06:93:8a:91:d7:41:3c:10:c5:11:a7:fd:40:d0:b1:62:
b7:63:40:68:d3:ea:b9:fa:20:4b:29:ff:97:d5:c5:46:7b:f9:
71:b4:8c:08:4b:cf:1a:5f:79:7c:dd:c6:1d:19:85:b8:48:80:
55:30:c5:ce:6a:52:a2:75:33:28:11:00:da:8b:7a:38:75:2c:
37:2e:d7:7c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQkRZeuxMUzYBCNj4ULxSexMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYzc5ZDI4NTViODk3NDE4MjA4ZDQ3YmE2ZTUxNDYwMDE1
YjVkN2IwHhcNMjUwMTAxMjM0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTdlZTkyMGFkM2Y2MzQwZTQwYmY3MTAwN2JmNzYwZmMyOWYzMjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6+Lose+WkXZxJN3FoIRXpOf/njIQ
ZrXuaXGTHXLj7erg2EHjRKJi0EED5UUSS/OzD0JwQzMAUCJuT0EWxLHeFV9afjnM
xDyZalzC6XXva70/1S256tFGUNUP3juca9mMQQiNV3JrMLkbSl76r6hSjWx6G+Ck
d552aF11HVPbTB+we0QT0rCCk1695iNo/4ctDkvDNtILDcy/Shq9BRIX1uZ+Oavm
AnROmiqEP86Za1uNF8jVYT2jYYYTeFD2cgkryU6Dr4FiNcQpxev+lmmO6GdZj2jT
EUAJufcvh6r8qeLIWkGYhX8JpuKLvUA7+5tMHBALTGRxt3Gquagt9C45bQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLV+6SCtP2NA5Av3EAe/dg/CnzKSMB8GA1UdIwQY
MBaAFNrHnShVuJdBggjUe6blFGABW117MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnNlZEtGVzRsMEdDQ05SN3B1VVVZQUZiWFhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny81YjExNDktNjQ3ZC00MDY3LTk4MDct
NDQ1ZDQ1ODhjMzEyLzEvdFg3cElLMF9ZMERrQ19jUUI3OTJEOEtmTXBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny81YjExNDktNjQ3ZC00MDY3LTk4MDctNDQ1ZDQ1ODhjMzEy
LzEvMnNlZEtGVzRsMEdDQ05SN3B1VVVZQUZiWFhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuZrYAwQC
1bhQMA0GCSqGSIb3DQEBCwUAA4IBAQAIKiRswCvla3yJ9Ps4TLVAY6pvvxjwPR++
Rkul2KQ1WUOiQWzf2LvVZEb1WMvab4WFm88ArFNN/GAhMROvm5G564/cx9somtQl
U+9WdZUTFCDrLy8M+d4M+IEsnGL7iJqVgbTogkatruTvFMsbWefJQU/YHnz7SlEm
rJok5W6fBqbjVA8t//NaGpOgZyV3raMs3nz1kgPoqDXB9YqU+ZF3rC/OegzoqEFb
kQiJVvQuyAHVYZaJMwaTipHXQTwQxRGn/UDQsWK3Y0Bo0+q5+iBLKf+X1cVGe/lx
tIwIS88aX3l83cYdGYW4SIBVMMXOalKidTMoEQDai3o4dSw3Ltd8
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:34:41 2025 by rpki-client