Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/c7c4a8-342c-4ed9-b521-a2fa42ec362e/1/_6LgpWRPcAwIPHOUKx8OJOtqXnQ.roa
File: _6LgpWRPcAwIPHOUKx8OJOtqXnQ.roa (raw, json)
Hash identifier: MR7RTnEOF7vDIY/SF2RkSh5esn3JfTaOEVVT8xWKpbY=
Subject key identifier: FF:A2:E0:A5:64:4F:70:0C:08:3C:73:94:2B:1F:0E:24:EB:6A:5E:74
Certificate issuer: /CN=b70d0e166fa5f2c7855b024b35c47e57bdc55656
Certificate serial: 04AFD0C9
Authority key identifier: B7:0D:0E:16:6F:A5:F2:C7:85:5B:02:4B:35:C4:7E:57:BD:C5:56:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tw0OFm-l8seFWwJLNcR-V73FVlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/c7c4a8-342c-4ed9-b521-a2fa42ec362e/1/_6LgpWRPcAwIPHOUKx8OJOtqXnQ.roa
Signing time: Sat 01 Jan 2022 10:03:20 +0000
ROA not before: Sat 01 Jan 2022 10:03:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212815
IP address blocks: 185.171.202.0/24 maxlen: 24
2a10:4640:2::/48 maxlen: 48
2a10:4640::/48 maxlen: 48
2a10:4640:3::/48 maxlen: 48
2a10:4640:1::/48 maxlen: 48
2a10:4640:ffff::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78631113 (0x4afd0c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b70d0e166fa5f2c7855b024b35c47e57bdc55656
Validity
Not Before: Jan 1 10:03:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ffa2e0a5644f700c083c73942b1f0e24eb6a5e74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:3e:a1:e9:37:c2:db:db:c7:1f:1c:e2:53:41:
9d:77:a8:98:aa:9b:1e:a0:44:f8:62:82:bc:87:ff:
c8:c8:75:48:c1:75:9e:1e:8b:f5:fe:50:2e:3a:ba:
99:a7:87:b8:5f:0d:2f:08:61:67:23:51:15:9f:3e:
da:39:24:bd:01:90:9d:9f:ca:d4:53:9a:68:51:08:
5c:bc:1e:21:da:8d:80:f1:2f:82:6a:78:f8:0c:a6:
86:7e:7f:fa:a0:7a:99:54:49:9b:da:bc:5f:f4:1a:
0c:29:52:01:af:5f:5f:15:87:a5:14:34:6b:e2:c2:
2e:fd:6a:76:2d:c9:86:66:6e:5f:86:0e:b3:cd:14:
59:ef:af:a5:59:03:fd:da:53:c2:84:c6:98:2c:71:
07:b7:b7:48:4b:32:79:15:27:c5:cb:c5:fa:13:d4:
dd:31:00:b8:3a:c2:9f:5e:f3:3f:48:b3:96:05:37:
05:4d:22:62:f5:36:7b:e6:81:80:27:bd:d8:0f:3e:
65:3a:ef:6e:95:17:e5:29:2e:eb:b1:44:1a:22:3f:
10:2f:49:8b:04:ec:f5:3e:72:46:3a:4f:fa:6c:34:
1a:64:d4:e5:9f:02:16:62:7a:60:1f:dd:71:32:b3:
e2:e5:b1:c8:10:4c:13:a1:1a:ee:2d:50:ac:f3:45:
b4:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:A2:E0:A5:64:4F:70:0C:08:3C:73:94:2B:1F:0E:24:EB:6A:5E:74
X509v3 Authority Key Identifier:
keyid:B7:0D:0E:16:6F:A5:F2:C7:85:5B:02:4B:35:C4:7E:57:BD:C5:56:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tw0OFm-l8seFWwJLNcR-V73FVlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/c7c4a8-342c-4ed9-b521-a2fa42ec362e/1/_6LgpWRPcAwIPHOUKx8OJOtqXnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/c7c4a8-342c-4ed9-b521-a2fa42ec362e/1/tw0OFm-l8seFWwJLNcR-V73FVlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.202.0/24
IPv6:
2a10:4640::/46
2a10:4640:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
3f:9c:23:e8:5e:ea:c5:99:1e:f0:42:2d:0b:38:80:22:d8:e8:
b7:d1:83:1b:2f:69:64:5b:88:c7:a8:e9:1d:60:ae:a9:8f:c1:
b0:1c:ba:79:41:da:d1:80:6e:ea:a1:9f:4e:aa:52:6b:99:32:
40:1c:62:56:ae:c3:0e:52:6d:0a:c2:66:d5:a0:b9:79:04:2e:
a9:c3:89:71:74:c7:da:c9:76:af:c0:e9:4c:b1:50:57:19:8e:
58:df:01:b1:99:33:ee:6b:ea:76:c3:11:77:60:15:fc:3e:43:
e3:06:b7:a3:7e:1e:84:e2:2a:4e:6d:ad:b4:9f:21:cb:2f:89:
8e:9b:c5:77:94:5d:59:c0:a6:f6:f9:8f:c7:e4:2e:5d:6e:20:
e2:e2:d1:c6:cc:d3:c8:cc:a1:9f:24:c5:86:cc:ed:b4:6a:73:
0e:00:4f:81:ff:ae:00:aa:27:1f:3d:36:6f:43:f7:be:8e:02:
dd:02:39:11:df:89:b6:3a:8e:6a:13:9d:8a:5f:bf:ba:bd:82:
b8:18:4c:e3:89:91:05:04:4b:60:7d:bf:6c:8e:c6:35:3b:6c:
36:a2:07:a8:88:64:d2:89:cc:ef:87:2a:f9:ec:85:e3:ab:d7:
b9:1f:ee:40:f1:ef:fa:08:a1:39:fe:15:26:d4:31:64:46:04:
8c:d4:ed:ca
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEBK/QyTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NzBkMGUxNjZmYTVmMmM3ODU1YjAyNGIzNWM0N2U1N2JkYzU1NjU2MB4XDTIyMDEw
MTEwMDMyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmZhMmUwYTU2NDRm
NzAwYzA4M2M3Mzk0MmIxZjBlMjRlYjZhNWU3NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMk+oek3wtvbxx8c4lNBnXeomKqbHqBE+GKCvIf/yMh1SMF1
nh6L9f5QLjq6maeHuF8NLwhhZyNRFZ8+2jkkvQGQnZ/K1FOaaFEIXLweIdqNgPEv
gmp4+Aymhn5/+qB6mVRJm9q8X/QaDClSAa9fXxWHpRQ0a+LCLv1qdi3JhmZuX4YO
s80UWe+vpVkD/dpTwoTGmCxxB7e3SEsyeRUnxcvF+hPU3TEAuDrCn17zP0izlgU3
BU0iYvU2e+aBgCe92A8+ZTrvbpUX5Sku67FEGiI/EC9JiwTs9T5yRjpP+mw0GmTU
5Z8CFmJ6YB/dcTKz4uWxyBBME6Ea7i1QrPNFtJ8CAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBT/ouClZE9wDAg8c5QrHw4k62pedDAfBgNVHSMEGDAWgBS3DQ4Wb6Xyx4Vb
Aks1xH5XvcVWVjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3R3ME9GbS1sOHNlRld3SkxOY1ItVjczRlZsWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjkvYzdjNGE4LTM0MmMtNGVkOS1iNTIxLWEyZmE0MmVjMzYyZS8x
L182TGdwV1JQY0F3SVBIT1VLeDhPSk90cVhuUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkv
YzdjNGE4LTM0MmMtNGVkOS1iNTIxLWEyZmE0MmVjMzYyZS8xL3R3ME9GbS1sOHNl
Rld3SkxOY1ItVjczRlZsWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwDAQCAAEwBgMEALmryjAYBAIAAjASAwcCKhBGQAAA
AwcAKhBGQP//MA0GCSqGSIb3DQEBCwUAA4IBAQA/nCPoXurFmR7wQi0LOIAi2Oi3
0YMbL2lkW4jHqOkdYK6pj8GwHLp5QdrRgG7qoZ9OqlJrmTJAHGJWrsMOUm0KwmbV
oLl5BC6pw4lxdMfayXavwOlMsVBXGY5Y3wGxmTPua+p2wxF3YBX8PkPjBrejfh6E
4ipOba20nyHLL4mOm8V3lF1ZwKb2+Y/H5C5dbiDi4tHGzNPIzKGfJMWGzO20anMO
AE+B/64AqicfPTZvQ/e+jgLdAjkR34m2Oo5qE52KX7+6vYK4GEzjiZEFBEtgfb9s
jsY1O2w2ogeoiGTSiczvhyr57IXjq9e5H+5A8e/6CKE5/hUm1DFkRgSM1O3K
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:19 2025 by rpki-client