Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/c38797-d7fa-4a57-9f83-a16a34c46f30/1/aJF-_eUqR8Yma02F31ybPienJuY.roa
File: aJF-_eUqR8Yma02F31ybPienJuY.roa (raw, json)
Hash identifier: duGwNDtPKrkB5Se3luyctTXBg25/A0K/ZPMK4FyGebo=
Subject key identifier: 68:91:7E:FD:E5:2A:47:C6:26:6B:4D:85:DF:5C:9B:3E:27:A7:26:E6
Certificate issuer: /CN=38879a78a58a485ccd8970f0432db8f3d771725b
Certificate serial: 019423D70363D3E53FCF86E70DA7F39266FD
Authority key identifier: 38:87:9A:78:A5:8A:48:5C:CD:89:70:F0:43:2D:B8:F3:D7:71:72:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OIeaeKWKSFzNiXDwQy2489dxcls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/c38797-d7fa-4a57-9f83-a16a34c46f30/1/aJF-_eUqR8Yma02F31ybPienJuY.roa
Signing time: Wed 01 Jan 2025 21:48:01 +0000
ROA not before: Wed 01 Jan 2025 21:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207006
IP address blocks: 185.196.232.0/22 maxlen: 24
2a0a:73c0::/29 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:03:63:d3:e5:3f:cf:86:e7:0d:a7:f3:92:66:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38879a78a58a485ccd8970f0432db8f3d771725b
Validity
Not Before: Jan 1 21:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68917efde52a47c6266b4d85df5c9b3e27a726e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:83:e0:f0:a9:53:e5:11:88:e2:cb:f0:53:7a:
ee:2b:18:1a:7b:76:3f:24:7a:34:3b:87:bc:d3:55:
9b:dc:fd:4f:77:db:37:03:30:7c:64:ff:a7:34:2c:
ef:cc:61:b3:03:d3:80:49:e1:d1:03:56:22:5d:a7:
19:73:4c:d2:eb:85:84:72:ba:27:c0:d5:e8:dc:00:
89:2c:bf:23:ad:84:b5:3c:9f:dd:05:2d:5a:e8:0f:
d0:82:4a:63:94:cd:b5:6f:be:92:15:9f:da:1e:75:
aa:42:5d:cf:0d:e5:62:44:17:bf:a8:48:51:c6:40:
e0:aa:7d:65:44:15:71:76:6e:6f:db:fe:62:f5:78:
33:7c:dd:b9:af:b0:87:b8:58:f7:ac:69:ac:09:31:
ab:62:ef:1b:25:9d:4b:76:92:47:8b:b3:a5:12:68:
5d:a0:cc:8f:a2:e6:50:6f:49:fd:5c:b0:ab:a8:b1:
c9:7b:f3:7b:96:fb:5a:40:77:75:a2:eb:64:c0:54:
3d:4d:35:f1:d2:98:6f:ff:ae:b8:1f:b9:c8:c6:dc:
52:6c:a7:08:7a:9e:5f:77:74:86:1a:e8:e6:2d:03:
77:0b:bd:c7:a3:19:47:69:ee:eb:b4:6b:c3:3e:2f:
71:bf:fc:dc:83:ea:2a:78:b8:db:26:14:15:4f:02:
3d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:91:7E:FD:E5:2A:47:C6:26:6B:4D:85:DF:5C:9B:3E:27:A7:26:E6
X509v3 Authority Key Identifier:
keyid:38:87:9A:78:A5:8A:48:5C:CD:89:70:F0:43:2D:B8:F3:D7:71:72:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OIeaeKWKSFzNiXDwQy2489dxcls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c38797-d7fa-4a57-9f83-a16a34c46f30/1/aJF-_eUqR8Yma02F31ybPienJuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c38797-d7fa-4a57-9f83-a16a34c46f30/1/OIeaeKWKSFzNiXDwQy2489dxcls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.232.0/22
IPv6:
2a0a:73c0::/29
Signature Algorithm: sha256WithRSAEncryption
a9:c6:69:de:54:3f:57:1e:19:5c:c3:84:b9:02:91:2a:6a:ad:
cf:5c:b2:87:9e:f0:a2:9e:88:56:f6:3f:f2:ff:b1:78:96:d0:
26:db:c7:7d:9b:6e:50:25:f5:3e:c9:ae:02:cf:87:8e:8d:df:
b4:ba:5f:1b:73:47:48:19:a1:96:29:60:b6:23:74:ce:89:63:
fe:bf:e0:91:0e:62:c9:46:ad:a5:2c:ce:8f:b0:ee:9c:31:70:
97:08:05:54:ac:7c:07:78:13:96:9d:15:33:2c:94:e0:66:6e:
bc:6a:0e:d1:01:aa:62:a9:b6:ec:d2:9d:81:d1:ff:f6:bc:c0:
81:c2:2f:b0:b7:d1:54:fe:f1:8e:83:7d:19:56:7c:7e:b1:dc:
0c:4c:f7:18:cb:16:97:7d:ab:64:58:b4:38:94:2a:7d:d2:a5:
e2:3c:08:45:10:1c:91:3c:9f:33:45:c1:c8:b4:d7:72:63:5f:
ca:de:70:37:c2:14:c9:ec:97:20:7f:e4:79:34:b4:1c:ff:7b:
28:9e:a5:96:b1:67:d7:34:90:19:5b:f2:8b:5e:9e:5a:d5:cf:
58:09:ac:fd:f8:e4:0c:96:24:62:30:5b:8d:d9:b0:2f:0b:e6:
4e:f7:1f:57:69:14:79:d2:cb:a2:48:00:a4:8e:76:87:0e:91:
c3:fd:5c:3f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQj1wNj0+U/z4bnDafzkmb9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ODc5YTc4YTU4YTQ4NWNjZDg5NzBmMDQzMmRiOGYzZDc3
MTcyNWIwHhcNMjUwMTAxMjE0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODkxN2VmZGU1MmE0N2M2MjY2YjRkODVkZjVjOWIzZTI3YTcyNmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4Pg8KlT5RGI4svwU3ruKxgae3Y/
JHo0O4e801Wb3P1Pd9s3AzB8ZP+nNCzvzGGzA9OASeHRA1YiXacZc0zS64WEcron
wNXo3ACJLL8jrYS1PJ/dBS1a6A/QgkpjlM21b76SFZ/aHnWqQl3PDeViRBe/qEhR
xkDgqn1lRBVxdm5v2/5i9XgzfN25r7CHuFj3rGmsCTGrYu8bJZ1LdpJHi7OlEmhd
oMyPouZQb0n9XLCrqLHJe/N7lvtaQHd1outkwFQ9TTXx0phv/664H7nIxtxSbKcI
ep5fd3SGGujmLQN3C73HoxlHae7rtGvDPi9xv/zcg+oqeLjbJhQVTwI9pQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGiRfv3lKkfGJmtNhd9cmz4npybmMB8GA1UdIwQY
MBaAFDiHmnilikhczYlw8EMtuPPXcXJbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0llYWVLV0tTRnpOaVhEd1F5MjQ4OWR4Y2xzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9jMzg3OTctZDdmYS00YTU3LTlmODMt
YTE2YTM0YzQ2ZjMwLzEvYUpGLV9lVXFSOFltYTAyRjMxeWJQaWVuSnVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9jMzg3OTctZDdmYS00YTU3LTlmODMtYTE2YTM0YzQ2ZjMw
LzEvT0llYWVLV0tTRnpOaVhEd1F5MjQ4OWR4Y2xzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucToMA0E
AgACMAcDBQMqCnPAMA0GCSqGSIb3DQEBCwUAA4IBAQCpxmneVD9XHhlcw4S5ApEq
aq3PXLKHnvCinohW9j/y/7F4ltAm28d9m25QJfU+ya4Cz4eOjd+0ul8bc0dIGaGW
KWC2I3TOiWP+v+CRDmLJRq2lLM6PsO6cMXCXCAVUrHwHeBOWnRUzLJTgZm68ag7R
Aapiqbbs0p2B0f/2vMCBwi+wt9FU/vGOg30ZVnx+sdwMTPcYyxaXfatkWLQ4lCp9
0qXiPAhFEByRPJ8zRcHItNdyY1/K3nA3whTJ7Jcgf+R5NLQc/3sonqWWsWfXNJAZ
W/KLXp5a1c9YCaz9+OQMliRiMFuN2bAvC+ZO9x9XaRR50suiSACkjnaHDpHD/Vw/
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:56:59 2025 by rpki-client