Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/28bef5-75d6-421e-a323-47b7c2bc3d02/1/7bXWz6UGj34x8B20q3ImeOrdzYM.roa
File: 7bXWz6UGj34x8B20q3ImeOrdzYM.roa (raw, json)
Hash identifier: Z/7eUftRVw0gbdyAq9R3ehwHjjcSbBT9ICFbkyjC3sw=
Subject key identifier: ED:B5:D6:CF:A5:06:8F:7E:31:F0:1D:B4:AB:72:26:78:EA:DD:CD:83
Certificate issuer: /CN=bef5ce4a1f3b774f4abfad3dd75783ca9e6b98c2
Certificate serial: 01856C7815C7F0ED694C55789531CDA2BD24
Authority key identifier: BE:F5:CE:4A:1F:3B:77:4F:4A:BF:AD:3D:D7:57:83:CA:9E:6B:98:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vvXOSh87d09Kv60911eDyp5rmMI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/28bef5-75d6-421e-a323-47b7c2bc3d02/1/7bXWz6UGj34x8B20q3ImeOrdzYM.roa
Signing time: Sun 01 Jan 2023 08:34:47 +0000
ROA not before: Sun 01 Jan 2023 08:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8823
IP address blocks: 185.240.72.0/22 maxlen: 22
2a0c:7580::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:15:c7:f0:ed:69:4c:55:78:95:31:cd:a2:bd:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bef5ce4a1f3b774f4abfad3dd75783ca9e6b98c2
Validity
Not Before: Jan 1 08:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=edb5d6cfa5068f7e31f01db4ab722678eaddcd83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b6:15:1e:81:f0:58:2d:93:eb:1c:44:85:53:
4a:f2:36:1b:b5:3e:4d:ea:34:b8:be:3c:0c:61:c0:
1f:b2:25:8f:f0:d2:d1:53:3a:d9:2c:57:e1:38:16:
50:6a:5a:13:e7:31:99:bc:b8:c1:68:4a:a2:59:89:
1c:12:72:cd:86:88:88:94:b5:8c:2f:cb:62:04:35:
90:b8:80:06:74:ad:32:57:5c:c8:87:21:68:c4:04:
b6:22:85:53:54:73:17:e6:ed:ec:8d:8b:84:3a:03:
b0:ee:78:e4:68:cf:ca:ee:3d:f3:f0:87:ee:ac:33:
a5:03:57:ee:05:7b:08:6b:df:97:5e:44:2d:c7:9c:
af:68:b3:fd:1d:ba:a8:72:5d:72:74:1e:1f:31:88:
35:93:22:a8:94:7c:6b:8d:56:f0:db:6d:71:10:9d:
76:20:f7:ab:65:e3:10:18:f5:87:3f:20:1e:73:e1:
e5:0b:ac:ef:ac:fd:7c:60:86:6f:b4:f1:23:36:31:
a2:eb:66:b8:4f:1f:0a:d3:46:f7:80:73:b5:c2:35:
06:e0:68:e3:bc:e3:57:9c:47:5f:03:a1:c5:6e:09:
b6:fa:9b:20:d3:ee:83:bb:c5:cc:03:d9:07:d1:7a:
d8:77:42:f6:42:76:1f:ee:63:e6:32:ea:5d:62:52:
d1:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:B5:D6:CF:A5:06:8F:7E:31:F0:1D:B4:AB:72:26:78:EA:DD:CD:83
X509v3 Authority Key Identifier:
keyid:BE:F5:CE:4A:1F:3B:77:4F:4A:BF:AD:3D:D7:57:83:CA:9E:6B:98:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vvXOSh87d09Kv60911eDyp5rmMI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/28bef5-75d6-421e-a323-47b7c2bc3d02/1/7bXWz6UGj34x8B20q3ImeOrdzYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/28bef5-75d6-421e-a323-47b7c2bc3d02/1/vvXOSh87d09Kv60911eDyp5rmMI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.72.0/22
IPv6:
2a0c:7580::/29
Signature Algorithm: sha256WithRSAEncryption
bc:52:ad:7c:4a:fa:72:fa:e3:cc:43:55:31:0a:20:cd:ea:ea:
af:14:56:52:c7:d4:14:cf:a2:82:17:a8:5c:d0:fb:61:ae:b5:
f1:dd:58:33:26:e9:79:90:d3:79:9a:e6:e4:78:8f:ca:3a:de:
09:43:f0:26:eb:74:52:52:51:11:99:41:e5:e9:fe:75:e6:de:
9f:67:f4:5d:06:48:d1:d9:a3:fe:42:a8:ac:35:d0:09:bf:d6:
d7:5d:3e:fe:e8:10:31:a2:6b:f3:3b:d5:dd:f6:19:a0:47:69:
d2:80:2e:13:67:c3:30:87:05:53:a5:51:91:f0:40:cb:2b:c7:
61:d7:b5:fa:56:56:2a:1e:ea:37:b3:05:1d:0e:2e:e5:7e:26:
c4:52:ec:10:b9:94:4f:a6:74:11:17:33:02:3c:51:e0:3c:b4:
e9:92:88:7f:79:1b:63:09:ac:c8:0d:81:d2:ad:e4:bd:bd:68:
22:45:8e:1f:fe:97:d9:39:07:22:ff:2f:25:76:91:c8:63:5a:
70:53:8c:38:40:ed:3a:76:aa:77:26:7e:f7:41:99:72:56:f3:
47:bc:68:1d:f8:7a:46:e5:c8:3f:11:c8:7a:cb:48:9a:58:61:
b2:d5:fa:2b:32:89:5f:a7:4d:7d:a2:d9:d6:1d:81:fc:15:51:
bc:5d:19:60
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVseBXH8O1pTFV4lTHNor0kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlZjVjZTRhMWYzYjc3NGY0YWJmYWQzZGQ3NTc4M2NhOWU2
Yjk4YzIwHhcNMjMwMTAxMDgzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGI1ZDZjZmE1MDY4ZjdlMzFmMDFkYjRhYjcyMjY3OGVhZGRjZDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLYVHoHwWC2T6xxEhVNK8jYbtT5N
6jS4vjwMYcAfsiWP8NLRUzrZLFfhOBZQaloT5zGZvLjBaEqiWYkcEnLNhoiIlLWM
L8tiBDWQuIAGdK0yV1zIhyFoxAS2IoVTVHMX5u3sjYuEOgOw7njkaM/K7j3z8Ifu
rDOlA1fuBXsIa9+XXkQtx5yvaLP9Hbqocl1ydB4fMYg1kyKolHxrjVbw221xEJ12
IPerZeMQGPWHPyAec+HlC6zvrP18YIZvtPEjNjGi62a4Tx8K00b3gHO1wjUG4Gjj
vONXnEdfA6HFbgm2+psg0+6Du8XMA9kH0XrYd0L2QnYf7mPmMupdYlLRvQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFO211s+lBo9+MfAdtKtyJnjq3c2DMB8GA1UdIwQY
MBaAFL71zkofO3dPSr+tPddXg8qea5jCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnZYT1NoODdkMDlLdjYwOTExZUR5cDVybU1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8yOGJlZjUtNzVkNi00MjFlLWEzMjMt
NDdiN2MyYmMzZDAyLzEvN2JYV3o2VUdqMzR4OEIyMHEzSW1lT3JkellNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8yOGJlZjUtNzVkNi00MjFlLWEzMjMtNDdiN2MyYmMzZDAy
LzEvdnZYT1NoODdkMDlLdjYwOTExZUR5cDVybU1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufBIMA0E
AgACMAcDBQMqDHWAMA0GCSqGSIb3DQEBCwUAA4IBAQC8Uq18Svpy+uPMQ1UxCiDN
6uqvFFZSx9QUz6KCF6hc0PthrrXx3VgzJul5kNN5mubkeI/KOt4JQ/Am63RSUlER
mUHl6f515t6fZ/RdBkjR2aP+QqisNdAJv9bXXT7+6BAxomvzO9Xd9hmgR2nSgC4T
Z8MwhwVTpVGR8EDLK8dh17X6VlYqHuo3swUdDi7lfibEUuwQuZRPpnQRFzMCPFHg
PLTpkoh/eRtjCazIDYHSreS9vWgiRY4f/pfZOQci/y8ldpHIY1pwU4w4QO06dqp3
Jn73QZlyVvNHvGgd+HpG5cg/Ech6y0iaWGGy1forMolfp019otnWHYH8FVG8XRlg
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:06:48 2025 by rpki-client