Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/3364ed-c5f9-4631-b95c-f26b1551e0f5/1/ngUa1pesFKvLoajhMtbqlZ_ssKs.roa
File: ngUa1pesFKvLoajhMtbqlZ_ssKs.roa (raw, json)
Hash identifier: 454KxGmY1ND4wLcXkDy1Ul9oTXHC8q/eXf4WKpV2wME=
Subject key identifier: 9E:05:1A:D6:97:AC:14:AB:CB:A1:A8:E1:32:D6:EA:95:9F:EC:B0:AB
Certificate issuer: /CN=2f1e253977bf583e0e420ec977a8ecf4ed154dbe
Certificate serial: 01856EC2221F724D1FD38C2D7B70D3EBE372
Authority key identifier: 2F:1E:25:39:77:BF:58:3E:0E:42:0E:C9:77:A8:EC:F4:ED:15:4D:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lx4lOXe_WD4OQg7Jd6js9O0VTb4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/3364ed-c5f9-4631-b95c-f26b1551e0f5/1/ngUa1pesFKvLoajhMtbqlZ_ssKs.roa
Signing time: Sun 01 Jan 2023 19:14:54 +0000
ROA not before: Sun 01 Jan 2023 19:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60729
IP address blocks: 185.220.101.0/24 maxlen: 24
185.220.102.0/24 maxlen: 24
2a0b:f4c1:2::/48 maxlen: 48
2a0b:f4c1::/40 maxlen: 48
2a0b:f4c2::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:22:1f:72:4d:1f:d3:8c:2d:7b:70:d3:eb:e3:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f1e253977bf583e0e420ec977a8ecf4ed154dbe
Validity
Not Before: Jan 1 19:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e051ad697ac14abcba1a8e132d6ea959fecb0ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e5:47:4e:45:ff:76:90:4d:0c:fe:ee:29:0b:
cf:db:b0:e3:8c:86:a4:93:1b:05:b7:cb:1b:b1:7e:
13:d3:87:a2:ba:fe:7e:b9:a3:d7:7a:5f:cf:90:17:
3d:e2:2f:0e:ab:25:ea:90:d0:94:ca:c3:05:85:61:
78:94:38:37:30:1f:0c:65:4a:e6:20:ec:c4:43:f6:
99:3c:a4:0c:da:d6:d5:cc:b3:8f:bf:41:01:fb:64:
06:d6:1e:b5:b9:ca:45:c5:3b:7d:5f:fe:ed:61:57:
bf:09:3f:2d:5b:3f:5a:75:2a:82:ce:39:ec:0a:67:
11:8a:26:10:9d:fd:3d:fd:08:d7:7c:64:ea:59:3f:
11:7d:fe:fb:3d:13:f7:09:d5:1b:fc:b3:8c:c5:b4:
3d:60:f3:eb:e9:45:df:49:3f:7a:3b:01:2b:a2:b1:
82:7c:b6:85:f8:7e:49:42:89:47:92:c9:05:5d:b4:
98:f9:11:0d:ee:9f:bb:c1:9e:97:29:e4:8e:66:c7:
0f:ed:49:dd:97:cc:ad:89:4f:be:0f:4d:32:cf:dd:
b1:e8:8e:9b:b8:4c:f9:b3:11:cd:e6:b4:38:ee:65:
d8:4e:0e:c7:f9:03:56:2c:94:e4:43:4b:d9:1f:af:
da:f2:1a:90:86:ab:64:d8:ea:6d:ea:03:e1:79:f3:
f3:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:05:1A:D6:97:AC:14:AB:CB:A1:A8:E1:32:D6:EA:95:9F:EC:B0:AB
X509v3 Authority Key Identifier:
keyid:2F:1E:25:39:77:BF:58:3E:0E:42:0E:C9:77:A8:EC:F4:ED:15:4D:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lx4lOXe_WD4OQg7Jd6js9O0VTb4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/3364ed-c5f9-4631-b95c-f26b1551e0f5/1/ngUa1pesFKvLoajhMtbqlZ_ssKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/3364ed-c5f9-4631-b95c-f26b1551e0f5/1/Lx4lOXe_WD4OQg7Jd6js9O0VTb4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.101.0-185.220.102.255
IPv6:
2a0b:f4c1::/40
2a0b:f4c2::/40
Signature Algorithm: sha256WithRSAEncryption
2a:c7:ed:47:03:a4:eb:8e:89:31:42:4a:79:6f:94:46:00:61:
29:1d:9f:0f:72:1b:cd:ac:d7:a8:99:b0:89:5d:64:95:b2:7f:
52:b5:18:a4:aa:80:53:a5:23:36:f4:11:06:47:aa:f8:b8:23:
6f:e6:22:c0:db:3a:47:a8:bd:c7:95:ef:68:bf:6e:d4:4b:28:
cc:22:34:7b:77:7b:f8:be:af:f8:1b:cf:3c:b2:69:cf:02:56:
2e:1b:72:c9:50:70:38:1b:16:ee:fb:99:f0:d2:2f:48:1d:e7:
7e:b3:29:b9:81:95:9c:d1:7a:23:34:b5:ce:07:22:3d:46:fd:
1f:73:d7:6c:13:df:5e:df:ff:35:0d:d5:90:56:df:92:49:25:
54:7a:93:ba:bf:7f:86:2f:17:3c:a6:57:88:03:6a:af:8e:73:
b2:97:82:96:0f:a4:ac:bc:e8:e9:fe:25:97:1b:4c:dd:cc:88:
e5:7c:1e:46:68:a8:fa:c6:42:ac:21:c8:7b:1d:b4:4b:85:92:
62:51:90:8b:02:3c:7f:3e:11:cc:fd:06:83:cc:de:0e:b6:cf:
0d:78:ad:cc:ce:11:9c:bf:e6:9b:b3:28:66:67:35:71:bd:ee:
40:ed:34:e7:6b:74:fe:e6:0c:81:54:4b:55:04:b3:f9:4b:e6:
60:d1:09:d2
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVuwiIfck0f04wte3DT6+NyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMWUyNTM5NzdiZjU4M2UwZTQyMGVjOTc3YThlY2Y0ZWQx
NTRkYmUwHhcNMjMwMTAxMTkxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTA1MWFkNjk3YWMxNGFiY2JhMWE4ZTEzMmQ2ZWE5NTlmZWNiMGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOVHTkX/dpBNDP7uKQvP27DjjIak
kxsFt8sbsX4T04eiuv5+uaPXel/PkBc94i8OqyXqkNCUysMFhWF4lDg3MB8MZUrm
IOzEQ/aZPKQM2tbVzLOPv0EB+2QG1h61ucpFxTt9X/7tYVe/CT8tWz9adSqCzjns
CmcRiiYQnf09/QjXfGTqWT8Rff77PRP3CdUb/LOMxbQ9YPPr6UXfST96OwErorGC
fLaF+H5JQolHkskFXbSY+REN7p+7wZ6XKeSOZscP7Undl8ytiU++D00yz92x6I6b
uEz5sxHN5rQ47mXYTg7H+QNWLJTkQ0vZH6/a8hqQhqtk2Opt6gPhefPzgQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJ4FGtaXrBSry6Go4TLW6pWf7LCrMB8GA1UdIwQY
MBaAFC8eJTl3v1g+DkIOyXeo7PTtFU2+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHg0bE9YZV9XRDRPUWc3SmQ2anM5TzBWVGI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8zMzY0ZWQtYzVmOS00NjMxLWI5NWMt
ZjI2YjE1NTFlMGY1LzEvbmdVYTFwZXNGS3ZMb2FqaE10YnFsWl9zc0tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8zMzY0ZWQtYzVmOS00NjMxLWI5NWMtZjI2YjE1NTFlMGY1
LzEvTHg0bE9YZV9XRDRPUWc3SmQ2anM5TzBWVGI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAUBAIAATAOMAwDBAC53GUD
BAC53GYwFgQCAAIwEAMGACoL9MEAAwYAKgv0wgAwDQYJKoZIhvcNAQELBQADggEB
ACrH7UcDpOuOiTFCSnlvlEYAYSkdnw9yG82s16iZsIldZJWyf1K1GKSqgFOlIzb0
EQZHqvi4I2/mIsDbOkeovceV72i/btRLKMwiNHt3e/i+r/gbzzyyac8CVi4bcslQ
cDgbFu77mfDSL0gd536zKbmBlZzReiM0tc4HIj1G/R9z12wT317f/zUN1ZBW35JJ
JVR6k7q/f4YvFzymV4gDaq+Oc7KXgpYPpKy86On+JZcbTN3MiOV8HkZoqPrGQqwh
yHsdtEuFkmJRkIsCPH8+Ecz9BoPM3g62zw14rczOEZy/5puzKGZnNXG97kDtNOdr
dP7mDIFUS1UEs/lL5mDRCdI=
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:59:23 2025 by rpki-client