Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/b4a477-08a2-4e8c-8c4d-010cd9079abf/1/2rggwcJ8T590aTL5AQq3jnB50qI.roa
File: 2rggwcJ8T590aTL5AQq3jnB50qI.roa (raw, json)
Hash identifier: Qg0ek4Wah1pBMdvyjGZuqYduAMoQDr2QwiISx+slnhM=
Subject key identifier: DA:B8:20:C1:C2:7C:4F:9F:74:69:32:F9:01:0A:B7:8E:70:79:D2:A2
Certificate issuer: /CN=809ed7098111c678898ac0f0aec97fdd3b3b6d02
Certificate serial: 019426D929B1CDD7583F42123CF5ABAC00F9
Authority key identifier: 80:9E:D7:09:81:11:C6:78:89:8A:C0:F0:AE:C9:7F:DD:3B:3B:6D:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gJ7XCYERxniJisDwrsl_3Ts7bQI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/b4a477-08a2-4e8c-8c4d-010cd9079abf/1/2rggwcJ8T590aTL5AQq3jnB50qI.roa
Signing time: Thu 02 Jan 2025 11:49:13 +0000
ROA not before: Thu 02 Jan 2025 11:49:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50178
IP address blocks: 185.161.192.0/22 maxlen: 22
185.161.192.0/24 maxlen: 24
185.161.193.0/24 maxlen: 24
185.161.194.0/24 maxlen: 24
185.161.195.0/24 maxlen: 24
2a07:c700::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:29:b1:cd:d7:58:3f:42:12:3c:f5:ab:ac:00:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=809ed7098111c678898ac0f0aec97fdd3b3b6d02
Validity
Not Before: Jan 2 11:49:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dab820c1c27c4f9f746932f9010ab78e7079d2a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:5b:f0:e6:50:ff:96:fb:06:4d:7c:25:8f:ea:
6b:c6:57:83:b3:af:8f:12:be:f1:29:9e:22:66:3d:
da:06:05:00:be:fa:fe:0c:6a:1b:14:c5:20:46:4b:
1e:cb:98:28:fd:4f:92:31:69:88:7c:3a:2a:38:d4:
f4:da:3c:71:8c:21:cb:fc:2e:2d:0b:73:ab:3a:5e:
5f:f2:de:63:28:ce:67:0a:80:5d:bf:54:39:66:f3:
f8:79:f8:17:14:65:da:d8:b5:37:7d:bf:91:f4:07:
90:16:7e:3a:d0:69:90:9e:d1:6d:c4:f8:97:61:b0:
ca:ec:c9:d4:e4:ef:2b:06:4b:04:be:a0:57:83:a3:
7a:e1:ee:f8:53:87:5a:63:df:91:b2:4e:fa:0b:63:
a8:0e:29:33:4a:b3:77:9a:67:6c:02:f2:7f:a6:ef:
23:20:9a:d0:b7:8d:1f:27:3c:9f:77:78:56:1c:dc:
ea:67:1b:3e:e2:17:ab:1e:e6:7d:95:94:07:56:ea:
41:b3:f2:2d:26:0f:a5:53:40:42:1e:a7:66:6c:8d:
8b:f0:95:f0:8b:e3:cf:9c:a5:f8:d3:40:27:f2:92:
4c:b4:bc:eb:17:b8:ee:59:19:d9:2e:b1:e7:e3:de:
3d:1e:9d:a3:15:ea:40:c5:5e:e4:cd:b4:a4:3a:b7:
ab:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:B8:20:C1:C2:7C:4F:9F:74:69:32:F9:01:0A:B7:8E:70:79:D2:A2
X509v3 Authority Key Identifier:
keyid:80:9E:D7:09:81:11:C6:78:89:8A:C0:F0:AE:C9:7F:DD:3B:3B:6D:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gJ7XCYERxniJisDwrsl_3Ts7bQI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/b4a477-08a2-4e8c-8c4d-010cd9079abf/1/2rggwcJ8T590aTL5AQq3jnB50qI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/b4a477-08a2-4e8c-8c4d-010cd9079abf/1/gJ7XCYERxniJisDwrsl_3Ts7bQI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.192.0/22
IPv6:
2a07:c700::/29
Signature Algorithm: sha256WithRSAEncryption
27:dd:cb:ac:52:ba:14:f9:12:3d:f5:4a:a0:62:db:fd:d6:5a:
55:8a:8d:7c:33:90:4d:ca:45:16:b2:36:88:d3:e5:69:5f:2c:
d3:6d:78:f7:ae:61:94:b1:8f:62:a3:fd:08:5f:49:a7:9b:ce:
ca:de:6c:4d:24:90:10:65:69:fc:99:6c:c6:91:ca:1b:f2:cb:
a3:62:8e:f7:49:eb:f3:4f:f0:06:1b:30:0b:0a:a5:32:39:32:
bf:f5:24:fd:83:a9:d3:0f:bf:d6:54:69:a7:b2:df:ae:6f:d8:
49:65:78:32:02:0d:05:6b:a7:a5:91:61:e4:cc:95:72:97:a8:
de:64:8a:e7:f9:44:cc:2d:93:a6:f1:5d:aa:db:13:34:d4:a5:
63:e9:76:ed:d3:05:95:17:56:86:c9:59:de:91:6f:ed:f9:ee:
f9:86:af:e9:9d:78:21:9a:d9:3b:5a:51:2f:00:98:e6:69:6f:
6e:0c:19:fe:1a:8a:58:78:e1:c5:be:8b:8f:94:09:fa:70:0f:
6d:47:73:5f:29:49:ad:a6:1e:9b:79:a7:21:82:ec:30:2c:8a:
d5:d0:ce:eb:af:51:2f:22:9a:b4:ef:76:b0:dd:17:83:e4:11:
5a:15:4f:f3:db:9e:a4:cb:d4:d3:f0:4b:a2:02:6b:49:17:21:
e1:61:bc:0c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQm2SmxzddYP0ISPPWrrAD5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwOWVkNzA5ODExMWM2Nzg4OThhYzBmMGFlYzk3ZmRkM2Iz
YjZkMDIwHhcNMjUwMTAyMTE0OTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWI4MjBjMWMyN2M0ZjlmNzQ2OTMyZjkwMTBhYjc4ZTcwNzlkMmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklvw5lD/lvsGTXwlj+prxleDs6+P
Er7xKZ4iZj3aBgUAvvr+DGobFMUgRksey5go/U+SMWmIfDoqONT02jxxjCHL/C4t
C3OrOl5f8t5jKM5nCoBdv1Q5ZvP4efgXFGXa2LU3fb+R9AeQFn460GmQntFtxPiX
YbDK7MnU5O8rBksEvqBXg6N64e74U4daY9+Rsk76C2OoDikzSrN3mmdsAvJ/pu8j
IJrQt40fJzyfd3hWHNzqZxs+4herHuZ9lZQHVupBs/ItJg+lU0BCHqdmbI2L8JXw
i+PPnKX400An8pJMtLzrF7juWRnZLrHn4949Hp2jFepAxV7kzbSkOrer/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNq4IMHCfE+fdGky+QEKt45wedKiMB8GA1UdIwQY
MBaAFICe1wmBEcZ4iYrA8K7Jf907O20CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0o3WENZRVJ4bmlKaXNEd3JzbF8zVHM3YlFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9iNGE0NzctMDhhMi00ZThjLThjNGQt
MDEwY2Q5MDc5YWJmLzEvMnJnZ3djSjhUNTkwYVRMNUFRcTNqbkI1MHFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9iNGE0NzctMDhhMi00ZThjLThjNGQtMDEwY2Q5MDc5YWJm
LzEvZ0o3WENZRVJ4bmlKaXNEd3JzbF8zVHM3YlFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaHAMA0E
AgACMAcDBQMqB8cAMA0GCSqGSIb3DQEBCwUAA4IBAQAn3cusUroU+RI99UqgYtv9
1lpVio18M5BNykUWsjaI0+VpXyzTbXj3rmGUsY9io/0IX0mnm87K3mxNJJAQZWn8
mWzGkcob8sujYo73SevzT/AGGzALCqUyOTK/9ST9g6nTD7/WVGmnst+ub9hJZXgy
Ag0Fa6elkWHkzJVyl6jeZIrn+UTMLZOm8V2q2xM01KVj6Xbt0wWVF1aGyVnekW/t
+e75hq/pnXghmtk7WlEvAJjmaW9uDBn+GopYeOHFvouPlAn6cA9tR3NfKUmtph6b
eachguwwLIrV0M7rr1EvIpq073aw3ReD5BFaFU/z256ky9TT8EuiAmtJFyHhYbwM
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:05:51 2025 by rpki-client