Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/0da8f7-fe22-42fb-a329-7d45a9fc4ffc/1/tNEEVzPUvK-ygDPmYLA5K9Cm79o.roa
File: tNEEVzPUvK-ygDPmYLA5K9Cm79o.roa (raw, json)
Hash identifier: /IY44KTu7ulQ8DUrvEAnJ6AB/WTV2xBTm/RnCC+27ZU=
Subject key identifier: B4:D1:04:57:33:D4:BC:AF:B2:80:33:E6:60:B0:39:2B:D0:A6:EF:DA
Certificate issuer: /CN=05c8a3faa18b6d717aa2f7622181bad8be5b55a3
Certificate serial: 019427B4AF7E40EF59583C6065AB530B2D08
Authority key identifier: 05:C8:A3:FA:A1:8B:6D:71:7A:A2:F7:62:21:81:BA:D8:BE:5B:55:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bcij-qGLbXF6ovdiIYG62L5bVaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/0da8f7-fe22-42fb-a329-7d45a9fc4ffc/1/tNEEVzPUvK-ygDPmYLA5K9Cm79o.roa
Signing time: Thu 02 Jan 2025 15:49:00 +0000
ROA not before: Thu 02 Jan 2025 15:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47381
IP address blocks: 185.51.64.0/22 maxlen: 24
2a01:ae20::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:af:7e:40:ef:59:58:3c:60:65:ab:53:0b:2d:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05c8a3faa18b6d717aa2f7622181bad8be5b55a3
Validity
Not Before: Jan 2 15:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4d1045733d4bcafb28033e660b0392bd0a6efda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c9:7e:ed:65:63:cf:a8:9e:85:11:a4:59:44:
bf:2d:4c:89:0b:17:83:1d:6e:0a:b3:d9:7e:0f:dc:
7c:ae:77:0b:39:ad:cf:62:2c:4d:b1:b0:e6:bc:55:
ea:82:50:3e:a6:49:15:14:85:2c:2a:44:b9:f6:ec:
35:1c:b8:27:4d:4f:6a:35:e1:0d:6c:97:f3:2f:70:
21:53:46:b0:11:8d:0f:4f:aa:0d:fa:1d:41:a3:b9:
e4:d3:ac:c7:42:bc:2f:81:89:a6:21:61:a9:d8:3f:
7c:46:7c:bc:51:70:bf:f6:89:2b:69:bb:6a:e0:5c:
15:80:66:3a:93:fd:ac:31:a2:70:03:66:4e:51:0c:
e8:f7:d8:98:2d:3c:6a:40:2d:96:3f:24:8c:5f:0f:
c3:3f:a3:ce:d3:75:b7:28:3f:dd:85:8a:ad:a1:13:
07:f7:64:ac:f9:56:55:03:b1:33:07:6d:70:7a:9d:
4e:74:73:69:9e:77:be:62:a5:a9:ce:36:be:69:f2:
2d:75:cd:47:eb:2c:26:d7:d1:87:4f:a0:af:b7:fb:
c0:d2:c2:af:d1:3c:62:fc:dd:f6:14:51:2a:0e:70:
0a:1f:23:70:e4:b1:ff:1c:8e:2c:09:41:b0:19:d6:
a3:d4:d4:90:de:d5:e7:cf:50:d8:e4:ad:47:68:0a:
2b:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:D1:04:57:33:D4:BC:AF:B2:80:33:E6:60:B0:39:2B:D0:A6:EF:DA
X509v3 Authority Key Identifier:
keyid:05:C8:A3:FA:A1:8B:6D:71:7A:A2:F7:62:21:81:BA:D8:BE:5B:55:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bcij-qGLbXF6ovdiIYG62L5bVaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/0da8f7-fe22-42fb-a329-7d45a9fc4ffc/1/tNEEVzPUvK-ygDPmYLA5K9Cm79o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/0da8f7-fe22-42fb-a329-7d45a9fc4ffc/1/Bcij-qGLbXF6ovdiIYG62L5bVaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.64.0/22
IPv6:
2a01:ae20::/32
Signature Algorithm: sha256WithRSAEncryption
49:1a:58:20:49:be:bd:34:aa:66:7d:d0:00:c2:a7:fc:f8:d7:
d1:3f:87:2b:7b:c3:8f:a7:f1:c8:8a:d8:13:23:ac:15:d8:d2:
d9:4d:c0:9b:20:1c:db:8f:7c:f7:bb:6e:cb:31:ae:6b:18:d7:
d7:c3:2a:c8:5e:55:90:8b:6c:4d:48:ef:a1:71:f8:c4:30:e8:
ed:2d:b3:53:34:78:02:49:19:9b:1c:e7:0b:36:51:af:8e:d1:
5d:6f:16:f6:9e:7f:f9:38:7e:b4:25:89:ad:4f:36:02:31:30:
b6:22:5f:c4:82:a4:b1:03:27:b4:c0:01:ab:4a:f9:51:85:c7:
1a:6d:63:54:a0:3d:94:45:c7:d7:72:47:dd:96:3f:60:d1:0a:
a9:bf:20:7d:ff:56:31:34:f5:57:64:16:20:ca:3f:47:9d:a5:
d0:7e:7b:d9:4f:11:b9:e1:50:9a:7e:cd:5e:7c:dd:82:ba:30:
99:2e:f7:d4:dc:aa:1a:6d:44:e2:ad:fc:a5:51:d0:db:4e:d1:
15:7c:02:3b:b9:77:2a:8d:c8:5c:9c:7e:e8:97:f5:fe:07:00:
50:60:33:b3:6c:10:a5:d5:3c:2b:3a:7b:16:a3:2a:41:0d:b6:
9b:3e:57:99:ed:3e:ce:b3:72:3c:f7:43:bd:1d:51:1b:53:2f:
02:56:e1:4b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQntK9+QO9ZWDxgZatTCy0IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YzhhM2ZhYTE4YjZkNzE3YWEyZjc2MjIxODFiYWQ4YmU1
YjU1YTMwHhcNMjUwMTAyMTU0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGQxMDQ1NzMzZDRiY2FmYjI4MDMzZTY2MGIwMzkyYmQwYTZlZmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsl+7WVjz6iehRGkWUS/LUyJCxeD
HW4Ks9l+D9x8rncLOa3PYixNsbDmvFXqglA+pkkVFIUsKkS59uw1HLgnTU9qNeEN
bJfzL3AhU0awEY0PT6oN+h1Bo7nk06zHQrwvgYmmIWGp2D98Rny8UXC/9okrabtq
4FwVgGY6k/2sMaJwA2ZOUQzo99iYLTxqQC2WPySMXw/DP6PO03W3KD/dhYqtoRMH
92Ss+VZVA7EzB21wep1OdHNpnne+YqWpzja+afItdc1H6ywm19GHT6Cvt/vA0sKv
0Txi/N32FFEqDnAKHyNw5LH/HI4sCUGwGdaj1NSQ3tXnz1DY5K1HaAorIQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLTRBFcz1LyvsoAz5mCwOSvQpu/aMB8GA1UdIwQY
MBaAFAXIo/qhi21xeqL3YiGButi+W1WjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmNpai1xR0xiWEY2b3ZkaUlZRzYyTDViVmFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8wZGE4ZjctZmUyMi00MmZiLWEzMjkt
N2Q0NWE5ZmM0ZmZjLzEvdE5FRVZ6UFV2Sy15Z0RQbVlMQTVLOUNtNzlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8wZGE4ZjctZmUyMi00MmZiLWEzMjktN2Q0NWE5ZmM0ZmZj
LzEvQmNpai1xR0xiWEY2b3ZkaUlZRzYyTDViVmFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTNAMA0E
AgACMAcDBQAqAa4gMA0GCSqGSIb3DQEBCwUAA4IBAQBJGlggSb69NKpmfdAAwqf8
+NfRP4cre8OPp/HIitgTI6wV2NLZTcCbIBzbj3z3u27LMa5rGNfXwyrIXlWQi2xN
SO+hcfjEMOjtLbNTNHgCSRmbHOcLNlGvjtFdbxb2nn/5OH60JYmtTzYCMTC2Il/E
gqSxAye0wAGrSvlRhccabWNUoD2URcfXckfdlj9g0QqpvyB9/1YxNPVXZBYgyj9H
naXQfnvZTxG54VCafs1efN2CujCZLvfU3KoabUTirfylUdDbTtEVfAI7uXcqjchc
nH7ol/X+BwBQYDOzbBCl1TwrOnsWoypBDbabPleZ7T7Os3I890O9HVEbUy8CVuFL
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:52 2025 by rpki-client