Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/d3c8f7-ff8d-42b8-a762-45377418fbb2/1/S3Dner9D02Fmazka8AL5bOacFIw.roa
File: S3Dner9D02Fmazka8AL5bOacFIw.roa (raw, json)
Hash identifier: 0JQ6kDSfc2VhaeXVnA/Ez5p0FGr4RDMLlhmiVNBfCbg=
Subject key identifier: 4B:70:E7:7A:BF:43:D3:61:66:6B:39:1A:F0:02:F9:6C:E6:9C:14:8C
Certificate issuer: /CN=5c32a925c55f1d4e6e40c10f4e8e019b483c1d50
Certificate serial: 0537A588
Authority key identifier: 5C:32:A9:25:C5:5F:1D:4E:6E:40:C1:0F:4E:8E:01:9B:48:3C:1D:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XDKpJcVfHU5uQMEPTo4Bm0g8HVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/d3c8f7-ff8d-42b8-a762-45377418fbb2/1/S3Dner9D02Fmazka8AL5bOacFIw.roa
Signing time: Sat 01 Jan 2022 16:06:40 +0000
ROA not before: Sat 01 Jan 2022 16:06:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48611
IP address blocks: 185.250.184.0/24 maxlen: 24
185.250.184.0/22 maxlen: 22
185.250.185.0/24 maxlen: 24
2a0c:1144::/30 maxlen: 30
2a0c:1140::/29 maxlen: 29
2a0c:1140::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87532936 (0x537a588)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c32a925c55f1d4e6e40c10f4e8e019b483c1d50
Validity
Not Before: Jan 1 16:06:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4b70e77abf43d361666b391af002f96ce69c148c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:af:57:b1:6f:98:e7:50:30:70:10:0f:33:ba:
7f:3b:31:57:99:cf:60:a3:a3:b1:ff:06:78:3a:50:
5b:5e:86:4c:3e:dc:79:e2:71:9c:ee:3c:1f:aa:c9:
6d:8d:a2:a0:a3:e1:98:76:61:13:ae:1f:87:a6:39:
22:46:6a:08:b5:2c:76:e5:da:e3:0b:19:82:bd:fd:
ae:5a:8e:5b:9b:bb:0e:12:ed:4f:a9:01:13:35:6e:
98:b6:02:a4:0b:15:24:7c:1a:08:8a:e3:2a:cb:eb:
7f:f8:ba:ff:78:e1:62:09:6e:fd:67:d9:1c:3f:1a:
e9:67:12:77:ec:bb:bc:64:22:79:6b:f0:6f:4c:88:
7e:16:9e:2f:e5:d6:5e:53:80:0a:5f:c4:70:55:33:
55:04:50:fd:a5:40:fc:68:ac:81:1c:2c:a7:8c:ea:
2f:02:85:2e:b3:08:78:21:b2:7b:21:d7:f7:27:31:
2f:61:f6:ba:38:8c:b1:b9:36:56:24:ac:35:84:6c:
0b:a0:9c:c3:39:8e:25:ca:d9:a2:78:e1:15:32:b6:
73:ef:29:7a:78:49:1f:00:34:87:64:9c:b5:9b:25:
c5:db:18:93:13:16:44:a8:fd:90:35:01:a8:24:e2:
b2:2a:ab:f0:8d:0f:a8:24:33:aa:41:9e:04:b9:2b:
f0:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:70:E7:7A:BF:43:D3:61:66:6B:39:1A:F0:02:F9:6C:E6:9C:14:8C
X509v3 Authority Key Identifier:
keyid:5C:32:A9:25:C5:5F:1D:4E:6E:40:C1:0F:4E:8E:01:9B:48:3C:1D:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XDKpJcVfHU5uQMEPTo4Bm0g8HVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/d3c8f7-ff8d-42b8-a762-45377418fbb2/1/S3Dner9D02Fmazka8AL5bOacFIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/d3c8f7-ff8d-42b8-a762-45377418fbb2/1/XDKpJcVfHU5uQMEPTo4Bm0g8HVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.184.0/22
IPv6:
2a0c:1140::/29
Signature Algorithm: sha256WithRSAEncryption
65:5a:8e:55:40:31:aa:08:7c:b4:92:7a:e6:52:c2:94:34:f3:
ce:40:1f:f4:33:e9:49:81:87:fd:8b:50:80:0b:96:d2:59:b7:
15:f1:50:40:be:fb:f4:3d:78:71:e6:82:95:97:1d:cc:a8:82:
0e:b3:17:c6:fe:ff:06:11:20:9f:82:1c:cd:f1:ff:b8:12:93:
b2:7a:ec:59:3c:b1:78:f7:a3:de:5b:39:41:52:90:65:02:c3:
0c:4e:be:82:b1:dd:6f:b3:42:57:c5:ab:72:98:0f:c4:de:c1:
30:87:8b:44:89:79:e1:57:5e:1d:2a:5b:2f:c1:89:59:79:a4:
dc:d7:83:05:15:c5:22:46:fb:db:90:27:17:0b:67:ff:75:19:
8c:5f:75:03:4b:93:bc:20:81:6e:8c:13:67:c3:25:21:18:09:
82:57:8f:69:3d:62:aa:2c:06:8b:9b:d9:e8:c5:d3:07:4b:78:
09:8b:53:e3:3d:63:8a:88:b0:b7:db:ae:16:7b:44:a8:fc:3f:
a3:3c:38:51:83:bb:01:4c:4c:54:15:a6:f3:98:71:86:98:ce:
8b:f5:37:72:69:bd:67:a4:6b:41:20:12:6f:ef:0c:99:d4:ff:
af:5b:d5:ba:6c:4e:e4:c0:9d:e3:1b:a0:02:cf:4d:c7:55:8a:
b2:1c:e7:7f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBTeliDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YzMyYTkyNWM1NWYxZDRlNmU0MGMxMGY0ZThlMDE5YjQ4M2MxZDUwMB4XDTIyMDEw
MTE2MDY0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGI3MGU3N2FiZjQz
ZDM2MTY2NmIzOTFhZjAwMmY5NmNlNjljMTQ4YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOOvV7FvmOdQMHAQDzO6fzsxV5nPYKOjsf8GeDpQW16GTD7c
eeJxnO48H6rJbY2ioKPhmHZhE64fh6Y5IkZqCLUsduXa4wsZgr39rlqOW5u7DhLt
T6kBEzVumLYCpAsVJHwaCIrjKsvrf/i6/3jhYglu/WfZHD8a6WcSd+y7vGQieWvw
b0yIfhaeL+XWXlOACl/EcFUzVQRQ/aVA/GisgRwsp4zqLwKFLrMIeCGyeyHX9ycx
L2H2ujiMsbk2ViSsNYRsC6CcwzmOJcrZonjhFTK2c+8penhJHwA0h2SctZslxdsY
kxMWRKj9kDUBqCTisiqr8I0PqCQzqkGeBLkr8PMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRLcOd6v0PTYWZrORrwAvls5pwUjDAfBgNVHSMEGDAWgBRcMqklxV8dTm5A
wQ9OjgGbSDwdUDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hES3BKY1ZmSFU1dVFNRVBUbzRCbTBnOEhWQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGYvZDNjOGY3LWZmOGQtNDJiOC1hNzYyLTQ1Mzc3NDE4ZmJiMi8x
L1MzRG5lcjlEMDJGbWF6a2E4QUw1Yk9hY0ZJdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGYv
ZDNjOGY3LWZmOGQtNDJiOC1hNzYyLTQ1Mzc3NDE4ZmJiMi8xL1hES3BKY1ZmSFU1
dVFNRVBUbzRCbTBnOEhWQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArn6uDANBAIAAjAHAwUDKgwRQDAN
BgkqhkiG9w0BAQsFAAOCAQEAZVqOVUAxqgh8tJJ65lLClDTzzkAf9DPpSYGH/YtQ
gAuW0lm3FfFQQL779D14ceaClZcdzKiCDrMXxv7/BhEgn4IczfH/uBKTsnrsWTyx
ePej3ls5QVKQZQLDDE6+grHdb7NCV8WrcpgPxN7BMIeLRIl54VdeHSpbL8GJWXmk
3NeDBRXFIkb725AnFwtn/3UZjF91A0uTvCCBbowTZ8MlIRgJglePaT1iqiwGi5vZ
6MXTB0t4CYtT4z1jioiwt9uuFntEqPw/ozw4UYO7AUxMVBWm85hxhpjOi/U3cmm9
Z6RrQSASb+8MmdT/r1vVumxO5MCd4xugAs9Nx1WKshznfw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:45:18 2025 by rpki-client