Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/1f36d5-3080-4a0e-9d63-79344da3a2e6/1/SeufauaKg6Zpqe8UY9h9PfD262s.roa
File: SeufauaKg6Zpqe8UY9h9PfD262s.roa (raw, json)
Hash identifier: f9EK4NXbDLFnpfyftEzrpn9paJMCGETNbGO1nrHQTYE=
Subject key identifier: 49:EB:9F:6A:E6:8A:83:A6:69:A9:EF:14:63:D8:7D:3D:F0:F6:EB:6B
Certificate issuer: /CN=af23585bfcdd061ca946e2d9ea8b97e45b9c31d6
Certificate serial: 0194221F8D2B0F98AF2C69012610B6CDFAD5
Authority key identifier: AF:23:58:5B:FC:DD:06:1C:A9:46:E2:D9:EA:8B:97:E4:5B:9C:31:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ryNYW_zdBhypRuLZ6ouX5FucMdY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/1f36d5-3080-4a0e-9d63-79344da3a2e6/1/SeufauaKg6Zpqe8UY9h9PfD262s.roa
Signing time: Wed 01 Jan 2025 13:48:00 +0000
ROA not before: Wed 01 Jan 2025 13:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20634
IP address blocks: 185.213.56.0/22 maxlen: 22
195.170.175.0/24 maxlen: 24
2a0b:83c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:8d:2b:0f:98:af:2c:69:01:26:10:b6:cd:fa:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af23585bfcdd061ca946e2d9ea8b97e45b9c31d6
Validity
Not Before: Jan 1 13:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=49eb9f6ae68a83a669a9ef1463d87d3df0f6eb6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:0b:ae:7c:b8:e4:e1:43:ee:6b:4c:91:38:c0:
fd:d0:80:88:84:82:b8:f4:2f:41:64:f4:b9:8d:df:
d2:6e:9f:25:7d:14:97:da:d2:f6:71:83:8c:78:52:
bb:8a:a1:a0:97:3b:a4:d3:8f:a9:a7:02:8e:45:9e:
71:85:1d:67:49:36:ca:52:d0:b6:af:ce:a9:cd:dd:
bf:c7:b0:60:41:e8:7c:17:c3:24:16:3b:af:93:2c:
af:e2:c9:7d:e0:0e:95:10:62:8b:be:a5:54:ef:08:
13:ca:e6:c5:06:fb:1b:20:fd:63:77:d1:53:a0:bb:
c4:26:5c:a5:f0:de:8b:88:95:2b:9c:c3:90:10:cf:
c2:8d:62:d7:29:77:fa:28:8e:88:87:54:dc:68:76:
92:4d:c2:c7:f1:96:75:5b:71:cc:b5:cf:74:a6:c3:
8d:30:52:ca:26:a0:ca:c4:14:2a:ed:5b:15:fe:98:
8e:6c:85:ed:28:87:f6:37:40:3e:65:b8:df:d7:1a:
f6:da:1a:e8:3c:37:7a:f0:1c:2c:a9:57:31:0a:0c:
8a:6d:25:86:60:7d:2b:5b:1d:22:fe:f7:dc:46:1a:
1c:fc:b9:e5:2d:41:96:ab:96:7b:03:a7:4f:c6:7f:
3d:40:62:e0:ea:f2:25:ef:50:a9:4c:63:18:a7:06:
dc:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:EB:9F:6A:E6:8A:83:A6:69:A9:EF:14:63:D8:7D:3D:F0:F6:EB:6B
X509v3 Authority Key Identifier:
keyid:AF:23:58:5B:FC:DD:06:1C:A9:46:E2:D9:EA:8B:97:E4:5B:9C:31:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ryNYW_zdBhypRuLZ6ouX5FucMdY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1f36d5-3080-4a0e-9d63-79344da3a2e6/1/SeufauaKg6Zpqe8UY9h9PfD262s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1f36d5-3080-4a0e-9d63-79344da3a2e6/1/ryNYW_zdBhypRuLZ6ouX5FucMdY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.56.0/22
195.170.175.0/24
IPv6:
2a0b:83c0::/29
Signature Algorithm: sha256WithRSAEncryption
3a:ab:3c:f7:ad:2b:8e:2e:70:de:4d:c7:a8:39:1c:ea:82:f4:
6a:eb:13:62:15:9e:d0:71:9b:62:5e:6a:a1:b9:ad:f9:8e:31:
44:14:06:b8:ca:84:a8:6e:92:83:43:59:9f:a4:c3:4f:b0:bd:
47:95:eb:e5:91:75:52:dc:ae:94:bc:c9:a2:78:e1:c6:8c:33:
7e:41:5a:35:39:86:89:30:97:11:9e:73:66:f6:93:fa:f1:cd:
98:00:d8:93:84:a0:5b:6c:8a:28:c7:97:14:44:88:b9:48:f2:
6d:28:55:57:17:e3:4e:13:d2:dd:d6:a5:b5:f3:e6:2e:b0:e7:
c2:98:f9:00:e2:90:30:14:b2:1c:32:a1:47:4a:bc:20:e2:f1:
49:00:0c:39:c2:dd:d0:67:f8:e4:34:d7:5e:dc:e0:cb:35:bf:
f0:d1:81:dd:78:ea:cf:a0:dd:9f:21:1b:86:82:a2:e8:8a:aa:
07:6b:02:78:3d:92:0c:80:bf:dd:b5:4c:52:88:f2:40:9d:ec:
2e:40:23:24:a3:99:25:ef:d6:e7:d7:32:b1:b0:24:18:76:17:
c1:c6:e9:17:4a:3c:15:2d:32:b0:2f:59:37:9e:92:3a:d1:10:
80:03:74:2c:49:ea:2a:cc:22:f3:24:e3:9d:6d:36:de:53:73:
42:bf:11:42
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQiH40rD5ivLGkBJhC2zfrVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMjM1ODViZmNkZDA2MWNhOTQ2ZTJkOWVhOGI5N2U0NWI5
YzMxZDYwHhcNMjUwMTAxMTM0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWViOWY2YWU2OGE4M2E2NjlhOWVmMTQ2M2Q4N2QzZGYwZjZlYjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwuufLjk4UPua0yROMD90ICIhIK4
9C9BZPS5jd/Sbp8lfRSX2tL2cYOMeFK7iqGglzuk04+ppwKORZ5xhR1nSTbKUtC2
r86pzd2/x7BgQeh8F8MkFjuvkyyv4sl94A6VEGKLvqVU7wgTyubFBvsbIP1jd9FT
oLvEJlyl8N6LiJUrnMOQEM/CjWLXKXf6KI6Ih1TcaHaSTcLH8ZZ1W3HMtc90psON
MFLKJqDKxBQq7VsV/piObIXtKIf2N0A+Zbjf1xr22hroPDd68BwsqVcxCgyKbSWG
YH0rWx0i/vfcRhoc/LnlLUGWq5Z7A6dPxn89QGLg6vIl71CpTGMYpwbcoQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEnrn2rmioOmaanvFGPYfT3w9utrMB8GA1UdIwQY
MBaAFK8jWFv83QYcqUbi2eqLl+RbnDHWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnlOWVdfemRCaHlwUnVMWjZvdVg1RnVjTWRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8xZjM2ZDUtMzA4MC00YTBlLTlkNjMt
NzkzNDRkYTNhMmU2LzEvU2V1ZmF1YUtnNlpwcWU4VVk5aDlQZkQyNjJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8xZjM2ZDUtMzA4MC00YTBlLTlkNjMtNzkzNDRkYTNhMmU2
LzEvcnlOWVdfemRCaHlwUnVMWjZvdVg1RnVjTWRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCudU4AwQA
w6qvMA0EAgACMAcDBQMqC4PAMA0GCSqGSIb3DQEBCwUAA4IBAQA6qzz3rSuOLnDe
TceoORzqgvRq6xNiFZ7QcZtiXmqhua35jjFEFAa4yoSobpKDQ1mfpMNPsL1Hlevl
kXVS3K6UvMmieOHGjDN+QVo1OYaJMJcRnnNm9pP68c2YANiThKBbbIoox5cURIi5
SPJtKFVXF+NOE9Ld1qW18+YusOfCmPkA4pAwFLIcMqFHSrwg4vFJAAw5wt3QZ/jk
NNde3ODLNb/w0YHdeOrPoN2fIRuGgqLoiqoHawJ4PZIMgL/dtUxSiPJAnewuQCMk
o5kl79bn1zKxsCQYdhfBxukXSjwVLTKwL1k3npI60RCAA3QsSeoqzCLzJOOdbTbe
U3NCvxFC
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:48:34 2025 by rpki-client