Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/1d57dd-5599-45a7-ab03-4d6ce0766eb5/1/2tz6MteakZA2Hn10p2nHu5HCdWQ.roa
File: 2tz6MteakZA2Hn10p2nHu5HCdWQ.roa (raw, json)
Hash identifier: HDHBhUcgjZQrwCMNtN93786EAtrJ/UP32QQeH5ILnYk=
Subject key identifier: DA:DC:FA:32:D7:9A:91:90:36:1E:7D:74:A7:69:C7:BB:91:C2:75:64
Certificate issuer: /CN=6dc0d05f8ee9e958fc95de65dc59a2141c5f1efd
Certificate serial: 127DF3BB
Authority key identifier: 6D:C0:D0:5F:8E:E9:E9:58:FC:95:DE:65:DC:59:A2:14:1C:5F:1E:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bcDQX47p6Vj8ld5l3FmiFBxfHv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/1d57dd-5599-45a7-ab03-4d6ce0766eb5/1/2tz6MteakZA2Hn10p2nHu5HCdWQ.roa
Signing time: Wed 26 Jan 2022 15:50:18 +0000
ROA not before: Wed 26 Jan 2022 15:50:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43298
IP address blocks: 185.71.67.0/24 maxlen: 24
185.71.65.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 310244283 (0x127df3bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dc0d05f8ee9e958fc95de65dc59a2141c5f1efd
Validity
Not Before: Jan 26 15:50:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dadcfa32d79a9190361e7d74a769c7bb91c27564
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a0:8a:ba:fe:17:5f:59:b6:12:f8:a3:80:69:
c7:40:2f:90:b3:d4:14:70:19:ff:59:1a:62:33:b7:
54:bb:81:21:fc:cc:da:3e:f6:d3:81:6f:0d:71:8a:
32:f6:b9:b9:55:02:f3:f8:30:5b:2e:e6:37:5a:a4:
8c:ee:d2:23:57:cb:72:0c:91:14:e7:ef:4e:1d:6e:
02:38:b5:76:54:93:a8:f9:d5:d1:64:a0:bf:29:2d:
92:3f:50:d4:cc:74:d0:76:70:f5:8f:51:bd:a4:38:
87:54:aa:63:ab:d8:40:7a:ec:37:0d:b9:8b:63:f1:
0a:d8:bb:02:71:c8:fd:ba:cd:ed:0b:da:8e:91:15:
c5:47:ad:3e:e3:c5:a0:a9:73:6a:26:7a:64:67:ec:
10:45:b7:f5:64:eb:92:1e:17:ff:29:93:66:dd:87:
11:a9:9a:c0:78:bd:ab:56:b8:20:21:1c:ae:2d:aa:
b6:88:b5:35:09:cc:f5:41:e5:3c:e7:c1:d0:a4:27:
50:3b:79:6c:ca:93:d9:09:e8:46:c1:79:86:e9:2c:
e9:55:a2:13:76:fa:ee:d4:54:24:22:e6:a7:82:87:
43:96:a0:8c:85:e0:c3:3d:71:91:9f:cb:1b:2e:16:
2b:04:e0:e0:63:2c:b4:dc:f7:92:69:cf:62:c5:0a:
27:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:DC:FA:32:D7:9A:91:90:36:1E:7D:74:A7:69:C7:BB:91:C2:75:64
X509v3 Authority Key Identifier:
keyid:6D:C0:D0:5F:8E:E9:E9:58:FC:95:DE:65:DC:59:A2:14:1C:5F:1E:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bcDQX47p6Vj8ld5l3FmiFBxfHv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1d57dd-5599-45a7-ab03-4d6ce0766eb5/1/2tz6MteakZA2Hn10p2nHu5HCdWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1d57dd-5599-45a7-ab03-4d6ce0766eb5/1/bcDQX47p6Vj8ld5l3FmiFBxfHv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.65.0/24
185.71.67.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:15:bf:a1:ae:8e:98:5d:eb:04:8c:e0:32:04:80:99:ed:dd:
0c:c1:f6:d2:08:67:e5:c9:69:c4:75:25:99:b6:db:41:12:c2:
8c:45:e8:d8:a7:68:d1:35:db:d1:b6:c9:57:f7:5c:22:5d:bb:
d5:c0:46:07:3d:a4:90:21:b2:fb:5c:a0:7b:7c:82:f3:c2:02:
c0:99:d1:00:50:2a:46:46:7b:cd:97:44:15:24:d9:ce:80:53:
bd:d7:30:75:e9:6c:0e:6d:7f:42:f5:ce:06:48:c7:47:ea:8b:
0c:6a:54:72:62:bf:70:c6:ff:02:0b:f4:4d:37:2a:22:b8:59:
ca:d1:07:d9:1c:4f:67:e9:d8:bc:3e:04:20:ae:16:cf:8d:57:
8a:73:5f:ae:3a:8e:cf:27:37:3e:df:50:dc:6d:33:82:8c:25:
45:43:73:68:cb:8e:c2:c6:70:74:c2:6e:ca:61:ac:6e:9d:2c:
50:9c:29:2b:7e:e5:1d:6e:b8:61:60:41:1a:ff:e8:f3:58:e2:
6d:f4:50:fb:d5:ed:e3:fb:5b:3a:12:40:f2:d8:26:88:eb:a2:
ac:6d:ef:7a:ee:8c:1f:45:d5:c2:44:8f:05:62:c4:dc:e5:de:
b8:ce:7e:04:e4:68:4a:af:71:c5:df:05:a9:39:01:40:8a:4b:
ef:e4:d5:bd
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEEn3zuzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZGMwZDA1ZjhlZTllOTU4ZmM5NWRlNjVkYzU5YTIxNDFjNWYxZWZkMB4XDTIyMDEy
NjE1NTAxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGFkY2ZhMzJkNzlh
OTE5MDM2MWU3ZDc0YTc2OWM3YmI5MWMyNzU2NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKOgirr+F19ZthL4o4Bpx0AvkLPUFHAZ/1kaYjO3VLuBIfzM
2j7204FvDXGKMva5uVUC8/gwWy7mN1qkjO7SI1fLcgyRFOfvTh1uAji1dlSTqPnV
0WSgvyktkj9Q1Mx00HZw9Y9RvaQ4h1SqY6vYQHrsNw25i2PxCti7AnHI/brN7Qva
jpEVxUetPuPFoKlzaiZ6ZGfsEEW39WTrkh4X/ymTZt2HEamawHi9q1a4ICEcri2q
toi1NQnM9UHlPOfB0KQnUDt5bMqT2QnoRsF5huks6VWiE3b67tRUJCLmp4KHQ5ag
jIXgwz1xkZ/LGy4WKwTg4GMstNz3kmnPYsUKJwECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTa3Poy15qRkDYefXSnace7kcJ1ZDAfBgNVHSMEGDAWgBRtwNBfjunpWPyV
3mXcWaIUHF8e/TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JjRFFYNDdwNlZqOGxkNWwzRm1pRkJ4Zkh2MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTcvMWQ1N2RkLTU1OTktNDVhNy1hYjAzLTRkNmNlMDc2NmViNS8x
LzJ0ejZNdGVha1pBMkhuMTBwMm5IdTVIQ2RXUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcv
MWQ1N2RkLTU1OTktNDVhNy1hYjAzLTRkNmNlMDc2NmViNS8xL2JjRFFYNDdwNlZq
OGxkNWwzRm1pRkJ4Zkh2MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALlHQQMEALlHQzANBgkqhkiG9w0B
AQsFAAOCAQEAahW/oa6OmF3rBIzgMgSAme3dDMH20ghn5clpxHUlmbbbQRLCjEXo
2Kdo0TXb0bbJV/dcIl271cBGBz2kkCGy+1yge3yC88ICwJnRAFAqRkZ7zZdEFSTZ
zoBTvdcwdelsDm1/QvXOBkjHR+qLDGpUcmK/cMb/Agv0TTcqIrhZytEH2RxPZ+nY
vD4EIK4Wz41XinNfrjqOzyc3Pt9Q3G0zgowlRUNzaMuOwsZwdMJuymGsbp0sUJwp
K37lHW64YWBBGv/o81jibfRQ+9Xt4/tbOhJA8tgmiOuirG3veu6MH0XVwkSPBWLE
3OXeuM5+BORoSq9xxd8FqTkBQIpL7+TVvQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:50:25 2025 by rpki-client