Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/a273e8-67dc-4782-9a34-4aeb6a795511/1/2CRcpLkKZy5BK9crzZP9INd8Nnc.roa
File: 2CRcpLkKZy5BK9crzZP9INd8Nnc.roa (raw, json)
Hash identifier: RrCszzNWYMOvxHM51HzExr7VFjO8/0+6gOnUsgheLnQ=
Subject key identifier: D8:24:5C:A4:B9:0A:67:2E:41:2B:D7:2B:CD:93:FD:20:D7:7C:36:77
Certificate issuer: /CN=b17050d8caf09a91d00f1c090a0b752cd1b3d57c
Certificate serial: 0194228D58DE957AF662AC9AB238EDABCDC3
Authority key identifier: B1:70:50:D8:CA:F0:9A:91:D0:0F:1C:09:0A:0B:75:2C:D1:B3:D5:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sXBQ2MrwmpHQDxwJCgt1LNGz1Xw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/a273e8-67dc-4782-9a34-4aeb6a795511/1/2CRcpLkKZy5BK9crzZP9INd8Nnc.roa
Signing time: Wed 01 Jan 2025 15:47:56 +0000
ROA not before: Wed 01 Jan 2025 15:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 185.53.16.0/22 maxlen: 22
2a04:c980::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:58:de:95:7a:f6:62:ac:9a:b2:38:ed:ab:cd:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b17050d8caf09a91d00f1c090a0b752cd1b3d57c
Validity
Not Before: Jan 1 15:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8245ca4b90a672e412bd72bcd93fd20d77c3677
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b9:5c:38:f8:ea:c3:2f:ed:99:38:66:69:9e:
54:96:0d:0e:a2:20:14:02:7c:91:4d:b0:d2:ff:2e:
b3:6f:fa:f5:99:94:64:d2:56:91:a8:f9:d1:4c:ae:
f5:fb:f9:57:4b:57:a6:3f:b0:ed:b1:37:b3:7a:ec:
8f:29:7a:5b:49:4d:2d:d4:1e:4a:33:f3:5f:e0:36:
18:d0:15:94:4f:b4:37:8d:5c:19:60:ad:94:a5:0d:
1c:96:60:e2:f1:88:8c:f5:2a:d3:41:3e:df:dd:d5:
11:7c:d9:03:30:3e:b0:0f:95:82:b6:5d:20:26:bb:
12:aa:df:2e:c2:67:af:6f:01:1f:10:c3:b8:20:d4:
ab:4a:03:61:12:df:d6:34:2f:b4:6e:ab:81:ef:84:
21:72:eb:8f:87:f4:f3:8e:81:64:97:f2:5a:4f:23:
6f:39:e4:f9:c9:b7:fd:9e:9e:81:73:d4:f6:cb:b7:
35:f5:30:00:6d:77:ce:3a:0b:42:0c:fa:73:c7:d8:
2c:48:e8:b7:08:d8:0c:c4:91:0a:88:c7:49:dc:c7:
a4:a4:f8:12:b3:72:2d:32:a5:fa:7d:c7:25:37:9a:
5f:3e:35:e8:f6:ce:7f:fa:31:50:f8:47:6d:f3:80:
09:05:5d:55:fb:ac:63:5f:a7:73:ee:5f:32:02:8d:
00:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:24:5C:A4:B9:0A:67:2E:41:2B:D7:2B:CD:93:FD:20:D7:7C:36:77
X509v3 Authority Key Identifier:
keyid:B1:70:50:D8:CA:F0:9A:91:D0:0F:1C:09:0A:0B:75:2C:D1:B3:D5:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sXBQ2MrwmpHQDxwJCgt1LNGz1Xw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a273e8-67dc-4782-9a34-4aeb6a795511/1/2CRcpLkKZy5BK9crzZP9INd8Nnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a273e8-67dc-4782-9a34-4aeb6a795511/1/sXBQ2MrwmpHQDxwJCgt1LNGz1Xw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.53.16.0/22
IPv6:
2a04:c980::/29
Signature Algorithm: sha256WithRSAEncryption
d8:52:53:99:8d:28:e7:25:f0:b4:59:17:4c:23:fc:6d:c4:8d:
79:65:36:ea:25:fe:77:e5:7a:10:97:46:11:38:83:1d:a2:6d:
4e:ca:0b:2c:dc:c7:ed:7a:c8:c6:7d:d2:58:70:b3:68:6c:05:
9a:60:a4:ff:50:33:89:b5:8a:9d:9e:e7:dc:b3:fc:8d:ca:b6:
33:16:6e:54:ba:5c:9e:65:06:b2:63:b3:05:8f:a6:30:ac:7a:
76:13:1f:67:ff:63:5e:f5:82:3d:fb:dc:bf:3c:5d:2b:40:77:
5e:53:0b:1c:5b:fe:70:54:41:d8:21:a4:0f:c2:76:da:42:e6:
9b:ad:78:3d:93:6f:a9:9f:c2:8e:94:dc:8d:42:db:e7:e2:e4:
d6:4c:f4:c6:60:f6:6b:be:c6:c9:15:1c:6a:7e:01:e8:e3:4a:
a2:0b:55:9d:5b:92:0c:51:5d:e0:25:70:1f:78:02:fe:12:00:
a5:4d:bb:d1:8f:a9:84:8d:7f:fc:a6:b4:5e:99:8a:d5:f9:60:
50:a0:38:98:46:fc:b3:64:7e:3f:af:d8:a0:46:0d:21:db:cf:
e1:1a:a3:ae:bf:ab:c2:f3:b1:c2:01:55:62:87:e9:7d:f0:80:
b3:35:51:de:08:84:45:4d:28:5b:4d:b6:7b:8b:1a:d4:65:29:
0a:33:26:c3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQijVjelXr2Yqyasjjtq83DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNzA1MGQ4Y2FmMDlhOTFkMDBmMWMwOTBhMGI3NTJjZDFi
M2Q1N2MwHhcNMjUwMTAxMTU0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODI0NWNhNGI5MGE2NzJlNDEyYmQ3MmJjZDkzZmQyMGQ3N2MzNjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7lcOPjqwy/tmThmaZ5Ulg0OoiAU
AnyRTbDS/y6zb/r1mZRk0laRqPnRTK71+/lXS1emP7DtsTezeuyPKXpbSU0t1B5K
M/Nf4DYY0BWUT7Q3jVwZYK2UpQ0clmDi8YiM9SrTQT7f3dURfNkDMD6wD5WCtl0g
JrsSqt8uwmevbwEfEMO4INSrSgNhEt/WNC+0bquB74QhcuuPh/TzjoFkl/JaTyNv
OeT5ybf9np6Bc9T2y7c19TAAbXfOOgtCDPpzx9gsSOi3CNgMxJEKiMdJ3MekpPgS
s3ItMqX6fcclN5pfPjXo9s5/+jFQ+Edt84AJBV1V+6xjX6dz7l8yAo0A7wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNgkXKS5CmcuQSvXK82T/SDXfDZ3MB8GA1UdIwQY
MBaAFLFwUNjK8JqR0A8cCQoLdSzRs9V8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1hCUTJNcndtcEhRRHh3SkNndDFMTkd6MVh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9hMjczZTgtNjdkYy00NzgyLTlhMzQt
NGFlYjZhNzk1NTExLzEvMkNSY3BMa0taeTVCSzljcnpaUDlJTmQ4Tm5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9hMjczZTgtNjdkYy00NzgyLTlhMzQtNGFlYjZhNzk1NTEx
LzEvc1hCUTJNcndtcEhRRHh3SkNndDFMTkd6MVh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTUQMA0E
AgACMAcDBQMqBMmAMA0GCSqGSIb3DQEBCwUAA4IBAQDYUlOZjSjnJfC0WRdMI/xt
xI15ZTbqJf535XoQl0YROIMdom1Oygss3MftesjGfdJYcLNobAWaYKT/UDOJtYqd
nufcs/yNyrYzFm5UulyeZQayY7MFj6YwrHp2Ex9n/2Ne9YI9+9y/PF0rQHdeUwsc
W/5wVEHYIaQPwnbaQuabrXg9k2+pn8KOlNyNQtvn4uTWTPTGYPZrvsbJFRxqfgHo
40qiC1WdW5IMUV3gJXAfeAL+EgClTbvRj6mEjX/8prRemYrV+WBQoDiYRvyzZH4/
r9igRg0h28/hGqOuv6vC87HCAVVih+l98ICzNVHeCIRFTShbTbZ7ixrUZSkKMybD
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:00:56 2025 by rpki-client