Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/6aNOqOHn4PWmzww59gfzXaipASs.roa
File: 6aNOqOHn4PWmzww59gfzXaipASs.roa (raw, json)
Hash identifier: WM/fm/tGjLVVHGthKted5oiMLP5i9LqxRaZ2ROFyZqw=
Subject key identifier: E9:A3:4E:A8:E1:E7:E0:F5:A6:CF:0C:39:F6:07:F3:5D:A8:A9:01:2B
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019421B237E557F17F36D599366D90844250
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/6aNOqOHn4PWmzww59gfzXaipASs.roa
Signing time: Wed 01 Jan 2025 11:48:35 +0000
ROA not before: Wed 01 Jan 2025 11:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 85.208.106.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:37:e5:57:f1:7f:36:d5:99:36:6d:90:84:42:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 1 11:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e9a34ea8e1e7e0f5a6cf0c39f607f35da8a9012b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:da:83:04:8e:f5:5a:e8:71:dd:5d:5c:de:78:
50:14:ba:74:88:e9:c8:7d:32:78:df:1d:2e:69:56:
0b:a8:54:ab:b3:6c:51:bd:57:20:6c:82:76:fe:d3:
27:93:4f:e3:ef:49:4f:20:eb:cc:21:10:36:83:3d:
4c:ca:ea:53:df:aa:93:d0:97:1e:3c:36:12:ab:b5:
79:d9:66:2a:db:ad:12:8d:78:8b:7f:4f:e8:76:10:
df:08:0c:34:a3:d2:49:d2:81:b5:72:b6:c9:dd:eb:
b3:88:1c:18:49:75:a1:61:a9:e3:b6:99:1b:73:1b:
32:0d:c6:ea:d2:ff:d2:38:97:65:d7:76:c0:27:2b:
11:67:7a:3d:b8:f6:a4:7f:33:6f:a0:23:fe:ad:19:
cd:44:35:d5:e1:29:7a:a8:7b:3e:51:3f:4d:46:9e:
1e:00:97:67:71:bf:bb:b6:4e:8d:ee:a1:3a:ba:d6:
6d:f2:c4:d6:4b:41:c1:e9:6f:0b:e8:4e:db:64:dc:
79:64:fb:9a:d6:d8:5b:81:b2:7d:09:99:2e:24:7f:
08:5c:bf:ed:76:dc:94:fa:0c:78:f3:0b:f3:5b:19:
11:e8:87:e6:20:41:e8:95:f7:d0:c5:01:8d:9d:b4:
17:49:45:5c:55:3c:52:c6:3b:f4:24:17:7e:77:d5:
0c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:A3:4E:A8:E1:E7:E0:F5:A6:CF:0C:39:F6:07:F3:5D:A8:A9:01:2B
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/6aNOqOHn4PWmzww59gfzXaipASs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.106.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:8e:ef:84:e5:dc:da:ee:ce:fb:ba:6f:7b:76:b2:5f:f0:6f:
da:cb:59:32:65:ee:28:f6:b8:8c:e3:f8:06:77:18:d5:df:ea:
6b:da:d5:e9:33:a4:7c:93:6d:83:d5:18:6c:c8:7f:a5:c1:33:
35:28:7a:ab:28:e8:49:7a:e7:0f:24:e7:8a:82:e5:5c:02:a4:
c3:1c:75:52:bd:ac:6e:48:84:72:63:4f:de:9b:c8:b6:22:3a:
a1:93:01:72:13:05:5c:61:dc:09:1e:81:24:14:69:29:cf:db:
28:f9:f4:af:53:33:83:8e:88:41:f1:43:5b:36:a0:4f:85:0c:
cd:47:95:34:09:fe:27:5f:37:3a:ec:ec:2e:a0:3a:2b:f3:41:
be:2b:d2:c2:70:b8:e1:4c:9d:65:57:2a:e0:6a:34:17:7e:e5:
db:13:79:80:2c:e9:73:55:05:e6:93:b9:b1:4c:72:24:49:96:
62:dd:18:1c:66:f6:6a:0b:f4:ae:4f:0b:3a:03:21:ba:64:05:
d5:22:3d:3f:1f:07:74:3b:19:82:cc:06:1b:9c:30:53:7d:94:
32:56:85:fa:27:00:63:d5:93:dd:74:c8:34:c0:c4:1f:b6:fa:
a0:27:5e:d3:74:b5:a0:c3:ec:d9:86:b7:4a:ff:f5:99:7e:18:
8e:ed:b7:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsjflV/F/NtWZNm2QhEJQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwMTAxMTE0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWEzNGVhOGUxZTdlMGY1YTZjZjBjMzlmNjA3ZjM1ZGE4YTkwMTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdqDBI71Wuhx3V1c3nhQFLp0iOnI
fTJ43x0uaVYLqFSrs2xRvVcgbIJ2/tMnk0/j70lPIOvMIRA2gz1MyupT36qT0Jce
PDYSq7V52WYq260SjXiLf0/odhDfCAw0o9JJ0oG1crbJ3euziBwYSXWhYanjtpkb
cxsyDcbq0v/SOJdl13bAJysRZ3o9uPakfzNvoCP+rRnNRDXV4Sl6qHs+UT9NRp4e
AJdncb+7tk6N7qE6utZt8sTWS0HB6W8L6E7bZNx5ZPua1thbgbJ9CZkuJH8IXL/t
dtyU+gx48wvzWxkR6IfmIEHolffQxQGNnbQXSUVcVTxSxjv0JBd+d9UMOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOmjTqjh5+D1ps8MOfYH812oqQErMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvNmFOT3FPSG40UFdtend3NTlnZnpYYWlwQVNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdBqMA0G
CSqGSIb3DQEBCwUAA4IBAQC8ju+E5dza7s77um97drJf8G/ay1kyZe4o9riM4/gG
dxjV3+pr2tXpM6R8k22D1RhsyH+lwTM1KHqrKOhJeucPJOeKguVcAqTDHHVSvaxu
SIRyY0/em8i2IjqhkwFyEwVcYdwJHoEkFGkpz9so+fSvUzODjohB8UNbNqBPhQzN
R5U0Cf4nXzc67OwuoDor80G+K9LCcLjhTJ1lVyrgajQXfuXbE3mALOlzVQXmk7mx
THIkSZZi3RgcZvZqC/SuTws6AyG6ZAXVIj0/Hwd0OxmCzAYbnDBTfZQyVoX6JwBj
1ZPddMg0wMQftvqgJ17TdLWgw+zZhrdK//WZfhiO7bdw
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:18:08 2025 by rpki-client