Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/8I0p9vb1lsTM7thf-HLYyu3nV8E.roa
File: 8I0p9vb1lsTM7thf-HLYyu3nV8E.roa (raw, json)
Hash identifier: 0BZ6mSqrsLplhiGMg4m0SrBt7yCP18wJ/JedDVrCJho=
Subject key identifier: F0:8D:29:F6:F6:F5:96:C4:CC:EE:D8:5F:F8:72:D8:CA:ED:E7:57:C1
Certificate issuer: /CN=5806da5a59251275ceb18694e17415352aedd6aa
Certificate serial: 01942445A042DF5EA93BD729582B28FC90D9
Authority key identifier: 58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/8I0p9vb1lsTM7thf-HLYyu3nV8E.roa
Signing time: Wed 01 Jan 2025 23:48:50 +0000
ROA not before: Wed 01 Jan 2025 23:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 185.220.146.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:a0:42:df:5e:a9:3b:d7:29:58:2b:28:fc:90:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5806da5a59251275ceb18694e17415352aedd6aa
Validity
Not Before: Jan 1 23:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f08d29f6f6f596c4cceed85ff872d8caede757c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:a2:6e:01:c1:cb:9a:07:a1:84:95:c0:8a:f8:
11:2b:4b:a7:45:c8:01:dc:00:6a:81:c3:05:fb:2b:
23:34:5d:7d:3a:04:ea:c3:e3:b6:bc:0a:f5:bb:92:
04:b7:6f:fd:fa:f7:12:0d:ac:86:b2:b6:b8:1b:28:
bc:2f:51:7a:76:da:9f:7a:d4:0b:02:ac:d8:b7:3e:
bf:3a:09:b1:67:d2:32:bc:f6:91:7c:44:7a:06:4d:
84:1f:69:43:ff:09:d9:9c:f7:e9:69:13:77:60:e8:
23:7e:4d:d2:86:13:1f:7f:9b:d7:82:b8:85:d6:42:
20:b3:a9:bd:62:48:35:9b:20:32:d4:a5:e0:21:de:
f1:05:90:03:3e:9e:b8:ec:18:5c:8a:6e:15:c0:ce:
41:66:59:c9:3b:3a:19:43:48:53:5b:3d:d2:73:6b:
14:b1:2d:6b:2e:4f:9d:94:fe:72:57:67:54:b5:6c:
f2:9a:75:a0:d1:6c:30:35:88:91:50:3d:5d:ee:3f:
a5:2f:fb:36:44:03:56:1e:1a:b7:98:ee:fd:68:09:
42:90:a5:0a:c8:99:8c:d7:75:28:3a:6f:3a:c9:f8:
14:ad:0e:9a:2f:2d:15:6c:e3:a7:e5:66:96:81:50:
1e:48:a8:29:3a:d1:6a:48:81:4c:7c:b9:83:7e:ed:
47:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:8D:29:F6:F6:F5:96:C4:CC:EE:D8:5F:F8:72:D8:CA:ED:E7:57:C1
X509v3 Authority Key Identifier:
keyid:58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/8I0p9vb1lsTM7thf-HLYyu3nV8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/WAbaWlklEnXOsYaU4XQVNSrt1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.146.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:da:18:8b:50:d4:b3:9c:42:7b:b1:dc:a9:21:68:1d:cd:cd:
e1:38:c2:9b:3d:40:d3:d4:24:89:55:db:86:a4:cc:ab:81:a6:
e7:f2:ae:d8:a0:28:68:32:1c:4e:e7:a2:c8:0a:98:ec:15:cd:
86:68:e1:46:05:10:e7:03:97:f1:ed:a8:76:47:8b:44:4f:2f:
5d:63:78:59:e6:2c:bc:2c:d8:18:20:d7:25:f8:05:e3:eb:e8:
a9:19:d9:d9:1e:c2:52:fe:c0:19:ff:7c:58:d8:62:54:37:95:
ba:98:b9:8f:2f:01:9d:c9:7a:a7:7c:e3:79:de:38:06:39:01:
6b:da:05:8f:28:ed:96:3a:00:c5:e8:c4:9e:00:8c:86:3c:2b:
f5:0e:16:7b:36:87:01:29:f1:74:dc:f1:a7:bb:6e:35:3c:d7:
c8:91:79:8d:88:bf:ae:b0:aa:2e:72:96:13:fd:91:ab:35:b5:
fc:e5:01:4c:49:e4:d3:56:6b:4a:b9:c9:30:38:07:56:de:8f:
ad:a4:9b:93:9c:57:06:3d:e1:c4:37:0c:9f:38:3e:75:0e:d3:
60:5a:aa:02:cb:20:c2:fe:dc:97:78:c3:7c:8e:d0:13:dc:16:
1a:ba:23:c1:39:b6:53:60:fb:37:46:96:7b:2d:fd:1f:3d:b6:
f5:bb:0f:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRaBC316pO9cpWCso/JDZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDZkYTVhNTkyNTEyNzVjZWIxODY5NGUxNzQxNTM1MmFl
ZGQ2YWEwHhcNMjUwMTAxMjM0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDhkMjlmNmY2ZjU5NmM0Y2NlZWQ4NWZmODcyZDhjYWVkZTc1N2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA16JuAcHLmgehhJXAivgRK0unRcgB
3ABqgcMF+ysjNF19OgTqw+O2vAr1u5IEt2/9+vcSDayGsra4Gyi8L1F6dtqfetQL
AqzYtz6/OgmxZ9IyvPaRfER6Bk2EH2lD/wnZnPfpaRN3YOgjfk3ShhMff5vXgriF
1kIgs6m9Ykg1myAy1KXgId7xBZADPp647Bhcim4VwM5BZlnJOzoZQ0hTWz3Sc2sU
sS1rLk+dlP5yV2dUtWzymnWg0WwwNYiRUD1d7j+lL/s2RANWHhq3mO79aAlCkKUK
yJmM13UoOm86yfgUrQ6aLy0VbOOn5WaWgVAeSKgpOtFqSIFMfLmDfu1HxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPCNKfb29ZbEzO7YX/hy2Mrt51fBMB8GA1UdIwQY
MBaAFFgG2lpZJRJ1zrGGlOF0FTUq7daqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYt
Zjc5Y2NjM2Y0ZWFmLzEvOEkwcDl2YjFsc1RNN3RoZi1ITFl5dTNuVjhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYtZjc5Y2NjM2Y0ZWFm
LzEvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBudySMA0G
CSqGSIb3DQEBCwUAA4IBAQBM2hiLUNSznEJ7sdypIWgdzc3hOMKbPUDT1CSJVduG
pMyrgabn8q7YoChoMhxO56LICpjsFc2GaOFGBRDnA5fx7ah2R4tETy9dY3hZ5iy8
LNgYINcl+AXj6+ipGdnZHsJS/sAZ/3xY2GJUN5W6mLmPLwGdyXqnfON53jgGOQFr
2gWPKO2WOgDF6MSeAIyGPCv1DhZ7NocBKfF03PGnu241PNfIkXmNiL+usKoucpYT
/ZGrNbX85QFMSeTTVmtKuckwOAdW3o+tpJuTnFcGPeHENwyfOD51DtNgWqoCyyDC
/tyXeMN8jtAT3BYauiPBObZTYPs3RpZ7Lf0fPbb1uw+W
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:30:23 2025 by rpki-client