Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/ca935b-2484-4020-b814-3d4ae80fc45d/1/Fi8wX9cISGjJ7ycNTDrnhsS2nfM.roa
File: Fi8wX9cISGjJ7ycNTDrnhsS2nfM.roa (raw, json)
Hash identifier: HuNKcd4RHVijmwuiGKzg2wYioOAAJSYuv1pU/fwGAiA=
Subject key identifier: 16:2F:30:5F:D7:08:48:68:C9:EF:27:0D:4C:3A:E7:86:C4:B6:9D:F3
Certificate issuer: /CN=10721ead6a4575643cb703062c0968755e8281eb
Certificate serial: 0194228E1DE1249E7EF8DB49BF282F247E02
Authority key identifier: 10:72:1E:AD:6A:45:75:64:3C:B7:03:06:2C:09:68:75:5E:82:81:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EHIerWpFdWQ8twMGLAlodV6Cges.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/ca935b-2484-4020-b814-3d4ae80fc45d/1/Fi8wX9cISGjJ7ycNTDrnhsS2nfM.roa
Signing time: Wed 01 Jan 2025 15:48:46 +0000
ROA not before: Wed 01 Jan 2025 15:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207020
IP address blocks: 185.203.136.0/23 maxlen: 23
185.203.138.0/23 maxlen: 23
2a0a:e740::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:1d:e1:24:9e:7e:f8:db:49:bf:28:2f:24:7e:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10721ead6a4575643cb703062c0968755e8281eb
Validity
Not Before: Jan 1 15:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=162f305fd7084868c9ef270d4c3ae786c4b69df3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e4:b8:7f:b2:f9:d6:0b:11:03:b8:31:73:29:
12:32:56:34:3e:3c:13:d0:37:95:08:5a:3c:c8:7d:
36:9a:24:89:52:2b:3c:d0:17:01:79:fb:ab:57:27:
b5:74:72:cc:a1:71:65:e3:81:44:70:14:20:7c:5c:
62:38:ee:7f:0b:2d:17:b8:c2:6e:33:b2:cf:ef:06:
29:47:d9:53:89:b0:ef:5d:57:1c:68:67:5c:70:01:
0a:62:45:60:e6:5b:6e:b0:2d:8c:95:92:20:82:75:
c0:83:b8:16:60:db:32:75:c5:bb:83:f0:1d:34:11:
55:8d:b4:59:e6:7a:75:a5:68:1f:72:26:18:c8:4c:
d9:f0:41:41:62:40:3e:ce:1d:25:7f:47:27:3f:2b:
cb:88:ae:94:dd:76:be:07:97:78:52:e5:11:ea:b5:
35:90:2c:d4:16:5d:d0:51:57:4b:f1:0d:be:d1:41:
32:13:f9:d2:a8:23:e8:41:56:70:1a:44:f1:19:0f:
d8:25:59:42:7f:8e:c3:cc:3e:11:e2:ca:f7:8f:d9:
7d:f2:54:ed:4c:a6:94:a4:71:71:2c:cd:1c:4c:c5:
ba:41:c7:77:66:30:49:b1:9d:2a:da:1a:b7:a8:57:
c2:5e:cc:17:ff:75:0a:53:49:8a:6f:d7:31:80:c7:
cd:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:2F:30:5F:D7:08:48:68:C9:EF:27:0D:4C:3A:E7:86:C4:B6:9D:F3
X509v3 Authority Key Identifier:
keyid:10:72:1E:AD:6A:45:75:64:3C:B7:03:06:2C:09:68:75:5E:82:81:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHIerWpFdWQ8twMGLAlodV6Cges.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/ca935b-2484-4020-b814-3d4ae80fc45d/1/Fi8wX9cISGjJ7ycNTDrnhsS2nfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/ca935b-2484-4020-b814-3d4ae80fc45d/1/EHIerWpFdWQ8twMGLAlodV6Cges.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.136.0/22
IPv6:
2a0a:e740::/29
Signature Algorithm: sha256WithRSAEncryption
4a:cd:ce:2a:cd:99:a7:ec:66:38:d4:5e:e3:58:8a:96:7b:84:
43:5d:75:ff:0a:fa:53:c7:31:00:c7:02:bd:e6:cc:b4:46:1d:
d2:72:fa:57:25:5d:c2:6c:c4:a7:0e:ec:f6:ed:3a:f8:0c:23:
cc:f4:c4:5f:e6:94:a0:f0:cf:90:30:c1:cd:9f:a7:66:23:51:
c5:2d:ac:78:36:d1:8f:8b:40:d2:d3:aa:b3:ef:86:9e:d4:3e:
47:3a:d4:ec:20:4c:52:dd:51:f6:aa:16:a2:51:55:25:59:b8:
06:a6:33:b3:83:b7:61:68:6a:89:41:cf:b1:68:2c:df:09:ad:
04:13:00:8a:9c:42:89:07:e5:01:d5:48:53:7a:88:86:ae:8a:
49:7f:62:90:54:b3:d8:6f:dd:45:ae:2c:8c:82:c9:b7:96:ea:
9d:85:da:0d:b2:a3:4a:9b:7c:c1:1e:47:ec:79:10:45:53:a6:
27:c4:e4:84:44:ac:60:7c:aa:35:95:de:83:37:e4:9b:62:eb:
82:b7:1b:4f:3f:95:c7:f3:19:39:48:20:5d:b5:f4:ab:63:87:
93:c3:c9:38:78:99:0c:4a:ad:f4:f5:de:c3:89:2f:36:26:b1:
69:7a:7b:c6:93:78:c5:4e:49:40:d8:09:75:52:a7:12:9a:be:
4e:87:0c:3a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQijh3hJJ5++NtJvygvJH4CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzIxZWFkNmE0NTc1NjQzY2I3MDMwNjJjMDk2ODc1NWU4
MjgxZWIwHhcNMjUwMTAxMTU0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjJmMzA1ZmQ3MDg0ODY4YzllZjI3MGQ0YzNhZTc4NmM0YjY5ZGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuS4f7L51gsRA7gxcykSMlY0PjwT
0DeVCFo8yH02miSJUis80BcBefurVye1dHLMoXFl44FEcBQgfFxiOO5/Cy0XuMJu
M7LP7wYpR9lTibDvXVccaGdccAEKYkVg5ltusC2MlZIggnXAg7gWYNsydcW7g/Ad
NBFVjbRZ5np1pWgfciYYyEzZ8EFBYkA+zh0lf0cnPyvLiK6U3Xa+B5d4UuUR6rU1
kCzUFl3QUVdL8Q2+0UEyE/nSqCPoQVZwGkTxGQ/YJVlCf47DzD4R4sr3j9l98lTt
TKaUpHFxLM0cTMW6Qcd3ZjBJsZ0q2hq3qFfCXswX/3UKU0mKb9cxgMfNMwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBYvMF/XCEhoye8nDUw654bEtp3zMB8GA1UdIwQY
MBaAFBByHq1qRXVkPLcDBiwJaHVegoHrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhJZXJXcEZkV1E4dHdNR0xBbG9kVjZDZ2VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9jYTkzNWItMjQ4NC00MDIwLWI4MTQt
M2Q0YWU4MGZjNDVkLzEvRmk4d1g5Y0lTR2pKN3ljTlREcm5oc1MybmZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9jYTkzNWItMjQ4NC00MDIwLWI4MTQtM2Q0YWU4MGZjNDVk
LzEvRUhJZXJXcEZkV1E4dHdNR0xBbG9kVjZDZ2VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucuIMA0E
AgACMAcDBQMqCudAMA0GCSqGSIb3DQEBCwUAA4IBAQBKzc4qzZmn7GY41F7jWIqW
e4RDXXX/CvpTxzEAxwK95sy0Rh3ScvpXJV3CbMSnDuz27Tr4DCPM9MRf5pSg8M+Q
MMHNn6dmI1HFLax4NtGPi0DS06qz74ae1D5HOtTsIExS3VH2qhaiUVUlWbgGpjOz
g7dhaGqJQc+xaCzfCa0EEwCKnEKJB+UB1UhTeoiGropJf2KQVLPYb91FriyMgsm3
luqdhdoNsqNKm3zBHkfseRBFU6YnxOSERKxgfKo1ld6DN+SbYuuCtxtPP5XH8xk5
SCBdtfSrY4eTw8k4eJkMSq309d7DiS82JrFpenvGk3jFTklA2Al1UqcSmr5Ohww6
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:30:33 2025 by rpki-client