Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/797057-278a-4f73-80a1-4dce4f3ea13e/1/h5AoEy-X54Db83-jTlFH2Y1fCVw.roa
File: h5AoEy-X54Db83-jTlFH2Y1fCVw.roa (raw, json)
Hash identifier: HOh3C7TWeQ0O5hO+1P91yiEiZozSeSnp7F1/q290vZs=
Subject key identifier: 87:90:28:13:2F:97:E7:80:DB:F3:7F:A3:4E:51:47:D9:8D:5F:09:5C
Certificate issuer: /CN=3ea14842d877e27bc4068b981fe74aeb8bee7e73
Certificate serial: 0194214467603C470A1F05222E97725C4AAB
Authority key identifier: 3E:A1:48:42:D8:77:E2:7B:C4:06:8B:98:1F:E7:4A:EB:8B:EE:7E:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PqFIQth34nvEBouYH-dK64vufnM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/797057-278a-4f73-80a1-4dce4f3ea13e/1/h5AoEy-X54Db83-jTlFH2Y1fCVw.roa
Signing time: Wed 01 Jan 2025 09:48:38 +0000
ROA not before: Wed 01 Jan 2025 09:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199837
IP address blocks: 185.44.212.0/22 maxlen: 24
185.128.148.0/22 maxlen: 24
2a04:9f00::/29 maxlen: 29
2a06:cfc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:67:60:3c:47:0a:1f:05:22:2e:97:72:5c:4a:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ea14842d877e27bc4068b981fe74aeb8bee7e73
Validity
Not Before: Jan 1 09:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=879028132f97e780dbf37fa34e5147d98d5f095c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:11:3e:b4:b5:bb:c4:6c:c8:e9:4d:92:07:85:
99:94:f0:3d:9c:9d:d5:95:cb:94:d0:0f:1e:9d:b6:
45:41:67:6c:91:b2:24:b9:59:de:6f:72:80:98:49:
10:9c:af:4b:8c:72:c1:e6:3e:f4:4f:1d:2d:c9:d8:
78:34:87:ce:03:ca:42:fa:9e:e7:84:5f:c5:b6:89:
71:b7:9a:0d:37:86:c4:64:c9:a9:5f:78:e0:79:64:
d3:c9:ed:a9:7a:0f:ed:77:1a:35:f9:c6:bd:15:74:
3d:bb:6a:df:8a:97:a2:ef:87:6d:eb:a4:4d:1e:de:
7a:95:59:ad:2e:b9:7c:e3:ca:d0:ea:d1:d9:bd:78:
f7:bd:89:bd:eb:0d:21:ed:e0:7c:8a:b7:5b:d1:d1:
1c:41:c7:1a:c4:06:29:27:31:56:35:20:45:1c:c1:
ae:87:27:08:4f:9d:ac:3e:40:2d:93:1b:32:e6:05:
33:74:37:19:65:a4:25:4d:d5:46:34:f2:79:5b:b8:
07:ef:5b:cc:95:5a:76:c8:f0:72:4f:f1:c6:64:b9:
8b:b1:af:0f:7c:f8:79:e0:11:8d:e5:ff:34:65:c8:
5a:27:e7:6f:63:e5:40:1f:ec:18:a8:49:dc:71:ac:
c5:77:6c:07:12:57:33:6e:dd:ef:9a:da:d4:a7:de:
85:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:90:28:13:2F:97:E7:80:DB:F3:7F:A3:4E:51:47:D9:8D:5F:09:5C
X509v3 Authority Key Identifier:
keyid:3E:A1:48:42:D8:77:E2:7B:C4:06:8B:98:1F:E7:4A:EB:8B:EE:7E:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PqFIQth34nvEBouYH-dK64vufnM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/797057-278a-4f73-80a1-4dce4f3ea13e/1/h5AoEy-X54Db83-jTlFH2Y1fCVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/797057-278a-4f73-80a1-4dce4f3ea13e/1/PqFIQth34nvEBouYH-dK64vufnM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.44.212.0/22
185.128.148.0/22
IPv6:
2a04:9f00::/29
2a06:cfc0::/29
Signature Algorithm: sha256WithRSAEncryption
0c:f3:20:82:b9:34:e9:f7:71:c2:e1:5a:5c:db:44:5b:53:30:
41:a0:be:be:04:51:d9:15:0f:a1:af:3e:af:ca:ba:93:b7:c1:
cb:c8:3c:f6:2b:36:64:49:d4:08:37:7d:6e:be:3f:bb:7a:bf:
1d:3f:b2:f8:8f:5e:4b:21:a5:b8:b2:a9:3a:14:bd:92:5d:aa:
cf:1c:8e:83:b9:31:6d:09:13:e8:00:1d:6b:17:bb:d1:64:16:
80:ed:fc:a2:9f:e3:a8:4e:4b:9a:39:45:4b:c4:47:b4:6c:aa:
db:e6:75:e9:82:d7:41:c1:2f:71:9d:0e:a6:5c:53:57:b6:3f:
28:59:a0:99:01:c8:bd:1e:52:0c:d3:3a:ad:79:ac:af:4c:51:
86:87:20:9a:1d:ca:78:74:12:59:5f:24:1c:8b:f1:06:00:59:
42:40:86:93:81:e1:70:9c:67:33:26:49:0e:18:62:e3:02:09:
cd:af:b7:29:47:a0:48:c5:6b:e9:e1:bb:88:71:7a:50:08:7f:
33:bb:b4:61:7b:21:70:cd:d9:8b:09:9e:63:dc:e2:cb:13:62:
03:76:54:fa:2f:77:7a:ee:24:00:b3:b3:78:20:56:f1:8b:2a:
2b:1b:0f:92:2b:30:f8:14:17:9a:1e:6c:67:22:05:9f:ec:7c:
7f:36:7f:94
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQhRGdgPEcKHwUiLpdyXEqrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYTE0ODQyZDg3N2UyN2JjNDA2OGI5ODFmZTc0YWViOGJl
ZTdlNzMwHhcNMjUwMTAxMDk0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzkwMjgxMzJmOTdlNzgwZGJmMzdmYTM0ZTUxNDdkOThkNWYwOTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBE+tLW7xGzI6U2SB4WZlPA9nJ3V
lcuU0A8enbZFQWdskbIkuVneb3KAmEkQnK9LjHLB5j70Tx0tydh4NIfOA8pC+p7n
hF/Ftolxt5oNN4bEZMmpX3jgeWTTye2peg/tdxo1+ca9FXQ9u2rfipei74dt66RN
Ht56lVmtLrl848rQ6tHZvXj3vYm96w0h7eB8irdb0dEcQccaxAYpJzFWNSBFHMGu
hycIT52sPkAtkxsy5gUzdDcZZaQlTdVGNPJ5W7gH71vMlVp2yPByT/HGZLmLsa8P
fPh54BGN5f80ZchaJ+dvY+VAH+wYqEnccazFd2wHElczbt3vmtrUp96FGQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFIeQKBMvl+eA2/N/o05RR9mNXwlcMB8GA1UdIwQY
MBaAFD6hSELYd+J7xAaLmB/nSuuL7n5zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHFGSVF0aDM0bnZFQm91WUgtZEs2NHZ1Zm5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC83OTcwNTctMjc4YS00ZjczLTgwYTEt
NGRjZTRmM2VhMTNlLzEvaDVBb0V5LVg1NERiODMtalRsRkgyWTFmQ1Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC83OTcwNTctMjc4YS00ZjczLTgwYTEtNGRjZTRmM2VhMTNl
LzEvUHFGSVF0aDM0bnZFQm91WUgtZEs2NHZ1Zm5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuSzUAwQC
uYCUMBQEAgACMA4DBQMqBJ8AAwUDKgbPwDANBgkqhkiG9w0BAQsFAAOCAQEADPMg
grk06fdxwuFaXNtEW1MwQaC+vgRR2RUPoa8+r8q6k7fBy8g89is2ZEnUCDd9br4/
u3q/HT+y+I9eSyGluLKpOhS9kl2qzxyOg7kxbQkT6AAdaxe70WQWgO38op/jqE5L
mjlFS8RHtGyq2+Z16YLXQcEvcZ0OplxTV7Y/KFmgmQHIvR5SDNM6rXmsr0xRhocg
mh3KeHQSWV8kHIvxBgBZQkCGk4HhcJxnMyZJDhhi4wIJza+3KUegSMVr6eG7iHF6
UAh/M7u0YXshcM3ZiwmeY9ziyxNiA3ZU+i93eu4kALOzeCBW8YsqKxsPkisw+BQX
mh5sZyIFn+x8fzZ/lA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 22:35:10 2025 by rpki-client