Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/7d3f00-d48c-416f-919e-dc0389f9167d/1/6wuoxtQ9bA6opmTkPy5nyUw0MFc.roa
File: 6wuoxtQ9bA6opmTkPy5nyUw0MFc.roa (raw, json)
Hash identifier: yaei0hfQngE+ZuEYmOizBFXF772vW3jT8cVqsppYXew=
Subject key identifier: EB:0B:A8:C6:D4:3D:6C:0E:A8:A6:64:E4:3F:2E:67:C9:4C:34:30:57
Certificate issuer: /CN=971a6cbb2df6e7faccc5853ba5400f1f470eab16
Certificate serial: 019423D6E11ABEDC5C3C7BFFA0EBC3041130
Authority key identifier: 97:1A:6C:BB:2D:F6:E7:FA:CC:C5:85:3B:A5:40:0F:1F:47:0E:AB:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lxpsuy325_rMxYU7pUAPH0cOqxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/7d3f00-d48c-416f-919e-dc0389f9167d/1/6wuoxtQ9bA6opmTkPy5nyUw0MFc.roa
Signing time: Wed 01 Jan 2025 21:47:52 +0000
ROA not before: Wed 01 Jan 2025 21:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59989
IP address blocks: 185.22.32.0/22 maxlen: 22
185.22.32.0/24 maxlen: 24
185.22.33.0/24 maxlen: 24
185.22.34.0/24 maxlen: 24
185.22.35.0/24 maxlen: 24
185.100.200.0/22 maxlen: 22
185.100.200.0/24 maxlen: 24
185.100.201.0/24 maxlen: 24
185.100.202.0/24 maxlen: 24
185.100.203.0/24 maxlen: 24
2a00:5e60::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:e1:1a:be:dc:5c:3c:7b:ff:a0:eb:c3:04:11:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=971a6cbb2df6e7faccc5853ba5400f1f470eab16
Validity
Not Before: Jan 1 21:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb0ba8c6d43d6c0ea8a664e43f2e67c94c343057
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:9b:9f:68:5b:fc:57:c3:a7:60:c6:8d:c9:51:
a6:33:cb:79:e0:5c:1f:00:24:51:1f:c5:a3:0c:0b:
fb:89:a2:18:46:9c:cc:74:97:23:1e:83:32:be:d0:
71:a2:95:f6:4c:32:c8:ec:35:77:57:dd:3f:88:01:
7e:0b:ba:30:c0:11:e3:0d:6b:b7:c5:65:24:1e:d2:
4c:5b:fe:31:92:80:42:57:1c:71:e6:2f:66:b2:1f:
2a:d8:f4:fe:3d:48:9f:62:b0:86:a4:07:70:a6:f7:
f3:06:70:0b:2c:2c:4a:40:38:e8:c5:79:6b:02:f4:
1f:03:8d:8d:af:fa:ac:0b:76:95:d8:8f:1e:e0:15:
29:93:6b:03:34:52:c9:c2:69:7f:fd:d8:a7:f7:92:
00:af:63:84:62:16:09:bc:2e:30:1b:1a:bf:c0:27:
30:97:cf:d6:53:eb:cb:e9:45:ca:b2:a4:eb:59:00:
ed:47:46:a6:72:4f:36:d6:ef:5d:38:3a:82:fc:44:
95:76:cb:fc:b6:38:ec:3f:e7:cf:b6:25:d2:a8:ab:
5e:de:ab:43:e4:54:15:2e:4d:1c:1a:e2:9d:d2:92:
c4:b2:d1:10:74:0f:45:09:1f:58:ef:13:58:b2:93:
cd:ff:40:06:52:1b:5e:49:15:84:12:ca:57:ae:8c:
ea:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:0B:A8:C6:D4:3D:6C:0E:A8:A6:64:E4:3F:2E:67:C9:4C:34:30:57
X509v3 Authority Key Identifier:
keyid:97:1A:6C:BB:2D:F6:E7:FA:CC:C5:85:3B:A5:40:0F:1F:47:0E:AB:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lxpsuy325_rMxYU7pUAPH0cOqxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/7d3f00-d48c-416f-919e-dc0389f9167d/1/6wuoxtQ9bA6opmTkPy5nyUw0MFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/7d3f00-d48c-416f-919e-dc0389f9167d/1/lxpsuy325_rMxYU7pUAPH0cOqxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.32.0/22
185.100.200.0/22
IPv6:
2a00:5e60::/32
Signature Algorithm: sha256WithRSAEncryption
0c:07:79:24:c1:53:e0:75:72:67:5d:f2:37:a7:21:94:41:5f:
db:3c:ff:76:8d:30:5c:73:2f:c3:66:9b:5c:9b:bd:04:97:ca:
60:ca:4d:14:e5:d8:b0:d5:d9:11:e8:95:ad:4b:69:c1:3f:e6:
71:67:85:ec:7c:61:56:63:19:41:59:ef:59:e3:e9:57:c1:f4:
32:c3:ad:a8:b7:4d:ae:17:15:0e:bc:6f:5d:59:0f:88:8c:a9:
cc:91:24:31:70:08:45:fe:2f:11:69:e3:61:ab:0b:3b:a8:f4:
cc:1a:b6:1a:2d:ce:61:cd:d8:dd:83:2f:72:19:13:54:c4:10:
45:66:cf:59:68:89:d9:8a:32:9e:d4:d9:a9:40:36:91:f4:23:
7f:ce:6a:99:97:e2:4f:b9:8d:b6:ae:d1:04:dd:ea:eb:7f:43:
d1:f0:57:e0:3b:b7:40:a7:3c:d4:ca:38:ec:f0:33:c4:c0:1a:
e6:16:88:50:85:44:e4:5f:ce:40:7b:49:ed:39:cc:0a:2c:06:
53:2e:03:91:6b:a5:65:8d:c4:d5:c4:e5:cc:9a:83:73:ae:8a:
d4:ae:39:4b:a1:d5:b4:0e:ff:31:c0:74:a0:20:0a:f2:18:79:
3f:43:93:ce:63:9e:f2:91:39:39:f9:54:7e:45:93:1d:51:3e:
d6:74:15:41
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQj1uEavtxcPHv/oOvDBBEwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MWE2Y2JiMmRmNmU3ZmFjY2M1ODUzYmE1NDAwZjFmNDcw
ZWFiMTYwHhcNMjUwMTAxMjE0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjBiYThjNmQ0M2Q2YzBlYThhNjY0ZTQzZjJlNjdjOTRjMzQzMDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ZufaFv8V8OnYMaNyVGmM8t54Fwf
ACRRH8WjDAv7iaIYRpzMdJcjHoMyvtBxopX2TDLI7DV3V90/iAF+C7owwBHjDWu3
xWUkHtJMW/4xkoBCVxxx5i9msh8q2PT+PUifYrCGpAdwpvfzBnALLCxKQDjoxXlr
AvQfA42Nr/qsC3aV2I8e4BUpk2sDNFLJwml//din95IAr2OEYhYJvC4wGxq/wCcw
l8/WU+vL6UXKsqTrWQDtR0amck821u9dODqC/ESVdsv8tjjsP+fPtiXSqKte3qtD
5FQVLk0cGuKd0pLEstEQdA9FCR9Y7xNYspPN/0AGUhteSRWEEspXrozqcwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOsLqMbUPWwOqKZk5D8uZ8lMNDBXMB8GA1UdIwQY
MBaAFJcabLst9uf6zMWFO6VADx9HDqsWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHhwc3V5MzI1X3JNeFlVN3BVQVBIMGNPcXhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS83ZDNmMDAtZDQ4Yy00MTZmLTkxOWUt
ZGMwMzg5ZjkxNjdkLzEvNnd1b3h0UTliQTZvcG1Ua1B5NW55VXcwTUZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS83ZDNmMDAtZDQ4Yy00MTZmLTkxOWUtZGMwMzg5ZjkxNjdk
LzEvbHhwc3V5MzI1X3JNeFlVN3BVQVBIMGNPcXhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuRYgAwQC
uWTIMA0EAgACMAcDBQAqAF5gMA0GCSqGSIb3DQEBCwUAA4IBAQAMB3kkwVPgdXJn
XfI3pyGUQV/bPP92jTBccy/DZptcm70El8pgyk0U5diw1dkR6JWtS2nBP+ZxZ4Xs
fGFWYxlBWe9Z4+lXwfQyw62ot02uFxUOvG9dWQ+IjKnMkSQxcAhF/i8RaeNhqws7
qPTMGrYaLc5hzdjdgy9yGRNUxBBFZs9ZaInZijKe1NmpQDaR9CN/zmqZl+JPuY22
rtEE3errf0PR8FfgO7dApzzUyjjs8DPEwBrmFohQhUTkX85Ae0ntOcwKLAZTLgOR
a6VljcTVxOXMmoNzrorUrjlLodW0Dv8xwHSgIAryGHk/Q5POY57ykTk5+VR+RZMd
UT7WdBVB
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:56:57 2025 by rpki-client