Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/wF0b1KUXe0U_bON_pBEoysY2T6k.roa
File: wF0b1KUXe0U_bON_pBEoysY2T6k.roa (raw, json)
Hash identifier: DPse6U512sX0ONNuBoLLi/K8A5hqXSZVhiW/ds6GDr8=
Subject key identifier: C0:5D:1B:D4:A5:17:7B:45:3F:6C:E3:7F:A4:11:28:CA:C6:36:4F:A9
Certificate issuer: /CN=ad1d2a562c7db21151b4a0926b8d6feeacef8857
Certificate serial: 0194221F5B47D10E508E822E99F267C0C860
Authority key identifier: AD:1D:2A:56:2C:7D:B2:11:51:B4:A0:92:6B:8D:6F:EE:AC:EF:88:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rR0qVix9shFRtKCSa41v7qzviFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/wF0b1KUXe0U_bON_pBEoysY2T6k.roa
Signing time: Wed 01 Jan 2025 13:47:47 +0000
ROA not before: Wed 01 Jan 2025 13:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12859
IP address blocks: 185.63.152.0/22 maxlen: 24
185.84.140.0/22 maxlen: 24
185.103.172.0/22 maxlen: 24
2a03:7e0::/32 maxlen: 64
2a05:a640::/29 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:5b:47:d1:0e:50:8e:82:2e:99:f2:67:c0:c8:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad1d2a562c7db21151b4a0926b8d6feeacef8857
Validity
Not Before: Jan 1 13:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c05d1bd4a5177b453f6ce37fa41128cac6364fa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:68:d8:bd:df:a7:78:35:59:52:ae:f6:bb:93:
e5:35:ac:eb:bb:1c:32:7e:23:51:d0:b1:d8:05:16:
8a:dd:c6:db:d4:fc:7f:8d:73:24:00:35:0a:27:90:
03:39:2d:17:c3:aa:2d:a9:87:19:8c:16:24:e8:8d:
1e:b1:17:7b:d7:12:6c:0e:3a:a5:03:7e:f3:bb:c0:
8c:6b:59:fc:2c:5b:4b:40:50:c4:2a:e5:fb:cf:cc:
28:cc:67:a6:32:68:f3:bd:62:91:a1:c2:72:f6:e0:
3b:c1:ae:42:78:53:2b:e8:9c:9d:52:54:fb:d1:07:
04:d3:16:72:c2:41:26:b0:ad:8a:0c:cb:1e:e4:5f:
55:c1:54:d2:01:ec:50:32:71:cb:cf:ac:0c:1a:88:
d1:0c:eb:7b:c9:98:ee:0a:ed:d2:a0:60:51:f5:27:
82:ed:ff:1a:61:cc:0d:1b:58:d8:72:9d:d5:4d:91:
8e:b7:4b:0a:5e:87:91:c7:e8:59:51:ee:28:8e:78:
31:b8:f0:bd:da:b3:be:fd:da:f2:1b:05:98:21:2d:
53:aa:e8:59:62:9e:77:ea:8b:75:99:f6:b2:3b:34:
43:08:36:0a:fb:83:dc:d3:bd:d2:6b:1f:fd:07:22:
d5:ee:7d:d1:36:e2:fc:2b:6a:bb:f4:56:f5:7d:c1:
3d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:5D:1B:D4:A5:17:7B:45:3F:6C:E3:7F:A4:11:28:CA:C6:36:4F:A9
X509v3 Authority Key Identifier:
keyid:AD:1D:2A:56:2C:7D:B2:11:51:B4:A0:92:6B:8D:6F:EE:AC:EF:88:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rR0qVix9shFRtKCSa41v7qzviFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/wF0b1KUXe0U_bON_pBEoysY2T6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/rR0qVix9shFRtKCSa41v7qzviFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.63.152.0/22
185.84.140.0/22
185.103.172.0/22
IPv6:
2a03:7e0::/32
2a05:a640::/29
Signature Algorithm: sha256WithRSAEncryption
98:10:e0:46:d5:3b:5d:71:9e:47:0c:6a:c8:b9:19:d7:0d:ad:
f6:cb:37:e3:54:d7:2c:a7:fb:da:2d:a7:90:d7:9b:b7:a8:ee:
27:a6:bc:4e:76:81:1f:9e:a3:e2:ae:b5:3c:a6:e6:95:39:67:
2a:fd:f3:92:4a:b3:14:4e:16:ce:ea:58:99:0f:f1:4a:4d:ec:
b1:2f:76:ae:be:69:65:64:b8:dc:da:ca:1b:82:44:ba:d1:54:
ba:85:aa:ad:cc:fb:f3:da:31:f7:6f:4f:6f:20:e1:0f:89:14:
6d:20:37:40:04:a7:0d:24:f7:f4:34:6c:50:ab:3f:b3:33:ae:
90:c5:bd:f4:ba:73:0e:3e:19:c7:cb:13:1c:76:b3:1a:58:c9:
5d:75:81:a3:2c:b6:00:b9:b0:cf:20:75:58:84:6e:57:ba:f3:
af:dd:bd:9b:90:55:0b:74:69:c2:d5:ac:db:de:05:5a:9f:e3:
14:b3:64:1a:b0:a7:d3:0e:d6:bd:88:da:5c:5c:4a:71:bd:62:
dc:20:7d:c9:dd:0c:c0:ad:fe:e4:d9:d5:97:20:d2:04:5e:65:
ce:b0:50:ba:13:41:0f:f0:d4:da:3d:a2:ac:82:80:f4:c5:02:
7c:90:2f:1b:e1:5a:98:0a:6e:04:5e:00:34:07:af:fe:ca:20:
0e:67:59:22
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQiH1tH0Q5QjoIumfJnwMhgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMWQyYTU2MmM3ZGIyMTE1MWI0YTA5MjZiOGQ2ZmVlYWNl
Zjg4NTcwHhcNMjUwMTAxMTM0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDVkMWJkNGE1MTc3YjQ1M2Y2Y2UzN2ZhNDExMjhjYWM2MzY0ZmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmjYvd+neDVZUq72u5PlNazruxwy
fiNR0LHYBRaK3cbb1Px/jXMkADUKJ5ADOS0Xw6otqYcZjBYk6I0esRd71xJsDjql
A37zu8CMa1n8LFtLQFDEKuX7z8wozGemMmjzvWKRocJy9uA7wa5CeFMr6JydUlT7
0QcE0xZywkEmsK2KDMse5F9VwVTSAexQMnHLz6wMGojRDOt7yZjuCu3SoGBR9SeC
7f8aYcwNG1jYcp3VTZGOt0sKXoeRx+hZUe4ojngxuPC92rO+/dryGwWYIS1TquhZ
Yp536ot1mfayOzRDCDYK+4Pc073Sax/9ByLV7n3RNuL8K2q79Fb1fcE9TwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFMBdG9SlF3tFP2zjf6QRKMrGNk+pMB8GA1UdIwQY
MBaAFK0dKlYsfbIRUbSgkmuNb+6s74hXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclIwcVZpeDlzaEZSdEtDU2E0MXY3cXp2aUZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS84M2FjZDctNWUxYS00OWY5LWI0MDkt
MzI5MzZjM2E0YTlkLzEvd0YwYjFLVVhlMFVfYk9OX3BCRW95c1kyVDZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS84M2FjZDctNWUxYS00OWY5LWI0MDktMzI5MzZjM2E0YTlk
LzEvclIwcVZpeDlzaEZSdEtDU2E0MXY3cXp2aUZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCuT+YAwQC
uVSMAwQCuWesMBQEAgACMA4DBQAqAwfgAwUDKgWmQDANBgkqhkiG9w0BAQsFAAOC
AQEAmBDgRtU7XXGeRwxqyLkZ1w2t9ss341TXLKf72i2nkNebt6juJ6a8TnaBH56j
4q61PKbmlTlnKv3zkkqzFE4WzupYmQ/xSk3ssS92rr5pZWS43NrKG4JEutFUuoWq
rcz789ox929PbyDhD4kUbSA3QASnDST39DRsUKs/szOukMW99LpzDj4Zx8sTHHaz
GljJXXWBoyy2ALmwzyB1WIRuV7rzr929m5BVC3RpwtWs294FWp/jFLNkGrCn0w7W
vYjaXFxKcb1i3CB9yd0MwK3+5NnVlyDSBF5lzrBQuhNBD/DU2j2irIKA9MUCfJAv
G+FamApuBF4ANAev/sogDmdZIg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:24:56 2025 by rpki-client