Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/Q2Pg2GNHELVKyFoNgxOuT8YFvLY.roa
File: Q2Pg2GNHELVKyFoNgxOuT8YFvLY.roa (raw, json)
Hash identifier: DsyRU7FSw+3XDKbBM9HrtgkzYSVPnqWwqknbD6CWVSU=
Subject key identifier: 43:63:E0:D8:63:47:10:B5:4A:C8:5A:0D:83:13:AE:4F:C6:05:BC:B6
Certificate issuer: /CN=f0ff2c6229af763a99f5349a32510df4a4526143
Certificate serial: 019425216669C726D4A6CDF70CAC2F013DDF
Authority key identifier: F0:FF:2C:62:29:AF:76:3A:99:F5:34:9A:32:51:0D:F4:A4:52:61:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8P8sYimvdjqZ9TSaMlEN9KRSYUM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/Q2Pg2GNHELVKyFoNgxOuT8YFvLY.roa
Signing time: Thu 02 Jan 2025 03:48:53 +0000
ROA not before: Thu 02 Jan 2025 03:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7155
IP address blocks: 185.4.88.0/22 maxlen: 24
193.92.8.0/22 maxlen: 24
194.219.218.0/23 maxlen: 24
213.16.192.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:66:69:c7:26:d4:a6:cd:f7:0c:ac:2f:01:3d:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0ff2c6229af763a99f5349a32510df4a4526143
Validity
Not Before: Jan 2 03:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4363e0d8634710b54ac85a0d8313ae4fc605bcb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:50:5c:69:ea:4f:15:9d:da:2d:d8:ac:38:78:
af:ec:b3:59:b6:a9:36:82:64:6e:49:55:24:f1:6a:
56:e6:70:a9:2a:e1:7f:e1:e0:d4:b8:d6:e6:04:3c:
b3:50:15:7e:cf:d2:6b:bd:b3:e8:3f:65:47:52:2b:
85:15:bc:3a:fc:b6:d7:de:d7:24:57:59:4c:0b:40:
2b:f8:0c:59:bc:c9:80:a9:59:fc:e1:65:29:15:16:
46:82:c6:e4:72:f5:91:4a:d8:c4:3b:cd:f7:28:59:
f4:17:f1:35:11:3d:98:12:2d:96:ec:95:d2:3b:5c:
22:60:f4:87:61:4a:df:88:6c:2d:cc:21:88:43:07:
9c:2b:7d:e4:d4:26:fc:2f:70:f8:2a:ee:96:01:bb:
5c:32:84:b2:96:a2:ea:03:9c:13:fd:c7:05:65:26:
0e:73:4f:27:c7:cc:95:bd:91:c5:cd:0e:34:30:f8:
90:f2:e8:b2:eb:3b:d2:f9:55:75:ef:bc:34:bc:73:
2e:b9:f3:6b:f4:57:f1:b7:95:fa:35:37:81:6e:f2:
f1:e8:3c:a1:66:96:bc:0b:26:aa:0a:62:fc:e7:21:
cf:31:0a:1d:db:9b:cb:13:d8:1f:ac:cc:97:25:a4:
1f:a3:21:bf:33:82:d9:0b:fc:d4:25:59:e9:ee:da:
6a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:63:E0:D8:63:47:10:B5:4A:C8:5A:0D:83:13:AE:4F:C6:05:BC:B6
X509v3 Authority Key Identifier:
keyid:F0:FF:2C:62:29:AF:76:3A:99:F5:34:9A:32:51:0D:F4:A4:52:61:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8P8sYimvdjqZ9TSaMlEN9KRSYUM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/Q2Pg2GNHELVKyFoNgxOuT8YFvLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/8P8sYimvdjqZ9TSaMlEN9KRSYUM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.88.0/22
193.92.8.0/22
194.219.218.0/23
213.16.192.0/20
Signature Algorithm: sha256WithRSAEncryption
52:eb:4f:35:f0:d1:d3:95:e0:77:ae:83:5a:34:d1:f6:77:47:
80:e7:89:d5:e5:d7:48:55:b0:e0:be:35:2d:3f:db:d9:a6:09:
cd:a0:f9:79:c6:b8:95:d3:1b:e3:0a:57:f5:98:1e:8d:2e:8a:
1e:a5:fd:ca:b7:4c:44:1b:bb:84:3b:eb:e7:6a:39:bb:5c:97:
1a:83:9e:93:51:44:87:6e:a1:ec:8a:82:a5:e2:ed:02:8d:a3:
04:cd:1e:26:29:a5:cb:48:ed:b4:72:12:bf:ea:e1:b8:8c:08:
74:75:94:25:c1:72:61:82:4f:db:74:1c:98:3c:40:64:9b:c5:
31:6b:12:96:7f:5a:53:4a:3a:0e:10:b5:93:a9:4b:1e:7e:69:
8c:9f:25:59:45:a6:59:05:85:68:f1:67:99:56:e8:c9:07:66:
4f:1b:42:9f:2e:26:5c:4c:a9:27:bc:90:ac:e8:94:47:ba:8b:
a3:6c:c6:c4:5a:92:f7:70:85:b6:07:98:23:58:a6:21:77:13:
c6:d3:3c:5f:ba:06:ad:01:c7:38:e7:94:bb:c4:73:95:a1:f8:
b9:d4:05:9e:7c:65:10:09:c5:8c:80:eb:ff:87:c6:9e:9f:1b:
90:ee:ed:d1:a6:a6:96:ef:b2:16:b2:06:e4:24:c1:26:ee:c7:
82:a9:5f:64
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQlIWZpxybUps33DKwvAT3fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZmYyYzYyMjlhZjc2M2E5OWY1MzQ5YTMyNTEwZGY0YTQ1
MjYxNDMwHhcNMjUwMTAyMDM0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzYzZTBkODYzNDcxMGI1NGFjODVhMGQ4MzEzYWU0ZmM2MDViY2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFBcaepPFZ3aLdisOHiv7LNZtqk2
gmRuSVUk8WpW5nCpKuF/4eDUuNbmBDyzUBV+z9JrvbPoP2VHUiuFFbw6/LbX3tck
V1lMC0Ar+AxZvMmAqVn84WUpFRZGgsbkcvWRStjEO833KFn0F/E1ET2YEi2W7JXS
O1wiYPSHYUrfiGwtzCGIQwecK33k1Cb8L3D4Ku6WAbtcMoSylqLqA5wT/ccFZSYO
c08nx8yVvZHFzQ40MPiQ8uiy6zvS+VV177w0vHMuufNr9Ffxt5X6NTeBbvLx6Dyh
Zpa8CyaqCmL85yHPMQod25vLE9gfrMyXJaQfoyG/M4LZC/zUJVnp7tpqXwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFENj4NhjRxC1SshaDYMTrk/GBby2MB8GA1UdIwQY
MBaAFPD/LGIpr3Y6mfU0mjJRDfSkUmFDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFA4c1lpbXZkanFaOVRTYU1sRU45S1JTWVVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNTFmYTItYzU4MC00YTAyLWExODYt
ZTY5ZjdhNWQyZDkwLzEvUTJQZzJHTkhFTFZLeUZvTmd4T3VUOFlGdkxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wNTFmYTItYzU4MC00YTAyLWExODYtZTY5ZjdhNWQyZDkw
LzEvOFA4c1lpbXZkanFaOVRTYU1sRU45S1JTWVVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuQRYAwQC
wVwIAwQBwtvaAwQE1RDAMA0GCSqGSIb3DQEBCwUAA4IBAQBS60818NHTleB3roNa
NNH2d0eA54nV5ddIVbDgvjUtP9vZpgnNoPl5xriV0xvjClf1mB6NLooepf3Kt0xE
G7uEO+vnajm7XJcag56TUUSHbqHsioKl4u0CjaMEzR4mKaXLSO20chK/6uG4jAh0
dZQlwXJhgk/bdByYPEBkm8UxaxKWf1pTSjoOELWTqUsefmmMnyVZRaZZBYVo8WeZ
VujJB2ZPG0KfLiZcTKknvJCs6JRHuoujbMbEWpL3cIW2B5gjWKYhdxPG0zxfugat
Acc455S7xHOVofi51AWefGUQCcWMgOv/h8aenxuQ7u3RpqaW77IWsgbkJMEm7seC
qV9k
-----END CERTIFICATE-----
Generated at Sat Apr 12 04:46:13 2025 by rpki-client