Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2qg7ScUQTzeYZWnfmOvXk8VV_nU.roa
File: 2qg7ScUQTzeYZWnfmOvXk8VV_nU.roa (raw, json)
Hash identifier: 34j40xVLdmenu8mMJoFcqDHPj1KomWwJyw3cDmLXvbo=
Subject key identifier: DA:A8:3B:49:C5:10:4F:37:98:65:69:DF:98:EB:D7:93:C5:55:FE:75
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019422205A9E3A98F82B3ED955C3D180DBF1
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2qg7ScUQTzeYZWnfmOvXk8VV_nU.roa
Signing time: Wed 01 Jan 2025 13:48:53 +0000
ROA not before: Wed 01 Jan 2025 13:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216107
IP address blocks: 185.234.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:5a:9e:3a:98:f8:2b:3e:d9:55:c3:d1:80:db:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=daa83b49c5104f37986569df98ebd793c555fe75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:91:b2:aa:a4:b7:4e:b5:97:c9:c2:3b:f3:25:
e4:3f:f9:d7:56:7e:05:51:d4:55:d0:d0:a5:34:9c:
82:ae:b5:dc:e3:f2:26:d1:f0:e4:15:6d:43:ca:2f:
35:38:59:01:b3:0f:2f:1a:30:b2:e9:1e:37:60:3f:
a5:35:17:0a:64:48:c0:15:f5:9c:d8:6c:f5:d7:47:
1b:a1:a6:93:d0:6d:83:16:9b:36:67:b6:c9:f7:c4:
3a:7c:26:ef:07:65:d5:fe:ed:84:53:1c:c0:dd:e8:
4a:e8:55:26:0f:9b:9c:c7:83:1d:b2:12:9c:c7:3f:
ee:6d:66:a8:7f:05:9c:e7:54:55:33:84:8b:70:b9:
72:2c:83:fe:69:eb:76:8b:e3:83:de:97:d7:1b:b7:
8a:6a:20:be:b0:51:9d:b2:0c:82:76:98:10:d4:42:
37:5e:70:ae:74:73:d2:f0:43:54:d2:57:e7:d9:a4:
4d:ae:cb:10:5d:99:b3:7e:26:8c:d8:2b:f9:31:4e:
11:66:76:9e:ab:76:5f:e6:a8:92:99:1c:fb:26:24:
b7:d0:e2:54:b7:5d:f8:8f:95:d5:c2:eb:b9:88:a9:
fb:0b:09:c6:f4:ad:c9:a6:d3:12:65:e0:0d:ff:c5:
69:e2:80:6a:a0:d3:ce:7b:d2:73:b8:a0:b5:c6:fd:
3c:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:A8:3B:49:C5:10:4F:37:98:65:69:DF:98:EB:D7:93:C5:55:FE:75
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2qg7ScUQTzeYZWnfmOvXk8VV_nU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.20.0/24
Signature Algorithm: sha256WithRSAEncryption
88:5a:4e:9a:3a:c6:3a:58:09:e3:82:79:3a:2f:a3:23:43:bb:
e8:66:cf:55:66:c0:b0:7a:69:3f:0b:6f:da:21:74:7d:d4:19:
99:44:69:b3:bd:1a:02:64:93:7f:88:c2:bb:85:f3:13:54:cb:
c4:27:68:e3:31:d5:2d:99:0b:11:5e:e1:3f:ed:44:4d:ca:56:
7b:6c:f8:f6:a6:2a:e7:21:97:d8:b4:da:bf:12:6a:73:0f:13:
e8:83:c5:22:da:73:4a:85:81:ba:a9:ac:5b:b3:33:4e:5c:eb:
57:29:27:e3:0c:53:e3:82:8a:48:34:e3:95:cc:0e:a6:13:b3:
22:85:de:db:d8:35:25:68:1f:36:6f:4a:9e:d9:da:17:c2:45:
da:bd:a1:57:d3:34:67:29:13:e4:02:90:c0:34:53:51:71:e0:
fb:59:71:a7:e6:a4:2a:7e:fe:03:81:c6:95:da:fb:46:26:b7:
74:e2:57:5a:14:4c:e2:d8:4c:ee:14:3f:1c:a9:d2:db:73:82:
f9:a0:51:0f:bc:c8:57:ac:31:15:13:49:8a:0b:35:28:b5:69:
ba:5e:da:64:bd:1e:5e:bc:51:68:8c:51:05:c5:d8:9e:de:4f:
66:78:5b:e5:aa:c6:c3:08:34:36:01:9f:7f:53:4b:66:c9:9e:
67:57:8d:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIFqeOpj4Kz7ZVcPRgNvxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWE4M2I0OWM1MTA0ZjM3OTg2NTY5ZGY5OGViZDc5M2M1NTVmZTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpGyqqS3TrWXycI78yXkP/nXVn4F
UdRV0NClNJyCrrXc4/Im0fDkFW1Dyi81OFkBsw8vGjCy6R43YD+lNRcKZEjAFfWc
2Gz110cboaaT0G2DFps2Z7bJ98Q6fCbvB2XV/u2EUxzA3ehK6FUmD5ucx4MdshKc
xz/ubWaofwWc51RVM4SLcLlyLIP+aet2i+OD3pfXG7eKaiC+sFGdsgyCdpgQ1EI3
XnCudHPS8ENU0lfn2aRNrssQXZmzfiaM2Cv5MU4RZnaeq3Zf5qiSmRz7JiS30OJU
t134j5XVwuu5iKn7CwnG9K3JptMSZeAN/8Vp4oBqoNPOe9JzuKC1xv08xQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNqoO0nFEE83mGVp35jr15PFVf51MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMnFnN1NjVVFUemVZWlduZm1PdlhrOFZWX25VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueoUMA0G
CSqGSIb3DQEBCwUAA4IBAQCIWk6aOsY6WAnjgnk6L6MjQ7voZs9VZsCwemk/C2/a
IXR91BmZRGmzvRoCZJN/iMK7hfMTVMvEJ2jjMdUtmQsRXuE/7URNylZ7bPj2pirn
IZfYtNq/EmpzDxPog8Ui2nNKhYG6qaxbszNOXOtXKSfjDFPjgopINOOVzA6mE7Mi
hd7b2DUlaB82b0qe2doXwkXavaFX0zRnKRPkApDANFNRceD7WXGn5qQqfv4DgcaV
2vtGJrd04ldaFEzi2EzuFD8cqdLbc4L5oFEPvMhXrDEVE0mKCzUotWm6XtpkvR5e
vFFojFEFxdie3k9meFvlqsbDCDQ2AZ9/U0tmyZ5nV41C
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:27:26 2025 by rpki-client