Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/0HIqjpA6T8Rd-tK2PZE0xNA6isI.roa
File: 0HIqjpA6T8Rd-tK2PZE0xNA6isI.roa (raw, json)
Hash identifier: Vzww8IZJ37mS11ckPugyKHbneXuJ4PPzUFanOR4JbYs=
Subject key identifier: D0:72:2A:8E:90:3A:4F:C4:5D:FA:D2:B6:3D:91:34:C4:D0:3A:8A:C2
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0194236A38CFBFE3FB233EEC6844314BEA06
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/0HIqjpA6T8Rd-tK2PZE0xNA6isI.roa
Signing time: Wed 01 Jan 2025 19:49:11 +0000
ROA not before: Wed 01 Jan 2025 19:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25369
IP address blocks: 185.141.206.0/23 maxlen: 23
185.144.100.0/24 maxlen: 24
2a06:8ec4::/43 maxlen: 43
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:38:cf:bf:e3:fb:23:3e:ec:68:44:31:4b:ea:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 19:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0722a8e903a4fc45dfad2b63d9134c4d03a8ac2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e5:cb:1b:14:d9:57:22:9e:38:2d:c0:fe:c3:
17:31:5e:b2:65:13:ce:e5:a7:73:60:64:7a:89:ce:
e7:a9:e0:86:f0:4e:27:38:96:54:37:8f:42:74:00:
4d:d0:d1:d9:0a:9e:0b:e3:de:33:9f:91:d0:be:5d:
f1:73:4f:31:5e:b0:0a:a3:c0:9a:ee:2e:70:45:b2:
d0:d0:ca:fe:4e:db:49:03:25:22:0a:96:aa:72:40:
39:4b:4d:4c:74:14:6a:b5:7f:ef:20:a8:38:eb:f0:
15:eb:f5:79:ba:00:10:c0:74:83:91:40:b7:b9:c5:
31:4e:3f:d8:16:77:7f:b3:8b:27:61:a6:5b:38:81:
c3:62:87:f6:53:77:4b:50:b2:fd:fb:d5:04:b9:56:
ab:b6:77:b1:9e:f4:61:8f:dd:8a:b5:15:8c:da:90:
88:83:90:44:a9:2d:dd:97:ea:14:cd:2c:01:28:51:
8e:e1:db:a2:6a:a7:11:dd:2f:fd:40:e2:a7:8f:35:
ac:27:ca:b4:ca:d7:20:b5:54:68:65:cb:a2:f4:75:
36:cf:5d:ed:ba:60:1d:26:08:be:74:9f:2a:e6:fb:
1b:ba:47:e1:70:6a:64:b6:26:cb:41:27:39:c2:34:
86:f1:0d:76:b0:75:d4:08:e5:98:83:96:19:43:9e:
f4:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:72:2A:8E:90:3A:4F:C4:5D:FA:D2:B6:3D:91:34:C4:D0:3A:8A:C2
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/0HIqjpA6T8Rd-tK2PZE0xNA6isI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.206.0/23
185.144.100.0/24
IPv6:
2a06:8ec4::/43
Signature Algorithm: sha256WithRSAEncryption
09:89:1a:5e:6b:48:0b:34:b4:3f:ef:4c:68:26:1c:cb:22:76:
81:57:cc:d2:a5:e8:ac:ec:e6:40:c1:18:85:e1:ba:bf:fd:f0:
70:94:27:12:79:c7:a4:51:04:37:58:44:88:ce:6e:db:fc:fc:
c3:48:46:28:e4:9f:a9:e2:ee:59:d3:16:73:28:e1:47:5a:75:
7d:7a:d5:56:65:0f:f1:4e:a7:57:8a:52:c3:3c:59:fd:fb:24:
a8:bd:bd:7d:1f:c5:95:db:75:75:38:af:39:7c:06:30:d3:67:
a9:cb:67:76:c3:79:d3:76:ed:83:7b:5f:64:1e:32:98:6c:34:
43:a3:d2:5c:27:2e:85:fc:aa:92:ef:07:ab:47:53:1b:2b:4a:
5f:fc:04:43:51:22:16:24:b0:0f:f3:57:01:18:ce:c1:25:d0:
15:f2:8e:cd:cb:6f:76:a4:ca:bc:0c:2e:05:87:b9:dc:4a:14:
7f:0f:28:ce:43:00:90:d4:50:93:b5:f4:5e:28:65:0c:42:d4:
a8:7e:b0:8d:8e:bf:d3:d1:36:de:f3:d4:11:10:9f:d9:cc:16:
58:80:c0:0d:18:00:bd:48:17:e4:00:6a:24:5a:59:4b:90:8a:
53:4a:ae:08:9d:7e:6c:70:b9:cb:39:0b:67:1b:93:38:cd:cd:
fd:8b:51:0b
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQjajjPv+P7Iz7saEQxS+oGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMTAxMTk0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDcyMmE4ZTkwM2E0ZmM0NWRmYWQyYjYzZDkxMzRjNGQwM2E4YWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuXLGxTZVyKeOC3A/sMXMV6yZRPO
5adzYGR6ic7nqeCG8E4nOJZUN49CdABN0NHZCp4L494zn5HQvl3xc08xXrAKo8Ca
7i5wRbLQ0Mr+TttJAyUiCpaqckA5S01MdBRqtX/vIKg46/AV6/V5ugAQwHSDkUC3
ucUxTj/YFnd/s4snYaZbOIHDYof2U3dLULL9+9UEuVartnexnvRhj92KtRWM2pCI
g5BEqS3dl+oUzSwBKFGO4duiaqcR3S/9QOKnjzWsJ8q0ytcgtVRoZcui9HU2z13t
umAdJgi+dJ8q5vsbukfhcGpktibLQSc5wjSG8Q12sHXUCOWYg5YZQ570ZwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNByKo6QOk/EXfrStj2RNMTQOorCMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvMEhJcWpwQTZUOFJkLXRLMlBaRTB4TkE2aXNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBuY3OAwQA
uZBkMA8EAgACMAkDBwUqBo7EAAAwDQYJKoZIhvcNAQELBQADggEBAAmJGl5rSAs0
tD/vTGgmHMsidoFXzNKl6Kzs5kDBGIXhur/98HCUJxJ5x6RRBDdYRIjObtv8/MNI
Rijkn6ni7lnTFnMo4UdadX161VZlD/FOp1eKUsM8Wf37JKi9vX0fxZXbdXU4rzl8
BjDTZ6nLZ3bDedN27YN7X2QeMphsNEOj0lwnLoX8qpLvB6tHUxsrSl/8BENRIhYk
sA/zVwEYzsEl0BXyjs3Lb3akyrwMLgWHudxKFH8PKM5DAJDUUJO19F4oZQxC1Kh+
sI2Ov9PRNt7z1BEQn9nMFliAwA0YAL1IF+QAaiRaWUuQilNKrgidfmxwucs5C2cb
kzjNzf2LUQs=
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:59:42 2025 by rpki-client