Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/A8rnI4M3w_P_372AtlQB1DLdBMw.roa
File: A8rnI4M3w_P_372AtlQB1DLdBMw.roa (raw, json)
Hash identifier: 7iYOvviYyfsHz1QeQfwXojw8scZwfX8bJhP10fM4onA=
Subject key identifier: 03:CA:E7:23:83:37:C3:F3:FF:DF:BD:80:B6:54:01:D4:32:DD:04:CC
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0194236A312EBE03C6FF86A5CDBFE3032567
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/A8rnI4M3w_P_372AtlQB1DLdBMw.roa
Signing time: Wed 01 Jan 2025 19:49:09 +0000
ROA not before: Wed 01 Jan 2025 19:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3170
IP address blocks: 185.133.73.0/24 maxlen: 32
185.223.164.0/24 maxlen: 32
194.156.159.0/24 maxlen: 32
2a06:7a03::/48 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:31:2e:be:03:c6:ff:86:a5:cd:bf:e3:03:25:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 19:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=03cae7238337c3f3ffdfbd80b65401d432dd04cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:76:f0:50:bb:63:36:7e:f2:f1:9f:6e:a5:e4:
e2:08:40:c9:37:21:50:97:d0:26:5d:38:da:60:ed:
01:06:07:bb:52:84:b8:a6:0d:92:74:5f:1e:42:ae:
b2:c8:4e:1d:8b:43:57:a7:95:85:c5:0b:7e:c5:a1:
a9:e3:8f:42:0c:56:f6:15:a8:cf:a4:19:eb:27:1a:
80:29:56:7f:cb:86:7e:bc:24:c7:24:87:a1:d3:8f:
34:87:79:02:a7:44:83:7e:e6:61:dc:39:d8:c5:d9:
6f:de:4b:63:68:72:76:ce:ff:48:6d:83:53:aa:4a:
8c:fa:c9:2a:f0:b7:4b:68:04:12:db:ac:eb:f2:da:
ad:39:54:95:ff:2e:e8:4b:6f:bd:db:b2:11:c8:3e:
35:71:92:82:ef:81:41:b1:0e:6a:0d:61:39:e1:78:
d7:4d:e1:14:ef:44:6f:95:19:3f:83:00:f0:21:e7:
bb:1f:3e:1f:60:4f:72:7d:18:6c:b9:45:a8:b8:90:
44:74:ef:33:63:7a:e2:e7:29:4a:c9:5f:b5:dd:bd:
94:3d:eb:4a:a7:68:75:a5:33:42:84:ab:8e:d0:a4:
05:c2:15:f4:c5:02:88:14:f0:04:61:3c:69:a7:75:
1d:08:21:70:01:d2:a3:cf:71:55:e0:d6:e3:3c:ba:
fa:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:CA:E7:23:83:37:C3:F3:FF:DF:BD:80:B6:54:01:D4:32:DD:04:CC
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/A8rnI4M3w_P_372AtlQB1DLdBMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.73.0/24
185.223.164.0/24
194.156.159.0/24
IPv6:
2a06:7a03::/48
Signature Algorithm: sha256WithRSAEncryption
83:71:fe:80:33:55:c9:fc:75:5a:58:71:8e:74:db:a6:51:5c:
23:0b:39:7d:bf:a7:1f:30:76:e4:0a:56:19:0c:0a:53:45:ee:
82:4e:99:cc:5e:8d:d0:57:bf:f2:a3:e1:83:e0:54:d9:a0:b6:
96:d0:a0:b7:d1:70:42:aa:1b:0d:2f:57:1b:61:04:6e:65:8a:
6b:5c:dd:56:2c:89:56:1c:4d:e7:fa:aa:98:7b:9c:7e:ea:f2:
c0:35:eb:53:b3:5d:33:60:9b:36:87:35:cb:7e:a5:e7:b4:39:
02:9d:47:3f:a9:cf:9b:02:b1:b2:a7:bc:3a:5e:d5:1b:be:73:
9a:41:1c:c2:26:03:6b:21:b8:c1:c8:c5:11:f0:00:de:9f:9c:
d0:4e:2f:7b:ce:3b:5f:d2:f0:11:1e:5f:c8:92:b9:b8:b9:bd:
81:c4:4a:49:91:05:85:14:3b:5b:ae:83:f0:b4:14:67:78:a9:
57:89:89:1c:2b:5d:8e:ab:f3:f1:de:29:71:18:02:58:7a:b9:
15:09:a4:79:22:c4:f0:a6:c4:07:9c:93:f9:cd:58:98:8b:70:
6e:9a:5a:cd:4c:11:db:c4:c5:34:60:fc:bc:7a:db:d1:ec:59:
20:c3:76:7d:a7:a9:85:b6:aa:79:a1:0e:51:85:e8:7c:3f:46:
3b:83:ca:3a
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQjajEuvgPG/4alzb/jAyVnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMTAxMTk0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2NhZTcyMzgzMzdjM2YzZmZkZmJkODBiNjU0MDFkNDMyZGQwNGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3bwULtjNn7y8Z9upeTiCEDJNyFQ
l9AmXTjaYO0BBge7UoS4pg2SdF8eQq6yyE4di0NXp5WFxQt+xaGp449CDFb2FajP
pBnrJxqAKVZ/y4Z+vCTHJIeh0480h3kCp0SDfuZh3DnYxdlv3ktjaHJ2zv9IbYNT
qkqM+skq8LdLaAQS26zr8tqtOVSV/y7oS2+927IRyD41cZKC74FBsQ5qDWE54XjX
TeEU70RvlRk/gwDwIee7Hz4fYE9yfRhsuUWouJBEdO8zY3ri5ylKyV+13b2UPetK
p2h1pTNChKuO0KQFwhX0xQKIFPAEYTxpp3UdCCFwAdKjz3FV4NbjPLr6RwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFAPK5yODN8Pz/9+9gLZUAdQy3QTMMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvQThybkk0TTN3X1BfMzcyQXRsUUIxRExkQk13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAuYVJAwQA
ud+kAwQAwpyfMA8EAgACMAkDBwAqBnoDAAAwDQYJKoZIhvcNAQELBQADggEBAINx
/oAzVcn8dVpYcY5026ZRXCMLOX2/px8wduQKVhkMClNF7oJOmcxejdBXv/Kj4YPg
VNmgtpbQoLfRcEKqGw0vVxthBG5limtc3VYsiVYcTef6qph7nH7q8sA161OzXTNg
mzaHNct+pee0OQKdRz+pz5sCsbKnvDpe1Ru+c5pBHMImA2shuMHIxRHwAN6fnNBO
L3vOO1/S8BEeX8iSubi5vYHESkmRBYUUO1uug/C0FGd4qVeJiRwrXY6r8/HeKXEY
Alh6uRUJpHkixPCmxAeck/nNWJiLcG6aWs1MEdvExTRg/Lx629HsWSDDdn2nqYW2
qnmhDlGF6Hw/RjuDyjo=
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:15:18 2025 by rpki-client