Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/5e6a8f-0b79-4894-b91c-eecee893c527/1/aF_43DT8_FuRSeutyPS1ou0Qd_Y.roa
File: aF_43DT8_FuRSeutyPS1ou0Qd_Y.roa (raw, json)
Hash identifier: RrbF82KQXt3VwJUd+EvcBbcTN6Aiglh/wvfzSoG8RZ0=
Subject key identifier: 68:5F:F8:DC:34:FC:FC:5B:91:49:EB:AD:C8:F4:B5:A2:ED:10:77:F6
Certificate issuer: /CN=1b0bb51a7b532be4d44ba604ae6e063f063f37d4
Certificate serial: 019423D6BF8CF411ED537FB55D19D296188D
Authority key identifier: 1B:0B:B5:1A:7B:53:2B:E4:D4:4B:A6:04:AE:6E:06:3F:06:3F:37:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gwu1GntTK-TUS6YErm4GPwY_N9Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/5e6a8f-0b79-4894-b91c-eecee893c527/1/aF_43DT8_FuRSeutyPS1ou0Qd_Y.roa
Signing time: Wed 01 Jan 2025 21:47:43 +0000
ROA not before: Wed 01 Jan 2025 21:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206429
IP address blocks: 185.186.196.0/22 maxlen: 22
185.252.152.0/22 maxlen: 22
2a0b:8580::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:bf:8c:f4:11:ed:53:7f:b5:5d:19:d2:96:18:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0bb51a7b532be4d44ba604ae6e063f063f37d4
Validity
Not Before: Jan 1 21:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=685ff8dc34fcfc5b9149ebadc8f4b5a2ed1077f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:26:7b:82:82:65:81:12:db:b5:66:6b:38:ad:
d2:f0:55:19:9a:e6:d8:60:a0:21:78:20:f1:fc:94:
e3:d8:85:40:76:a2:a0:ba:bf:65:90:f5:8d:21:29:
55:b3:4f:6b:3a:6f:3a:66:6f:1d:29:96:37:f8:98:
32:f2:e4:2c:42:28:69:e8:48:87:fc:0c:7a:e8:74:
4f:3f:30:7f:88:e2:4f:0a:b9:20:51:a0:51:95:58:
1f:b8:6d:ac:d5:d5:f0:57:47:73:d9:3b:37:50:6b:
47:4b:16:d8:1b:df:11:f4:db:99:7e:1c:e0:2e:18:
4e:b8:63:ae:9c:ba:a0:62:6b:13:69:82:72:c5:70:
d5:5d:22:0c:b5:d2:a4:8b:50:e1:30:c4:7e:33:60:
a7:82:62:e8:e5:5d:fb:b1:68:ba:bd:fa:34:1c:de:
f6:d9:9d:d4:92:a2:8d:b9:a0:f7:e0:3c:5a:ed:62:
73:22:45:3d:51:49:d6:05:27:cf:51:20:81:94:e6:
6d:75:7b:bd:ca:e9:6a:5d:c7:e3:ad:19:07:ad:40:
38:37:f0:e8:9f:79:03:1e:b1:b6:a7:75:c2:cd:9f:
b1:52:79:2b:c5:19:23:d1:7b:f8:16:71:e4:85:7c:
66:a9:1f:ed:db:b0:40:26:2c:4d:70:64:3d:b2:b1:
29:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:5F:F8:DC:34:FC:FC:5B:91:49:EB:AD:C8:F4:B5:A2:ED:10:77:F6
X509v3 Authority Key Identifier:
keyid:1B:0B:B5:1A:7B:53:2B:E4:D4:4B:A6:04:AE:6E:06:3F:06:3F:37:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gwu1GntTK-TUS6YErm4GPwY_N9Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/5e6a8f-0b79-4894-b91c-eecee893c527/1/aF_43DT8_FuRSeutyPS1ou0Qd_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/5e6a8f-0b79-4894-b91c-eecee893c527/1/Gwu1GntTK-TUS6YErm4GPwY_N9Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.196.0/22
185.252.152.0/22
IPv6:
2a0b:8580::/29
Signature Algorithm: sha256WithRSAEncryption
0f:12:d3:c4:fc:ca:f6:e2:30:27:29:78:22:0e:02:8d:00:2d:
5f:4e:35:db:fa:d3:a6:c4:62:04:54:1e:db:43:70:49:31:d4:
64:45:9c:84:3d:06:4a:b2:0f:cd:a3:62:ac:79:70:ad:1d:d3:
0b:9f:43:ef:c2:e5:f5:19:4b:13:97:dc:4f:33:5b:0b:75:e0:
f3:26:e3:a4:60:35:71:d2:4f:c2:0f:37:db:d2:86:d7:f0:59:
32:05:10:75:97:33:6e:6b:67:a0:be:56:ad:7e:7b:27:8b:1f:
72:c7:1a:50:91:58:04:01:2b:86:04:f5:0f:1c:a0:66:e1:39:
00:77:c2:11:e6:04:42:6d:d1:41:49:94:3d:b2:c9:5f:cf:46:
0b:29:79:36:75:2d:77:ba:b3:f2:d7:e0:c1:e5:d4:71:02:0d:
78:1a:22:2d:d5:78:02:04:56:d4:2c:70:db:b9:fc:ec:d9:3d:
7d:95:02:2e:81:98:82:94:d5:35:5e:1b:b6:57:32:57:db:72:
0b:14:e3:37:5d:06:a5:c1:f3:f9:44:ca:c6:fc:47:5b:e0:31:
31:ff:fe:d7:7d:9e:77:67:b8:0b:e2:78:21:55:88:bc:e9:f5:
fe:30:82:94:0b:72:97:87:dc:ce:6f:45:5a:b6:04:1e:46:d8:
2d:1e:b2:39
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQj1r+M9BHtU3+1XRnSlhiNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMGJiNTFhN2I1MzJiZTRkNDRiYTYwNGFlNmUwNjNmMDYz
ZjM3ZDQwHhcNMjUwMTAxMjE0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODVmZjhkYzM0ZmNmYzViOTE0OWViYWRjOGY0YjVhMmVkMTA3N2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSZ7goJlgRLbtWZrOK3S8FUZmubY
YKAheCDx/JTj2IVAdqKgur9lkPWNISlVs09rOm86Zm8dKZY3+Jgy8uQsQihp6EiH
/Ax66HRPPzB/iOJPCrkgUaBRlVgfuG2s1dXwV0dz2Ts3UGtHSxbYG98R9NuZfhzg
LhhOuGOunLqgYmsTaYJyxXDVXSIMtdKki1DhMMR+M2CngmLo5V37sWi6vfo0HN72
2Z3UkqKNuaD34Dxa7WJzIkU9UUnWBSfPUSCBlOZtdXu9yulqXcfjrRkHrUA4N/Do
n3kDHrG2p3XCzZ+xUnkrxRkj0Xv4FnHkhXxmqR/t27BAJixNcGQ9srEp8wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGhf+Nw0/PxbkUnrrcj0taLtEHf2MB8GA1UdIwQY
MBaAFBsLtRp7Uyvk1EumBK5uBj8GPzfUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3d1MUdudFRLLVRVUzZZRXJtNEdQd1lfTjlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi81ZTZhOGYtMGI3OS00ODk0LWI5MWMt
ZWVjZWU4OTNjNTI3LzEvYUZfNDNEVDhfRnVSU2V1dHlQUzFvdTBRZF9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi81ZTZhOGYtMGI3OS00ODk0LWI5MWMtZWVjZWU4OTNjNTI3
LzEvR3d1MUdudFRLLVRVUzZZRXJtNEdQd1lfTjlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCubrEAwQC
ufyYMA0EAgACMAcDBQMqC4WAMA0GCSqGSIb3DQEBCwUAA4IBAQAPEtPE/Mr24jAn
KXgiDgKNAC1fTjXb+tOmxGIEVB7bQ3BJMdRkRZyEPQZKsg/No2KseXCtHdMLn0Pv
wuX1GUsTl9xPM1sLdeDzJuOkYDVx0k/CDzfb0obX8FkyBRB1lzNua2egvlatfnsn
ix9yxxpQkVgEASuGBPUPHKBm4TkAd8IR5gRCbdFBSZQ9sslfz0YLKXk2dS13urPy
1+DB5dRxAg14GiIt1XgCBFbULHDbufzs2T19lQIugZiClNU1Xhu2VzJX23ILFOM3
XQalwfP5RMrG/Edb4DEx//7XfZ53Z7gL4nghVYi86fX+MIKUC3KXh9zOb0VatgQe
RtgtHrI5
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:33 2025 by rpki-client