Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/64620f-ea79-4837-a7f4-7992047588dc/1/AzLu5dZ1lro_vPgWfDSkyjVp3_A.roa
File: AzLu5dZ1lro_vPgWfDSkyjVp3_A.roa (raw, json)
Hash identifier: fHd2OPSQrI9Gl0vn8eiy/54U2Ldp8kK6btzN5w/qe5s=
Subject key identifier: 03:32:EE:E5:D6:75:96:BA:3F:BC:F8:16:7C:34:A4:CA:35:69:DF:F0
Certificate issuer: /CN=775db6bc7ad6b4d3ea652a2699bb5efef6a2df55
Certificate serial: 07344112
Authority key identifier: 77:5D:B6:BC:7A:D6:B4:D3:EA:65:2A:26:99:BB:5E:FE:F6:A2:DF:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d122vHrWtNPqZSommbte_vai31U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/64620f-ea79-4837-a7f4-7992047588dc/1/AzLu5dZ1lro_vPgWfDSkyjVp3_A.roa
Signing time: Sat 01 Jan 2022 08:52:51 +0000
ROA not before: Sat 01 Jan 2022 08:52:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208133
IP address blocks: 185.228.200.0/24 maxlen: 24
185.228.201.0/24 maxlen: 24
185.228.200.0/22 maxlen: 22
185.228.203.0/24 maxlen: 24
185.228.202.0/24 maxlen: 24
2a0d:3a05::/32 maxlen: 32
2a0d:3a01::/32 maxlen: 32
2a0d:3a04::/32 maxlen: 32
2a0d:3a02::/32 maxlen: 32
2a0d:3a07::/32 maxlen: 32
2a0d:3a00::/29 maxlen: 29
2a0d:3a00::/32 maxlen: 32
2a0d:3a03::/32 maxlen: 32
2a0d:3a06::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120865042 (0x7344112)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=775db6bc7ad6b4d3ea652a2699bb5efef6a2df55
Validity
Not Before: Jan 1 08:52:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0332eee5d67596ba3fbcf8167c34a4ca3569dff0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e1:3f:18:35:58:96:39:87:57:d4:1a:6d:61:
7b:87:90:f6:43:8e:d3:e9:2c:ae:a8:80:e1:e9:de:
c9:32:32:3b:6b:57:09:f4:28:58:a1:b8:d3:6d:94:
3e:a9:35:05:c9:77:8d:da:3c:bd:67:ec:47:8e:ab:
4f:07:a2:c9:5e:80:57:0d:86:10:c7:9a:45:e0:89:
13:fc:29:cf:68:4a:c9:67:10:04:39:0a:d3:54:9d:
7a:b1:ab:8e:28:85:64:72:76:35:42:62:85:25:b5:
f1:7d:be:2e:37:70:f2:8b:a1:19:69:07:10:81:a4:
da:b8:42:54:44:d7:4b:41:31:4d:9e:54:9b:c7:61:
17:7f:d3:86:7f:1f:fc:e8:a6:7e:15:db:ee:94:ea:
c2:dc:9b:23:4f:eb:49:2a:8c:e5:c0:ae:87:f4:02:
f7:ef:41:74:5b:5e:4c:56:d3:d4:42:d4:18:9e:9f:
60:7a:7d:a9:1f:73:6a:01:89:7b:3e:e5:1e:f0:d8:
bc:24:38:8f:ad:a9:3e:02:b1:b1:d5:29:82:ec:8f:
6e:d3:af:97:bf:8a:67:49:a9:cd:ee:1e:64:c2:4c:
73:47:42:1d:49:e3:a2:13:9b:8d:a3:eb:9c:b7:49:
d8:bd:c9:9a:15:5c:1c:a2:e4:a9:df:e4:2c:17:a0:
fd:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:32:EE:E5:D6:75:96:BA:3F:BC:F8:16:7C:34:A4:CA:35:69:DF:F0
X509v3 Authority Key Identifier:
keyid:77:5D:B6:BC:7A:D6:B4:D3:EA:65:2A:26:99:BB:5E:FE:F6:A2:DF:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d122vHrWtNPqZSommbte_vai31U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/64620f-ea79-4837-a7f4-7992047588dc/1/AzLu5dZ1lro_vPgWfDSkyjVp3_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/64620f-ea79-4837-a7f4-7992047588dc/1/d122vHrWtNPqZSommbte_vai31U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.200.0/22
IPv6:
2a0d:3a00::/29
Signature Algorithm: sha256WithRSAEncryption
ac:13:24:03:ae:eb:63:8d:b9:83:d2:24:06:ed:e4:4d:b6:56:
62:a2:47:41:9f:27:ae:b2:b1:9f:11:64:47:1c:e4:48:83:0a:
e7:ca:ca:e8:f4:b6:7d:67:2d:25:97:15:66:13:0d:49:6e:23:
f7:5b:64:04:54:5e:57:a4:9a:b3:94:04:00:7f:30:8c:cf:38:
56:75:b6:ad:35:25:ef:65:be:be:70:e0:f7:fb:02:5f:a3:8f:
eb:a7:23:73:83:bc:e2:18:f3:13:99:2c:1a:d1:28:b9:fc:91:
9c:32:28:90:15:ea:ca:c2:a4:25:8d:1c:48:5f:ee:6f:ff:44:
d4:b8:ae:b5:c8:9f:1c:25:75:5c:fa:d6:83:b3:43:43:a7:64:
8b:06:03:75:b0:be:23:1c:e9:64:d9:f0:f8:01:ad:ed:b6:05:
8b:94:dd:e1:79:fa:07:64:9f:04:b3:8a:9f:48:b5:a2:f5:95:
4f:bf:ef:a0:05:27:e2:50:c9:ff:87:99:60:84:01:be:3c:ac:
8a:7e:5a:62:94:9c:0f:6e:8d:c6:17:f1:04:26:2b:8b:22:e4:
7c:98:c8:4d:1e:d2:f4:c4:2d:e6:cf:f0:60:a2:4a:4e:f4:f8:
0d:7e:f0:ae:4f:65:a2:35:dd:ff:7a:bc:79:69:e2:c6:ca:6d:
b4:79:d3:10
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBzRBEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NzVkYjZiYzdhZDZiNGQzZWE2NTJhMjY5OWJiNWVmZWY2YTJkZjU1MB4XDTIyMDEw
MTA4NTI1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDMzMmVlZTVkNjc1
OTZiYTNmYmNmODE2N2MzNGE0Y2EzNTY5ZGZmMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL7hPxg1WJY5h1fUGm1he4eQ9kOO0+ksrqiA4eneyTIyO2tX
CfQoWKG4022UPqk1Bcl3jdo8vWfsR46rTweiyV6AVw2GEMeaReCJE/wpz2hKyWcQ
BDkK01SderGrjiiFZHJ2NUJihSW18X2+Ljdw8ouhGWkHEIGk2rhCVETXS0ExTZ5U
m8dhF3/Thn8f/OimfhXb7pTqwtybI0/rSSqM5cCuh/QC9+9BdFteTFbT1ELUGJ6f
YHp9qR9zagGJez7lHvDYvCQ4j62pPgKxsdUpguyPbtOvl7+KZ0mpze4eZMJMc0dC
HUnjohObjaPrnLdJ2L3JmhVcHKLkqd/kLBeg/eMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQDMu7l1nWWuj+8+BZ8NKTKNWnf8DAfBgNVHSMEGDAWgBR3Xba8eta00+pl
KiaZu17+9qLfVTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2QxMjJ2SHJXdE5QcVpTb21tYnRlX3ZhaTMxVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDgvNjQ2MjBmLWVhNzktNDgzNy1hN2Y0LTc5OTIwNDc1ODhkYy8x
L0F6THU1ZFoxbHJvX3ZQZ1dmRFNreWpWcDNfQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDgv
NjQ2MjBmLWVhNzktNDgzNy1hN2Y0LTc5OTIwNDc1ODhkYy8xL2QxMjJ2SHJXdE5Q
cVpTb21tYnRlX3ZhaTMxVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArnkyDANBAIAAjAHAwUDKg06ADAN
BgkqhkiG9w0BAQsFAAOCAQEArBMkA67rY425g9IkBu3kTbZWYqJHQZ8nrrKxnxFk
RxzkSIMK58rK6PS2fWctJZcVZhMNSW4j91tkBFReV6Sas5QEAH8wjM84VnW2rTUl
72W+vnDg9/sCX6OP66cjc4O84hjzE5ksGtEoufyRnDIokBXqysKkJY0cSF/ub/9E
1LiutcifHCV1XPrWg7NDQ6dkiwYDdbC+IxzpZNnw+AGt7bYFi5Td4Xn6B2SfBLOK
n0i1ovWVT7/voAUn4lDJ/4eZYIQBvjysin5aYpScD26NxhfxBCYriyLkfJjITR7S
9MQt5s/wYKJKTvT4DX7wrk9lojXd/3q8eWnixspttHnTEA==
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:08:13 2025 by rpki-client