Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/iI9-w7tHXxNtTl_I4COghj0uNew.roa
File: iI9-w7tHXxNtTl_I4COghj0uNew.roa (raw, json)
Hash identifier: b/PEDW5ud97u67vxZ3rzQUfyJtK+SNRKCKr9PKh3cqQ=
Subject key identifier: 88:8F:7E:C3:BB:47:5F:13:6D:4E:5F:C8:E0:23:A0:86:3D:2E:35:EC
Certificate issuer: /CN=66f8206e3311df394f48389b8122b94aa1f0b05c
Certificate serial: 0194266ACA4813FBFBF73627A85E2717CEF8
Authority key identifier: 66:F8:20:6E:33:11:DF:39:4F:48:38:9B:81:22:B9:4A:A1:F0:B0:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/iI9-w7tHXxNtTl_I4COghj0uNew.roa
Signing time: Thu 02 Jan 2025 09:48:40 +0000
ROA not before: Thu 02 Jan 2025 09:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216279
IP address blocks: 185.114.156.0/22 maxlen: 22
185.229.32.0/22 maxlen: 22
2a03:3a60::/32 maxlen: 32
2a03:3a60:a22::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6a:ca:48:13:fb:fb:f7:36:27:a8:5e:27:17:ce:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66f8206e3311df394f48389b8122b94aa1f0b05c
Validity
Not Before: Jan 2 09:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=888f7ec3bb475f136d4e5fc8e023a0863d2e35ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:1e:68:da:48:18:ec:1e:32:e1:59:6c:74:ed:
e9:8c:29:8a:dc:6a:ff:63:b0:f8:07:3e:5f:ae:8a:
26:c2:c5:a0:1e:de:ed:96:be:c3:0d:97:8c:03:96:
fa:12:ae:af:0a:9e:f5:4a:e1:78:98:7d:09:0a:d7:
96:13:f2:d9:32:b4:2b:1d:17:5b:8e:9b:44:43:b4:
c6:a2:c8:6f:3f:17:b1:ab:40:68:ea:30:3b:c9:73:
05:bf:70:01:cc:d5:78:99:6d:b9:de:92:74:d3:25:
46:43:36:08:90:28:34:a7:18:42:75:82:27:e9:39:
00:02:70:dd:64:e5:f1:6f:a5:4e:44:e7:69:c3:bc:
d0:7d:4c:e2:08:29:dd:3d:3f:f4:e3:a3:1c:da:85:
f7:22:75:44:18:82:4f:8d:bf:5e:1e:11:cb:93:c2:
8c:9d:da:7e:ae:a8:7a:ab:69:47:25:50:1e:d3:01:
61:af:a4:c0:66:a0:1c:a4:b1:35:71:cc:03:83:25:
54:43:35:ea:d1:f5:a5:f0:fb:50:1a:23:a0:13:26:
76:86:c7:97:d3:cf:83:87:96:38:b8:4d:3e:23:71:
42:db:20:3c:f2:b4:ef:cd:cb:fa:a2:0b:fc:10:df:
60:8b:6a:dd:a6:1c:76:19:e5:db:8e:a7:52:76:ea:
19:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:8F:7E:C3:BB:47:5F:13:6D:4E:5F:C8:E0:23:A0:86:3D:2E:35:EC
X509v3 Authority Key Identifier:
keyid:66:F8:20:6E:33:11:DF:39:4F:48:38:9B:81:22:B9:4A:A1:F0:B0:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/iI9-w7tHXxNtTl_I4COghj0uNew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ZvggbjMR3zlPSDibgSK5SqHwsFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.156.0/22
185.229.32.0/22
IPv6:
2a03:3a60::/32
Signature Algorithm: sha256WithRSAEncryption
77:64:b2:9a:36:f4:dd:83:14:ef:dd:1d:8c:0e:e7:8a:ff:17:
3d:db:4c:ef:41:33:66:76:df:91:23:ea:f5:9c:0a:2c:0f:27:
ad:7a:e7:b7:86:8c:32:49:c1:11:d3:7d:fb:07:1b:f2:bc:18:
c6:f1:9f:e5:fe:7c:8d:e0:89:b8:39:6d:ff:16:dd:46:2f:7b:
a6:b4:c5:44:b9:f5:89:25:30:dd:b9:be:3b:a0:ed:99:23:56:
6f:6a:ed:26:41:07:38:b7:07:85:90:2b:6d:2d:46:a2:88:21:
19:ef:ab:eb:df:f1:0c:5b:f9:d1:01:85:72:e7:97:5d:fb:6c:
0e:46:83:8d:9a:09:5b:53:d8:03:66:49:57:b8:c3:67:6f:6e:
ab:0d:15:e9:90:83:70:09:b3:64:41:39:84:e9:e4:3b:d2:31:
d7:aa:fb:fe:56:fc:f9:c8:79:8f:02:38:28:0f:87:92:d7:81:
9c:22:35:55:fa:ea:b2:00:23:64:f5:80:95:ef:32:bf:38:bc:
6a:ec:94:2f:48:66:12:bb:ee:88:65:86:2a:7f:7e:5e:a9:9b:
5f:e6:55:c2:af:df:97:90:9e:42:a4:8e:1f:cf:47:2b:32:d4:
ab:a5:56:bd:ba:39:5c:4c:99:d2:15:3e:a9:7a:46:b9:93:70:
3b:0e:a5:e9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQmaspIE/v79zYnqF4nF874MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZjgyMDZlMzMxMWRmMzk0ZjQ4Mzg5YjgxMjJiOTRhYTFm
MGIwNWMwHhcNMjUwMTAyMDk0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODhmN2VjM2JiNDc1ZjEzNmQ0ZTVmYzhlMDIzYTA4NjNkMmUzNWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9R5o2kgY7B4y4VlsdO3pjCmK3Gr/
Y7D4Bz5froomwsWgHt7tlr7DDZeMA5b6Eq6vCp71SuF4mH0JCteWE/LZMrQrHRdb
jptEQ7TGoshvPxexq0Bo6jA7yXMFv3ABzNV4mW253pJ00yVGQzYIkCg0pxhCdYIn
6TkAAnDdZOXxb6VOROdpw7zQfUziCCndPT/046Mc2oX3InVEGIJPjb9eHhHLk8KM
ndp+rqh6q2lHJVAe0wFhr6TAZqAcpLE1ccwDgyVUQzXq0fWl8PtQGiOgEyZ2hseX
08+Dh5Y4uE0+I3FC2yA88rTvzcv6ogv8EN9gi2rdphx2GeXbjqdSduoZRQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIiPfsO7R18TbU5fyOAjoIY9LjXsMB8GA1UdIwQY
MBaAFGb4IG4zEd85T0g4m4EiuUqh8LBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnZnZ2JqTVIzemxQU0RpYmdTSzVTcUh3c0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9iZTFhMjUtNTg1NS00YWVjLThlMTgt
YmJmZDQ1Yzg0YmVhLzEvaUk5LXc3dEhYeE50VGxfSTRDT2doajB1TmV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9iZTFhMjUtNTg1NS00YWVjLThlMTgtYmJmZDQ1Yzg0YmVh
LzEvWnZnZ2JqTVIzemxQU0RpYmdTSzVTcUh3c0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuXKcAwQC
ueUgMA0EAgACMAcDBQAqAzpgMA0GCSqGSIb3DQEBCwUAA4IBAQB3ZLKaNvTdgxTv
3R2MDueK/xc920zvQTNmdt+RI+r1nAosDyeteue3howyScER0337BxvyvBjG8Z/l
/nyN4Im4OW3/Ft1GL3umtMVEufWJJTDdub47oO2ZI1Zvau0mQQc4tweFkCttLUai
iCEZ76vr3/EMW/nRAYVy55dd+2wORoONmglbU9gDZklXuMNnb26rDRXpkINwCbNk
QTmE6eQ70jHXqvv+Vvz5yHmPAjgoD4eS14GcIjVV+uqyACNk9YCV7zK/OLxq7JQv
SGYSu+6IZYYqf35eqZtf5lXCr9+XkJ5CpI4fz0crMtSrpVa9ujlcTJnSFT6peka5
k3A7DqXp
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:38 2025 by rpki-client