Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/53208d-6c31-4e12-aa25-862684eceb46/1/sQlDLD71rwuQKEk9z1_BmhFOeQE.roa
File: sQlDLD71rwuQKEk9z1_BmhFOeQE.roa (raw, json)
Hash identifier: nNqb64nCN8cpCLQ5+ALkkO+gwOA+NXq21TqlMFS9bWU=
Subject key identifier: B1:09:43:2C:3E:F5:AF:0B:90:28:49:3D:CF:5F:C1:9A:11:4E:79:01
Certificate issuer: /CN=e1a21f85f9bf17c020987ea1320d3d63c55ae489
Certificate serial: 01941FFA299E42FB6F4014BD967D0801362A
Authority key identifier: E1:A2:1F:85:F9:BF:17:C0:20:98:7E:A1:32:0D:3D:63:C5:5A:E4:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4aIfhfm_F8AgmH6hMg09Y8Va5Ik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/53208d-6c31-4e12-aa25-862684eceb46/1/sQlDLD71rwuQKEk9z1_BmhFOeQE.roa
Signing time: Wed 01 Jan 2025 03:47:55 +0000
ROA not before: Wed 01 Jan 2025 03:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202803
IP address blocks: 185.154.44.0/22 maxlen: 24
185.154.44.0/23 maxlen: 23
185.154.46.0/23 maxlen: 23
2a0b:5ac0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:29:9e:42:fb:6f:40:14:bd:96:7d:08:01:36:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1a21f85f9bf17c020987ea1320d3d63c55ae489
Validity
Not Before: Jan 1 03:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b109432c3ef5af0b9028493dcf5fc19a114e7901
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:bd:79:31:2d:a4:37:b8:dc:0d:dc:81:bc:ba:
10:d2:03:ce:6b:2a:22:4a:6d:bb:d9:d5:0b:51:c2:
88:22:ee:e1:c5:74:98:43:08:9a:c4:e9:5a:e2:4e:
79:f3:93:84:f4:d8:95:ba:1b:07:4c:f0:aa:46:61:
78:30:85:5f:7e:fe:5b:c3:e1:0c:9f:f6:18:6e:59:
f0:02:d2:46:2b:ea:ee:8c:00:9e:78:cb:21:d0:6c:
c5:4e:d3:b4:97:aa:91:4f:07:7e:b0:2f:88:2b:4d:
d7:46:a6:75:69:67:60:79:a0:eb:eb:b2:07:a9:b1:
5d:8d:1e:a7:87:23:5a:86:60:d1:69:ed:d2:55:84:
04:2b:8b:5d:90:8a:54:d3:17:85:41:e6:8a:2b:56:
bb:f4:37:94:87:4c:7d:9c:a9:0a:06:70:45:d1:30:
57:97:67:cc:88:9c:bc:4a:3c:07:84:e3:af:85:1d:
38:42:27:21:59:b4:43:3c:96:34:5c:29:da:7d:72:
c0:db:08:8d:a2:2d:4d:57:35:aa:e2:d7:83:a7:9f:
e2:fe:fe:3a:54:5a:e3:e5:79:16:47:95:4b:02:40:
74:7c:1a:9d:6e:cf:14:f5:de:25:7e:70:cd:7c:22:
fd:18:d0:95:2b:a0:18:a4:da:24:31:b1:19:2f:ea:
87:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:09:43:2C:3E:F5:AF:0B:90:28:49:3D:CF:5F:C1:9A:11:4E:79:01
X509v3 Authority Key Identifier:
keyid:E1:A2:1F:85:F9:BF:17:C0:20:98:7E:A1:32:0D:3D:63:C5:5A:E4:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4aIfhfm_F8AgmH6hMg09Y8Va5Ik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/53208d-6c31-4e12-aa25-862684eceb46/1/sQlDLD71rwuQKEk9z1_BmhFOeQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/53208d-6c31-4e12-aa25-862684eceb46/1/4aIfhfm_F8AgmH6hMg09Y8Va5Ik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.44.0/22
IPv6:
2a0b:5ac0::/29
Signature Algorithm: sha256WithRSAEncryption
a7:24:46:4e:a2:06:f9:e7:6d:4e:c8:b5:83:af:3b:d8:fb:4d:
aa:4d:8b:1c:2b:c2:d6:9d:5d:84:81:65:25:d5:f3:8a:17:10:
de:4d:10:3e:57:b2:46:01:39:2d:b9:6a:72:70:91:b5:e3:cd:
53:6b:c4:c4:4a:d8:fa:c8:de:63:19:13:82:d4:fb:77:c7:97:
fe:60:2d:93:08:1c:9c:82:be:3a:bd:4b:25:c9:9a:78:84:a2:
1c:14:47:1d:93:08:cf:60:04:6c:1b:8c:4a:b7:f5:67:a5:ed:
8f:f3:31:ea:11:bc:7e:6e:84:e3:7d:05:fe:03:df:0a:9b:a5:
93:ad:7a:a3:2b:86:52:57:96:61:3d:59:80:c3:ed:ea:c7:95:
b5:27:d6:f4:96:3e:c0:e9:3b:89:31:44:94:5d:ee:ae:eb:1c:
15:9d:20:cd:0d:d0:7d:87:63:2a:ef:ac:6a:1a:e7:66:f7:61:
91:53:a4:b7:5c:5b:af:a5:82:b4:92:5c:df:54:e3:af:3d:60:
56:b3:64:0e:51:64:e5:00:68:e7:95:05:e7:e2:8b:1e:93:aa:
d8:b4:e1:9e:26:24:19:a5:b5:87:a0:e6:cf:b5:d2:16:35:51:
fe:90:19:8f:19:6d:6a:09:68:b8:0c:f1:8b:c0:21:22:f3:a0:
f1:55:5b:fc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQf+imeQvtvQBS9ln0IATYqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxYTIxZjg1ZjliZjE3YzAyMDk4N2VhMTMyMGQzZDYzYzU1
YWU0ODkwHhcNMjUwMTAxMDM0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTA5NDMyYzNlZjVhZjBiOTAyODQ5M2RjZjVmYzE5YTExNGU3OTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApr15MS2kN7jcDdyBvLoQ0gPOayoi
Sm272dULUcKIIu7hxXSYQwiaxOla4k5585OE9NiVuhsHTPCqRmF4MIVffv5bw+EM
n/YYblnwAtJGK+rujACeeMsh0GzFTtO0l6qRTwd+sC+IK03XRqZ1aWdgeaDr67IH
qbFdjR6nhyNahmDRae3SVYQEK4tdkIpU0xeFQeaKK1a79DeUh0x9nKkKBnBF0TBX
l2fMiJy8SjwHhOOvhR04QichWbRDPJY0XCnafXLA2wiNoi1NVzWq4teDp5/i/v46
VFrj5XkWR5VLAkB0fBqdbs8U9d4lfnDNfCL9GNCVK6AYpNokMbEZL+qHNwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLEJQyw+9a8LkChJPc9fwZoRTnkBMB8GA1UdIwQY
MBaAFOGiH4X5vxfAIJh+oTINPWPFWuSJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGFJZmhmbV9GOEFnbUg2aE1nMDlZOFZhNUlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi81MzIwOGQtNmMzMS00ZTEyLWFhMjUt
ODYyNjg0ZWNlYjQ2LzEvc1FsRExENzFyd3VRS0VrOXoxX0JtaEZPZVFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi81MzIwOGQtNmMzMS00ZTEyLWFhMjUtODYyNjg0ZWNlYjQ2
LzEvNGFJZmhmbV9GOEFnbUg2aE1nMDlZOFZhNUlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZosMA0E
AgACMAcDBQMqC1rAMA0GCSqGSIb3DQEBCwUAA4IBAQCnJEZOogb5521OyLWDrzvY
+02qTYscK8LWnV2EgWUl1fOKFxDeTRA+V7JGATktuWpycJG1481Ta8TEStj6yN5j
GROC1Pt3x5f+YC2TCBycgr46vUslyZp4hKIcFEcdkwjPYARsG4xKt/Vnpe2P8zHq
Ebx+boTjfQX+A98Km6WTrXqjK4ZSV5ZhPVmAw+3qx5W1J9b0lj7A6TuJMUSUXe6u
6xwVnSDNDdB9h2Mq76xqGudm92GRU6S3XFuvpYK0klzfVOOvPWBWs2QOUWTlAGjn
lQXn4osek6rYtOGeJiQZpbWHoObPtdIWNVH+kBmPGW1qCWi4DPGLwCEi86DxVVv8
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:33:30 2025 by rpki-client