Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/fcec5c-88ef-4d11-9754-fdbfa5b6b373/1/pahW2y6ilcyZjxrKYKeGzw83Ujw.roa
File: pahW2y6ilcyZjxrKYKeGzw83Ujw.roa (raw, json)
Hash identifier: ManTp3UfYJWy1sFR0/fEkr/xby1jtRXVgKf+0U1Bkzc=
Subject key identifier: A5:A8:56:DB:2E:A2:95:CC:99:8F:1A:CA:60:A7:86:CF:0F:37:52:3C
Certificate issuer: /CN=71a50dd78f03c71104d5d1a26058a920724e859e
Certificate serial: 018D64B677AB7B5B7CB6EF6BFC11D6E70F71
Authority key identifier: 71:A5:0D:D7:8F:03:C7:11:04:D5:D1:A2:60:58:A9:20:72:4E:85:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/caUN148DxxEE1dGiYFipIHJOhZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/fcec5c-88ef-4d11-9754-fdbfa5b6b373/1/pahW2y6ilcyZjxrKYKeGzw83Ujw.roa
Signing time: Thu 01 Feb 2024 12:48:16 +0000
ROA not before: Thu 01 Feb 2024 12:48:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6843
IP address blocks: 185.120.36.0/24 maxlen: 24
185.120.37.0/24 maxlen: 24
185.120.38.0/23 maxlen: 23
185.120.38.0/24 maxlen: 24
2a06:8f00::/30 maxlen: 30
2a06:8f04::/30 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:64:b6:77:ab:7b:5b:7c:b6:ef:6b:fc:11:d6:e7:0f:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71a50dd78f03c71104d5d1a26058a920724e859e
Validity
Not Before: Feb 1 12:48:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5a856db2ea295cc998f1aca60a786cf0f37523c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:2d:1b:4b:24:af:5b:39:5e:37:4a:34:a7:31:
53:ff:aa:40:0f:11:e4:8c:11:fb:8d:dd:a8:b4:1a:
86:bf:05:72:ba:17:00:87:f4:3e:ec:38:e1:31:e9:
b7:2f:13:6f:e3:7b:e6:22:14:d4:39:e4:83:4a:fd:
d3:85:e4:0c:b2:f9:8b:c5:d9:0e:b9:92:2b:6c:5c:
ff:06:d5:41:4f:86:bd:99:ae:41:5e:92:48:26:52:
82:b8:c7:69:d7:54:9b:3e:cc:ed:d6:a0:11:ce:14:
85:7a:d6:84:83:ae:11:f0:b8:f6:66:62:7f:93:b4:
aa:13:3b:b9:d2:a6:27:8b:bd:51:35:82:5a:fe:42:
06:1e:63:81:64:39:61:9c:53:0c:05:5c:48:51:cc:
30:8b:dc:dc:64:bf:bd:96:4a:a8:6e:99:3b:60:ad:
54:c4:7c:ed:c8:0f:a7:35:9f:23:cd:a7:5b:8e:32:
e3:04:41:2c:18:ed:4c:69:56:29:d1:40:28:d7:b1:
95:14:89:98:3c:78:3d:5e:b2:5f:32:3f:81:21:fa:
41:a1:35:9f:f7:55:48:04:cf:d8:7e:97:b4:6c:7a:
df:e3:38:61:28:1c:db:43:56:b9:d5:0f:f2:a4:62:
a8:53:e4:6a:59:e1:37:45:0e:30:31:c2:43:40:c7:
42:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:A8:56:DB:2E:A2:95:CC:99:8F:1A:CA:60:A7:86:CF:0F:37:52:3C
X509v3 Authority Key Identifier:
keyid:71:A5:0D:D7:8F:03:C7:11:04:D5:D1:A2:60:58:A9:20:72:4E:85:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/caUN148DxxEE1dGiYFipIHJOhZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/fcec5c-88ef-4d11-9754-fdbfa5b6b373/1/pahW2y6ilcyZjxrKYKeGzw83Ujw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/fcec5c-88ef-4d11-9754-fdbfa5b6b373/1/caUN148DxxEE1dGiYFipIHJOhZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.36.0/22
IPv6:
2a06:8f00::/29
Signature Algorithm: sha256WithRSAEncryption
1a:95:77:b5:98:87:e9:00:52:80:d3:0b:53:11:9c:72:7d:35:
dc:e5:79:c3:ba:2a:1f:2f:98:94:c8:be:0c:c0:5b:39:8b:03:
31:55:12:a9:7e:44:f2:d1:c5:0d:db:b5:76:e9:7b:be:14:15:
0c:61:da:24:f3:68:7d:fe:3f:c7:a9:2d:7f:29:4e:43:e9:fc:
52:06:f9:74:33:9d:47:4f:b2:5f:92:2d:7b:33:c2:10:60:0a:
86:b4:79:b0:76:30:e8:31:e2:31:4e:7c:c6:ec:d8:f2:fc:9d:
9b:03:66:58:a0:dd:a5:e3:60:a9:6b:b9:26:c0:39:8a:1b:b1:
b3:5d:50:da:d3:65:71:13:3e:2c:4d:f4:20:af:5d:33:b5:0c:
1c:ca:c5:71:ee:4a:56:1e:e4:47:72:1e:c5:7e:d1:6a:dd:cd:
67:10:29:f8:0c:12:ab:a1:fa:d3:e8:8d:56:d9:fe:59:98:f6:
c3:55:c1:3e:ca:3a:2c:02:76:dd:ca:d8:9b:49:57:a5:bc:fa:
b4:ef:6b:7f:7e:89:49:1d:23:fa:44:b4:e9:49:5e:ce:7a:80:
2f:61:2a:3c:d0:37:74:46:c2:5e:a5:5b:93:32:23:c1:61:c5:
b7:68:29:bf:00:28:83:05:09:5b:e3:ae:2b:e7:a0:33:78:ed:
bd:cb:40:c9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY1ktnere1t8tu9r/BHW5w9xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYTUwZGQ3OGYwM2M3MTEwNGQ1ZDFhMjYwNThhOTIwNzI0
ZTg1OWUwHhcNMjQwMjAxMTI0ODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWE4NTZkYjJlYTI5NWNjOTk4ZjFhY2E2MGE3ODZjZjBmMzc1MjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4C0bSySvWzleN0o0pzFT/6pADxHk
jBH7jd2otBqGvwVyuhcAh/Q+7DjhMem3LxNv43vmIhTUOeSDSv3TheQMsvmLxdkO
uZIrbFz/BtVBT4a9ma5BXpJIJlKCuMdp11SbPszt1qARzhSFetaEg64R8Lj2ZmJ/
k7SqEzu50qYni71RNYJa/kIGHmOBZDlhnFMMBVxIUcwwi9zcZL+9lkqobpk7YK1U
xHztyA+nNZ8jzadbjjLjBEEsGO1MaVYp0UAo17GVFImYPHg9XrJfMj+BIfpBoTWf
91VIBM/Yfpe0bHrf4zhhKBzbQ1a51Q/ypGKoU+RqWeE3RQ4wMcJDQMdC7wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKWoVtsuopXMmY8aymCnhs8PN1I8MB8GA1UdIwQY
MBaAFHGlDdePA8cRBNXRomBYqSByToWeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2FVTjE0OER4eEVFMWRHaVlGaXBJSEpPaFo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9mY2VjNWMtODhlZi00ZDExLTk3NTQt
ZmRiZmE1YjZiMzczLzEvcGFoVzJ5NmlsY3laanhyS1lLZUd6dzgzVWp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9mY2VjNWMtODhlZi00ZDExLTk3NTQtZmRiZmE1YjZiMzcz
LzEvY2FVTjE0OER4eEVFMWRHaVlGaXBJSEpPaFo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXgkMA0E
AgACMAcDBQMqBo8AMA0GCSqGSIb3DQEBCwUAA4IBAQAalXe1mIfpAFKA0wtTEZxy
fTXc5XnDuiofL5iUyL4MwFs5iwMxVRKpfkTy0cUN27V26Xu+FBUMYdok82h9/j/H
qS1/KU5D6fxSBvl0M51HT7Jfki17M8IQYAqGtHmwdjDoMeIxTnzG7Njy/J2bA2ZY
oN2l42Cpa7kmwDmKG7GzXVDa02VxEz4sTfQgr10ztQwcysVx7kpWHuRHch7FftFq
3c1nECn4DBKrofrT6I1W2f5ZmPbDVcE+yjosAnbdytibSVelvPq072t/folJHSP6
RLTpSV7OeoAvYSo80Dd0RsJepVuTMiPBYcW3aCm/ACiDBQlb464r56AzeO29y0DJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:48 2025 by rpki-client