Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/ab8070-4f58-4634-9a44-387536d03a71/1/Ym4cY_1EuRnkCyF3T4bm70pYxjE.roa
File: Ym4cY_1EuRnkCyF3T4bm70pYxjE.roa (raw, json)
Hash identifier: AkplZO86AEiMlgSJVWAGSBviunFDjdLnWUMhCPpbyQE=
Subject key identifier: 62:6E:1C:63:FD:44:B9:19:E4:0B:21:77:4F:86:E6:EF:4A:58:C6:31
Certificate issuer: /CN=e22d7eae21d8baee9de6940d8ce6b29d92a9031e
Certificate serial: 019421B22CF1253996AA8DC3FDB52E9F5629
Authority key identifier: E2:2D:7E:AE:21:D8:BA:EE:9D:E6:94:0D:8C:E6:B2:9D:92:A9:03:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4i1-riHYuu6d5pQNjOaynZKpAx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/ab8070-4f58-4634-9a44-387536d03a71/1/Ym4cY_1EuRnkCyF3T4bm70pYxjE.roa
Signing time: Wed 01 Jan 2025 11:48:32 +0000
ROA not before: Wed 01 Jan 2025 11:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203327
IP address blocks: 185.138.144.0/22 maxlen: 24
2a07:ec0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:2c:f1:25:39:96:aa:8d:c3:fd:b5:2e:9f:56:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e22d7eae21d8baee9de6940d8ce6b29d92a9031e
Validity
Not Before: Jan 1 11:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=626e1c63fd44b919e40b21774f86e6ef4a58c631
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:3b:ff:8e:6b:60:42:a2:a6:52:02:4a:2d:43:
e9:3e:ef:d5:cc:6f:00:ed:76:04:59:81:e5:b6:ce:
41:b9:6b:87:52:e0:65:11:04:07:13:58:45:f9:2a:
38:2e:87:77:ff:dc:89:2d:0c:f1:ee:f6:a8:6d:07:
9b:80:62:48:df:21:1a:70:be:76:e2:d2:a0:7f:10:
2a:0d:2f:d5:19:37:69:13:53:f0:7d:7b:a2:03:4f:
1b:cc:25:bc:09:eb:51:26:30:ac:65:fe:fd:ad:bb:
9c:b2:b9:96:09:01:72:44:aa:50:cd:c1:3e:39:57:
6e:3b:e8:04:44:56:4b:d4:16:3d:a3:57:04:5d:6b:
6b:bb:d1:d6:17:e7:39:a1:c9:cc:a8:3b:18:61:80:
fd:b7:60:dd:e4:00:4f:68:6d:14:21:d9:3a:f4:b9:
84:45:c2:75:d6:4f:06:42:5c:88:1e:4d:64:ec:ba:
52:8f:ed:36:3e:c5:35:bc:cd:f7:07:44:d2:a7:4d:
89:70:88:91:b4:51:3d:39:65:72:94:a2:66:75:3f:
40:fd:10:fe:f3:7f:37:c0:51:f7:0f:98:cd:3f:92:
99:49:62:35:a8:9c:fd:f1:7a:48:17:b0:12:5e:d8:
70:00:04:69:c4:44:59:8d:aa:db:01:68:9c:50:61:
e8:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:6E:1C:63:FD:44:B9:19:E4:0B:21:77:4F:86:E6:EF:4A:58:C6:31
X509v3 Authority Key Identifier:
keyid:E2:2D:7E:AE:21:D8:BA:EE:9D:E6:94:0D:8C:E6:B2:9D:92:A9:03:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4i1-riHYuu6d5pQNjOaynZKpAx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/ab8070-4f58-4634-9a44-387536d03a71/1/Ym4cY_1EuRnkCyF3T4bm70pYxjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/ab8070-4f58-4634-9a44-387536d03a71/1/4i1-riHYuu6d5pQNjOaynZKpAx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.144.0/22
IPv6:
2a07:ec0::/29
Signature Algorithm: sha256WithRSAEncryption
3c:6e:ea:6d:63:52:22:19:8d:b8:39:25:31:9e:c9:0f:07:a4:
ef:78:97:a3:46:e8:d4:4e:8e:55:43:61:da:02:cb:4e:55:f3:
59:51:86:e5:e7:c3:3d:fb:61:4f:82:c2:65:0b:12:92:06:3d:
91:ac:70:be:a9:7f:3c:56:ac:7a:2c:a7:14:44:36:bd:72:07:
42:f8:55:30:00:2f:4b:58:5b:ec:90:cc:c6:8a:bd:30:07:aa:
2a:75:87:ab:3b:ea:db:75:2c:9b:55:a6:87:f3:0b:e8:36:cd:
0b:ad:49:64:78:df:3e:2d:69:49:7a:88:08:87:f8:60:96:c7:
f2:28:f7:d5:69:5b:a9:e4:9e:11:6c:26:27:4b:23:1a:d5:f1:
16:92:54:7e:62:c2:d3:d2:5a:72:a0:fc:75:65:99:58:72:96:
7e:f1:ff:7c:c5:5c:e5:87:59:9b:ae:d5:31:5d:d5:0a:61:09:
08:fd:6a:d9:74:98:93:48:54:b7:70:11:e3:5b:7b:b0:c0:ea:
49:32:71:8a:a7:54:49:88:17:2c:a3:ab:c5:1f:d9:38:0a:a9:
9a:47:ab:01:2f:33:6b:22:94:05:f3:7d:2c:46:47:ce:d8:ce:
2f:00:43:38:73:1e:17:50:09:4b:8a:0b:bf:1e:0b:b4:d7:e4:
aa:a7:1c:cb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhsizxJTmWqo3D/bUun1YpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMmQ3ZWFlMjFkOGJhZWU5ZGU2OTQwZDhjZTZiMjlkOTJh
OTAzMWUwHhcNMjUwMTAxMTE0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjZlMWM2M2ZkNDRiOTE5ZTQwYjIxNzc0Zjg2ZTZlZjRhNThjNjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5jv/jmtgQqKmUgJKLUPpPu/VzG8A
7XYEWYHlts5BuWuHUuBlEQQHE1hF+So4Lod3/9yJLQzx7vaobQebgGJI3yEacL52
4tKgfxAqDS/VGTdpE1PwfXuiA08bzCW8CetRJjCsZf79rbucsrmWCQFyRKpQzcE+
OVduO+gERFZL1BY9o1cEXWtru9HWF+c5ocnMqDsYYYD9t2Dd5ABPaG0UIdk69LmE
RcJ11k8GQlyIHk1k7LpSj+02PsU1vM33B0TSp02JcIiRtFE9OWVylKJmdT9A/RD+
8383wFH3D5jNP5KZSWI1qJz98XpIF7ASXthwAARpxERZjarbAWicUGHoIQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGJuHGP9RLkZ5Ashd0+G5u9KWMYxMB8GA1UdIwQY
MBaAFOItfq4h2LruneaUDYzmsp2SqQMeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGkxLXJpSFl1dTZkNXBRTmpPYXluWktwQXg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9hYjgwNzAtNGY1OC00NjM0LTlhNDQt
Mzg3NTM2ZDAzYTcxLzEvWW00Y1lfMUV1Um5rQ3lGM1Q0Ym03MHBZeGpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9hYjgwNzAtNGY1OC00NjM0LTlhNDQtMzg3NTM2ZDAzYTcx
LzEvNGkxLXJpSFl1dTZkNXBRTmpPYXluWktwQXg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYqQMA0E
AgACMAcDBQMqBw7AMA0GCSqGSIb3DQEBCwUAA4IBAQA8buptY1IiGY24OSUxnskP
B6TveJejRujUTo5VQ2HaAstOVfNZUYbl58M9+2FPgsJlCxKSBj2RrHC+qX88Vqx6
LKcURDa9cgdC+FUwAC9LWFvskMzGir0wB6oqdYerO+rbdSybVaaH8wvoNs0LrUlk
eN8+LWlJeogIh/hglsfyKPfVaVup5J4RbCYnSyMa1fEWklR+YsLT0lpyoPx1ZZlY
cpZ+8f98xVzlh1mbrtUxXdUKYQkI/WrZdJiTSFS3cBHjW3uwwOpJMnGKp1RJiBcs
o6vFH9k4CqmaR6sBLzNrIpQF830sRkfO2M4vAEM4cx4XUAlLigu/Hgu01+SqpxzL
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:53:51 2025 by rpki-client