Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/01e70b-945c-4817-8189-7e179466298c/1/AuqfHgJMLbox-SCvoHiOWVRxGtM.roa
File: AuqfHgJMLbox-SCvoHiOWVRxGtM.roa (raw, json)
Hash identifier: xeAvQlAlfgpUCdvO+zQfkKF/6NqDyXiaKSOgk2lfPWU=
Subject key identifier: 02:EA:9F:1E:02:4C:2D:BA:31:F9:20:AF:A0:78:8E:59:54:71:1A:D3
Certificate issuer: /CN=8562f4a8936593cdec6dad7e2ecf1b79bf65c05a
Certificate serial: 019425215D719B31CA0313C265E8B1992356
Authority key identifier: 85:62:F4:A8:93:65:93:CD:EC:6D:AD:7E:2E:CF:1B:79:BF:65:C0:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hWL0qJNlk83sba1-Ls8beb9lwFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/01e70b-945c-4817-8189-7e179466298c/1/AuqfHgJMLbox-SCvoHiOWVRxGtM.roa
Signing time: Thu 02 Jan 2025 03:48:51 +0000
ROA not before: Thu 02 Jan 2025 03:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60405
IP address blocks: 185.172.32.0/24 maxlen: 24
185.172.33.0/24 maxlen: 24
185.172.34.0/24 maxlen: 24
185.172.35.0/24 maxlen: 24
2a0b:b8c0::/31 maxlen: 31
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:5d:71:9b:31:ca:03:13:c2:65:e8:b1:99:23:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8562f4a8936593cdec6dad7e2ecf1b79bf65c05a
Validity
Not Before: Jan 2 03:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=02ea9f1e024c2dba31f920afa0788e5954711ad3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:95:52:15:55:ba:76:ca:b8:eb:3a:2f:4b:5b:
ba:55:02:2d:b4:be:98:f8:70:61:da:a0:88:d6:80:
2f:bd:74:55:93:d4:89:bd:c0:df:f5:99:14:d1:eb:
8b:b6:58:8b:2b:89:94:57:b0:ad:7d:18:ba:1c:d1:
c6:f8:5a:d6:ec:23:a7:38:d4:f8:51:6c:d9:80:77:
49:f7:7c:2d:68:a4:0c:91:2e:c3:a9:24:1a:01:b3:
c1:e5:43:35:86:c3:5f:71:e3:27:c7:c9:0d:db:74:
90:fc:09:a9:c1:8a:71:18:4d:1f:33:c2:29:06:c4:
6e:51:52:f3:02:fd:14:f0:ac:f0:bb:35:5d:22:9c:
aa:a6:ff:26:77:d6:2b:56:52:ec:70:1e:0e:6e:a2:
d3:ed:f3:cd:80:6e:b7:b3:7b:68:54:7f:79:38:9e:
7b:7b:d2:4f:9e:2f:2e:96:79:65:56:fe:77:39:17:
b2:76:23:8e:8b:c9:79:25:a9:94:19:72:04:2e:89:
2e:db:bb:3e:15:7c:dc:b5:15:cf:f7:34:e0:6a:3b:
72:06:81:2c:3e:50:aa:42:c4:a6:8b:05:f6:19:98:
8c:ab:88:82:7a:2c:d3:13:4d:b4:be:52:a0:e0:d9:
8d:98:54:e4:71:3c:9d:84:2a:97:58:3e:d0:64:09:
e3:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:EA:9F:1E:02:4C:2D:BA:31:F9:20:AF:A0:78:8E:59:54:71:1A:D3
X509v3 Authority Key Identifier:
keyid:85:62:F4:A8:93:65:93:CD:EC:6D:AD:7E:2E:CF:1B:79:BF:65:C0:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hWL0qJNlk83sba1-Ls8beb9lwFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/01e70b-945c-4817-8189-7e179466298c/1/AuqfHgJMLbox-SCvoHiOWVRxGtM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/01e70b-945c-4817-8189-7e179466298c/1/hWL0qJNlk83sba1-Ls8beb9lwFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.32.0/22
IPv6:
2a0b:b8c0::/31
Signature Algorithm: sha256WithRSAEncryption
38:b4:39:91:52:b6:d5:53:f9:14:1d:68:b0:d0:c5:8c:19:ee:
53:08:35:fb:2e:6b:c8:10:a2:da:ad:c2:5d:c0:5b:00:ec:57:
88:4b:93:e6:35:93:8f:6b:0c:2e:d5:f5:86:75:77:ba:32:c8:
ae:d4:f8:27:67:b2:bd:9b:84:aa:7b:1a:ba:c0:10:48:c0:3d:
e4:91:48:7c:0b:4f:b7:9a:df:73:6d:93:5d:ae:b2:d9:98:5d:
84:44:eb:47:fe:6d:a3:d9:19:5c:de:7b:1d:9c:91:c0:be:ea:
39:3f:4a:1d:a4:ce:83:27:f6:65:50:95:ed:e7:a5:9e:50:94:
6f:5b:b0:a0:a4:7f:bf:3a:0d:9b:cc:7d:50:a9:17:e1:3e:d6:
c5:a1:be:83:47:fc:b9:be:c6:24:63:55:ab:b8:3c:ab:c6:52:
7e:26:47:2c:c2:55:9b:81:f0:2e:d9:5e:c9:76:8e:19:bf:07:
f3:80:15:43:a2:69:4e:9e:e4:d0:ff:6d:2c:6b:84:7b:d8:06:
b5:07:d9:c3:06:b0:b6:4b:ed:d2:46:da:d6:98:04:00:5c:27:
fc:82:47:41:23:db:f1:64:c7:57:98:b3:99:dd:2c:e8:fc:8f:
4d:dd:41:2c:fe:6e:cc:47:72:08:19:4e:82:d4:f0:46:b9:d8:
84:00:9c:b3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlIV1xmzHKAxPCZeixmSNWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NjJmNGE4OTM2NTkzY2RlYzZkYWQ3ZTJlY2YxYjc5YmY2
NWMwNWEwHhcNMjUwMTAyMDM0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmVhOWYxZTAyNGMyZGJhMzFmOTIwYWZhMDc4OGU1OTU0NzExYWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA95VSFVW6dsq46zovS1u6VQIttL6Y
+HBh2qCI1oAvvXRVk9SJvcDf9ZkU0euLtliLK4mUV7CtfRi6HNHG+FrW7COnONT4
UWzZgHdJ93wtaKQMkS7DqSQaAbPB5UM1hsNfceMnx8kN23SQ/AmpwYpxGE0fM8Ip
BsRuUVLzAv0U8KzwuzVdIpyqpv8md9YrVlLscB4ObqLT7fPNgG63s3toVH95OJ57
e9JPni8ulnllVv53OReydiOOi8l5JamUGXIELoku27s+FXzctRXP9zTgajtyBoEs
PlCqQsSmiwX2GZiMq4iCeizTE020vlKg4NmNmFTkcTydhCqXWD7QZAnjvwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFALqnx4CTC26Mfkgr6B4jllUcRrTMB8GA1UdIwQY
MBaAFIVi9KiTZZPN7G2tfi7PG3m/ZcBaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFdMMHFKTmxrODNzYmExLUxzOGJlYjlsd0ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8wMWU3MGItOTQ1Yy00ODE3LTgxODkt
N2UxNzk0NjYyOThjLzEvQXVxZkhnSk1MYm94LVNDdm9IaU9XVlJ4R3RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8wMWU3MGItOTQ1Yy00ODE3LTgxODktN2UxNzk0NjYyOThj
LzEvaFdMMHFKTmxrODNzYmExLUxzOGJlYjlsd0ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuawgMA0E
AgACMAcDBQEqC7jAMA0GCSqGSIb3DQEBCwUAA4IBAQA4tDmRUrbVU/kUHWiw0MWM
Ge5TCDX7LmvIEKLarcJdwFsA7FeIS5PmNZOPawwu1fWGdXe6Msiu1PgnZ7K9m4Sq
exq6wBBIwD3kkUh8C0+3mt9zbZNdrrLZmF2EROtH/m2j2Rlc3nsdnJHAvuo5P0od
pM6DJ/ZlUJXt56WeUJRvW7CgpH+/Og2bzH1QqRfhPtbFob6DR/y5vsYkY1WruDyr
xlJ+JkcswlWbgfAu2V7Jdo4ZvwfzgBVDomlOnuTQ/20sa4R72Aa1B9nDBrC2S+3S
RtrWmAQAXCf8gkdBI9vxZMdXmLOZ3Szo/I9N3UEs/m7MR3IIGU6C1PBGudiEAJyz
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:31:29 2025 by rpki-client