Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/dc76ff-2b35-42be-ab56-5df2de08b695/1/bWi2Mkf_arohbIgqpZEaCaewlho.roa
File: bWi2Mkf_arohbIgqpZEaCaewlho.roa (raw, json)
Hash identifier: o4YIfYScSNSPxx9rfmbXoBu7Bh9velBEqxyrfd2MDmI=
Subject key identifier: 6D:68:B6:32:47:FF:6A:BA:21:6C:88:2A:A5:91:1A:09:A7:B0:96:1A
Certificate issuer: /CN=37d6706a2e270cb486bb47243463ccbbf9f4d5ca
Certificate serial: 019422FBE0FCA830769B8E4D9A21A0E40B66
Authority key identifier: 37:D6:70:6A:2E:27:0C:B4:86:BB:47:24:34:63:CC:BB:F9:F4:D5:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N9Zwai4nDLSGu0ckNGPMu_n01co.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/dc76ff-2b35-42be-ab56-5df2de08b695/1/bWi2Mkf_arohbIgqpZEaCaewlho.roa
Signing time: Wed 01 Jan 2025 17:48:39 +0000
ROA not before: Wed 01 Jan 2025 17:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 185.206.120.0/24 maxlen: 24
188.116.35.0/24 maxlen: 24
2a10:a200::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:e0:fc:a8:30:76:9b:8e:4d:9a:21:a0:e4:0b:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37d6706a2e270cb486bb47243463ccbbf9f4d5ca
Validity
Not Before: Jan 1 17:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d68b63247ff6aba216c882aa5911a09a7b0961a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:ae:6c:ea:03:87:06:e8:ad:bb:bb:62:e2:82:
3d:fb:e3:d8:da:09:64:c4:9e:a5:3f:71:0c:6e:1f:
60:65:b4:38:50:cb:8f:01:f9:c4:4e:73:4a:a1:44:
ef:24:25:36:66:9a:89:a3:09:eb:7d:3b:3c:1d:ea:
8e:8d:71:38:e3:3f:32:ab:5b:56:2e:db:c0:74:ea:
89:73:fc:a9:8b:b8:5b:34:44:86:78:53:a7:9d:23:
2f:05:88:fb:14:0d:f6:3e:6d:eb:59:ec:25:59:bf:
2a:1d:d6:56:a3:b5:e4:ec:57:c3:a9:1e:cf:c5:bd:
d3:92:fe:39:b8:98:81:0e:e8:cf:6f:29:3c:26:b7:
00:2a:6a:66:38:7c:b4:2d:ec:8a:a0:ac:af:36:17:
78:a3:95:77:a0:30:81:c5:0b:6f:2b:0b:c3:93:28:
98:b2:88:16:11:f7:f3:9f:c4:48:da:28:9b:0a:74:
d0:0a:5a:4b:f7:74:78:cc:f8:86:fb:39:e7:96:ba:
16:78:4d:0a:1e:bd:40:ea:e1:d2:65:dd:dd:5a:f6:
95:da:a7:22:e8:f3:78:57:57:9f:d3:d0:92:a3:eb:
40:44:be:7c:92:d7:7f:21:a9:3d:68:61:ba:9a:60:
7b:91:9e:10:bd:df:28:45:47:02:53:36:8c:5e:c3:
89:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:68:B6:32:47:FF:6A:BA:21:6C:88:2A:A5:91:1A:09:A7:B0:96:1A
X509v3 Authority Key Identifier:
keyid:37:D6:70:6A:2E:27:0C:B4:86:BB:47:24:34:63:CC:BB:F9:F4:D5:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N9Zwai4nDLSGu0ckNGPMu_n01co.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/dc76ff-2b35-42be-ab56-5df2de08b695/1/bWi2Mkf_arohbIgqpZEaCaewlho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/dc76ff-2b35-42be-ab56-5df2de08b695/1/N9Zwai4nDLSGu0ckNGPMu_n01co.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.120.0/24
188.116.35.0/24
IPv6:
2a10:a200::/48
Signature Algorithm: sha256WithRSAEncryption
8a:e2:f6:c9:8f:0e:a4:ad:46:46:88:f2:65:2b:51:18:77:b2:
a5:0d:6d:48:b6:5d:25:fa:45:1b:a9:03:5f:9c:86:ce:46:b4:
a4:f9:fd:ef:cd:a2:98:38:38:c6:00:49:3b:4d:f7:f5:c6:85:
9c:ec:89:47:5a:90:3a:c4:d2:6d:fb:f4:ab:93:07:3b:13:db:
52:cf:0d:bf:ba:5d:b8:8b:3a:6b:9a:8e:bf:8d:a7:84:33:31:
c2:59:af:bc:81:80:b1:9b:c3:62:b4:81:1c:1d:19:56:4f:af:
49:98:5b:d7:fc:4f:da:be:fd:82:7b:e9:3f:41:54:2e:c1:66:
86:c9:fd:f6:5c:54:17:12:0e:76:b4:88:ab:32:e4:1d:5a:15:
e6:f1:f3:83:e8:6c:cf:02:f9:80:e4:26:f5:36:70:41:30:2b:
28:bc:f1:5a:88:61:ff:4d:3e:01:67:4a:cd:13:eb:5a:66:66:
66:61:b7:3d:a2:b7:fd:77:03:62:e7:9e:4c:98:8c:79:ca:16:
d2:a9:08:4c:65:ec:6c:42:af:81:8c:c9:30:0f:f2:f5:55:c7:
22:f0:9b:1c:78:30:ab:6a:1d:05:c7:34:6d:2c:f7:63:0f:d0:
fe:17:5e:cf:36:9a:e9:a2:9e:0f:9f:f2:36:ee:96:bf:00:08:
d5:8a:09:e7
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQi++D8qDB2m45NmiGg5AtmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZDY3MDZhMmUyNzBjYjQ4NmJiNDcyNDM0NjNjY2JiZjlm
NGQ1Y2EwHhcNMjUwMTAxMTc0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDY4YjYzMjQ3ZmY2YWJhMjE2Yzg4MmFhNTkxMWEwOWE3YjA5NjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA665s6gOHBuitu7ti4oI9++PY2glk
xJ6lP3EMbh9gZbQ4UMuPAfnETnNKoUTvJCU2ZpqJownrfTs8HeqOjXE44z8yq1tW
LtvAdOqJc/ypi7hbNESGeFOnnSMvBYj7FA32Pm3rWewlWb8qHdZWo7Xk7FfDqR7P
xb3Tkv45uJiBDujPbyk8JrcAKmpmOHy0LeyKoKyvNhd4o5V3oDCBxQtvKwvDkyiY
sogWEffzn8RI2iibCnTQClpL93R4zPiG+znnlroWeE0KHr1A6uHSZd3dWvaV2qci
6PN4V1ef09CSo+tARL58ktd/Iak9aGG6mmB7kZ4Qvd8oRUcCUzaMXsOJaQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFG1otjJH/2q6IWyIKqWRGgmnsJYaMB8GA1UdIwQY
MBaAFDfWcGouJwy0hrtHJDRjzLv59NXKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjlad2FpNG5ETFNHdTBja05HUE11X24wMWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9kYzc2ZmYtMmIzNS00MmJlLWFiNTYt
NWRmMmRlMDhiNjk1LzEvYldpMk1rZl9hcm9oYklncXBaRWFDYWV3bGhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9kYzc2ZmYtMmIzNS00MmJlLWFiNTYtNWRmMmRlMDhiNjk1
LzEvTjlad2FpNG5ETFNHdTBja05HUE11X24wMWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuc54AwQA
vHQjMA8EAgACMAkDBwAqEKIAAAAwDQYJKoZIhvcNAQELBQADggEBAIri9smPDqSt
RkaI8mUrURh3sqUNbUi2XSX6RRupA1+chs5GtKT5/e/Nopg4OMYASTtN9/XGhZzs
iUdakDrE0m379KuTBzsT21LPDb+6XbiLOmuajr+Np4QzMcJZr7yBgLGbw2K0gRwd
GVZPr0mYW9f8T9q+/YJ76T9BVC7BZobJ/fZcVBcSDna0iKsy5B1aFebx84PobM8C
+YDkJvU2cEEwKyi88VqIYf9NPgFnSs0T61pmZmZhtz2it/13A2LnnkyYjHnKFtKp
CExl7GxCr4GMyTAP8vVVxyLwmxx4MKtqHQXHNG0s92MP0P4XXs82muming+f8jbu
lr8ACNWKCec=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:34 2025 by rpki-client