Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/205275-2ced-4a4e-b900-4f3e5b2e0c56/1/aWalfbOeEBKlHFJV-ENu8MAsZo4.roa
File: aWalfbOeEBKlHFJV-ENu8MAsZo4.roa (raw, json)
Hash identifier: EdxjZs6zvCXnFCAeiNpfiVYwCGvEbmMbWMZx7J9tRCc=
Subject key identifier: 69:66:A5:7D:B3:9E:10:12:A5:1C:52:55:F8:43:6E:F0:C0:2C:66:8E
Certificate issuer: /CN=1d0871fc2e99892ea1115a302138e1d32a62182c
Certificate serial: 01941FFA5E24155CC7D7F5B58FC3AF55B826
Authority key identifier: 1D:08:71:FC:2E:99:89:2E:A1:11:5A:30:21:38:E1:D3:2A:62:18:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQhx_C6ZiS6hEVowITjh0ypiGCw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/205275-2ced-4a4e-b900-4f3e5b2e0c56/1/aWalfbOeEBKlHFJV-ENu8MAsZo4.roa
Signing time: Wed 01 Jan 2025 03:48:09 +0000
ROA not before: Wed 01 Jan 2025 03:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204512
IP address blocks: 185.118.108.0/24 maxlen: 24
2a0e:9000::/32 maxlen: 32
2a0e:9000:1::/48 maxlen: 48
2a0e:9000:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:5e:24:15:5c:c7:d7:f5:b5:8f:c3:af:55:b8:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d0871fc2e99892ea1115a302138e1d32a62182c
Validity
Not Before: Jan 1 03:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6966a57db39e1012a51c5255f8436ef0c02c668e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:96:07:82:22:aa:17:5c:58:c2:c0:ad:59:75:
0a:8a:1c:6c:2e:c2:dd:8a:4b:75:99:ea:72:c9:07:
ba:5f:68:05:03:56:cf:91:e8:ab:dc:ce:af:22:12:
dd:99:27:a7:63:73:4d:d6:04:d6:10:69:98:82:9b:
d6:c0:4a:33:00:27:42:8a:45:96:bf:ed:85:98:fa:
bb:f9:fa:e3:16:6a:cb:f4:bf:19:aa:8c:df:6c:04:
e9:c4:26:aa:57:bf:96:59:f9:24:60:c6:29:1e:99:
83:4c:15:1a:24:59:05:cf:0c:b8:27:c0:6f:35:ce:
66:84:3a:1e:e5:97:92:45:c8:e3:52:2f:66:f5:11:
2d:63:d0:cd:12:0b:47:2e:b8:2e:34:a0:eb:0b:e2:
03:f2:46:bb:9f:6b:6e:a8:3c:f5:8a:1a:fd:30:48:
01:67:a8:06:1e:46:d4:44:b5:d1:24:12:6e:f9:82:
cf:86:fb:f7:0f:7f:19:d7:a5:3d:73:6f:33:24:47:
13:86:9a:9e:d3:74:db:ba:00:f6:8d:50:61:9d:96:
a7:f7:1b:f0:1f:d9:8b:dc:e3:23:af:c8:82:5b:5a:
39:77:67:9a:2f:a7:18:87:9c:2b:68:f8:f6:c0:04:
a1:0b:7e:c5:e8:9f:58:37:35:9f:91:28:40:c1:42:
0b:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:66:A5:7D:B3:9E:10:12:A5:1C:52:55:F8:43:6E:F0:C0:2C:66:8E
X509v3 Authority Key Identifier:
keyid:1D:08:71:FC:2E:99:89:2E:A1:11:5A:30:21:38:E1:D3:2A:62:18:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQhx_C6ZiS6hEVowITjh0ypiGCw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/205275-2ced-4a4e-b900-4f3e5b2e0c56/1/aWalfbOeEBKlHFJV-ENu8MAsZo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/205275-2ced-4a4e-b900-4f3e5b2e0c56/1/HQhx_C6ZiS6hEVowITjh0ypiGCw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.108.0/24
IPv6:
2a0e:9000::/32
Signature Algorithm: sha256WithRSAEncryption
ba:8c:8f:b0:f2:6f:72:0b:4e:92:f4:5c:99:5b:46:23:b2:17:
85:63:0f:58:86:36:c6:6a:13:4f:73:fe:c7:c3:a9:4f:bc:c7:
f3:bb:e0:e0:47:31:b7:82:6b:c9:13:bd:63:06:e6:ee:77:da:
ab:eb:a9:2a:29:c3:a6:cd:ed:5a:fe:62:cd:a7:c9:ba:53:7b:
d1:70:b8:c2:50:c5:3e:fe:2c:bb:96:eb:29:f6:ed:11:a2:63:
c4:b9:07:87:53:ae:0f:cc:19:28:ac:c2:6a:17:b1:fe:c5:61:
1d:7a:da:c7:9a:c9:93:11:c3:53:88:f9:88:4b:5e:d6:94:67:
9e:e3:dd:f6:a0:82:64:9e:91:64:22:d8:8e:34:09:1d:a8:09:
48:ec:52:9b:c8:c3:69:25:66:25:58:60:e8:c3:1d:5b:5d:1a:
a4:41:57:59:f9:e5:2d:5a:15:7f:d6:d0:c5:1c:64:41:57:a2:
68:66:6f:a1:4f:3d:bc:5e:1c:66:cb:fd:36:9f:b2:91:97:5a:
1e:9f:3a:60:9d:c0:11:5f:9a:60:bc:6a:08:49:a4:a5:a1:34:
43:7a:ad:5a:74:82:31:11:5d:3e:fd:13:19:35:c0:2e:4e:2f:
f7:2e:9e:26:9d:3a:2a:46:29:02:bc:ef:22:34:8c:ed:43:1d:
58:da:f9:ee
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQf+l4kFVzH1/W1j8OvVbgmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMDg3MWZjMmU5OTg5MmVhMTExNWEzMDIxMzhlMWQzMmE2
MjE4MmMwHhcNMjUwMTAxMDM0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTY2YTU3ZGIzOWUxMDEyYTUxYzUyNTVmODQzNmVmMGMwMmM2NjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4pYHgiKqF1xYwsCtWXUKihxsLsLd
ikt1mepyyQe6X2gFA1bPkeir3M6vIhLdmSenY3NN1gTWEGmYgpvWwEozACdCikWW
v+2FmPq7+frjFmrL9L8ZqozfbATpxCaqV7+WWfkkYMYpHpmDTBUaJFkFzwy4J8Bv
Nc5mhDoe5ZeSRcjjUi9m9REtY9DNEgtHLrguNKDrC+ID8ka7n2tuqDz1ihr9MEgB
Z6gGHkbURLXRJBJu+YLPhvv3D38Z16U9c28zJEcThpqe03TbugD2jVBhnZan9xvw
H9mL3OMjr8iCW1o5d2eaL6cYh5wraPj2wAShC37F6J9YNzWfkShAwUIL6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGlmpX2znhASpRxSVfhDbvDALGaOMB8GA1UdIwQY
MBaAFB0IcfwumYkuoRFaMCE44dMqYhgsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFFoeF9DNlppUzZoRVZvd0lUamgweXBpR0N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy8yMDUyNzUtMmNlZC00YTRlLWI5MDAt
NGYzZTViMmUwYzU2LzEvYVdhbGZiT2VFQktsSEZKVi1FTnU4TUFzWm80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy8yMDUyNzUtMmNlZC00YTRlLWI5MDAtNGYzZTViMmUwYzU2
LzEvSFFoeF9DNlppUzZoRVZvd0lUamgweXBpR0N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuXZsMA0E
AgACMAcDBQAqDpAAMA0GCSqGSIb3DQEBCwUAA4IBAQC6jI+w8m9yC06S9FyZW0Yj
sheFYw9YhjbGahNPc/7Hw6lPvMfzu+DgRzG3gmvJE71jBubud9qr66kqKcOmze1a
/mLNp8m6U3vRcLjCUMU+/iy7lusp9u0RomPEuQeHU64PzBkorMJqF7H+xWEdetrH
msmTEcNTiPmIS17WlGee4932oIJknpFkItiONAkdqAlI7FKbyMNpJWYlWGDowx1b
XRqkQVdZ+eUtWhV/1tDFHGRBV6JoZm+hTz28Xhxmy/02n7KRl1oenzpgncARX5pg
vGoISaSloTRDeq1adIIxEV0+/RMZNcAuTi/3Lp4mnToqRikCvO8iNIztQx1Y2vnu
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:36:49 2025 by rpki-client