Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/fd6070-9e0b-433a-8a75-7f73a4671a1e/1/aC1zrHe-B2VbFWXSrCj-et8l1wo.roa
File: aC1zrHe-B2VbFWXSrCj-et8l1wo.roa (raw, json)
Hash identifier: dYtxir4EItimXJqX5OgUJO3jRJ2NZN3GpkUGUsB/28Q=
Subject key identifier: 68:2D:73:AC:77:BE:07:65:5B:15:65:D2:AC:28:FE:7A:DF:25:D7:0A
Certificate issuer: /CN=613d5e1379fea9d1d0f7256ed0fc9183be74fefb
Certificate serial: 019425221361AC86891DEAD0CE5E81191BE9
Authority key identifier: 61:3D:5E:13:79:FE:A9:D1:D0:F7:25:6E:D0:FC:91:83:BE:74:FE:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YT1eE3n-qdHQ9yVu0PyRg750_vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/fd6070-9e0b-433a-8a75-7f73a4671a1e/1/aC1zrHe-B2VbFWXSrCj-et8l1wo.roa
Signing time: Thu 02 Jan 2025 03:49:37 +0000
ROA not before: Thu 02 Jan 2025 03:49:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207335
IP address blocks: 185.106.133.0/24 maxlen: 24
2a10:1380::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:13:61:ac:86:89:1d:ea:d0:ce:5e:81:19:1b:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=613d5e1379fea9d1d0f7256ed0fc9183be74fefb
Validity
Not Before: Jan 2 03:49:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=682d73ac77be07655b1565d2ac28fe7adf25d70a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:27:90:d1:c6:20:3f:af:09:eb:67:b2:24:8f:
56:1f:1c:d7:17:ee:c0:3b:cd:50:eb:e9:d6:17:f0:
35:50:ff:8f:06:b9:11:00:51:ff:80:69:54:e1:c1:
0b:bc:4d:b5:5f:de:77:7c:a8:31:1d:f8:72:48:74:
84:0c:97:e3:ff:00:c7:17:c0:07:51:d1:82:ed:6a:
6e:6f:0d:27:45:b8:1f:f2:1e:2c:f9:65:d1:56:d9:
6f:f0:fb:bf:df:20:af:42:47:cc:ec:b1:28:36:1d:
20:65:f3:99:2f:ab:26:d9:d4:aa:b6:10:d9:85:a4:
22:94:23:7a:92:bf:23:1d:f0:67:fb:f3:9e:a9:90:
6c:7b:6b:6e:63:a6:28:fd:76:05:f3:69:d9:71:fc:
4f:df:26:39:82:18:af:93:c5:79:df:d8:eb:7f:18:
5b:26:ee:ec:c6:e8:4e:4b:e6:10:f7:77:58:16:e9:
72:a7:2f:07:e9:49:17:76:88:9e:f2:70:99:99:3c:
1b:fd:93:03:89:de:92:bc:2e:6f:e8:c5:81:58:54:
84:26:22:82:80:99:dc:68:65:b5:d1:61:ba:4f:2a:
0f:07:d1:13:50:01:d9:28:f4:b8:02:0f:2b:69:6b:
06:51:58:a2:22:82:7a:6e:24:9c:16:0f:f6:c5:fb:
37:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:2D:73:AC:77:BE:07:65:5B:15:65:D2:AC:28:FE:7A:DF:25:D7:0A
X509v3 Authority Key Identifier:
keyid:61:3D:5E:13:79:FE:A9:D1:D0:F7:25:6E:D0:FC:91:83:BE:74:FE:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YT1eE3n-qdHQ9yVu0PyRg750_vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/fd6070-9e0b-433a-8a75-7f73a4671a1e/1/aC1zrHe-B2VbFWXSrCj-et8l1wo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/fd6070-9e0b-433a-8a75-7f73a4671a1e/1/YT1eE3n-qdHQ9yVu0PyRg750_vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.106.133.0/24
IPv6:
2a10:1380::/29
Signature Algorithm: sha256WithRSAEncryption
68:74:10:aa:d6:21:42:61:70:bf:69:2d:3c:9b:0b:a0:42:09:
20:a8:16:c4:e8:2f:d1:70:79:47:a7:a5:5e:33:4a:47:af:f7:
49:57:73:27:13:2f:76:71:6c:0d:71:96:c4:0c:ff:e6:96:eb:
8a:f4:85:1c:a5:d3:2e:71:95:1f:98:b8:fb:a3:0c:1c:f5:06:
0f:09:ab:03:b7:65:e0:21:b7:f4:4f:84:f8:b2:81:f8:6a:13:
cc:3c:6e:88:28:1e:96:5f:0b:78:e8:d2:53:06:ce:f2:1d:c5:
ae:4d:2e:62:66:d4:b4:07:58:c9:8f:78:e4:1a:42:fe:5a:03:
a8:33:1e:f2:be:68:39:df:96:ac:78:93:93:37:d1:42:2b:a7:
fa:a8:77:96:47:93:cc:68:21:5a:ea:1a:d6:4e:21:0a:15:3e:
28:9f:ff:84:68:15:2a:25:aa:98:b3:9d:85:b2:76:38:0f:c6:
ba:d1:9b:e1:75:c1:31:d3:0d:03:d5:9a:4f:c6:06:74:31:11:
ef:a2:ed:4d:c7:fb:67:3b:6a:a8:53:06:c1:86:1e:6f:e7:ca:
17:a5:68:09:de:a6:89:0a:15:50:2f:38:20:6f:cc:b0:05:1c:
e3:e1:43:44:1d:65:46:9e:85:59:2e:74:9a:75:3f:0f:fd:8e:
56:a6:6c:f3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlIhNhrIaJHerQzl6BGRvpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxM2Q1ZTEzNzlmZWE5ZDFkMGY3MjU2ZWQwZmM5MTgzYmU3
NGZlZmIwHhcNMjUwMTAyMDM0OTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODJkNzNhYzc3YmUwNzY1NWIxNTY1ZDJhYzI4ZmU3YWRmMjVkNzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsieQ0cYgP68J62eyJI9WHxzXF+7A
O81Q6+nWF/A1UP+PBrkRAFH/gGlU4cELvE21X953fKgxHfhySHSEDJfj/wDHF8AH
UdGC7Wpubw0nRbgf8h4s+WXRVtlv8Pu/3yCvQkfM7LEoNh0gZfOZL6sm2dSqthDZ
haQilCN6kr8jHfBn+/OeqZBse2tuY6Yo/XYF82nZcfxP3yY5ghivk8V539jrfxhb
Ju7sxuhOS+YQ93dYFulypy8H6UkXdoie8nCZmTwb/ZMDid6SvC5v6MWBWFSEJiKC
gJncaGW10WG6TyoPB9ETUAHZKPS4Ag8raWsGUViiIoJ6biScFg/2xfs3uwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGgtc6x3vgdlWxVl0qwo/nrfJdcKMB8GA1UdIwQY
MBaAFGE9XhN5/qnR0PclbtD8kYO+dP77MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVQxZUUzbi1xZEhROXlWdTBQeVJnNzUwX3ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9mZDYwNzAtOWUwYi00MzNhLThhNzUt
N2Y3M2E0NjcxYTFlLzEvYUMxenJIZS1CMlZiRldYU3JDai1ldDhsMXdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9mZDYwNzAtOWUwYi00MzNhLThhNzUtN2Y3M2E0NjcxYTFl
LzEvWVQxZUUzbi1xZEhROXlWdTBQeVJnNzUwX3ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuWqFMA0E
AgACMAcDBQMqEBOAMA0GCSqGSIb3DQEBCwUAA4IBAQBodBCq1iFCYXC/aS08mwug
QgkgqBbE6C/RcHlHp6VeM0pHr/dJV3MnEy92cWwNcZbEDP/mluuK9IUcpdMucZUf
mLj7owwc9QYPCasDt2XgIbf0T4T4soH4ahPMPG6IKB6WXwt46NJTBs7yHcWuTS5i
ZtS0B1jJj3jkGkL+WgOoMx7yvmg535aseJOTN9FCK6f6qHeWR5PMaCFa6hrWTiEK
FT4on/+EaBUqJaqYs52FsnY4D8a60ZvhdcEx0w0D1ZpPxgZ0MRHvou1Nx/tnO2qo
UwbBhh5v58oXpWgJ3qaJChVQLzggb8ywBRzj4UNEHWVGnoVZLnSadT8P/Y5Wpmzz
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:53:47 2025 by rpki-client