Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/003d6d-bbbf-4091-8c2d-ffa7f280d253/1/6b0HXfNaB2ZSDu3ZkeBDOb9TJEg.roa
File: 6b0HXfNaB2ZSDu3ZkeBDOb9TJEg.roa (raw, json)
Hash identifier: OoSe/Jn2kkd2qR+hOQNHaRaHd+dlUS1/M2n2FkXkuYY=
Subject key identifier: E9:BD:07:5D:F3:5A:07:66:52:0E:ED:D9:91:E0:43:39:BF:53:24:48
Certificate issuer: /CN=ecc8402f2faab304879ff712cfcbf5ae52b6699c
Certificate serial: 018636DF966A14059749EC820533E6E0C40A
Authority key identifier: EC:C8:40:2F:2F:AA:B3:04:87:9F:F7:12:CF:CB:F5:AE:52:B6:69:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7MhALy-qswSHn_cSz8v1rlK2aZw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/003d6d-bbbf-4091-8c2d-ffa7f280d253/1/6b0HXfNaB2ZSDu3ZkeBDOb9TJEg.roa
Signing time: Thu 09 Feb 2023 15:51:07 +0000
ROA not before: Thu 09 Feb 2023 15:51:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42184
IP address blocks: 185.153.140.0/22 maxlen: 24
2a0f:8880::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:36:df:96:6a:14:05:97:49:ec:82:05:33:e6:e0:c4:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecc8402f2faab304879ff712cfcbf5ae52b6699c
Validity
Not Before: Feb 9 15:51:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e9bd075df35a0766520eedd991e04339bf532448
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ae:84:0c:3c:c5:99:45:ed:b1:fd:6e:10:71:
2f:9e:d4:06:ec:76:a8:94:d2:7a:c5:28:a7:e9:74:
37:d1:93:61:8f:7f:aa:42:37:02:a0:d6:bd:e4:5e:
bf:36:13:95:c4:e4:36:ed:01:a9:e2:84:36:e9:66:
ae:e5:a6:a3:32:8d:0b:d7:8e:a0:72:96:91:d9:f3:
77:5c:83:c0:dd:bd:89:8f:2d:3f:fb:2a:5e:4d:d0:
d5:0c:24:f5:f7:06:aa:6c:82:6f:a0:35:9d:1c:11:
40:62:62:ad:ca:98:74:0f:3e:26:36:7b:6d:4a:72:
bb:b9:ff:58:ad:b3:02:f2:93:b2:f6:b5:e9:a4:6a:
9a:b5:d2:85:7d:d7:a0:4f:64:57:38:90:3e:81:11:
26:9b:df:28:27:d4:b8:17:d7:e3:66:f6:d2:5c:b0:
64:5b:53:11:9b:8b:4a:b9:a4:cc:8b:22:50:3a:a2:
79:8e:97:dd:b9:f4:a9:c3:46:1f:3c:e6:db:74:b7:
f5:c8:c3:8e:68:33:d4:54:98:02:0f:2e:53:96:73:
f9:8d:c0:84:ba:a4:7e:3d:25:12:07:9a:30:7b:d7:
31:9a:5c:83:f5:ae:28:3b:70:b2:00:12:89:fd:86:
ef:2f:7f:fd:e9:90:6c:6a:7d:89:01:90:eb:2c:e5:
6c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:BD:07:5D:F3:5A:07:66:52:0E:ED:D9:91:E0:43:39:BF:53:24:48
X509v3 Authority Key Identifier:
keyid:EC:C8:40:2F:2F:AA:B3:04:87:9F:F7:12:CF:CB:F5:AE:52:B6:69:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7MhALy-qswSHn_cSz8v1rlK2aZw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/003d6d-bbbf-4091-8c2d-ffa7f280d253/1/6b0HXfNaB2ZSDu3ZkeBDOb9TJEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/003d6d-bbbf-4091-8c2d-ffa7f280d253/1/7MhALy-qswSHn_cSz8v1rlK2aZw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.140.0/22
IPv6:
2a0f:8880::/29
Signature Algorithm: sha256WithRSAEncryption
32:c4:11:d5:9d:fe:10:a3:1b:8c:2f:d8:cd:a0:67:25:7d:8d:
f0:96:d9:64:41:16:cc:0f:ce:e9:ce:01:0c:bf:4c:21:dd:c5:
d5:05:64:06:db:13:47:88:c7:b7:4b:e2:c0:0a:c1:0e:c4:21:
77:5e:b5:fe:2f:30:b3:71:1b:28:de:55:cf:0c:d6:e8:cb:5b:
d5:f6:39:ff:cc:1d:68:59:f1:c6:f9:a2:06:4a:9f:3c:08:56:
6e:12:a0:5b:64:54:c1:f6:b6:f9:14:dd:02:d1:7a:52:c6:e1:
90:61:b8:97:72:e1:12:58:f5:10:46:28:0a:39:eb:7e:8d:c6:
09:9c:c1:83:89:ba:08:e5:35:a3:e4:26:80:19:d0:b8:81:6d:
f5:a6:33:3d:4d:46:fe:1c:5d:73:60:db:79:4a:07:96:7e:2c:
3b:20:ce:6f:21:8b:fc:49:51:37:5d:b4:b9:7d:76:f3:9b:05:
76:69:47:bc:7f:7d:70:ed:2e:3c:29:f0:09:64:18:90:e7:5f:
ac:52:bd:80:78:ba:90:27:d2:ad:c5:c6:57:1c:d4:c3:ab:fe:
66:94:8f:bc:72:bd:1e:6a:68:95:36:f8:2f:31:25:6f:bd:af:
0e:1e:59:c3:9d:ce:46:66:16:05:3b:43:1e:b8:6a:57:c1:77:
13:72:11:22
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYY235ZqFAWXSeyCBTPm4MQKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjYzg0MDJmMmZhYWIzMDQ4NzlmZjcxMmNmY2JmNWFlNTJi
NjY5OWMwHhcNMjMwMjA5MTU1MTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWJkMDc1ZGYzNWEwNzY2NTIwZWVkZDk5MWUwNDMzOWJmNTMyNDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr66EDDzFmUXtsf1uEHEvntQG7Hao
lNJ6xSin6XQ30ZNhj3+qQjcCoNa95F6/NhOVxOQ27QGp4oQ26Wau5aajMo0L146g
cpaR2fN3XIPA3b2Jjy0/+ypeTdDVDCT19waqbIJvoDWdHBFAYmKtyph0Dz4mNntt
SnK7uf9YrbMC8pOy9rXppGqatdKFfdegT2RXOJA+gREmm98oJ9S4F9fjZvbSXLBk
W1MRm4tKuaTMiyJQOqJ5jpfdufSpw0YfPObbdLf1yMOOaDPUVJgCDy5TlnP5jcCE
uqR+PSUSB5owe9cxmlyD9a4oO3CyABKJ/YbvL3/96ZBsan2JAZDrLOVs2wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOm9B13zWgdmUg7t2ZHgQzm/UyRIMB8GA1UdIwQY
MBaAFOzIQC8vqrMEh5/3Es/L9a5StmmcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN01oQUx5LXFzd1NIbl9jU3o4djFybEsyYVp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8wMDNkNmQtYmJiZi00MDkxLThjMmQt
ZmZhN2YyODBkMjUzLzEvNmIwSFhmTmFCMlpTRHUzWmtlQkRPYjlUSkVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8wMDNkNmQtYmJiZi00MDkxLThjMmQtZmZhN2YyODBkMjUz
LzEvN01oQUx5LXFzd1NIbl9jU3o4djFybEsyYVp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZmMMA0E
AgACMAcDBQMqD4iAMA0GCSqGSIb3DQEBCwUAA4IBAQAyxBHVnf4QoxuML9jNoGcl
fY3wltlkQRbMD87pzgEMv0wh3cXVBWQG2xNHiMe3S+LACsEOxCF3XrX+LzCzcRso
3lXPDNboy1vV9jn/zB1oWfHG+aIGSp88CFZuEqBbZFTB9rb5FN0C0XpSxuGQYbiX
cuESWPUQRigKOet+jcYJnMGDiboI5TWj5CaAGdC4gW31pjM9TUb+HF1zYNt5SgeW
fiw7IM5vIYv8SVE3XbS5fXbzmwV2aUe8f31w7S48KfAJZBiQ51+sUr2AeLqQJ9Kt
xcZXHNTDq/5mlI+8cr0eamiVNvgvMSVvva8OHlnDnc5GZhYFO0MeuGpXwXcTchEi
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:45:32 2025 by rpki-client