Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/8d3419-78e0-4176-8213-f17f0056108c/1/Ai-_WODQT5gjGDaQ6CXKPNkmTMg.roa
File: Ai-_WODQT5gjGDaQ6CXKPNkmTMg.roa (raw, json)
Hash identifier: WNvkuBtCgqvZC4hHmC3CVdy2TgQFB8OfoCsx9x6UKkg=
Subject key identifier: 02:2F:BF:58:E0:D0:4F:98:23:18:36:90:E8:25:CA:3C:D9:26:4C:C8
Certificate issuer: /CN=8e7003c7c677cc3bd68603176992a3ebd02f46cb
Certificate serial: 0194258FB899FF2D96CCCFFADB6B3AD81625
Authority key identifier: 8E:70:03:C7:C6:77:CC:3B:D6:86:03:17:69:92:A3:EB:D0:2F:46:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jnADx8Z3zDvWhgMXaZKj69AvRss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/8d3419-78e0-4176-8213-f17f0056108c/1/Ai-_WODQT5gjGDaQ6CXKPNkmTMg.roa
Signing time: Thu 02 Jan 2025 05:49:23 +0000
ROA not before: Thu 02 Jan 2025 05:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200612
IP address blocks: 185.100.208.0/22 maxlen: 22
185.100.208.0/24 maxlen: 24
185.100.209.0/24 maxlen: 24
185.100.210.0/24 maxlen: 24
185.100.211.0/24 maxlen: 24
2a07:4340::/29 maxlen: 29
2a07:4340::/32 maxlen: 32
2a07:4341::/32 maxlen: 32
2a07:4342::/32 maxlen: 32
2a07:4343::/32 maxlen: 32
2a07:4344::/32 maxlen: 32
2a07:4345::/32 maxlen: 32
2a07:4346::/32 maxlen: 32
2a07:4347::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:b8:99:ff:2d:96:cc:cf:fa:db:6b:3a:d8:16:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e7003c7c677cc3bd68603176992a3ebd02f46cb
Validity
Not Before: Jan 2 05:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=022fbf58e0d04f9823183690e825ca3cd9264cc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ac:09:56:c2:21:c7:87:39:9b:dd:d2:1e:88:
62:2c:9b:23:b0:c2:6d:a3:6c:72:a0:c5:02:34:4e:
f0:ee:b3:9d:42:4d:1c:e4:3f:fa:89:98:66:5c:4c:
92:05:dd:7f:1b:aa:ac:22:d2:5f:91:cf:c5:dc:47:
e9:42:28:9a:5f:2c:3c:a5:41:bf:84:32:c8:a3:8b:
06:32:64:82:c8:98:5f:6c:7a:4a:2e:bc:cf:09:d1:
43:eb:8c:40:74:74:f3:80:74:04:a3:20:87:22:ec:
35:ed:d1:47:3a:9e:4f:e9:bf:5f:24:f8:9e:91:88:
c1:af:80:56:90:21:36:8e:34:39:da:40:9d:bc:fd:
f5:42:84:13:62:9f:45:8a:1f:06:9f:a2:06:52:3f:
f0:83:d2:e3:8c:e5:76:ad:5b:b2:25:56:d3:07:22:
08:c5:fa:44:3c:fa:d6:dd:50:79:d3:8e:76:10:fa:
57:2a:ff:39:e9:7b:53:7a:5e:cd:e3:c4:1d:ad:60:
b0:2a:7c:42:ea:76:dd:d3:00:f7:99:f3:85:c6:9e:
ba:2b:67:fe:a5:1f:be:d7:61:ba:ed:2f:c0:ca:55:
f7:15:36:63:b3:f1:ab:0d:d2:87:a6:26:2f:3d:de:
22:c1:82:b8:49:6d:29:08:18:51:1b:22:c4:14:b4:
d2:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:2F:BF:58:E0:D0:4F:98:23:18:36:90:E8:25:CA:3C:D9:26:4C:C8
X509v3 Authority Key Identifier:
keyid:8E:70:03:C7:C6:77:CC:3B:D6:86:03:17:69:92:A3:EB:D0:2F:46:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jnADx8Z3zDvWhgMXaZKj69AvRss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/8d3419-78e0-4176-8213-f17f0056108c/1/Ai-_WODQT5gjGDaQ6CXKPNkmTMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/8d3419-78e0-4176-8213-f17f0056108c/1/jnADx8Z3zDvWhgMXaZKj69AvRss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.208.0/22
IPv6:
2a07:4340::/29
Signature Algorithm: sha256WithRSAEncryption
5d:28:f5:e7:b8:20:7a:f4:dc:fc:17:99:2b:e8:d5:31:f7:ee:
90:1e:d4:28:98:74:9f:06:b3:d2:3c:af:1c:01:ac:b1:cb:f7:
ee:e6:20:3a:aa:97:1c:c5:cd:9e:c6:88:75:e1:da:d4:71:87:
90:72:14:7e:6d:bb:04:50:02:c5:ad:b6:7c:52:f7:48:30:0e:
8c:a5:b7:16:a6:91:63:86:49:e8:ee:0b:aa:a6:00:99:0e:3e:
d7:24:e4:56:32:d5:2b:70:93:36:07:6a:cf:fb:7f:a0:6d:a9:
eb:51:0c:92:b7:54:fa:2f:c5:e5:a9:3f:fe:05:b6:4e:5f:52:
73:13:3e:6c:a5:1a:0f:ee:05:d9:f3:aa:77:3d:4a:a9:6e:69:
b8:e3:9e:2b:0a:ca:45:9f:a1:73:49:68:88:c5:0b:7b:38:9f:
ca:8d:3f:d6:bb:64:ed:a1:5e:30:5b:0a:d5:32:91:dd:36:f6:
5a:66:0b:f2:ec:2a:e5:fe:a7:be:62:8c:e9:7c:55:7b:32:82:
8b:8b:cf:a6:cb:4c:b9:2c:f6:d5:66:09:2f:22:59:4e:6a:56:
48:ce:42:8c:e0:78:07:52:29:6b:dd:f5:46:1b:c1:b3:d9:d5:
5c:14:74:d2:15:1b:50:90:db:f0:cb:50:a1:55:60:29:7b:8f:
3d:61:67:12
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlj7iZ/y2WzM/622s62BYlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNzAwM2M3YzY3N2NjM2JkNjg2MDMxNzY5OTJhM2ViZDAy
ZjQ2Y2IwHhcNMjUwMTAyMDU0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjJmYmY1OGUwZDA0Zjk4MjMxODM2OTBlODI1Y2EzY2Q5MjY0Y2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0awJVsIhx4c5m93SHohiLJsjsMJt
o2xyoMUCNE7w7rOdQk0c5D/6iZhmXEySBd1/G6qsItJfkc/F3EfpQiiaXyw8pUG/
hDLIo4sGMmSCyJhfbHpKLrzPCdFD64xAdHTzgHQEoyCHIuw17dFHOp5P6b9fJPie
kYjBr4BWkCE2jjQ52kCdvP31QoQTYp9Fih8Gn6IGUj/wg9LjjOV2rVuyJVbTByII
xfpEPPrW3VB50452EPpXKv856XtTel7N48QdrWCwKnxC6nbd0wD3mfOFxp66K2f+
pR++12G67S/AylX3FTZjs/GrDdKHpiYvPd4iwYK4SW0pCBhRGyLEFLTS7QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAIvv1jg0E+YIxg2kOglyjzZJkzIMB8GA1UdIwQY
MBaAFI5wA8fGd8w71oYDF2mSo+vQL0bLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam5BRHg4WjN6RHZXaGdNWGFaS2o2OUF2UnNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi84ZDM0MTktNzhlMC00MTc2LTgyMTMt
ZjE3ZjAwNTYxMDhjLzEvQWktX1dPRFFUNWdqR0RhUTZDWEtQTmttVE1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi84ZDM0MTktNzhlMC00MTc2LTgyMTMtZjE3ZjAwNTYxMDhj
LzEvam5BRHg4WjN6RHZXaGdNWGFaS2o2OUF2UnNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWTQMA0E
AgACMAcDBQMqB0NAMA0GCSqGSIb3DQEBCwUAA4IBAQBdKPXnuCB69Nz8F5kr6NUx
9+6QHtQomHSfBrPSPK8cAayxy/fu5iA6qpccxc2exoh14drUcYeQchR+bbsEUALF
rbZ8UvdIMA6MpbcWppFjhkno7guqpgCZDj7XJORWMtUrcJM2B2rP+3+gbanrUQyS
t1T6L8XlqT/+BbZOX1JzEz5spRoP7gXZ86p3PUqpbmm4454rCspFn6FzSWiIxQt7
OJ/KjT/Wu2TtoV4wWwrVMpHdNvZaZgvy7Crl/qe+YozpfFV7MoKLi8+my0y5LPbV
ZgkvIllOalZIzkKM4HgHUilr3fVGG8Gz2dVcFHTSFRtQkNvwy1ChVWApe489YWcS
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:43:56 2025 by rpki-client