Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/de4d0f-7f8e-4d7e-bbb0-07319c728ca2/1/bb6nncvAhni078ZU5RtarugpVvQ.roa
File: bb6nncvAhni078ZU5RtarugpVvQ.roa (raw, json)
Hash identifier: 6TYoEFu0AnfEraFXjdNI1tT+tX9iNJhtz1VPH2GMI28=
Subject key identifier: 6D:BE:A7:9D:CB:C0:86:78:B4:EF:C6:54:E5:1B:5A:AE:E8:29:56:F4
Certificate issuer: /CN=7843a5381dce2877bbc351a684efcecdd613e3aa
Certificate serial: 019423D7DF67FDFA201C4E64BA6493A17CA1
Authority key identifier: 78:43:A5:38:1D:CE:28:77:BB:C3:51:A6:84:EF:CE:CD:D6:13:E3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eEOlOB3OKHe7w1GmhO_OzdYT46o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/de4d0f-7f8e-4d7e-bbb0-07319c728ca2/1/bb6nncvAhni078ZU5RtarugpVvQ.roa
Signing time: Wed 01 Jan 2025 21:48:57 +0000
ROA not before: Wed 01 Jan 2025 21:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200485
IP address blocks: 185.104.156.0/22 maxlen: 22
185.104.156.0/24 maxlen: 24
185.104.157.0/24 maxlen: 24
185.104.158.0/24 maxlen: 24
185.104.159.0/24 maxlen: 24
2a06:4200::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:df:67:fd:fa:20:1c:4e:64:ba:64:93:a1:7c:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7843a5381dce2877bbc351a684efcecdd613e3aa
Validity
Not Before: Jan 1 21:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6dbea79dcbc08678b4efc654e51b5aaee82956f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:3e:22:17:b6:84:e1:38:71:f9:e4:67:64:0d:
a2:c0:52:92:a6:6f:cc:c3:cc:86:03:18:f9:c6:a3:
8b:fc:b7:75:8a:cb:7e:1c:23:48:b3:69:30:df:f8:
1d:14:13:dc:c9:66:bf:63:9f:96:f2:8a:1b:af:72:
4a:80:a1:a5:c3:5e:6a:cc:2b:fc:13:f5:b7:74:c6:
f7:14:83:c9:67:4c:8e:44:37:22:1c:50:2c:f4:e1:
85:41:07:1b:59:89:c2:d4:3c:92:c5:ef:ca:97:98:
8f:f3:19:47:23:76:55:2f:71:46:37:a7:53:7a:fb:
d7:aa:17:2c:ba:96:43:af:9b:4f:12:25:e9:f1:e1:
23:da:11:e0:19:2e:53:be:56:fc:c6:0a:a9:b9:5a:
6e:ed:ae:96:f6:55:09:b2:b7:fb:c8:ff:68:b7:8b:
ac:2c:4d:b9:a0:a1:28:91:e5:c2:0e:a1:2d:60:95:
aa:63:b6:8e:79:d3:1f:94:24:ab:35:a1:5f:ba:1f:
a0:f1:d9:d1:98:44:3f:11:96:4a:c5:b7:a2:85:bf:
ea:bb:d5:e2:0f:05:ce:2c:c4:88:89:7e:64:58:33:
dd:9c:b5:02:7b:c2:3f:2a:62:e9:13:04:09:3c:ed:
8f:e0:10:7b:59:55:ad:44:75:1d:a6:b4:e7:a5:e9:
4a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:BE:A7:9D:CB:C0:86:78:B4:EF:C6:54:E5:1B:5A:AE:E8:29:56:F4
X509v3 Authority Key Identifier:
keyid:78:43:A5:38:1D:CE:28:77:BB:C3:51:A6:84:EF:CE:CD:D6:13:E3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eEOlOB3OKHe7w1GmhO_OzdYT46o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/de4d0f-7f8e-4d7e-bbb0-07319c728ca2/1/bb6nncvAhni078ZU5RtarugpVvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/de4d0f-7f8e-4d7e-bbb0-07319c728ca2/1/eEOlOB3OKHe7w1GmhO_OzdYT46o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.156.0/22
IPv6:
2a06:4200::/29
Signature Algorithm: sha256WithRSAEncryption
69:a0:cf:c3:5f:64:83:04:ce:df:39:0b:be:c2:1a:0c:4f:cb:
46:0e:af:44:f0:70:dc:78:6e:72:ed:ca:ac:78:f1:66:2c:c4:
e1:d8:a6:62:58:c5:ec:e5:3c:47:c2:14:17:36:e5:be:e2:ec:
48:0e:a9:76:06:d2:89:50:c3:1e:9c:71:89:5c:08:98:f4:77:
1f:c9:be:e5:53:53:9b:56:71:f9:21:8a:dd:8e:65:a0:e1:58:
14:a5:a9:f2:02:1f:03:fa:bb:38:02:70:33:b2:4a:7e:49:18:
1a:aa:7c:b6:f5:4b:24:9d:44:46:d6:2a:83:f0:82:f4:ae:4c:
db:ad:8b:8c:c2:65:25:52:84:92:3a:e6:84:14:11:e5:5f:76:
32:18:09:c5:4c:dc:7c:cd:1c:e1:57:eb:b5:23:dc:39:91:1b:
02:a9:83:5b:ba:3e:61:67:86:65:91:53:3b:87:a6:05:72:24:
7c:f6:7b:68:8a:c4:47:3d:82:25:ef:f4:da:b6:85:55:1c:d7:
85:72:f3:de:e1:40:49:be:76:24:dc:53:fd:19:a8:73:c2:6c:
5d:8a:dc:a6:41:3c:08:a4:75:12:43:31:08:5d:09:b4:bd:68:
72:bc:2e:19:e6:88:86:50:eb:69:e5:aa:3a:23:a0:aa:15:8b:
55:f7:9f:95
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQj199n/fogHE5kumSToXyhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4NDNhNTM4MWRjZTI4NzdiYmMzNTFhNjg0ZWZjZWNkZDYx
M2UzYWEwHhcNMjUwMTAxMjE0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGJlYTc5ZGNiYzA4Njc4YjRlZmM2NTRlNTFiNWFhZWU4Mjk1NmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxz4iF7aE4Thx+eRnZA2iwFKSpm/M
w8yGAxj5xqOL/Ld1ist+HCNIs2kw3/gdFBPcyWa/Y5+W8oobr3JKgKGlw15qzCv8
E/W3dMb3FIPJZ0yORDciHFAs9OGFQQcbWYnC1DySxe/Kl5iP8xlHI3ZVL3FGN6dT
evvXqhcsupZDr5tPEiXp8eEj2hHgGS5Tvlb8xgqpuVpu7a6W9lUJsrf7yP9ot4us
LE25oKEokeXCDqEtYJWqY7aOedMflCSrNaFfuh+g8dnRmEQ/EZZKxbeihb/qu9Xi
DwXOLMSIiX5kWDPdnLUCe8I/KmLpEwQJPO2P4BB7WVWtRHUdprTnpelK3QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG2+p53LwIZ4tO/GVOUbWq7oKVb0MB8GA1UdIwQY
MBaAFHhDpTgdzih3u8NRpoTvzs3WE+OqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUVPbE9CM09LSGU3dzFHbWhPX096ZFlUNDZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9kZTRkMGYtN2Y4ZS00ZDdlLWJiYjAt
MDczMTljNzI4Y2EyLzEvYmI2bm5jdkFobmkwNzhaVTVSdGFydWdwVnZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9kZTRkMGYtN2Y4ZS00ZDdlLWJiYjAtMDczMTljNzI4Y2Ey
LzEvZUVPbE9CM09LSGU3dzFHbWhPX096ZFlUNDZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWicMA0E
AgACMAcDBQMqBkIAMA0GCSqGSIb3DQEBCwUAA4IBAQBpoM/DX2SDBM7fOQu+whoM
T8tGDq9E8HDceG5y7cqsePFmLMTh2KZiWMXs5TxHwhQXNuW+4uxIDql2BtKJUMMe
nHGJXAiY9Hcfyb7lU1ObVnH5IYrdjmWg4VgUpanyAh8D+rs4AnAzskp+SRgaqny2
9UsknURG1iqD8IL0rkzbrYuMwmUlUoSSOuaEFBHlX3YyGAnFTNx8zRzhV+u1I9w5
kRsCqYNbuj5hZ4ZlkVM7h6YFciR89ntoisRHPYIl7/TatoVVHNeFcvPe4UBJvnYk
3FP9GahzwmxditymQTwIpHUSQzEIXQm0vWhyvC4Z5oiGUOtp5ao6I6CqFYtV95+V
-----END CERTIFICATE-----
Generated at Sat Apr 26 00:54:22 2025 by rpki-client