Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/4yhoCs9M-fjQaMlDWlUpC1ERe-g.roa
File: 4yhoCs9M-fjQaMlDWlUpC1ERe-g.roa (raw, json)
Hash identifier: t+8njXgDpdo9kegDaGKO6tPmuatvzfS0I/p9sqY0v4Q=
Subject key identifier: E3:28:68:0A:CF:4C:F9:F8:D0:68:C9:43:5A:55:29:0B:51:11:7B:E8
Certificate issuer: /CN=d8f5a66cfd21a5cad7a29b8eb5cd92aa460320c3
Certificate serial: 0194244580A5F2FCB43389E578B760A7B085
Authority key identifier: D8:F5:A6:6C:FD:21:A5:CA:D7:A2:9B:8E:B5:CD:92:AA:46:03:20:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2PWmbP0hpcrXopuOtc2SqkYDIMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/4yhoCs9M-fjQaMlDWlUpC1ERe-g.roa
Signing time: Wed 01 Jan 2025 23:48:42 +0000
ROA not before: Wed 01 Jan 2025 23:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202005
IP address blocks: 185.216.252.0/22 maxlen: 22
185.216.252.0/24 maxlen: 24
185.216.253.0/24 maxlen: 24
185.216.254.0/24 maxlen: 24
185.216.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:80:a5:f2:fc:b4:33:89:e5:78:b7:60:a7:b0:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8f5a66cfd21a5cad7a29b8eb5cd92aa460320c3
Validity
Not Before: Jan 1 23:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e328680acf4cf9f8d068c9435a55290b51117be8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:cb:71:7e:d1:de:a9:81:77:83:b6:e0:f1:d9:
3d:43:21:3d:cf:1c:6b:5d:e2:fc:99:56:eb:b5:68:
9d:55:04:8c:a2:1f:ab:9a:cf:82:39:58:c6:88:5a:
a1:f9:ca:f7:e5:64:fe:7a:23:63:4a:0a:65:6f:b8:
59:a6:3f:d4:03:57:f1:6d:29:a4:c1:6b:da:e3:f6:
e5:c8:dd:17:39:10:60:68:ce:5f:c2:93:7c:b9:de:
4a:46:2b:b3:7e:4d:0b:9f:33:ef:8c:17:b9:3a:63:
9b:ce:0c:9d:63:e6:6f:b4:a4:c2:0b:33:a5:b6:b2:
8c:f8:66:6b:97:7e:14:68:59:11:0b:67:9c:c5:1f:
6d:ef:91:ca:7f:e3:45:67:95:9e:77:22:c8:d6:1d:
74:a3:aa:f8:7b:fe:50:e9:45:62:9f:85:f7:1f:ea:
f7:20:f8:6d:93:87:71:b2:0f:a0:25:c9:89:fa:3b:
65:81:b5:96:39:16:e1:38:f4:97:ae:5c:8b:87:e5:
fc:b8:0d:ce:30:93:ea:07:40:5c:d2:00:ed:3c:ba:
24:7f:48:26:37:ea:63:cb:89:c1:41:90:d1:64:4c:
17:4e:29:a4:65:4b:3d:f0:0b:47:bc:15:7a:2a:8c:
63:90:db:57:95:c5:b2:f9:2e:85:9b:28:87:48:b9:
4a:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:28:68:0A:CF:4C:F9:F8:D0:68:C9:43:5A:55:29:0B:51:11:7B:E8
X509v3 Authority Key Identifier:
keyid:D8:F5:A6:6C:FD:21:A5:CA:D7:A2:9B:8E:B5:CD:92:AA:46:03:20:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2PWmbP0hpcrXopuOtc2SqkYDIMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/4yhoCs9M-fjQaMlDWlUpC1ERe-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/2PWmbP0hpcrXopuOtc2SqkYDIMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.252.0/22
Signature Algorithm: sha256WithRSAEncryption
44:6c:78:f5:85:2e:0b:93:c3:36:37:8b:44:91:9f:fa:64:e0:
46:ce:fe:47:fc:62:db:d1:b1:24:a0:6d:ed:fa:92:86:ac:8f:
5c:a1:35:89:35:5a:e0:04:0d:89:84:b9:8c:c5:37:cf:1a:6b:
60:ee:e0:58:f9:76:ae:90:b7:51:d3:5d:e7:3f:d2:45:ef:86:
e4:c1:8d:c2:26:ee:f4:66:04:4d:7f:cb:08:e9:22:fa:ff:35:
11:3b:70:42:bf:51:e9:c1:7e:aa:f0:fe:ea:a0:5d:84:83:2a:
af:7d:f9:1b:2e:87:b6:6d:0c:1d:fa:d7:9a:d0:de:eb:66:3f:
01:53:a1:3c:1e:2f:2c:16:72:dc:df:26:6b:8d:38:8c:ce:b3:
33:90:82:63:75:38:a7:7b:d0:c2:82:89:3a:7b:3e:ba:82:f5:
89:11:5a:8c:5c:05:6e:1f:b8:e8:77:04:61:d8:fe:67:24:45:
d2:e5:7f:04:48:e7:21:d1:ba:7f:f2:df:3e:33:85:06:0d:0a:
87:a9:bc:f3:08:36:7d:fb:c4:ae:b3:bc:b9:5d:9b:34:08:90:
68:81:63:52:1a:9b:8c:17:84:59:cc:10:1f:5c:b2:d7:5e:f9:
ec:26:88:0e:eb:7a:f8:a7:44:91:e3:ab:5e:32:5a:81:d9:23:
e8:c1:f7:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRYCl8vy0M4nleLdgp7CFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZjVhNjZjZmQyMWE1Y2FkN2EyOWI4ZWI1Y2Q5MmFhNDYw
MzIwYzMwHhcNMjUwMTAxMjM0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzI4NjgwYWNmNGNmOWY4ZDA2OGM5NDM1YTU1MjkwYjUxMTE3YmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8txftHeqYF3g7bg8dk9QyE9zxxr
XeL8mVbrtWidVQSMoh+rms+COVjGiFqh+cr35WT+eiNjSgplb7hZpj/UA1fxbSmk
wWva4/blyN0XORBgaM5fwpN8ud5KRiuzfk0LnzPvjBe5OmObzgydY+ZvtKTCCzOl
trKM+GZrl34UaFkRC2ecxR9t75HKf+NFZ5WedyLI1h10o6r4e/5Q6UVin4X3H+r3
IPhtk4dxsg+gJcmJ+jtlgbWWORbhOPSXrlyLh+X8uA3OMJPqB0Bc0gDtPLokf0gm
N+pjy4nBQZDRZEwXTimkZUs98AtHvBV6KoxjkNtXlcWy+S6FmyiHSLlKuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOMoaArPTPn40GjJQ1pVKQtREXvoMB8GA1UdIwQY
MBaAFNj1pmz9IaXK16KbjrXNkqpGAyDDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlBXbWJQMGhwY3JYb3B1T3RjMlNxa1lESU1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mZTIwZmYtNjU5MC00ZmIwLWI2NTct
ODIxMGRiNzA0OWIxLzEvNHlob0NzOU0tZmpRYU1sRFdsVXBDMUVSZS1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mZTIwZmYtNjU5MC00ZmIwLWI2NTctODIxMGRiNzA0OWIx
LzEvMlBXbWJQMGhwY3JYb3B1T3RjMlNxa1lESU1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudj8MA0G
CSqGSIb3DQEBCwUAA4IBAQBEbHj1hS4Lk8M2N4tEkZ/6ZOBGzv5H/GLb0bEkoG3t
+pKGrI9coTWJNVrgBA2JhLmMxTfPGmtg7uBY+XaukLdR013nP9JF74bkwY3CJu70
ZgRNf8sI6SL6/zURO3BCv1HpwX6q8P7qoF2EgyqvffkbLoe2bQwd+tea0N7rZj8B
U6E8Hi8sFnLc3yZrjTiMzrMzkIJjdTine9DCgok6ez66gvWJEVqMXAVuH7jodwRh
2P5nJEXS5X8ESOch0bp/8t8+M4UGDQqHqbzzCDZ9+8Sus7y5XZs0CJBogWNSGpuM
F4RZzBAfXLLXXvnsJogO63r4p0SR46teMlqB2SPowfev
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:50:17 2025 by rpki-client