Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/971f08-e57c-408a-b776-f7da3b8732bf/1/1_qLHUdqm7sR0Q8q1colm3DejS0.roa
File: 1_qLHUdqm7sR0Q8q1colm3DejS0.roa (raw, json)
Hash identifier: EM08EWb/b5Ix5jQ35FhICifQx6j5GDireNgAsuw6f8M=
Subject key identifier: D7:FA:8B:1D:47:6A:9B:BB:11:D1:0F:2A:D5:CA:25:9B:70:DE:8D:2D
Certificate issuer: /CN=3b0cd44ebbe3d0d6a072e75103f231606995f6ab
Certificate serial: 019420D5C9BCFB2ACB4A4FF9DF6E4F734C6C
Authority key identifier: 3B:0C:D4:4E:BB:E3:D0:D6:A0:72:E7:51:03:F2:31:60:69:95:F6:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwzUTrvj0NagcudRA_IxYGmV9qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/971f08-e57c-408a-b776-f7da3b8732bf/1/1_qLHUdqm7sR0Q8q1colm3DejS0.roa
Signing time: Wed 01 Jan 2025 07:47:49 +0000
ROA not before: Wed 01 Jan 2025 07:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206350
IP address blocks: 185.186.206.0/24 maxlen: 24
185.186.207.0/24 maxlen: 24
2a0b:d580::/32 maxlen: 32
2a0b:d580:0:16::/64 maxlen: 64
2a0b:d580:1::/48 maxlen: 48
2a0b:d580:2020::/44 maxlen: 44
2a0b:d580:2060::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:c9:bc:fb:2a:cb:4a:4f:f9:df:6e:4f:73:4c:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b0cd44ebbe3d0d6a072e75103f231606995f6ab
Validity
Not Before: Jan 1 07:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d7fa8b1d476a9bbb11d10f2ad5ca259b70de8d2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:8d:53:91:23:8c:6e:fa:b2:81:a5:20:d9:f4:
e4:97:a7:86:35:1d:fc:0a:a0:9d:4f:ed:23:f0:cc:
2d:a0:f7:95:e2:08:6d:fc:2c:2b:d2:20:12:1b:42:
de:48:2b:cb:32:79:53:58:c4:62:b1:a8:56:9f:f4:
fb:e2:73:dd:10:e2:8c:2d:a2:04:4c:8b:8d:6e:18:
43:57:ac:8b:c0:7a:00:4a:98:c2:ca:81:b8:91:d6:
1f:0a:b2:aa:e3:2f:4c:1f:23:64:5e:3c:23:c5:70:
b1:ea:83:57:47:7f:ba:d3:83:36:e2:a8:10:1c:a5:
e2:c7:d3:e1:66:61:5c:94:b6:e5:5f:51:0b:cf:44:
d4:af:ea:3d:73:e0:f8:f2:5b:a6:c9:f2:d0:37:b7:
c5:52:e5:20:a8:c5:0e:71:94:b9:0e:93:be:2a:2d:
1c:73:02:76:d0:f6:57:b1:57:5e:4d:88:be:3c:fa:
00:59:c8:d3:d0:32:58:7e:08:c8:05:75:b2:ed:da:
da:e4:ff:c4:db:77:c5:c3:5e:c0:dc:c3:fa:6f:6e:
ae:16:5f:44:db:69:62:32:78:51:1d:d4:1e:16:05:
ca:1a:3c:29:d9:d6:b7:57:9c:3c:24:85:3b:4c:e4:
49:bd:bb:ba:37:b3:0b:6d:4b:33:3c:3a:3e:ee:b9:
12:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:FA:8B:1D:47:6A:9B:BB:11:D1:0F:2A:D5:CA:25:9B:70:DE:8D:2D
X509v3 Authority Key Identifier:
keyid:3B:0C:D4:4E:BB:E3:D0:D6:A0:72:E7:51:03:F2:31:60:69:95:F6:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwzUTrvj0NagcudRA_IxYGmV9qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/971f08-e57c-408a-b776-f7da3b8732bf/1/1_qLHUdqm7sR0Q8q1colm3DejS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/971f08-e57c-408a-b776-f7da3b8732bf/1/OwzUTrvj0NagcudRA_IxYGmV9qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.206.0/23
IPv6:
2a0b:d580::/32
Signature Algorithm: sha256WithRSAEncryption
4b:62:90:e3:28:ae:44:4e:71:aa:c4:ee:d9:3e:a7:6e:33:0a:
4f:3c:47:ce:16:c2:74:7b:fd:4c:16:7f:fe:8b:72:e6:11:32:
57:8d:ec:f9:50:28:62:64:13:de:5f:6e:a6:66:52:89:45:41:
00:73:18:81:b0:dc:f0:ad:05:43:dd:24:2c:86:23:a5:be:9e:
ad:b5:f8:41:c2:54:59:10:95:b1:5f:6e:07:4b:01:cb:77:61:
a3:7e:34:4f:82:92:15:69:26:c0:25:4d:62:ce:fd:0d:3e:fb:
87:b4:dd:6a:e2:a4:81:d1:a9:ab:65:6f:e7:46:45:5d:90:58:
8f:77:10:4a:22:23:f4:a8:6e:bb:0a:08:8a:2e:5e:2f:89:1c:
76:2e:b7:a9:38:71:ba:4e:d1:07:86:98:7b:21:0d:d2:e1:9a:
4c:99:99:0c:9a:3d:49:21:5d:1a:8f:78:59:d3:54:74:36:79:
bf:05:ae:c4:49:88:e5:76:cc:9b:7f:46:e3:8a:be:63:21:d4:
07:32:90:79:65:e9:55:84:ec:ee:9f:82:4d:6a:31:37:b9:de:
f2:bf:35:87:87:19:62:31:27:da:84:7e:9b:15:35:a4:7f:46:
18:d7:46:1e:ac:3d:6a:59:6f:40:2b:ce:86:82:09:7c:34:b5:
39:e2:86:83
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQg1cm8+yrLSk/5325Pc0xsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMGNkNDRlYmJlM2QwZDZhMDcyZTc1MTAzZjIzMTYwNjk5
NWY2YWIwHhcNMjUwMTAxMDc0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2ZhOGIxZDQ3NmE5YmJiMTFkMTBmMmFkNWNhMjU5YjcwZGU4ZDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6o1TkSOMbvqygaUg2fTkl6eGNR38
CqCdT+0j8MwtoPeV4ght/Cwr0iASG0LeSCvLMnlTWMRisahWn/T74nPdEOKMLaIE
TIuNbhhDV6yLwHoASpjCyoG4kdYfCrKq4y9MHyNkXjwjxXCx6oNXR3+604M24qgQ
HKXix9PhZmFclLblX1ELz0TUr+o9c+D48lumyfLQN7fFUuUgqMUOcZS5DpO+Ki0c
cwJ20PZXsVdeTYi+PPoAWcjT0DJYfgjIBXWy7dra5P/E23fFw17A3MP6b26uFl9E
22liMnhRHdQeFgXKGjwp2da3V5w8JIU7TORJvbu6N7MLbUszPDo+7rkSUQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNf6ix1Hapu7EdEPKtXKJZtw3o0tMB8GA1UdIwQY
MBaAFDsM1E6749DWoHLnUQPyMWBplfarMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3d6VVRydmowTmFnY3VkUkFfSXhZR21WOXFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy85NzFmMDgtZTU3Yy00MDhhLWI3NzYt
ZjdkYTNiODczMmJmLzEvMV9xTEhVZHFtN3NSMFE4cTFjb2xtM0RlalMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy85NzFmMDgtZTU3Yy00MDhhLWI3NzYtZjdkYTNiODczMmJm
LzEvT3d6VVRydmowTmFnY3VkUkFfSXhZR21WOXFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBubrOMA0E
AgACMAcDBQAqC9WAMA0GCSqGSIb3DQEBCwUAA4IBAQBLYpDjKK5ETnGqxO7ZPqdu
MwpPPEfOFsJ0e/1MFn/+i3LmETJXjez5UChiZBPeX26mZlKJRUEAcxiBsNzwrQVD
3SQshiOlvp6ttfhBwlRZEJWxX24HSwHLd2GjfjRPgpIVaSbAJU1izv0NPvuHtN1q
4qSB0amrZW/nRkVdkFiPdxBKIiP0qG67CgiKLl4viRx2LrepOHG6TtEHhph7IQ3S
4ZpMmZkMmj1JIV0aj3hZ01R0Nnm/Ba7ESYjldsybf0bjir5jIdQHMpB5ZelVhOzu
n4JNajE3ud7yvzWHhxliMSfahH6bFTWkf0YY10YerD1qWW9AK86Gggl8NLU54oaD
-----END CERTIFICATE-----
Generated at Sun Apr 27 11:56:07 2025 by rpki-client