Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/6efd1b-3e10-4446-92c7-b92cb6113035/1/r-zsasbUjJEaU71e8kbXi99TukU.roa
File: r-zsasbUjJEaU71e8kbXi99TukU.roa (raw, json)
Hash identifier: gv3XffgL881eMS9I6xI/He9cs/3EXg91NLNFK1oWx0g=
Subject key identifier: AF:EC:EC:6A:C6:D4:8C:91:1A:53:BD:5E:F2:46:D7:8B:DF:53:BA:45
Certificate issuer: /CN=aa88fae35b66b4de2e41ca5ee077b5ef0b4ab649
Certificate serial: 01942369875DFA6C80FBCFE73B33499CD1D4
Authority key identifier: AA:88:FA:E3:5B:66:B4:DE:2E:41:CA:5E:E0:77:B5:EF:0B:4A:B6:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qoj641tmtN4uQcpe4He17wtKtkk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/6efd1b-3e10-4446-92c7-b92cb6113035/1/r-zsasbUjJEaU71e8kbXi99TukU.roa
Signing time: Wed 01 Jan 2025 19:48:25 +0000
ROA not before: Wed 01 Jan 2025 19:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59545
IP address blocks: 185.159.248.0/22 maxlen: 24
185.159.248.0/23 maxlen: 24
185.159.250.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:87:5d:fa:6c:80:fb:cf:e7:3b:33:49:9c:d1:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa88fae35b66b4de2e41ca5ee077b5ef0b4ab649
Validity
Not Before: Jan 1 19:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=afecec6ac6d48c911a53bd5ef246d78bdf53ba45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:dd:5b:a7:be:8d:ab:3e:46:a9:bf:ad:21:2a:
42:d9:e3:bc:cf:5f:14:30:d5:d1:a1:0e:59:ba:ee:
f0:1d:71:e3:f6:17:b9:5a:d8:6e:0a:8b:d8:e9:18:
05:f5:16:10:f7:5f:13:1b:db:41:a7:f2:4f:09:12:
25:84:96:84:61:2a:49:02:aa:60:52:c9:41:fc:cf:
80:72:fd:87:ea:1a:6d:9e:6e:52:68:e6:4e:bf:6e:
06:f6:da:4b:97:3c:2a:38:e6:65:e2:f8:b9:ba:d1:
eb:95:eb:19:22:d5:0d:d0:6e:dd:f5:98:9e:a6:b8:
cb:62:27:58:18:d2:5a:db:8c:e7:b5:9c:44:c9:db:
71:5e:aa:28:79:6e:9c:f9:02:1f:2b:a0:f3:50:ba:
26:69:44:11:5a:80:0b:96:0e:9a:38:e8:57:e5:8a:
cb:e6:02:97:2b:75:db:05:45:31:a4:72:bf:f7:39:
e2:db:c6:a9:14:2d:3f:18:b7:d1:81:fc:5c:a6:49:
04:b1:45:58:1f:6e:3c:13:61:31:fa:3a:a7:d5:2b:
36:f3:22:a7:f9:52:05:8c:36:a0:08:d0:cb:b3:d8:
ed:7e:47:7d:01:69:98:71:d5:c2:af:9b:df:8c:06:
83:6b:da:93:ca:98:8e:71:8c:4c:7f:db:ef:df:49:
12:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:EC:EC:6A:C6:D4:8C:91:1A:53:BD:5E:F2:46:D7:8B:DF:53:BA:45
X509v3 Authority Key Identifier:
keyid:AA:88:FA:E3:5B:66:B4:DE:2E:41:CA:5E:E0:77:B5:EF:0B:4A:B6:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qoj641tmtN4uQcpe4He17wtKtkk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/6efd1b-3e10-4446-92c7-b92cb6113035/1/r-zsasbUjJEaU71e8kbXi99TukU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/6efd1b-3e10-4446-92c7-b92cb6113035/1/qoj641tmtN4uQcpe4He17wtKtkk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.248.0/22
Signature Algorithm: sha256WithRSAEncryption
05:6d:6d:eb:69:6a:59:d1:e9:24:1c:43:9b:5f:c6:62:0c:b7:
49:7d:44:f4:0d:20:d3:9f:f7:00:62:4d:c5:b6:4c:c0:95:ff:
7d:9b:1f:a1:71:87:e3:44:d8:7c:16:84:e3:a2:2c:98:95:6e:
ac:df:eb:03:4e:7e:9b:3b:0f:e1:e3:c2:71:9f:70:1f:9b:f8:
bc:ce:cb:9b:61:6e:65:0f:c6:ea:a4:cd:f3:6c:c8:8e:70:36:
ca:aa:75:83:f7:c7:14:44:39:78:2b:73:92:6f:7a:4c:a9:3a:
8a:57:75:31:34:dd:f1:31:70:5f:a1:6d:09:76:98:e6:f5:08:
cb:97:d1:f5:70:b3:a2:03:4d:15:59:6b:80:ee:c3:74:c7:f7:
0f:39:31:6d:59:19:41:b6:05:35:f4:7c:c2:a6:22:73:af:dc:
a7:5b:64:e6:8c:28:17:93:76:04:16:5f:2f:2c:e3:67:ea:67:
65:07:16:3f:09:13:65:01:3a:6f:e1:25:66:c9:7f:99:c1:7d:
0c:97:46:b4:2c:15:f9:69:61:19:97:96:79:ac:1b:6f:fb:ac:
42:fa:09:f1:6f:67:57:de:fd:06:87:53:fb:97:42:3b:77:a8:
74:20:67:83:f0:4a:40:e5:81:34:0e:88:a1:26:6a:9f:de:26:
fa:bf:93:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaYdd+myA+8/nOzNJnNHUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhODhmYWUzNWI2NmI0ZGUyZTQxY2E1ZWUwNzdiNWVmMGI0
YWI2NDkwHhcNMjUwMTAxMTk0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmVjZWM2YWM2ZDQ4YzkxMWE1M2JkNWVmMjQ2ZDc4YmRmNTNiYTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0t1bp76Nqz5Gqb+tISpC2eO8z18U
MNXRoQ5Zuu7wHXHj9he5WthuCovY6RgF9RYQ918TG9tBp/JPCRIlhJaEYSpJAqpg
UslB/M+Acv2H6hptnm5SaOZOv24G9tpLlzwqOOZl4vi5utHrlesZItUN0G7d9Zie
prjLYidYGNJa24zntZxEydtxXqooeW6c+QIfK6DzULomaUQRWoALlg6aOOhX5YrL
5gKXK3XbBUUxpHK/9zni28apFC0/GLfRgfxcpkkEsUVYH248E2Ex+jqn1Ss28yKn
+VIFjDagCNDLs9jtfkd9AWmYcdXCr5vfjAaDa9qTypiOcYxMf9vv30kS5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK/s7GrG1IyRGlO9XvJG14vfU7pFMB8GA1UdIwQY
MBaAFKqI+uNbZrTeLkHKXuB3te8LSrZJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW9qNjQxdG10TjR1UWNwZTRIZTE3d3RLdGtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS82ZWZkMWItM2UxMC00NDQ2LTkyYzct
YjkyY2I2MTEzMDM1LzEvci16c2FzYlVqSkVhVTcxZThrYlhpOTlUdWtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS82ZWZkMWItM2UxMC00NDQ2LTkyYzctYjkyY2I2MTEzMDM1
LzEvcW9qNjQxdG10TjR1UWNwZTRIZTE3d3RLdGtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZ/4MA0G
CSqGSIb3DQEBCwUAA4IBAQAFbW3raWpZ0ekkHEObX8ZiDLdJfUT0DSDTn/cAYk3F
tkzAlf99mx+hcYfjRNh8FoTjoiyYlW6s3+sDTn6bOw/h48Jxn3Afm/i8zsubYW5l
D8bqpM3zbMiOcDbKqnWD98cURDl4K3OSb3pMqTqKV3UxNN3xMXBfoW0Jdpjm9QjL
l9H1cLOiA00VWWuA7sN0x/cPOTFtWRlBtgU19HzCpiJzr9ynW2TmjCgXk3YEFl8v
LONn6mdlBxY/CRNlATpv4SVmyX+ZwX0Ml0a0LBX5aWEZl5Z5rBtv+6xC+gnxb2dX
3v0Gh1P7l0I7d6h0IGeD8EpA5YE0DoihJmqf3ib6v5NH
-----END CERTIFICATE-----
Generated at Fri Apr 25 17:39:45 2025 by rpki-client