Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/684ee3-fbed-4226-91ad-52fe4434350e/1/B2KWviyku3mQduZIftTtv9f_Wko.roa
File: B2KWviyku3mQduZIftTtv9f_Wko.roa (raw, json)
Hash identifier: L0tFun/t/g/1AW+2Ro3aFJKqECitA7KJ0Ci2/VOvYfs=
Subject key identifier: 07:62:96:BE:2C:A4:BB:79:90:76:E6:48:7E:D4:ED:BF:D7:FF:5A:4A
Certificate issuer: /CN=0859786f226cb6d490bfb54294e611a7d51a8f1e
Certificate serial: 019425FC6D4567FDF34E528E591C0421F2B6
Authority key identifier: 08:59:78:6F:22:6C:B6:D4:90:BF:B5:42:94:E6:11:A7:D5:1A:8F:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CFl4byJsttSQv7VClOYRp9Uajx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/684ee3-fbed-4226-91ad-52fe4434350e/1/B2KWviyku3mQduZIftTtv9f_Wko.roa
Signing time: Thu 02 Jan 2025 07:48:07 +0000
ROA not before: Thu 02 Jan 2025 07:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47975
IP address blocks: 94.228.16.0/20 maxlen: 24
178.72.128.0/18 maxlen: 24
178.213.128.0/21 maxlen: 24
185.18.72.0/22 maxlen: 24
185.182.120.0/22 maxlen: 24
2a03:2300::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:6d:45:67:fd:f3:4e:52:8e:59:1c:04:21:f2:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0859786f226cb6d490bfb54294e611a7d51a8f1e
Validity
Not Before: Jan 2 07:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=076296be2ca4bb799076e6487ed4edbfd7ff5a4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:75:a9:7a:3e:56:4a:23:93:1a:0c:0b:c9:96:
9e:51:af:af:23:75:54:6b:d4:fb:9c:1a:04:f5:b6:
d1:ae:1d:11:04:19:9b:75:33:71:f4:22:6c:c8:d7:
16:57:3a:13:6e:73:d8:f4:92:e8:a4:9c:43:55:a7:
84:eb:f5:cd:72:55:68:24:9f:d5:3e:54:8f:bf:13:
e9:05:da:c7:e6:55:c0:78:ab:ef:c3:28:4c:aa:32:
17:09:6f:ea:9f:cd:19:81:1d:5f:96:7e:51:50:fe:
f4:46:ac:4f:43:5e:ee:34:a4:19:89:b0:00:58:d6:
f8:f3:2f:27:7e:ba:19:3c:bc:b0:74:6c:18:4a:ae:
77:3b:73:73:da:8c:8a:a1:f0:92:6d:ea:fe:25:f4:
9c:ae:bb:f6:a9:59:25:8b:8d:00:fd:4b:ea:c0:86:
5d:ca:f9:98:ce:26:0e:d8:07:08:45:57:5c:f7:46:
4f:85:c1:57:e3:d3:9b:b0:8d:c4:c7:e4:b3:47:dc:
4d:a2:b7:20:bf:c8:06:47:b8:e2:5c:77:ef:77:6c:
7a:ac:a5:93:21:ab:88:c8:7c:ea:91:a5:cb:39:93:
a2:56:b6:d9:21:24:92:99:d6:26:4e:90:e2:ab:c2:
a9:da:5d:c6:d6:a0:2b:7c:1f:4a:5d:b0:26:11:3e:
8a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:62:96:BE:2C:A4:BB:79:90:76:E6:48:7E:D4:ED:BF:D7:FF:5A:4A
X509v3 Authority Key Identifier:
keyid:08:59:78:6F:22:6C:B6:D4:90:BF:B5:42:94:E6:11:A7:D5:1A:8F:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CFl4byJsttSQv7VClOYRp9Uajx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/684ee3-fbed-4226-91ad-52fe4434350e/1/B2KWviyku3mQduZIftTtv9f_Wko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/684ee3-fbed-4226-91ad-52fe4434350e/1/CFl4byJsttSQv7VClOYRp9Uajx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.228.16.0/20
178.72.128.0/18
178.213.128.0/21
185.18.72.0/22
185.182.120.0/22
IPv6:
2a03:2300::/29
Signature Algorithm: sha256WithRSAEncryption
a5:a8:c4:43:05:f7:21:e5:7e:d7:96:52:de:71:81:b1:82:b9:
51:58:64:ec:ef:ee:5b:f5:88:2c:b8:06:e1:73:40:70:6d:80:
69:15:0f:4c:94:a1:e5:13:df:4b:ce:e2:b4:76:d2:66:ad:ea:
d0:48:f2:5f:09:ac:f9:b3:e3:1e:9b:3b:c8:75:4c:5d:1f:ba:
52:f3:79:45:6b:d0:54:48:ab:dc:1c:9f:61:17:05:dd:f6:65:
46:2a:7d:f3:de:3e:e6:70:49:55:b6:a2:61:8e:8c:75:80:6b:
80:56:d8:5d:a0:46:b3:b8:f7:a2:9d:0a:92:33:0e:e4:d2:46:
9b:dd:86:9d:34:12:74:30:4d:82:51:ce:2c:1d:5d:35:b2:7c:
0e:e2:d1:07:c7:f4:0b:f8:6f:73:c0:65:0b:46:d7:f4:3f:ed:
4f:a8:7f:47:43:a6:29:07:22:10:be:41:38:af:a8:08:4b:13:
1b:58:24:cb:5b:0e:bd:52:2b:42:04:dc:9e:4f:6f:20:4d:64:
88:28:81:fc:bd:fd:23:53:69:42:1b:96:d0:6c:53:8b:3d:7a:
f7:ca:4b:6b:68:9e:6c:7f:f9:18:56:60:fa:17:b7:93:68:af:
de:86:55:a7:93:b3:6b:f9:1d:17:07:e4:40:33:cf:9a:9e:7a:
cb:62:b4:6c
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQl/G1FZ/3zTlKOWRwEIfK2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NTk3ODZmMjI2Y2I2ZDQ5MGJmYjU0Mjk0ZTYxMWE3ZDUx
YThmMWUwHhcNMjUwMTAyMDc0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzYyOTZiZTJjYTRiYjc5OTA3NmU2NDg3ZWQ0ZWRiZmQ3ZmY1YTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnWpej5WSiOTGgwLyZaeUa+vI3VU
a9T7nBoE9bbRrh0RBBmbdTNx9CJsyNcWVzoTbnPY9JLopJxDVaeE6/XNclVoJJ/V
PlSPvxPpBdrH5lXAeKvvwyhMqjIXCW/qn80ZgR1fln5RUP70RqxPQ17uNKQZibAA
WNb48y8nfroZPLywdGwYSq53O3Nz2oyKofCSber+JfScrrv2qVkli40A/UvqwIZd
yvmYziYO2AcIRVdc90ZPhcFX49ObsI3Ex+SzR9xNorcgv8gGR7jiXHfvd2x6rKWT
IauIyHzqkaXLOZOiVrbZISSSmdYmTpDiq8Kp2l3G1qArfB9KXbAmET6KxQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFAdilr4spLt5kHbmSH7U7b/X/1pKMB8GA1UdIwQY
MBaAFAhZeG8ibLbUkL+1QpTmEafVGo8eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0ZsNGJ5SnN0dFNRdjdWQ2xPWVJwOVVhang0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC82ODRlZTMtZmJlZC00MjI2LTkxYWQt
NTJmZTQ0MzQzNTBlLzEvQjJLV3ZpeWt1M21RZHVaSWZ0VHR2OWZfV2tvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC82ODRlZTMtZmJlZC00MjI2LTkxYWQtNTJmZTQ0MzQzNTBl
LzEvQ0ZsNGJ5SnN0dFNRdjdWQ2xPWVJwOVVhang0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQEXuQQAwQG
skiAAwQDstWAAwQCuRJIAwQCubZ4MA0EAgACMAcDBQMqAyMAMA0GCSqGSIb3DQEB
CwUAA4IBAQClqMRDBfch5X7XllLecYGxgrlRWGTs7+5b9YgsuAbhc0BwbYBpFQ9M
lKHlE99LzuK0dtJmrerQSPJfCaz5s+MemzvIdUxdH7pS83lFa9BUSKvcHJ9hFwXd
9mVGKn3z3j7mcElVtqJhjox1gGuAVthdoEazuPeinQqSMw7k0kab3YadNBJ0ME2C
Uc4sHV01snwO4tEHx/QL+G9zwGULRtf0P+1PqH9HQ6YpByIQvkE4r6gISxMbWCTL
Ww69UitCBNyeT28gTWSIKIH8vf0jU2lCG5bQbFOLPXr3yktraJ5sf/kYVmD6F7eT
aK/ehlWnk7Nr+R0XB+RAM8+annrLYrRs
-----END CERTIFICATE-----
Generated at Sun Apr 27 13:24:20 2025 by rpki-client