Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/e8b85a-f375-4771-af3d-125e1e1f159b/1/SndF78oR6fryAiynZ4vCQXymF90.roa
File: SndF78oR6fryAiynZ4vCQXymF90.roa (raw, json)
Hash identifier: 4zhfx6PHrX1MSNSh4PpqsgR21D/O6XBM7TNNCbU0s7g=
Subject key identifier: 4A:77:45:EF:CA:11:E9:FA:F2:02:2C:A7:67:8B:C2:41:7C:A6:17:DD
Certificate issuer: /CN=79e376c8e490d28620c24f97e2b933d62fd0238b
Certificate serial: 0194236A18EF79699D4D6CF2DFAA6735BE0E
Authority key identifier: 79:E3:76:C8:E4:90:D2:86:20:C2:4F:97:E2:B9:33:D6:2F:D0:23:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eeN2yOSQ0oYgwk-X4rkz1i_QI4s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/e8b85a-f375-4771-af3d-125e1e1f159b/1/SndF78oR6fryAiynZ4vCQXymF90.roa
Signing time: Wed 01 Jan 2025 19:49:03 +0000
ROA not before: Wed 01 Jan 2025 19:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58277
IP address blocks: 185.247.220.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:18:ef:79:69:9d:4d:6c:f2:df:aa:67:35:be:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79e376c8e490d28620c24f97e2b933d62fd0238b
Validity
Not Before: Jan 1 19:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a7745efca11e9faf2022ca7678bc2417ca617dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:04:ff:ff:a6:82:e1:8d:3b:16:85:a1:ab:05:
65:83:55:e4:3d:51:89:e4:c4:06:90:2b:c4:ca:89:
f8:b2:7e:11:b4:66:59:76:84:23:d8:3e:54:57:ec:
d2:a5:b2:27:53:45:8f:50:86:27:f2:81:82:26:35:
03:80:7b:0d:4d:37:84:34:b0:4e:3c:01:fc:76:34:
a1:24:d9:1c:8e:94:c3:a3:ab:d5:71:ce:6e:e2:c5:
de:ac:92:96:42:ca:ed:3e:d5:ab:4f:98:88:c8:8d:
b4:c0:41:67:e8:fc:3d:89:62:b8:38:47:67:ea:e2:
40:4c:40:20:9e:66:b6:97:89:b5:80:63:9c:bd:25:
c3:eb:7f:20:82:07:4a:27:17:eb:f7:36:a7:f3:5b:
4d:33:ca:7e:5f:72:10:74:e9:16:ca:7c:33:83:6b:
30:46:4c:73:5d:24:54:f2:4c:86:38:66:ae:9e:ac:
a2:d5:68:1f:28:4c:67:80:02:44:99:1d:d1:c4:d5:
ff:36:f2:5b:4c:06:8f:15:6c:de:23:eb:81:5d:ac:
b7:6b:1c:29:8d:cd:c9:93:04:70:1c:e5:5a:a0:c6:
53:d1:99:fe:ad:ae:9c:1a:69:87:4d:78:5e:c0:69:
d0:bc:98:5e:63:6d:54:24:e0:00:08:57:b9:c7:08:
33:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:77:45:EF:CA:11:E9:FA:F2:02:2C:A7:67:8B:C2:41:7C:A6:17:DD
X509v3 Authority Key Identifier:
keyid:79:E3:76:C8:E4:90:D2:86:20:C2:4F:97:E2:B9:33:D6:2F:D0:23:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eeN2yOSQ0oYgwk-X4rkz1i_QI4s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e8b85a-f375-4771-af3d-125e1e1f159b/1/SndF78oR6fryAiynZ4vCQXymF90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e8b85a-f375-4771-af3d-125e1e1f159b/1/eeN2yOSQ0oYgwk-X4rkz1i_QI4s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.247.220.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:0e:98:60:70:56:0c:8b:a2:64:1a:6f:cf:c3:7b:9c:18:26:
3f:60:e1:f8:47:e2:63:75:69:61:00:7b:55:54:aa:f6:e2:f7:
31:d7:31:cb:e6:53:33:c7:fc:cf:e9:b9:35:8f:54:54:a7:55:
b8:9e:1d:a0:8e:92:f9:d4:85:29:1f:7d:90:67:e9:cd:5e:d2:
0b:60:34:76:a8:d2:4d:d4:cf:02:06:98:cf:f5:29:99:0c:ed:
8e:9f:0d:d0:98:ee:ee:b7:3c:5f:84:e3:eb:82:ab:96:33:31:
2c:7d:66:77:a4:81:cb:c8:c5:9b:c4:cf:0a:07:2d:92:ef:2b:
40:5b:00:26:39:c7:1a:2a:b6:28:9f:2a:a2:ba:59:e6:06:1d:
79:b5:0b:86:9b:1d:89:37:e4:e9:96:cf:23:5f:07:34:ae:f5:
18:79:6b:1a:a9:65:14:77:26:be:a4:b1:75:a4:78:27:16:49:
e0:75:03:69:a0:91:a6:42:32:ff:26:84:df:e5:c4:f9:19:c5:
58:e0:59:ee:8b:91:73:ee:9e:63:a0:02:96:e4:fe:49:d7:7b:
6a:42:ad:cb:75:20:6d:fa:c6:70:f2:7d:0a:ad:4c:bf:80:e8:
5e:4d:d8:84:52:0f:f4:19:29:07:91:67:1c:5d:8a:cf:8e:ce:
f7:51:23:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjahjveWmdTWzy36pnNb4OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ZTM3NmM4ZTQ5MGQyODYyMGMyNGY5N2UyYjkzM2Q2MmZk
MDIzOGIwHhcNMjUwMTAxMTk0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTc3NDVlZmNhMTFlOWZhZjIwMjJjYTc2NzhiYzI0MTdjYTYxN2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+gT//6aC4Y07FoWhqwVlg1XkPVGJ
5MQGkCvEyon4sn4RtGZZdoQj2D5UV+zSpbInU0WPUIYn8oGCJjUDgHsNTTeENLBO
PAH8djShJNkcjpTDo6vVcc5u4sXerJKWQsrtPtWrT5iIyI20wEFn6Pw9iWK4OEdn
6uJATEAgnma2l4m1gGOcvSXD638gggdKJxfr9zan81tNM8p+X3IQdOkWynwzg2sw
RkxzXSRU8kyGOGaunqyi1WgfKExngAJEmR3RxNX/NvJbTAaPFWzeI+uBXay3axwp
jc3JkwRwHOVaoMZT0Zn+ra6cGmmHTXhewGnQvJheY21UJOAACFe5xwgzWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEp3Re/KEen68gIsp2eLwkF8phfdMB8GA1UdIwQY
MBaAFHnjdsjkkNKGIMJPl+K5M9Yv0COLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWVOMnlPU1Ewb1lnd2stWDRya3oxaV9RSTRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9lOGI4NWEtZjM3NS00NzcxLWFmM2Qt
MTI1ZTFlMWYxNTliLzEvU25kRjc4b1I2ZnJ5QWl5blo0dkNRWHltRjkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9lOGI4NWEtZjM3NS00NzcxLWFmM2QtMTI1ZTFlMWYxNTli
LzEvZWVOMnlPU1Ewb1lnd2stWDRya3oxaV9RSTRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuffcMA0G
CSqGSIb3DQEBCwUAA4IBAQAKDphgcFYMi6JkGm/Pw3ucGCY/YOH4R+JjdWlhAHtV
VKr24vcx1zHL5lMzx/zP6bk1j1RUp1W4nh2gjpL51IUpH32QZ+nNXtILYDR2qNJN
1M8CBpjP9SmZDO2Onw3QmO7utzxfhOPrgquWMzEsfWZ3pIHLyMWbxM8KBy2S7ytA
WwAmOccaKrYonyqiulnmBh15tQuGmx2JN+Tpls8jXwc0rvUYeWsaqWUUdya+pLF1
pHgnFkngdQNpoJGmQjL/JoTf5cT5GcVY4Fnui5Fz7p5joAKW5P5J13tqQq3LdSBt
+sZw8n0KrUy/gOheTdiEUg/0GSkHkWccXYrPjs73USNI
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:44:00 2025 by rpki-client