Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/35be04-d5b7-44aa-ade4-13401d1f22d2/1/BrYhHrEUiC6KPPt0z5zIenofLis.roa
File: BrYhHrEUiC6KPPt0z5zIenofLis.roa (raw, json)
Hash identifier: DE5/RvrYo8fEFuVG34PaeU1d6iLiNdb+LH6pRfnNAg0=
Subject key identifier: 06:B6:21:1E:B1:14:88:2E:8A:3C:FB:74:CF:9C:C8:7A:7A:1F:2E:2B
Certificate issuer: /CN=ae4a29c6138e2d93d54a36328b94cb1f8a382a6b
Certificate serial: 01942369BD53076F6DB063DB66F78B754588
Authority key identifier: AE:4A:29:C6:13:8E:2D:93:D5:4A:36:32:8B:94:CB:1F:8A:38:2A:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rkopxhOOLZPVSjYyi5TLH4o4Kms.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/35be04-d5b7-44aa-ade4-13401d1f22d2/1/BrYhHrEUiC6KPPt0z5zIenofLis.roa
Signing time: Wed 01 Jan 2025 19:48:39 +0000
ROA not before: Wed 01 Jan 2025 19:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202611
IP address blocks: 185.32.184.0/23 maxlen: 24
2a0b:1440::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:bd:53:07:6f:6d:b0:63:db:66:f7:8b:75:45:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae4a29c6138e2d93d54a36328b94cb1f8a382a6b
Validity
Not Before: Jan 1 19:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=06b6211eb114882e8a3cfb74cf9cc87a7a1f2e2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b3:0e:63:dc:fc:d6:7e:2d:20:2b:1a:e5:c9:
f0:4c:fd:ed:29:87:79:f8:dc:15:95:93:e9:2f:71:
77:62:53:b5:a5:ae:03:23:63:ae:31:25:51:c5:ce:
14:40:cc:5b:19:39:78:b3:5d:5c:63:28:6d:8c:2b:
ed:82:e6:4c:00:d8:ec:f6:7f:ac:56:8d:98:2f:70:
3b:91:75:aa:93:5f:f6:a1:d6:02:83:c2:65:bb:4a:
dd:7f:19:ea:40:71:e5:6c:7e:ca:e8:0a:f2:77:8b:
ca:38:a1:37:62:94:f3:1a:dc:6a:64:d2:73:e9:72:
8f:5f:44:79:7f:f7:4b:f1:d6:79:81:0f:97:88:3e:
95:76:47:d7:1c:a1:86:0a:0f:fa:37:1c:3b:50:b3:
ee:4b:9a:87:64:a8:d1:7b:d7:ad:04:95:9d:a0:de:
ad:79:15:94:7c:62:10:21:6c:f9:6b:62:44:59:45:
c4:d8:7c:4b:f0:c1:ba:9e:21:1c:88:6e:8e:23:05:
9e:6a:ae:e0:d9:20:f6:48:ed:08:6a:db:13:aa:9b:
45:31:b9:e7:89:67:b9:1d:e6:61:4b:25:0a:46:63:
8d:6d:b7:2c:1b:9b:4a:6a:4d:74:bc:b8:d7:49:b7:
95:a3:9b:87:7e:8b:e3:c7:f9:13:de:5d:75:2b:f9:
56:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:B6:21:1E:B1:14:88:2E:8A:3C:FB:74:CF:9C:C8:7A:7A:1F:2E:2B
X509v3 Authority Key Identifier:
keyid:AE:4A:29:C6:13:8E:2D:93:D5:4A:36:32:8B:94:CB:1F:8A:38:2A:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rkopxhOOLZPVSjYyi5TLH4o4Kms.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/35be04-d5b7-44aa-ade4-13401d1f22d2/1/BrYhHrEUiC6KPPt0z5zIenofLis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/35be04-d5b7-44aa-ade4-13401d1f22d2/1/rkopxhOOLZPVSjYyi5TLH4o4Kms.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.32.184.0/23
IPv6:
2a0b:1440::/32
Signature Algorithm: sha256WithRSAEncryption
81:d9:6b:8e:4f:6c:22:a9:03:71:2e:2e:39:fd:a4:ec:92:84:
8f:eb:6f:17:1a:8d:49:a6:88:67:16:36:e8:e6:57:89:75:2e:
c9:f4:84:1f:a5:80:0f:09:e4:b1:05:82:50:93:ac:c5:01:3f:
73:3f:91:be:c0:d1:1a:58:3e:32:64:9e:4e:7e:6f:a4:10:aa:
c5:00:6f:34:e6:2b:72:f0:28:c7:ef:e6:aa:9c:8d:c4:7e:0c:
6e:9a:32:eb:a7:3f:fd:32:4c:51:84:61:10:31:26:e7:70:71:
f4:ba:cc:d9:9d:e6:50:c1:02:ed:d4:f2:ed:36:92:02:ae:96:
e0:41:08:cd:21:43:30:82:40:d3:b8:47:48:43:2e:7b:59:e3:
48:29:ac:11:6a:90:a9:f9:86:02:b0:fd:b8:78:cc:6d:36:47:
57:de:36:db:f4:b3:5c:46:56:79:dd:1d:74:c6:f4:f9:cc:b2:
72:19:e1:1b:fb:40:d4:a6:ca:be:b7:50:0b:ad:06:91:ca:d5:
5b:08:40:f6:50:72:99:dd:a8:6e:4e:d0:43:d6:94:86:ec:02:
1d:b5:f5:7d:88:2a:93:05:87:18:2d:72:91:16:20:1c:76:e9:
a6:e6:54:11:2b:e9:3a:23:d0:50:ee:26:36:07:3e:23:12:6a:
5b:43:e6:34
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQjab1TB29tsGPbZveLdUWIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNGEyOWM2MTM4ZTJkOTNkNTRhMzYzMjhiOTRjYjFmOGEz
ODJhNmIwHhcNMjUwMTAxMTk0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmI2MjExZWIxMTQ4ODJlOGEzY2ZiNzRjZjljYzg3YTdhMWYyZTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorMOY9z81n4tICsa5cnwTP3tKYd5
+NwVlZPpL3F3YlO1pa4DI2OuMSVRxc4UQMxbGTl4s11cYyhtjCvtguZMANjs9n+s
Vo2YL3A7kXWqk1/2odYCg8Jlu0rdfxnqQHHlbH7K6Aryd4vKOKE3YpTzGtxqZNJz
6XKPX0R5f/dL8dZ5gQ+XiD6VdkfXHKGGCg/6Nxw7ULPuS5qHZKjRe9etBJWdoN6t
eRWUfGIQIWz5a2JEWUXE2HxL8MG6niEciG6OIwWeaq7g2SD2SO0IatsTqptFMbnn
iWe5HeZhSyUKRmONbbcsG5tKak10vLjXSbeVo5uHfovjx/kT3l11K/lWcwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAa2IR6xFIguijz7dM+cyHp6Hy4rMB8GA1UdIwQY
MBaAFK5KKcYTji2T1Uo2MouUyx+KOCprMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmtvcHhoT09MWlBWU2pZeWk1VExING80S21zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8zNWJlMDQtZDViNy00NGFhLWFkZTQt
MTM0MDFkMWYyMmQyLzEvQnJZaEhyRVVpQzZLUFB0MHo1ekllbm9mTGlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8zNWJlMDQtZDViNy00NGFhLWFkZTQtMTM0MDFkMWYyMmQy
LzEvcmtvcHhoT09MWlBWU2pZeWk1VExING80S21zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuSC4MA0E
AgACMAcDBQAqCxRAMA0GCSqGSIb3DQEBCwUAA4IBAQCB2WuOT2wiqQNxLi45/aTs
koSP628XGo1JpohnFjbo5leJdS7J9IQfpYAPCeSxBYJQk6zFAT9zP5G+wNEaWD4y
ZJ5Ofm+kEKrFAG805ity8CjH7+aqnI3EfgxumjLrpz/9MkxRhGEQMSbncHH0uszZ
neZQwQLt1PLtNpICrpbgQQjNIUMwgkDTuEdIQy57WeNIKawRapCp+YYCsP24eMxt
NkdX3jbb9LNcRlZ53R10xvT5zLJyGeEb+0DUpsq+t1ALrQaRytVbCED2UHKZ3ahu
TtBD1pSG7AIdtfV9iCqTBYcYLXKRFiAcdumm5lQRK+k6I9BQ7iY2Bz4jEmpbQ+Y0
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:52:35 2025 by rpki-client