Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/e6a554-d974-4377-becc-cbf343deb7bc/1/e64v2Sa7kZCTmVuIe0U1EA1y5UE.roa
File: e64v2Sa7kZCTmVuIe0U1EA1y5UE.roa (raw, json)
Hash identifier: 4+uTyAtFS8DAUClwiFHwirOIVJLgQjU/10EzULT806g=
Subject key identifier: 7B:AE:2F:D9:26:BB:91:90:93:99:5B:88:7B:45:35:10:0D:72:E5:41
Certificate issuer: /CN=ec5fdf6a51b98091e9ec7bdfaf483ec7743a5a25
Certificate serial: 019421B192120550A8EE0F7045983756BD30
Authority key identifier: EC:5F:DF:6A:51:B9:80:91:E9:EC:7B:DF:AF:48:3E:C7:74:3A:5A:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7F_falG5gJHp7Hvfr0g-x3Q6WiU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/e6a554-d974-4377-becc-cbf343deb7bc/1/e64v2Sa7kZCTmVuIe0U1EA1y5UE.roa
Signing time: Wed 01 Jan 2025 11:47:52 +0000
ROA not before: Wed 01 Jan 2025 11:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51586
IP address blocks: 185.216.220.0/22 maxlen: 24
2a0b:bdc0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:92:12:05:50:a8:ee:0f:70:45:98:37:56:bd:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec5fdf6a51b98091e9ec7bdfaf483ec7743a5a25
Validity
Not Before: Jan 1 11:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7bae2fd926bb919093995b887b4535100d72e541
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:8d:45:ec:09:21:8d:49:49:76:2e:c6:e5:6a:
53:3f:92:5f:6b:1e:99:ab:8b:32:29:64:a2:48:11:
06:f9:0a:37:79:74:35:3b:56:03:c5:11:4a:8b:69:
24:f2:df:26:61:d4:7d:37:77:ad:63:95:45:29:38:
16:a2:53:d0:4d:34:74:6f:70:74:b7:01:22:22:14:
ed:6c:b0:41:d5:e0:ef:67:e0:42:95:90:eb:fa:65:
75:a4:4f:f3:04:34:2d:82:85:19:12:ce:18:19:9d:
bf:6a:aa:76:a1:d4:12:6d:60:83:7b:5a:62:ae:a7:
9e:a1:fc:21:7a:f9:cc:74:55:3e:b1:13:e5:4f:da:
88:97:2a:08:34:cf:6e:74:a2:a2:6a:7d:8c:e1:3b:
19:34:bb:c3:8d:c5:47:fc:12:26:ab:53:28:57:0c:
77:c9:8c:a2:5b:59:cc:ba:fa:a0:40:e2:93:8f:16:
3a:6e:55:07:9e:4c:17:17:e4:c4:07:4a:70:74:48:
9c:1c:bf:02:8f:74:a4:36:ac:7f:6d:b7:ab:06:69:
44:c3:a8:fb:ef:35:6d:b9:69:d1:6e:62:fe:73:0d:
61:03:eb:e1:3b:8c:34:7b:58:e1:8e:33:64:52:c5:
05:23:72:0d:84:d5:1b:ee:0b:c3:fe:21:38:34:9e:
4b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:AE:2F:D9:26:BB:91:90:93:99:5B:88:7B:45:35:10:0D:72:E5:41
X509v3 Authority Key Identifier:
keyid:EC:5F:DF:6A:51:B9:80:91:E9:EC:7B:DF:AF:48:3E:C7:74:3A:5A:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7F_falG5gJHp7Hvfr0g-x3Q6WiU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e6a554-d974-4377-becc-cbf343deb7bc/1/e64v2Sa7kZCTmVuIe0U1EA1y5UE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e6a554-d974-4377-becc-cbf343deb7bc/1/7F_falG5gJHp7Hvfr0g-x3Q6WiU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.220.0/22
IPv6:
2a0b:bdc0::/32
Signature Algorithm: sha256WithRSAEncryption
1e:8b:4e:c2:09:94:27:19:97:21:35:05:b5:6b:b4:d2:ff:a6:
80:26:c2:04:28:84:7c:d5:5d:7b:dc:6c:9d:e1:1e:25:b1:38:
ed:27:2f:5f:13:fb:ee:e5:c6:50:23:64:af:f4:24:4a:75:66:
b7:be:62:de:ff:5f:45:51:29:84:b0:8b:75:a0:7f:4b:ba:70:
86:c0:91:02:be:11:cb:c0:aa:b9:dc:ad:f1:32:fc:14:44:98:
3a:ce:f7:e5:97:fa:d1:d0:13:44:dd:d1:e3:a1:07:81:ca:cc:
70:d1:a3:0d:e1:ef:9e:02:ea:13:6b:1b:53:15:0a:ee:40:4f:
59:3e:30:d6:ca:ea:90:80:a7:7c:be:7f:55:df:9b:1c:b0:07:
e9:32:f3:84:1f:48:32:8c:b3:1a:ef:d2:98:4d:e9:2a:16:15:
d9:22:7c:88:bc:da:da:9e:a9:8f:b3:c0:63:03:a2:73:4f:bd:
9f:d1:08:8b:21:9b:df:9b:b4:28:47:6c:b6:de:69:ae:cf:9b:
fd:b9:1f:aa:7f:a2:4e:84:a4:93:69:12:0a:6d:0e:34:ad:d4:
79:36:1e:9f:02:ea:fd:d9:06:b7:eb:d0:59:95:99:2f:8b:1b:
0f:ee:51:58:a1:89:d4:70:f5:00:ea:d2:fc:5e:3d:8c:f9:8e:
f1:4f:f6:9b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhsZISBVCo7g9wRZg3Vr0wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNWZkZjZhNTFiOTgwOTFlOWVjN2JkZmFmNDgzZWM3NzQz
YTVhMjUwHhcNMjUwMTAxMTE0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmFlMmZkOTI2YmI5MTkwOTM5OTViODg3YjQ1MzUxMDBkNzJlNTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAio1F7AkhjUlJdi7G5WpTP5Jfax6Z
q4syKWSiSBEG+Qo3eXQ1O1YDxRFKi2kk8t8mYdR9N3etY5VFKTgWolPQTTR0b3B0
twEiIhTtbLBB1eDvZ+BClZDr+mV1pE/zBDQtgoUZEs4YGZ2/aqp2odQSbWCDe1pi
rqeeofwhevnMdFU+sRPlT9qIlyoINM9udKKian2M4TsZNLvDjcVH/BImq1MoVwx3
yYyiW1nMuvqgQOKTjxY6blUHnkwXF+TEB0pwdEicHL8Cj3SkNqx/bberBmlEw6j7
7zVtuWnRbmL+cw1hA+vhO4w0e1jhjjNkUsUFI3INhNUb7gvD/iE4NJ5LdQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHuuL9kmu5GQk5lbiHtFNRANcuVBMB8GA1UdIwQY
MBaAFOxf32pRuYCR6ex7369IPsd0OlolMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0ZfZmFsRzVnSkhwN0h2ZnIwZy14M1E2V2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9lNmE1NTQtZDk3NC00Mzc3LWJlY2Mt
Y2JmMzQzZGViN2JjLzEvZTY0djJTYTdrWkNUbVZ1SWUwVTFFQTF5NVVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9lNmE1NTQtZDk3NC00Mzc3LWJlY2MtY2JmMzQzZGViN2Jj
LzEvN0ZfZmFsRzVnSkhwN0h2ZnIwZy14M1E2V2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudjcMA0E
AgACMAcDBQAqC73AMA0GCSqGSIb3DQEBCwUAA4IBAQAei07CCZQnGZchNQW1a7TS
/6aAJsIEKIR81V173Gyd4R4lsTjtJy9fE/vu5cZQI2Sv9CRKdWa3vmLe/19FUSmE
sIt1oH9LunCGwJECvhHLwKq53K3xMvwURJg6zvfll/rR0BNE3dHjoQeBysxw0aMN
4e+eAuoTaxtTFQruQE9ZPjDWyuqQgKd8vn9V35scsAfpMvOEH0gyjLMa79KYTekq
FhXZInyIvNranqmPs8BjA6JzT72f0QiLIZvfm7QoR2y23mmuz5v9uR+qf6JOhKST
aRIKbQ40rdR5Nh6fAur92Qa369BZlZkvixsP7lFYoYnUcPUA6tL8Xj2M+Y7xT/ab
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:16:41 2025 by rpki-client