Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/00d45d-5e48-458d-92f7-ae52e156b77e/1/soZKqGzihNQNfxzcrDh_Qn-1Tnw.roa
File: soZKqGzihNQNfxzcrDh_Qn-1Tnw.roa (raw, json)
Hash identifier: +H581vOHkrLuu+UEmJR0K8H+S0wh9yACSCN32HI4jio=
Subject key identifier: B2:86:4A:A8:6C:E2:84:D4:0D:7F:1C:DC:AC:38:7F:42:7F:B5:4E:7C
Certificate issuer: /CN=88e719f426793b1e9063771460abd311a3dff116
Certificate serial: 019423D7186BDF506CF8EED0AE9A480CB113
Authority key identifier: 88:E7:19:F4:26:79:3B:1E:90:63:77:14:60:AB:D3:11:A3:DF:F1:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iOcZ9CZ5Ox6QY3cUYKvTEaPf8RY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/00d45d-5e48-458d-92f7-ae52e156b77e/1/soZKqGzihNQNfxzcrDh_Qn-1Tnw.roa
Signing time: Wed 01 Jan 2025 21:48:06 +0000
ROA not before: Wed 01 Jan 2025 21:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 27552
IP address blocks: 185.134.180.0/22 maxlen: 22
2a06:ee01::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:18:6b:df:50:6c:f8:ee:d0:ae:9a:48:0c:b1:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88e719f426793b1e9063771460abd311a3dff116
Validity
Not Before: Jan 1 21:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2864aa86ce284d40d7f1cdcac387f427fb54e7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7e:86:67:f5:cd:cb:b4:f7:67:9b:c2:77:24:
99:8b:81:02:ad:34:05:25:44:3d:5a:38:de:78:16:
20:06:16:aa:9f:7f:98:fd:5c:bb:82:2d:51:a8:a8:
d4:25:db:fd:47:7a:79:a6:ef:0f:5f:bf:e6:02:7b:
58:b7:d7:25:67:db:ee:0a:f5:83:60:f2:92:b4:ca:
75:f7:f5:56:6c:20:8e:22:31:05:9d:cf:6e:86:ab:
23:ce:bb:00:e4:5e:65:a2:b7:d5:0b:2b:5f:7d:0b:
76:28:9a:47:a3:56:88:03:ae:a9:02:c9:3a:bb:31:
ad:2c:68:30:e2:10:24:ed:aa:c4:65:35:2e:9d:7f:
48:b1:35:aa:f7:be:f2:e3:7e:90:ad:c7:be:67:a8:
9b:29:fa:81:18:9d:e9:df:de:20:39:5c:bd:4f:e1:
5f:5f:8e:42:fc:d3:45:b2:39:2f:01:a1:b1:c2:8c:
fc:c5:87:d9:e3:58:90:7a:6c:e9:00:89:bb:33:8e:
cd:68:12:40:ba:38:17:d8:6a:62:3e:7e:11:cf:a9:
8d:c5:7d:05:6e:8e:6c:09:55:91:ae:de:f2:9e:fc:
a1:76:20:cc:c9:0a:8c:05:85:ad:6a:3f:b7:c5:61:
35:0c:1a:43:9e:7d:74:13:c2:fd:a9:40:45:c3:6c:
d6:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:86:4A:A8:6C:E2:84:D4:0D:7F:1C:DC:AC:38:7F:42:7F:B5:4E:7C
X509v3 Authority Key Identifier:
keyid:88:E7:19:F4:26:79:3B:1E:90:63:77:14:60:AB:D3:11:A3:DF:F1:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iOcZ9CZ5Ox6QY3cUYKvTEaPf8RY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/00d45d-5e48-458d-92f7-ae52e156b77e/1/soZKqGzihNQNfxzcrDh_Qn-1Tnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/00d45d-5e48-458d-92f7-ae52e156b77e/1/iOcZ9CZ5Ox6QY3cUYKvTEaPf8RY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.134.180.0/22
IPv6:
2a06:ee01::/32
Signature Algorithm: sha256WithRSAEncryption
86:9e:24:25:f8:8d:3a:ed:03:4e:4c:20:63:d5:69:b2:ac:cd:
45:d9:4d:a4:f0:07:e0:ac:9d:dc:dd:83:80:d2:5e:92:c7:4a:
97:07:6d:87:2e:2d:88:84:5c:59:d7:89:97:2b:bd:0b:9a:5a:
3d:f2:c7:d8:84:e0:76:71:2d:9c:15:fe:70:cf:13:69:09:c0:
62:92:3c:af:9e:69:40:63:33:f2:59:cd:52:86:0a:a4:91:cf:
2a:a2:1b:e2:93:eb:20:65:15:7e:0b:d2:df:03:e5:ab:2b:46:
ad:f7:b0:a0:b1:31:4b:b1:8a:e9:72:e8:8d:76:0d:df:58:c6:
df:61:32:c5:c8:ac:b0:a4:72:9d:07:b0:8e:f2:38:ec:c8:c1:
9e:b7:9f:67:15:7c:51:08:a9:52:42:a0:27:6c:6e:d3:c0:6f:
88:c6:e9:b8:2e:db:59:fc:36:18:43:27:10:f0:99:fe:7e:a1:
00:f1:6a:c4:72:98:30:c4:e8:64:10:eb:a1:b5:5b:19:5a:ab:
d8:36:17:43:27:5f:7a:0d:f5:93:c4:4d:f3:39:d1:3a:df:41:
50:8d:e0:05:2f:80:46:ea:11:2a:9a:11:ba:9c:d1:9d:62:3c:
64:d4:64:f6:50:2c:64:e4:01:11:f2:19:4a:31:16:95:ca:0c:
71:1d:90:b2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQj1xhr31Bs+O7QrppIDLETMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZTcxOWY0MjY3OTNiMWU5MDYzNzcxNDYwYWJkMzExYTNk
ZmYxMTYwHhcNMjUwMTAxMjE0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjg2NGFhODZjZTI4NGQ0MGQ3ZjFjZGNhYzM4N2Y0MjdmYjU0ZTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuX6GZ/XNy7T3Z5vCdySZi4ECrTQF
JUQ9WjjeeBYgBhaqn3+Y/Vy7gi1RqKjUJdv9R3p5pu8PX7/mAntYt9clZ9vuCvWD
YPKStMp19/VWbCCOIjEFnc9uhqsjzrsA5F5lorfVCytffQt2KJpHo1aIA66pAsk6
uzGtLGgw4hAk7arEZTUunX9IsTWq977y436Qrce+Z6ibKfqBGJ3p394gOVy9T+Ff
X45C/NNFsjkvAaGxwoz8xYfZ41iQemzpAIm7M47NaBJAujgX2GpiPn4Rz6mNxX0F
bo5sCVWRrt7ynvyhdiDMyQqMBYWtaj+3xWE1DBpDnn10E8L9qUBFw2zWPQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLKGSqhs4oTUDX8c3Kw4f0J/tU58MB8GA1UdIwQY
MBaAFIjnGfQmeTsekGN3FGCr0xGj3/EWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaU9jWjlDWjVPeDZRWTNjVVlLdlRFYVBmOFJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8wMGQ0NWQtNWU0OC00NThkLTkyZjct
YWU1MmUxNTZiNzdlLzEvc29aS3FHemloTlFOZnh6Y3JEaF9Rbi0xVG53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8wMGQ0NWQtNWU0OC00NThkLTkyZjctYWU1MmUxNTZiNzdl
LzEvaU9jWjlDWjVPeDZRWTNjVVlLdlRFYVBmOFJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYa0MA0E
AgACMAcDBQAqBu4BMA0GCSqGSIb3DQEBCwUAA4IBAQCGniQl+I067QNOTCBj1Wmy
rM1F2U2k8AfgrJ3c3YOA0l6Sx0qXB22HLi2IhFxZ14mXK70Lmlo98sfYhOB2cS2c
Ff5wzxNpCcBikjyvnmlAYzPyWc1Shgqkkc8qohvik+sgZRV+C9LfA+WrK0at97Cg
sTFLsYrpcuiNdg3fWMbfYTLFyKywpHKdB7CO8jjsyMGet59nFXxRCKlSQqAnbG7T
wG+Ixum4LttZ/DYYQycQ8Jn+fqEA8WrEcpgwxOhkEOuhtVsZWqvYNhdDJ196DfWT
xE3zOdE630FQjeAFL4BG6hEqmhG6nNGdYjxk1GT2UCxk5AER8hlKMRaVygxxHZCy
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:31:46 2025 by rpki-client