Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/5cd884-79f5-483d-904a-96fe1911d0b3/1/rkeCi7bAOmm8jNM4SPUix4rpKGY.roa
File: rkeCi7bAOmm8jNM4SPUix4rpKGY.roa (raw, json)
Hash identifier: mpdXZon8vvR8j0E2gSl7AGKnGzRDJd6WpjcomYnKKnU=
Subject key identifier: AE:47:82:8B:B6:C0:3A:69:BC:8C:D3:38:48:F5:22:C7:8A:E9:28:66
Certificate issuer: /CN=ecb612e1f6b4d83f8a5d552cf3b60edd23bfe9f4
Certificate serial: 019424B341628B58EDDC18F516EBB5EEBC8C
Authority key identifier: EC:B6:12:E1:F6:B4:D8:3F:8A:5D:55:2C:F3:B6:0E:DD:23:BF:E9:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7LYS4fa02D-KXVUs87YO3SO_6fQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/5cd884-79f5-483d-904a-96fe1911d0b3/1/rkeCi7bAOmm8jNM4SPUix4rpKGY.roa
Signing time: Thu 02 Jan 2025 01:48:34 +0000
ROA not before: Thu 02 Jan 2025 01:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49282
IP address blocks: 85.194.204.0/22 maxlen: 22
95.175.96.0/19 maxlen: 19
95.175.124.0/22 maxlen: 22
164.215.32.0/21 maxlen: 21
185.18.76.0/22 maxlen: 22
185.162.156.0/22 maxlen: 22
2a03:e580::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:41:62:8b:58:ed:dc:18:f5:16:eb:b5:ee:bc:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecb612e1f6b4d83f8a5d552cf3b60edd23bfe9f4
Validity
Not Before: Jan 2 01:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae47828bb6c03a69bc8cd33848f522c78ae92866
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:10:2f:10:7b:05:01:be:7c:00:25:08:5a:20:
dc:7d:16:61:f5:67:98:f9:22:2d:98:73:cd:3b:b6:
1c:9d:22:b0:75:82:b9:95:cf:8d:da:05:3b:fe:da:
16:5a:11:38:cb:bb:f7:47:12:16:cf:60:31:7f:c5:
5a:b9:9d:16:4e:75:eb:6f:00:42:41:02:e2:40:3c:
34:bc:34:0e:2d:27:f4:4b:58:a2:bb:94:94:5e:c3:
ff:1d:e9:43:46:80:bb:52:6a:3c:67:31:65:b1:37:
55:49:dc:1d:dd:cf:d5:1f:c9:a2:78:ec:d0:7b:9e:
bf:40:ec:54:35:23:e3:7b:da:54:d8:03:7c:fc:44:
a2:93:13:44:b0:ba:b4:2f:b6:42:e6:a2:68:ad:1b:
2b:85:61:3c:f1:66:cc:99:a2:ba:4a:e3:a6:75:df:
35:b2:bd:cd:d3:2c:d6:ed:31:21:96:76:71:02:df:
cc:6f:be:70:fa:80:c6:e3:89:47:36:04:a4:19:48:
b1:8b:9b:e0:0c:d9:a5:aa:54:52:1f:de:2e:44:4d:
e5:85:ac:b2:b6:4e:be:26:e0:3d:2b:8c:28:a7:2a:
3f:4c:8d:3b:a6:99:95:8d:8f:d8:a2:64:ee:9c:5a:
c0:b5:8e:94:75:7a:ca:f4:88:2d:25:29:a4:7b:4a:
8a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:47:82:8B:B6:C0:3A:69:BC:8C:D3:38:48:F5:22:C7:8A:E9:28:66
X509v3 Authority Key Identifier:
keyid:EC:B6:12:E1:F6:B4:D8:3F:8A:5D:55:2C:F3:B6:0E:DD:23:BF:E9:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7LYS4fa02D-KXVUs87YO3SO_6fQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/5cd884-79f5-483d-904a-96fe1911d0b3/1/rkeCi7bAOmm8jNM4SPUix4rpKGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/5cd884-79f5-483d-904a-96fe1911d0b3/1/7LYS4fa02D-KXVUs87YO3SO_6fQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.194.204.0/22
95.175.96.0/19
164.215.32.0/21
185.18.76.0/22
185.162.156.0/22
IPv6:
2a03:e580::/29
Signature Algorithm: sha256WithRSAEncryption
35:77:8a:ee:99:50:bf:e7:8c:dc:79:e9:cb:e4:be:d7:b2:25:
7c:1b:85:4d:19:63:e2:9d:5d:97:05:89:7e:f4:2e:a1:b9:ec:
17:95:7f:4e:3b:09:b3:5f:7e:7a:37:ee:62:fb:64:1c:58:d4:
ba:ff:b6:7a:25:54:7f:26:2f:ee:48:6d:c9:02:b7:19:7d:1b:
71:c3:85:4e:4e:5f:32:db:9f:da:e4:2a:b3:60:0f:1e:cc:1d:
da:62:64:0b:b1:45:81:ea:a1:3a:52:a3:94:40:cd:54:21:95:
6f:e7:2e:7b:2a:87:70:31:47:70:2a:b9:9b:ea:6d:35:e6:6e:
96:dd:5e:74:0d:42:33:e2:ef:1b:3c:16:9a:27:eb:3f:49:b2:
49:a3:f9:df:6b:a2:68:12:76:e2:6a:ee:b8:1d:0b:86:cd:04:
3f:b0:00:79:c2:da:f2:cf:3f:e6:9d:36:f4:fe:f6:47:61:13:
63:15:4b:34:92:0a:62:f1:e5:cd:74:d3:0d:75:fd:77:1b:bc:
74:70:cd:91:5b:a5:90:ff:58:33:ca:bb:08:47:3f:d2:88:62:
ae:88:f0:ce:28:98:8d:69:57:b7:f9:fb:1a:3a:03:0d:fb:b4:
62:0c:42:a2:67:f0:c2:c7:85:85:cb:36:a4:f9:e5:95:7b:35:
80:5f:48:29
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQks0Fii1jt3Bj1Fuu17ryMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjYjYxMmUxZjZiNGQ4M2Y4YTVkNTUyY2YzYjYwZWRkMjNi
ZmU5ZjQwHhcNMjUwMTAyMDE0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTQ3ODI4YmI2YzAzYTY5YmM4Y2QzMzg0OGY1MjJjNzhhZTkyODY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRAvEHsFAb58ACUIWiDcfRZh9WeY
+SItmHPNO7YcnSKwdYK5lc+N2gU7/toWWhE4y7v3RxIWz2Axf8VauZ0WTnXrbwBC
QQLiQDw0vDQOLSf0S1iiu5SUXsP/HelDRoC7Umo8ZzFlsTdVSdwd3c/VH8mieOzQ
e56/QOxUNSPje9pU2AN8/ESikxNEsLq0L7ZC5qJorRsrhWE88WbMmaK6SuOmdd81
sr3N0yzW7TEhlnZxAt/Mb75w+oDG44lHNgSkGUixi5vgDNmlqlRSH94uRE3lhayy
tk6+JuA9K4wopyo/TI07ppmVjY/YomTunFrAtY6UdXrK9IgtJSmke0qKxQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFK5Hgou2wDppvIzTOEj1IseK6ShmMB8GA1UdIwQY
MBaAFOy2EuH2tNg/il1VLPO2Dt0jv+n0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0xZUzRmYTAyRC1LWFZVczg3WU8zU09fNmZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS81Y2Q4ODQtNzlmNS00ODNkLTkwNGEt
OTZmZTE5MTFkMGIzLzEvcmtlQ2k3YkFPbW04ak5NNFNQVWl4NHJwS0dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS81Y2Q4ODQtNzlmNS00ODNkLTkwNGEtOTZmZTE5MTFkMGIz
LzEvN0xZUzRmYTAyRC1LWFZVczg3WU8zU09fNmZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCVcLMAwQF
X69gAwQDpNcgAwQCuRJMAwQCuaKcMA0EAgACMAcDBQMqA+WAMA0GCSqGSIb3DQEB
CwUAA4IBAQA1d4rumVC/54zceenL5L7XsiV8G4VNGWPinV2XBYl+9C6huewXlX9O
OwmzX356N+5i+2QcWNS6/7Z6JVR/Ji/uSG3JArcZfRtxw4VOTl8y25/a5CqzYA8e
zB3aYmQLsUWB6qE6UqOUQM1UIZVv5y57KodwMUdwKrmb6m015m6W3V50DUIz4u8b
PBaaJ+s/SbJJo/nfa6JoEnbiau64HQuGzQQ/sAB5wtryzz/mnTb0/vZHYRNjFUs0
kgpi8eXNdNMNdf13G7x0cM2RW6WQ/1gzyrsIRz/SiGKuiPDOKJiNaVe3+fsaOgMN
+7RiDEKiZ/DCx4WFyzak+eWVezWAX0gp
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:29:33 2025 by rpki-client