Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/dsfkSXYJLfZWJjDQMc0Y0owm7FA.roa
File: dsfkSXYJLfZWJjDQMc0Y0owm7FA.roa (raw, json)
Hash identifier: W0p5k/KWht0yDd7EzO060gDAd+rVO0Q+Y0m/UDAfM10=
Subject key identifier: 76:C7:E4:49:76:09:2D:F6:56:26:30:D0:31:CD:18:D2:8C:26:EC:50
Certificate issuer: /CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49
Certificate serial: 0194228D9E0D278A8ADC51A2E970BD90925E
Authority key identifier: DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/dsfkSXYJLfZWJjDQMc0Y0owm7FA.roa
Signing time: Wed 01 Jan 2025 15:48:13 +0000
ROA not before: Wed 01 Jan 2025 15:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59613
IP address blocks: 185.158.208.0/22 maxlen: 24
185.158.208.0/24 maxlen: 24
185.158.209.0/24 maxlen: 24
185.158.210.0/24 maxlen: 24
185.158.211.0/24 maxlen: 24
195.234.112.0/24 maxlen: 24
195.234.113.0/24 maxlen: 24
195.234.114.0/24 maxlen: 24
195.234.115.0/24 maxlen: 24
2a02:2278:ff00::/40 maxlen: 56
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:9e:0d:27:8a:8a:dc:51:a2:e9:70:bd:90:92:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49
Validity
Not Before: Jan 1 15:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76c7e44976092df6562630d031cd18d28c26ec50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:c4:41:86:6c:53:ea:fc:bb:13:56:3e:93:2a:
01:24:e3:5c:23:4b:e6:f3:8f:27:6e:e8:9e:c5:5a:
fc:e5:6d:e2:67:17:b9:d2:73:6b:12:0b:2f:0f:13:
cd:2b:9f:6a:e9:8c:1c:d8:3c:8d:9d:d1:5d:14:31:
44:11:6e:56:50:57:bf:d7:dd:56:07:ec:d6:3d:e3:
32:c3:44:07:0b:44:e6:f8:cd:56:c9:e0:a1:e3:d4:
72:c2:fa:1d:66:66:7c:a1:34:13:11:04:69:81:f6:
c1:f7:9d:35:02:4e:35:fb:b5:02:74:d1:2e:7c:4b:
a9:77:70:9d:f2:51:7b:a6:0c:f0:7c:90:13:f7:9b:
75:7a:99:ef:d6:15:56:62:1c:d6:82:f5:14:2c:71:
67:80:a2:ba:22:3e:4a:02:fc:53:88:11:79:d5:5b:
da:3b:e7:1e:00:68:7d:de:bf:9c:f1:be:35:22:3c:
66:fa:91:26:ce:4b:ee:15:8a:c0:9e:fc:91:82:d8:
1c:6d:be:9a:25:f1:1f:c9:ea:3d:f1:74:04:b0:ee:
db:00:cd:b5:27:75:58:57:8f:cb:c6:3a:7e:8c:38:
63:28:42:28:b5:a2:71:ac:64:ac:a6:cb:b8:36:41:
30:bf:bc:d8:dc:25:73:6d:fe:14:a0:49:f2:e6:0a:
97:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:C7:E4:49:76:09:2D:F6:56:26:30:D0:31:CD:18:D2:8C:26:EC:50
X509v3 Authority Key Identifier:
keyid:DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/dsfkSXYJLfZWJjDQMc0Y0owm7FA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/3R2uzTCut0ZSu92l2tlnbOSIqkk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.158.208.0/22
195.234.112.0/22
IPv6:
2a02:2278:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
01:2b:7a:6e:e3:3d:f1:ac:f0:da:e9:34:00:e4:05:6d:63:17:
b3:5f:e2:57:20:97:b6:ef:92:93:cf:86:43:20:71:db:07:a9:
4d:ee:c4:da:91:a4:5c:45:55:bf:18:c4:0c:84:6f:6f:36:73:
c3:f5:37:ca:31:19:05:a0:46:f9:78:3d:d5:6d:30:44:36:84:
03:49:c2:10:66:45:97:65:80:7c:5e:d8:a8:bf:ad:53:2f:69:
04:31:92:b9:8f:30:bf:b8:b1:2f:73:5c:0b:64:89:ee:04:78:
1a:70:59:27:a2:67:ad:21:59:e8:9c:32:c6:c0:cf:0e:3e:0e:
7d:d3:21:21:d7:03:a6:19:e9:45:4c:19:36:d6:44:f5:25:dc:
be:dd:0b:9b:89:d8:f6:ac:46:4e:48:a7:73:6b:01:28:55:af:
2d:3f:d5:51:65:35:2b:86:84:26:e8:bc:7f:89:f8:1e:a9:ec:
19:29:93:ba:c1:41:bd:41:4c:2b:84:3f:06:96:73:62:55:ec:
18:8e:d7:85:b6:02:87:37:64:30:76:8c:78:82:31:af:d9:96:
a7:28:4e:c9:ae:f7:60:3e:e6:a9:63:cb:96:10:9e:77:43:c9:
83:05:57:9a:54:1c:f5:bd:6a:d9:c4:7e:d9:8f:89:49:20:08:
ce:f1:5a:9e
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQijZ4NJ4qK3FGi6XC9kJJeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMWRhZWNkMzBhZWI3NDY1MmJiZGRhNWRhZDk2NzZjZTQ4
OGFhNDkwHhcNMjUwMTAxMTU0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmM3ZTQ0OTc2MDkyZGY2NTYyNjMwZDAzMWNkMThkMjhjMjZlYzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8RBhmxT6vy7E1Y+kyoBJONcI0vm
848nbuiexVr85W3iZxe50nNrEgsvDxPNK59q6Ywc2DyNndFdFDFEEW5WUFe/191W
B+zWPeMyw0QHC0Tm+M1WyeCh49RywvodZmZ8oTQTEQRpgfbB9501Ak41+7UCdNEu
fEupd3Cd8lF7pgzwfJAT95t1epnv1hVWYhzWgvUULHFngKK6Ij5KAvxTiBF51Vva
O+ceAGh93r+c8b41Ijxm+pEmzkvuFYrAnvyRgtgcbb6aJfEfyeo98XQEsO7bAM21
J3VYV4/Lxjp+jDhjKEIotaJxrGSspsu4NkEwv7zY3CVzbf4UoEny5gqXnwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFHbH5El2CS32ViYw0DHNGNKMJuxQMB8GA1UdIwQY
MBaAFN0drs0wrrdGUrvdpdrZZ2zkiKpJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTct
MDYwYWMwODkwOTY2LzEvZHNma1NYWUpMZlpXSmpEUU1jMFkwb3dtN0ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTctMDYwYWMwODkwOTY2
LzEvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQCuZ7QAwQC
w+pwMA4EAgACMAgDBgAqAiJ4/zANBgkqhkiG9w0BAQsFAAOCAQEAASt6buM98azw
2uk0AOQFbWMXs1/iVyCXtu+Sk8+GQyBx2wepTe7E2pGkXEVVvxjEDIRvbzZzw/U3
yjEZBaBG+Xg91W0wRDaEA0nCEGZFl2WAfF7YqL+tUy9pBDGSuY8wv7ixL3NcC2SJ
7gR4GnBZJ6JnrSFZ6JwyxsDPDj4OfdMhIdcDphnpRUwZNtZE9SXcvt0Lm4nY9qxG
Tkinc2sBKFWvLT/VUWU1K4aEJui8f4n4HqnsGSmTusFBvUFMK4Q/BpZzYlXsGI7X
hbYChzdkMHaMeIIxr9mWpyhOya73YD7mqWPLlhCed0PJgwVXmlQc9b1q2cR+2Y+J
SSAIzvFang==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:13:54 2025 by rpki-client