Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/99be4d-f8ec-4430-a9cd-7e12b87d06c2/1/1-RWOiprTQ-uVnwhklGyyfsDfjnk.roa
File: 1-RWOiprTQ-uVnwhklGyyfsDfjnk.roa (raw, json)
Hash identifier: KKoCIqZllKz4mT5mjhqOfo5AkvT5jJCo40l+tooCAf8=
Subject key identifier: F9:15:8E:8A:9A:D3:43:EB:95:9F:08:64:94:6C:B2:7E:C0:DF:8E:79
Certificate issuer: /CN=30f8e2c0c87e93799e23284f36b8615db78783ab
Certificate serial: 01942068228F1CAEE8EF4C76A5BFDB145B4A
Authority key identifier: 30:F8:E2:C0:C8:7E:93:79:9E:23:28:4F:36:B8:61:5D:B7:87:83:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MPjiwMh-k3meIyhPNrhhXbeHg6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/99be4d-f8ec-4430-a9cd-7e12b87d06c2/1/1-RWOiprTQ-uVnwhklGyyfsDfjnk.roa
Signing time: Wed 01 Jan 2025 05:48:03 +0000
ROA not before: Wed 01 Jan 2025 05:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206420
IP address blocks: 185.186.248.0/22 maxlen: 22
185.212.12.0/22 maxlen: 22
2a0b:70c0::/32 maxlen: 32
2a0b:8c80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:22:8f:1c:ae:e8:ef:4c:76:a5:bf:db:14:5b:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30f8e2c0c87e93799e23284f36b8615db78783ab
Validity
Not Before: Jan 1 05:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9158e8a9ad343eb959f0864946cb27ec0df8e79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:fd:4a:56:c6:87:e1:96:c6:df:e1:c3:11:f6:
7a:48:69:d9:05:14:c0:a3:52:06:6e:44:e0:57:3b:
4b:cc:58:de:bc:ea:00:4a:6d:05:97:e3:a3:1f:7d:
49:3c:35:84:a3:29:b2:e4:e7:f6:67:6d:24:34:e3:
65:37:f0:17:02:13:6d:0a:28:91:36:4b:1d:8e:77:
dc:cf:53:50:f0:b2:f3:ec:72:96:33:36:a3:1d:fe:
b8:61:04:6e:0e:5f:87:da:06:18:3a:70:9a:72:89:
f4:e5:7c:ac:0a:bb:87:ae:e1:43:3b:fb:a7:5b:f4:
91:e8:5b:b5:5a:be:4d:aa:af:2e:8a:1c:d8:ee:9c:
ec:09:eb:f6:ac:02:c7:c0:53:a6:f1:33:bf:58:3a:
d1:73:1e:04:8c:06:38:1f:01:e4:b9:21:fa:68:52:
ef:85:0f:0f:f3:82:0e:a8:2c:69:24:90:73:9d:59:
4f:cd:ee:c0:02:6b:2e:77:4b:7c:af:62:3c:06:f1:
ad:17:04:86:cc:e3:31:1a:4e:61:60:43:a7:11:b8:
d1:76:6d:0f:94:ca:43:1c:50:2c:f2:aa:95:62:f7:
4f:c9:f1:a3:36:22:9b:9e:8e:68:6f:5c:35:88:03:
ab:ad:c9:9a:b1:55:c2:80:ad:de:f0:10:f3:97:89:
24:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:15:8E:8A:9A:D3:43:EB:95:9F:08:64:94:6C:B2:7E:C0:DF:8E:79
X509v3 Authority Key Identifier:
keyid:30:F8:E2:C0:C8:7E:93:79:9E:23:28:4F:36:B8:61:5D:B7:87:83:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MPjiwMh-k3meIyhPNrhhXbeHg6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/99be4d-f8ec-4430-a9cd-7e12b87d06c2/1/1-RWOiprTQ-uVnwhklGyyfsDfjnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/99be4d-f8ec-4430-a9cd-7e12b87d06c2/1/MPjiwMh-k3meIyhPNrhhXbeHg6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.248.0/22
185.212.12.0/22
IPv6:
2a0b:70c0::/32
2a0b:8c80::/29
Signature Algorithm: sha256WithRSAEncryption
35:2c:87:b5:67:fb:7c:e0:2a:9c:eb:a6:06:d5:ca:0d:84:63:
11:b7:7f:90:07:3e:30:26:6b:ba:94:19:f0:e7:a6:9a:49:db:
61:09:ce:94:ec:2a:6a:d6:ec:62:ea:d2:9d:cb:da:b2:20:94:
c8:cb:88:7b:7d:05:4e:75:97:4f:64:a4:07:3e:2d:38:7f:6d:
73:68:18:e7:ac:71:58:89:ab:00:00:fa:d9:48:11:dd:73:76:
90:57:9a:2c:26:61:dc:7c:21:5e:6f:0b:db:6e:ea:4f:79:6d:
ff:8d:c7:ec:2e:c7:c4:d4:35:b1:97:a5:fc:44:a8:99:43:4b:
1b:00:98:7b:95:aa:e1:11:70:54:a3:1f:46:ec:dc:47:33:cb:
8a:7c:7d:84:c2:07:2f:5a:c7:51:64:44:94:d8:8e:2b:c8:22:
d2:77:96:fc:08:af:cf:95:31:1b:cc:41:ce:4d:3a:1d:0c:a7:
4a:31:05:5a:e0:b7:67:a7:f5:88:e2:48:42:a7:32:8a:fc:ed:
44:6f:57:b1:2d:6e:39:47:a3:3b:73:44:2b:25:80:0c:ae:ac:
47:15:2f:f2:17:a7:1a:6e:8d:76:d3:6d:e8:1f:41:3f:b3:f4:
7d:ff:01:12:ae:40:a5:d4:2a:ba:8e:e2:a8:dd:e6:96:25:a4:
53:24:f8:72
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQgaCKPHK7o70x2pb/bFFtKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZjhlMmMwYzg3ZTkzNzk5ZTIzMjg0ZjM2Yjg2MTVkYjc4
NzgzYWIwHhcNMjUwMTAxMDU0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTE1OGU4YTlhZDM0M2ViOTU5ZjA4NjQ5NDZjYjI3ZWMwZGY4ZTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/1KVsaH4ZbG3+HDEfZ6SGnZBRTA
o1IGbkTgVztLzFjevOoASm0Fl+OjH31JPDWEoymy5Of2Z20kNONlN/AXAhNtCiiR
Nksdjnfcz1NQ8LLz7HKWMzajHf64YQRuDl+H2gYYOnCacon05XysCruHruFDO/un
W/SR6Fu1Wr5Nqq8uihzY7pzsCev2rALHwFOm8TO/WDrRcx4EjAY4HwHkuSH6aFLv
hQ8P84IOqCxpJJBznVlPze7AAmsud0t8r2I8BvGtFwSGzOMxGk5hYEOnEbjRdm0P
lMpDHFAs8qqVYvdPyfGjNiKbno5ob1w1iAOrrcmasVXCgK3e8BDzl4kk0QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFPkVjoqa00PrlZ8IZJRssn7A3455MB8GA1UdIwQY
MBaAFDD44sDIfpN5niMoTza4YV23h4OrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVBqaXdNaC1rM21lSXloUE5yaGhYYmVIZzZzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85OWJlNGQtZjhlYy00NDMwLWE5Y2Qt
N2UxMmI4N2QwNmMyLzEvMS1SV09pcHJUUS11Vm53aGtsR3l5ZnNEZmpuay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWIvOTliZTRkLWY4ZWMtNDQzMC1hOWNkLTdlMTJiODdkMDZj
Mi8xL01Qaml3TWgtazNtZUl5aFBOcmhoWGJlSGc2cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA7BggrBgEFBQcBBwEB/wQsMCowEgQCAAEwDAMEArm6+AME
ArnUDDAUBAIAAjAOAwUAKgtwwAMFAyoLjIAwDQYJKoZIhvcNAQELBQADggEBADUs
h7Vn+3zgKpzrpgbVyg2EYxG3f5AHPjAma7qUGfDnpppJ22EJzpTsKmrW7GLq0p3L
2rIglMjLiHt9BU51l09kpAc+LTh/bXNoGOescViJqwAA+tlIEd1zdpBXmiwmYdx8
IV5vC9tu6k95bf+Nx+wux8TUNbGXpfxEqJlDSxsAmHuVquERcFSjH0bs3Eczy4p8
fYTCBy9ax1FkRJTYjivIItJ3lvwIr8+VMRvMQc5NOh0Mp0oxBVrgt2en9YjiSEKn
Mor87URvV7EtbjlHoztzRCslgAyurEcVL/IXpxpujXbTbegfQT+z9H3/ARKuQKXU
KrqO4qjd5pYlpFMk+HI=
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:57:34 2025 by rpki-client