Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/4df39a-783c-4d7d-b1be-bfd95a9a6e64/1/2mTo8VIXIrlcxcC_U7fWi211rFM.roa
File: 2mTo8VIXIrlcxcC_U7fWi211rFM.roa (raw, json)
Hash identifier: dDQv+ftOv7QcdnymuU8CSIpInH2sN5DMq5+DCb2C/AM=
Subject key identifier: DA:64:E8:F1:52:17:22:B9:5C:C5:C0:BF:53:B7:D6:8B:6D:75:AC:53
Certificate issuer: /CN=85f4ee14f6d38a7cf071279dff7b391702e37135
Certificate serial: 019424B367A5D95652B39F683F398963A6C6
Authority key identifier: 85:F4:EE:14:F6:D3:8A:7C:F0:71:27:9D:FF:7B:39:17:02:E3:71:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hfTuFPbTinzwcSed_3s5FwLjcTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/4df39a-783c-4d7d-b1be-bfd95a9a6e64/1/2mTo8VIXIrlcxcC_U7fWi211rFM.roa
Signing time: Thu 02 Jan 2025 01:48:44 +0000
ROA not before: Thu 02 Jan 2025 01:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48659
IP address blocks: 185.146.226.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:67:a5:d9:56:52:b3:9f:68:3f:39:89:63:a6:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85f4ee14f6d38a7cf071279dff7b391702e37135
Validity
Not Before: Jan 2 01:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da64e8f1521722b95cc5c0bf53b7d68b6d75ac53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:bb:6c:ee:68:d6:e7:fc:4a:6b:2c:84:78:3f:
e3:6f:f3:ed:7f:40:b9:10:e4:5d:f7:3d:4e:2d:5c:
e3:2b:ef:7e:51:6b:99:d9:5d:1c:f4:9c:41:0d:2e:
98:6c:eb:aa:ed:e1:bd:be:43:05:8c:3a:c6:55:79:
a8:35:f9:82:81:ad:e7:72:b9:17:7d:46:aa:41:af:
8b:b5:b2:d0:64:b9:01:ba:5f:70:f5:6e:2a:4b:03:
2c:28:82:b3:4d:38:6e:a3:26:a9:39:b1:df:cb:d8:
99:ac:1a:64:77:1b:92:f9:60:c2:d8:4c:27:1f:c0:
d8:af:2b:e0:f0:9f:b7:15:03:c6:2f:e1:a4:54:c0:
68:04:f8:42:ca:25:9d:d4:10:18:83:4d:10:b3:fe:
5b:2b:18:2f:d3:88:30:d4:a9:e1:0d:0f:41:c3:9d:
ef:dd:58:fb:5d:b2:a0:e2:6b:21:7b:03:9a:2c:fb:
e9:e1:72:ec:6f:15:6d:f5:d5:05:91:bf:47:da:c2:
41:da:dc:5c:c4:c4:7e:0d:ed:d6:25:4e:f0:89:ea:
17:11:fc:7e:7e:2f:f3:67:d3:3c:31:17:fc:f2:1b:
59:aa:2f:85:9d:ab:45:bc:e5:b5:1f:fc:d9:63:38:
05:6e:cb:69:8a:41:f0:5d:5a:fb:37:d9:da:4f:4d:
1d:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:64:E8:F1:52:17:22:B9:5C:C5:C0:BF:53:B7:D6:8B:6D:75:AC:53
X509v3 Authority Key Identifier:
keyid:85:F4:EE:14:F6:D3:8A:7C:F0:71:27:9D:FF:7B:39:17:02:E3:71:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfTuFPbTinzwcSed_3s5FwLjcTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/4df39a-783c-4d7d-b1be-bfd95a9a6e64/1/2mTo8VIXIrlcxcC_U7fWi211rFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/4df39a-783c-4d7d-b1be-bfd95a9a6e64/1/hfTuFPbTinzwcSed_3s5FwLjcTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.226.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:6d:6a:52:7f:17:47:a3:24:78:90:a1:e0:79:58:04:81:74:
d8:1f:f9:5f:9f:93:c8:bd:1a:dd:92:df:ab:92:88:db:8e:93:
b6:57:45:cb:ab:45:11:cc:0f:67:f8:28:a2:d7:df:fa:a3:2e:
db:8b:56:88:19:d6:df:f8:86:b0:c4:86:9e:21:77:f2:87:9c:
65:ae:06:fe:4a:59:86:2c:be:c5:19:1b:dd:56:8d:7e:23:51:
06:6a:94:d5:2b:39:68:6c:13:44:8c:58:16:a3:59:7f:fe:5b:
be:9f:3d:79:ca:ef:61:f9:ac:8e:4d:55:59:9f:a5:e4:be:6c:
44:c2:ff:77:25:3f:1d:99:ee:84:9d:af:ea:8c:b9:d0:28:e9:
fc:56:a5:6e:72:28:f3:d1:06:c6:45:09:10:30:08:3a:bf:52:
89:b8:52:a8:a9:ff:5e:f2:9e:5f:cd:fd:b2:2e:b9:76:21:87:
04:22:cf:8f:2e:66:f5:cd:f1:5d:d4:db:f3:06:d9:0e:f8:cb:
1b:70:43:f7:de:27:0f:4e:c6:1a:e7:40:06:05:d2:8a:e3:66:
27:1c:c4:5f:39:13:62:61:bb:20:74:2b:46:5f:80:fd:9e:8e:
cf:ed:95:9c:de:c7:d0:94:06:c3:71:5d:50:34:27:66:5e:4e:
91:f1:e0:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks2el2VZSs59oPzmJY6bGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZjRlZTE0ZjZkMzhhN2NmMDcxMjc5ZGZmN2IzOTE3MDJl
MzcxMzUwHhcNMjUwMTAyMDE0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTY0ZThmMTUyMTcyMmI5NWNjNWMwYmY1M2I3ZDY4YjZkNzVhYzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbts7mjW5/xKayyEeD/jb/Ptf0C5
EORd9z1OLVzjK+9+UWuZ2V0c9JxBDS6YbOuq7eG9vkMFjDrGVXmoNfmCga3ncrkX
fUaqQa+LtbLQZLkBul9w9W4qSwMsKIKzTThuoyapObHfy9iZrBpkdxuS+WDC2Ewn
H8DYryvg8J+3FQPGL+GkVMBoBPhCyiWd1BAYg00Qs/5bKxgv04gw1KnhDQ9Bw53v
3Vj7XbKg4mshewOaLPvp4XLsbxVt9dUFkb9H2sJB2txcxMR+De3WJU7wieoXEfx+
fi/zZ9M8MRf88htZqi+FnatFvOW1H/zZYzgFbstpikHwXVr7N9naT00dQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNpk6PFSFyK5XMXAv1O31ottdaxTMB8GA1UdIwQY
MBaAFIX07hT204p88HEnnf97ORcC43E1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZUdUZQYlRpbnp3Y1NlZF8zczVGd0xqY1RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80ZGYzOWEtNzgzYy00ZDdkLWIxYmUt
YmZkOTVhOWE2ZTY0LzEvMm1UbzhWSVhJcmxjeGNDX1U3ZldpMjExckZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80ZGYzOWEtNzgzYy00ZDdkLWIxYmUtYmZkOTVhOWE2ZTY0
LzEvaGZUdUZQYlRpbnp3Y1NlZF8zczVGd0xqY1RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZLiMA0G
CSqGSIb3DQEBCwUAA4IBAQCPbWpSfxdHoyR4kKHgeVgEgXTYH/lfn5PIvRrdkt+r
kojbjpO2V0XLq0URzA9n+Cii19/6oy7bi1aIGdbf+IawxIaeIXfyh5xlrgb+SlmG
LL7FGRvdVo1+I1EGapTVKzlobBNEjFgWo1l//lu+nz15yu9h+ayOTVVZn6XkvmxE
wv93JT8dme6Ena/qjLnQKOn8VqVucijz0QbGRQkQMAg6v1KJuFKoqf9e8p5fzf2y
Lrl2IYcEIs+PLmb1zfFd1NvzBtkO+MsbcEP33icPTsYa50AGBdKK42YnHMRfORNi
YbsgdCtGX4D9no7P7ZWc3sfQlAbDcV1QNCdmXk6R8eBU
-----END CERTIFICATE-----
Generated at Sat Apr 26 00:06:11 2025 by rpki-client