Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0244e4-73e3-449d-a06a-1f689935b90f/1/paZxOmMKFpQKe-8Kne9bRfBeDj4.roa
File: paZxOmMKFpQKe-8Kne9bRfBeDj4.roa (raw, json)
Hash identifier: Ht8nkuSK3tnDGTAuNZ2+oouOY3eOWnt0ge3I9SzF5BY=
Subject key identifier: A5:A6:71:3A:63:0A:16:94:0A:7B:EF:0A:9D:EF:5B:45:F0:5E:0E:3E
Certificate issuer: /CN=6810aa89239242dacc9d03e3af22d4e87a783414
Certificate serial: 01941FFA96F2097FDE135176B36417AA255D
Authority key identifier: 68:10:AA:89:23:92:42:DA:CC:9D:03:E3:AF:22:D4:E8:7A:78:34:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aBCqiSOSQtrMnQPjryLU6Hp4NBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0244e4-73e3-449d-a06a-1f689935b90f/1/paZxOmMKFpQKe-8Kne9bRfBeDj4.roa
Signing time: Wed 01 Jan 2025 03:48:23 +0000
ROA not before: Wed 01 Jan 2025 03:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51093
IP address blocks: 185.108.16.0/24 maxlen: 24
212.48.224.0/22 maxlen: 24
212.48.228.0/22 maxlen: 24
212.48.230.0/24 maxlen: 24
212.48.232.0/24 maxlen: 24
2a06:300::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:96:f2:09:7f:de:13:51:76:b3:64:17:aa:25:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6810aa89239242dacc9d03e3af22d4e87a783414
Validity
Not Before: Jan 1 03:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5a6713a630a16940a7bef0a9def5b45f05e0e3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:2b:0c:f2:b9:4b:13:89:4c:4e:19:bd:5d:69:
b0:86:f5:24:86:82:a9:42:da:fe:c3:49:0b:f4:2d:
73:67:67:98:66:5b:0b:7c:fe:b0:27:ac:6a:a4:cf:
da:46:29:d0:66:67:18:cf:fb:8c:e7:0d:b4:be:be:
18:1a:a1:0e:7e:7f:bc:d4:26:b2:55:20:37:ee:e0:
3c:7a:4d:d3:ac:15:a3:f7:cf:51:47:1f:14:5e:cd:
ac:d7:68:82:b2:90:32:04:05:1d:5e:a9:14:a8:76:
d8:70:6f:7b:44:89:5c:14:9d:a2:3d:5a:5b:d6:78:
09:9c:9c:b7:52:ee:15:4a:6e:83:d0:fb:11:b6:53:
03:be:9f:08:39:d3:03:f9:f2:0c:22:82:75:8d:ca:
02:03:f5:86:c7:ee:38:cc:4d:00:95:22:d7:88:c7:
c3:de:75:58:28:da:8a:5e:f1:7f:01:40:00:5a:c2:
93:cd:d6:9c:f5:ff:10:e6:39:6f:e9:4c:91:74:df:
29:5e:fd:67:76:a8:24:4a:15:49:7e:df:3b:f6:c6:
4f:de:78:0f:76:3b:1f:de:29:85:86:82:cc:37:93:
84:ef:2a:f5:3a:8c:4a:c3:47:da:7e:db:d4:cf:08:
85:ad:58:48:c8:18:bc:63:c1:10:51:3e:2a:a8:80:
d5:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:A6:71:3A:63:0A:16:94:0A:7B:EF:0A:9D:EF:5B:45:F0:5E:0E:3E
X509v3 Authority Key Identifier:
keyid:68:10:AA:89:23:92:42:DA:CC:9D:03:E3:AF:22:D4:E8:7A:78:34:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aBCqiSOSQtrMnQPjryLU6Hp4NBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0244e4-73e3-449d-a06a-1f689935b90f/1/paZxOmMKFpQKe-8Kne9bRfBeDj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0244e4-73e3-449d-a06a-1f689935b90f/1/aBCqiSOSQtrMnQPjryLU6Hp4NBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.16.0/24
212.48.224.0-212.48.232.255
IPv6:
2a06:300::/29
Signature Algorithm: sha256WithRSAEncryption
6a:59:bc:d6:c0:46:77:55:3b:85:c4:99:01:01:ee:39:5a:b2:
d0:25:e8:ea:ac:b6:62:a2:32:06:fd:10:75:cd:f9:5d:a8:26:
42:ec:06:96:72:49:4f:2a:38:da:e9:f2:79:8c:82:16:40:0a:
5e:ef:6d:be:83:48:dc:fc:9d:35:e6:b1:4f:6e:a6:56:c4:96:
6d:2d:49:39:17:4b:1c:04:45:36:d5:85:b5:ed:6c:ae:f3:c7:
4a:9d:8d:42:54:05:e5:e4:3e:3c:be:76:b5:9b:ff:39:de:68:
90:3e:62:01:38:26:6d:c1:24:c2:31:f3:40:1a:0f:5e:bd:1d:
74:9e:c7:13:38:10:bc:1b:83:d5:b0:44:0d:e4:c4:a7:e2:a3:
e7:73:1c:8e:ed:1d:f7:78:96:22:b1:98:1c:a6:3d:de:33:84:
b5:55:9d:71:43:23:17:f3:5d:42:a4:cd:4a:34:3e:cd:d8:18:
c8:42:76:de:91:2c:c9:d5:9e:6d:7f:9c:61:00:3a:f8:d4:ac:
5e:dd:f9:4c:6b:7d:fa:d2:ff:60:27:d3:70:ce:1b:96:6f:72:
88:f0:fd:c4:0d:b8:42:08:3e:d1:17:c2:04:59:c3:84:d5:8d:
11:18:68:0d:27:05:1f:c3:24:e1:8f:76:47:76:c3:1f:8a:0e:
04:ae:d8:a2
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQf+pbyCX/eE1F2s2QXqiVdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MTBhYTg5MjM5MjQyZGFjYzlkMDNlM2FmMjJkNGU4N2E3
ODM0MTQwHhcNMjUwMTAxMDM0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWE2NzEzYTYzMGExNjk0MGE3YmVmMGE5ZGVmNWI0NWYwNWUwZTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuisM8rlLE4lMThm9XWmwhvUkhoKp
Qtr+w0kL9C1zZ2eYZlsLfP6wJ6xqpM/aRinQZmcYz/uM5w20vr4YGqEOfn+81Cay
VSA37uA8ek3TrBWj989RRx8UXs2s12iCspAyBAUdXqkUqHbYcG97RIlcFJ2iPVpb
1ngJnJy3Uu4VSm6D0PsRtlMDvp8IOdMD+fIMIoJ1jcoCA/WGx+44zE0AlSLXiMfD
3nVYKNqKXvF/AUAAWsKTzdac9f8Q5jlv6UyRdN8pXv1ndqgkShVJft879sZP3ngP
djsf3imFhoLMN5OE7yr1OoxKw0faftvUzwiFrVhIyBi8Y8EQUT4qqIDVswIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFKWmcTpjChaUCnvvCp3vW0XwXg4+MB8GA1UdIwQY
MBaAFGgQqokjkkLazJ0D468i1Oh6eDQUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUJDcWlTT1NRdHJNblFQanJ5TFU2SHA0TkJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wMjQ0ZTQtNzNlMy00NDlkLWEwNmEt
MWY2ODk5MzViOTBmLzEvcGFaeE9tTUtGcFFLZS04S25lOWJSZkJlRGo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wMjQ0ZTQtNzNlMy00NDlkLWEwNmEtMWY2ODk5MzViOTBm
LzEvYUJDcWlTT1NRdHJNblFQanJ5TFU2SHA0TkJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQAuWwQMAwD
BAXUMOADBADUMOgwDQQCAAIwBwMFAyoGAwAwDQYJKoZIhvcNAQELBQADggEBAGpZ
vNbARndVO4XEmQEB7jlastAl6OqstmKiMgb9EHXN+V2oJkLsBpZySU8qONrp8nmM
ghZACl7vbb6DSNz8nTXmsU9uplbElm0tSTkXSxwERTbVhbXtbK7zx0qdjUJUBeXk
Pjy+drWb/zneaJA+YgE4Jm3BJMIx80AaD169HXSexxM4ELwbg9WwRA3kxKfio+dz
HI7tHfd4liKxmBymPd4zhLVVnXFDIxfzXUKkzUo0Ps3YGMhCdt6RLMnVnm1/nGEA
OvjUrF7d+UxrffrS/2An03DOG5Zvcojw/cQNuEIIPtEXwgRZw4TVjREYaA0nBR/D
JOGPdkd2wx+KDgSu2KI=
-----END CERTIFICATE-----
Generated at Fri Apr 25 19:53:41 2025 by rpki-client