Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/im7q3DUwwhxBvlVEZtE4tGfmXLI.roa
File: im7q3DUwwhxBvlVEZtE4tGfmXLI.roa (raw, json)
Hash identifier: pwkny+7FbBocVWvTx61zBH07mwGByd5EIRilK7v/x84=
Subject key identifier: 8A:6E:EA:DC:35:30:C2:1C:41:BE:55:44:66:D1:38:B4:67:E6:5C:B2
Certificate issuer: /CN=69042c1f27a7d7862475087023dc97c3330f73c6
Certificate serial: 01946BCC6BD7B403101C2F5E3E823181A267
Authority key identifier: 69:04:2C:1F:27:A7:D7:86:24:75:08:70:23:DC:97:C3:33:0F:73:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aQQsHyen14YkdQhwI9yXwzMPc8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/im7q3DUwwhxBvlVEZtE4tGfmXLI.roa
Signing time: Wed 15 Jan 2025 21:09:06 +0000
ROA not before: Wed 15 Jan 2025 21:09:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48847
IP address blocks: 185.104.68.0/22 maxlen: 22
185.104.68.0/24 maxlen: 24
185.104.68.0/26 maxlen: 26
185.104.68.64/26 maxlen: 26
185.104.68.144/28 maxlen: 28
185.104.68.240/29 maxlen: 29
185.104.70.0/24 maxlen: 24
185.104.70.0/28 maxlen: 28
185.104.70.32/30 maxlen: 30
185.104.70.220/30 maxlen: 30
185.104.71.0/24 maxlen: 24
185.104.71.0/28 maxlen: 28
185.104.71.16/30 maxlen: 30
185.104.71.20/30 maxlen: 30
185.104.71.24/30 maxlen: 30
185.104.71.28/30 maxlen: 30
185.104.71.32/28 maxlen: 28
185.104.71.160/29 maxlen: 29
185.104.71.176/29 maxlen: 29
185.104.71.224/28 maxlen: 28
2a06:3480::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6b:cc:6b:d7:b4:03:10:1c:2f:5e:3e:82:31:81:a2:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69042c1f27a7d7862475087023dc97c3330f73c6
Validity
Not Before: Jan 15 21:09:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a6eeadc3530c21c41be554466d138b467e65cb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:73:38:e8:c2:76:53:81:9d:31:b1:55:0b:b4:
61:f1:de:80:ea:10:44:87:92:d9:b8:54:6a:de:18:
16:6e:48:d0:1d:fb:d8:30:63:de:0f:7e:99:ba:4b:
c2:01:30:7d:8e:76:c4:5a:0c:37:a9:28:d5:84:77:
ac:6a:ec:bf:57:73:18:88:7c:67:a6:bf:a9:01:aa:
22:b4:70:66:b4:b9:c4:0e:5b:73:48:d2:fc:bb:01:
f1:fe:29:f1:b3:c6:37:48:90:d9:7d:3d:d7:a0:ec:
f8:07:3c:0e:c0:a4:bc:ad:c3:22:90:3f:d3:bc:23:
8e:fc:e9:f3:1c:98:f5:12:5d:71:c0:18:7a:f6:e4:
87:24:8b:98:71:62:8e:d1:ce:23:81:07:1d:a6:3f:
f2:2e:97:a5:eb:09:c2:46:c6:47:91:45:e6:38:52:
63:0f:57:0b:9d:6b:21:a1:00:d9:10:42:0d:4b:56:
8f:9d:d0:bd:e8:7e:f0:77:97:11:c1:26:07:e8:11:
2e:2a:2a:2e:e6:c8:4a:e8:29:14:25:bd:a7:de:dd:
29:f3:d9:a5:9a:75:1e:a2:52:25:b8:87:6e:59:47:
79:a6:c7:0b:cd:4a:5d:90:97:7c:d2:6d:3d:ca:8c:
72:e1:9b:6b:90:c3:a9:09:d7:56:a8:0f:d9:d3:cd:
12:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:6E:EA:DC:35:30:C2:1C:41:BE:55:44:66:D1:38:B4:67:E6:5C:B2
X509v3 Authority Key Identifier:
keyid:69:04:2C:1F:27:A7:D7:86:24:75:08:70:23:DC:97:C3:33:0F:73:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aQQsHyen14YkdQhwI9yXwzMPc8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/im7q3DUwwhxBvlVEZtE4tGfmXLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/aQQsHyen14YkdQhwI9yXwzMPc8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.68.0/22
IPv6:
2a06:3480::/29
Signature Algorithm: sha256WithRSAEncryption
99:ce:1c:f7:f8:05:51:d5:44:06:10:49:eb:03:44:d2:a4:01:
3d:dc:46:c7:15:7e:0c:61:19:3b:4e:c1:44:18:41:ab:dd:d9:
0b:07:19:2a:a5:88:61:b1:54:f6:40:5b:7e:ac:17:23:12:b1:
80:8f:40:fd:03:12:e5:b0:d0:67:60:fb:56:d0:a8:15:89:8e:
61:d1:01:ed:86:d2:66:c5:98:b4:54:9c:b0:f8:26:21:12:dd:
24:81:52:d7:a1:44:bc:e3:0e:ae:de:1d:de:66:9e:59:a4:1f:
33:96:97:22:dc:76:77:e9:2c:f5:f0:90:12:d7:a4:bd:71:16:
f2:5b:d0:ae:91:4c:32:b2:ac:93:90:dc:bf:79:20:d5:00:1d:
d3:95:4d:07:ec:a4:fa:d0:37:c3:e7:1e:6f:8a:70:4f:3f:ba:
da:48:42:ff:6a:17:28:d3:55:85:63:5d:c2:7f:9e:3a:b2:80:
e9:6a:c9:cf:ba:71:92:7f:ae:6d:95:8d:6d:73:2b:e8:d2:f0:
eb:6c:e5:4a:ef:ce:0a:34:73:ba:e7:52:36:c8:c0:4b:4a:b2:
b7:64:1a:33:25:87:c6:fc:73:5e:c5:82:f9:e6:6b:aa:be:41:
0b:6c:36:3c:0c:a9:a5:18:1f:d2:ac:c9:6c:62:19:df:03:fe:
ea:c1:7d:ff
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZRrzGvXtAMQHC9ePoIxgaJnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MDQyYzFmMjdhN2Q3ODYyNDc1MDg3MDIzZGM5N2MzMzMw
ZjczYzYwHhcNMjUwMTE1MjEwOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTZlZWFkYzM1MzBjMjFjNDFiZTU1NDQ2NmQxMzhiNDY3ZTY1Y2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3M46MJ2U4GdMbFVC7Rh8d6A6hBE
h5LZuFRq3hgWbkjQHfvYMGPeD36ZukvCATB9jnbEWgw3qSjVhHesauy/V3MYiHxn
pr+pAaoitHBmtLnEDltzSNL8uwHx/inxs8Y3SJDZfT3XoOz4BzwOwKS8rcMikD/T
vCOO/OnzHJj1El1xwBh69uSHJIuYcWKO0c4jgQcdpj/yLpel6wnCRsZHkUXmOFJj
D1cLnWshoQDZEEINS1aPndC96H7wd5cRwSYH6BEuKiou5shK6CkUJb2n3t0p89ml
mnUeolIluIduWUd5pscLzUpdkJd80m09yoxy4ZtrkMOpCddWqA/Z080S/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIpu6tw1MMIcQb5VRGbROLRn5lyyMB8GA1UdIwQY
MBaAFGkELB8np9eGJHUIcCPcl8MzD3PGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVFRc0h5ZW4xNFlrZFFod0k5eVh3ek1QYzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy80YWU2NGItZjczZS00MDhjLWI0YTgt
Y2JiM2Q2MzVkODJmLzEvaW03cTNEVXd3aHhCdmxWRVp0RTR0R2ZtWExJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy80YWU2NGItZjczZS00MDhjLWI0YTgtY2JiM2Q2MzVkODJm
LzEvYVFRc0h5ZW4xNFlrZFFod0k5eVh3ek1QYzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWhEMA0E
AgACMAcDBQMqBjSAMA0GCSqGSIb3DQEBCwUAA4IBAQCZzhz3+AVR1UQGEEnrA0TS
pAE93EbHFX4MYRk7TsFEGEGr3dkLBxkqpYhhsVT2QFt+rBcjErGAj0D9AxLlsNBn
YPtW0KgViY5h0QHthtJmxZi0VJyw+CYhEt0kgVLXoUS84w6u3h3eZp5ZpB8zlpci
3HZ36Sz18JAS16S9cRbyW9CukUwysqyTkNy/eSDVAB3TlU0H7KT60DfD5x5vinBP
P7raSEL/ahco01WFY13Cf546soDpasnPunGSf65tlY1tcyvo0vDrbOVK784KNHO6
51I2yMBLSrK3ZBozJYfG/HNexYL55muqvkELbDY8DKmlGB/SrMlsYhnfA/7qwX3/
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:56:17 2025 by rpki-client