Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/265d3a-aed6-4be2-b42e-eb62e8c4dfa9/1/cd1yHX5UcqryiXUb-rkYleNrwXs.roa
File: cd1yHX5UcqryiXUb-rkYleNrwXs.roa (raw, json)
Hash identifier: 6h3q+Ehg11sL4jSJjG152eGWFDBSFWsjBJ9eqGT5BtE=
Subject key identifier: 71:DD:72:1D:7E:54:72:AA:F2:89:75:1B:FA:B9:18:95:E3:6B:C1:7B
Certificate issuer: /CN=206f6808e0604697270faa3c3db159f7fe98ecdd
Certificate serial: 0194258F36906F045AF4B2E3353E5B44ABE1
Authority key identifier: 20:6F:68:08:E0:60:46:97:27:0F:AA:3C:3D:B1:59:F7:FE:98:EC:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IG9oCOBgRpcnD6o8PbFZ9_6Y7N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/265d3a-aed6-4be2-b42e-eb62e8c4dfa9/1/cd1yHX5UcqryiXUb-rkYleNrwXs.roa
Signing time: Thu 02 Jan 2025 05:48:50 +0000
ROA not before: Thu 02 Jan 2025 05:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24867
IP address blocks: 185.180.216.0/22 maxlen: 22
2a0a:af80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:36:90:6f:04:5a:f4:b2:e3:35:3e:5b:44:ab:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=206f6808e0604697270faa3c3db159f7fe98ecdd
Validity
Not Before: Jan 2 05:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=71dd721d7e5472aaf289751bfab91895e36bc17b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f1:62:15:88:dc:b6:17:c3:62:3c:bd:67:10:
e2:bd:3e:a4:00:65:08:e7:4a:e6:e2:3d:af:ce:96:
3b:1f:b8:4c:a0:2e:6f:e7:11:bb:a8:6c:d3:c6:b3:
57:ae:55:47:4e:7d:19:69:6e:c8:56:4f:66:9e:82:
a0:5f:9d:c8:eb:a6:d0:4b:99:dd:87:45:0d:66:f9:
1c:3c:87:fe:b9:91:6d:57:c6:94:7d:3a:22:ca:58:
2e:33:b6:4c:d6:51:31:cc:98:c1:d3:5b:5f:8a:8c:
85:9c:c3:08:97:e9:88:d6:b8:93:a4:a7:97:df:29:
4a:ed:43:0a:9b:1d:12:84:31:62:53:00:ea:11:dc:
13:68:b9:16:08:98:a1:08:2d:f1:4f:71:3e:10:c3:
87:e5:48:5b:a2:df:a2:78:5f:f7:0a:40:13:f0:1d:
15:fb:30:c5:ca:ec:80:90:ec:c5:6d:35:b0:14:e3:
1a:c9:85:b5:17:55:69:96:6d:7a:b9:6d:d8:77:4b:
76:c1:00:09:e0:bc:ca:25:c4:3e:c9:3d:c7:10:7b:
38:cc:15:4b:64:99:18:73:22:15:7e:23:7d:ef:ac:
db:8c:d2:87:0b:85:8d:df:60:0a:49:e9:37:74:95:
a7:26:90:61:37:4d:9b:c0:d9:4a:f9:df:8f:69:74:
fa:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:DD:72:1D:7E:54:72:AA:F2:89:75:1B:FA:B9:18:95:E3:6B:C1:7B
X509v3 Authority Key Identifier:
keyid:20:6F:68:08:E0:60:46:97:27:0F:AA:3C:3D:B1:59:F7:FE:98:EC:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IG9oCOBgRpcnD6o8PbFZ9_6Y7N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/265d3a-aed6-4be2-b42e-eb62e8c4dfa9/1/cd1yHX5UcqryiXUb-rkYleNrwXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/265d3a-aed6-4be2-b42e-eb62e8c4dfa9/1/IG9oCOBgRpcnD6o8PbFZ9_6Y7N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.180.216.0/22
IPv6:
2a0a:af80::/29
Signature Algorithm: sha256WithRSAEncryption
26:52:a0:41:80:f3:01:a6:fe:9e:2c:92:ec:2c:46:f2:ab:37:
4f:db:2e:7e:22:cb:6b:00:83:de:64:94:06:08:60:b5:5f:b2:
e8:f5:a1:20:4b:52:65:2b:8c:23:15:ac:0d:27:74:20:10:20:
c6:35:21:4a:ad:34:61:86:68:5d:3a:04:e5:8a:53:73:9a:bf:
0d:41:15:b9:14:34:27:9a:8e:d9:48:37:3d:95:49:f6:92:a2:
75:8d:39:95:66:f2:0f:f1:4b:77:eb:5f:41:2f:de:03:a3:c9:
bf:a5:e9:e1:27:bb:85:fe:e4:f3:8b:a0:c3:95:e8:24:87:8a:
2e:be:b7:b5:55:27:ed:b0:79:ed:23:96:3b:59:bd:9f:ce:9e:
11:c7:41:22:14:7c:85:b2:0f:64:45:15:25:b6:fa:73:e8:b4:
43:61:27:ef:05:2f:6f:89:3f:19:77:5d:11:96:ae:55:19:f2:
10:41:59:66:9c:79:b2:fb:7b:02:30:0b:97:49:59:0d:20:72:
8b:38:c1:c9:ba:36:ae:8b:86:53:6f:9a:29:86:f5:dd:20:46:
71:4b:70:25:aa:d7:9e:00:a5:d6:f7:a0:b4:7b:1b:94:b0:cd:
34:94:35:c8:a4:e5:1e:bb:d1:cc:6e:7c:9d:b4:c1:8e:cc:89:
1f:46:7c:00
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQljzaQbwRa9LLjNT5bRKvhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNmY2ODA4ZTA2MDQ2OTcyNzBmYWEzYzNkYjE1OWY3ZmU5
OGVjZGQwHhcNMjUwMTAyMDU0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWRkNzIxZDdlNTQ3MmFhZjI4OTc1MWJmYWI5MTg5NWUzNmJjMTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfFiFYjcthfDYjy9ZxDivT6kAGUI
50rm4j2vzpY7H7hMoC5v5xG7qGzTxrNXrlVHTn0ZaW7IVk9mnoKgX53I66bQS5nd
h0UNZvkcPIf+uZFtV8aUfToiylguM7ZM1lExzJjB01tfioyFnMMIl+mI1riTpKeX
3ylK7UMKmx0ShDFiUwDqEdwTaLkWCJihCC3xT3E+EMOH5Uhbot+ieF/3CkAT8B0V
+zDFyuyAkOzFbTWwFOMayYW1F1Vplm16uW3Yd0t2wQAJ4LzKJcQ+yT3HEHs4zBVL
ZJkYcyIVfiN976zbjNKHC4WN32AKSek3dJWnJpBhN02bwNlK+d+PaXT6/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHHdch1+VHKq8ol1G/q5GJXja8F7MB8GA1UdIwQY
MBaAFCBvaAjgYEaXJw+qPD2xWff+mOzdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUc5b0NPQmdScGNuRDZvOFBiRlo5XzZZN04wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC8yNjVkM2EtYWVkNi00YmUyLWI0MmUt
ZWI2MmU4YzRkZmE5LzEvY2QxeUhYNVVjcXJ5aVhVYi1ya1lsZU5yd1hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC8yNjVkM2EtYWVkNi00YmUyLWI0MmUtZWI2MmU4YzRkZmE5
LzEvSUc5b0NPQmdScGNuRDZvOFBiRlo5XzZZN04wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubTYMA0E
AgACMAcDBQMqCq+AMA0GCSqGSIb3DQEBCwUAA4IBAQAmUqBBgPMBpv6eLJLsLEby
qzdP2y5+IstrAIPeZJQGCGC1X7Lo9aEgS1JlK4wjFawNJ3QgECDGNSFKrTRhhmhd
OgTlilNzmr8NQRW5FDQnmo7ZSDc9lUn2kqJ1jTmVZvIP8Ut3619BL94Do8m/penh
J7uF/uTzi6DDlegkh4ouvre1VSftsHntI5Y7Wb2fzp4Rx0EiFHyFsg9kRRUltvpz
6LRDYSfvBS9viT8Zd10Rlq5VGfIQQVlmnHmy+3sCMAuXSVkNIHKLOMHJujaui4ZT
b5ophvXdIEZxS3AlqteeAKXW96C0exuUsM00lDXIpOUeu9HMbnydtMGOzIkfRnwA
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:15:08 2025 by rpki-client