Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/52bea4-0abd-4719-a64b-e47c58ce533c/1/1ENw1gcCvt1Pmax0p8zhB7SKAEg.roa
File: 1ENw1gcCvt1Pmax0p8zhB7SKAEg.roa (raw, json)
Hash identifier: 1qhYf9E0Pe4/V/O+LSKzrT8cldjvFnxKyFJ5/QtS500=
Subject key identifier: D4:43:70:D6:07:02:BE:DD:4F:99:AC:74:A7:CC:E1:07:B4:8A:00:48
Certificate issuer: /CN=01867d98b05217af1afaca7226bbd613370749f0
Certificate serial: 0194258F58B5290FDD8CAEB2E70CB0208367
Authority key identifier: 01:86:7D:98:B0:52:17:AF:1A:FA:CA:72:26:BB:D6:13:37:07:49:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AYZ9mLBSF68a-spyJrvWEzcHSfA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/52bea4-0abd-4719-a64b-e47c58ce533c/1/1ENw1gcCvt1Pmax0p8zhB7SKAEg.roa
Signing time: Thu 02 Jan 2025 05:48:58 +0000
ROA not before: Thu 02 Jan 2025 05:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42217
IP address blocks: 185.206.40.0/22 maxlen: 24
2a0b:fc0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:58:b5:29:0f:dd:8c:ae:b2:e7:0c:b0:20:83:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01867d98b05217af1afaca7226bbd613370749f0
Validity
Not Before: Jan 2 05:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d44370d60702bedd4f99ac74a7cce107b48a0048
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:49:3e:95:d5:5c:9a:9c:d4:c7:5e:ae:52:c8:
1b:32:9d:77:fc:25:06:b5:12:2f:ea:7d:dc:2a:ac:
d0:f8:a6:8f:5e:33:9b:1b:dd:a3:79:05:ad:34:62:
fd:86:c2:f0:65:c7:1b:c2:10:5f:bc:fa:0c:8d:a4:
48:b2:0a:14:33:20:63:72:c6:6c:f0:56:17:0d:d2:
23:7f:66:ed:1d:11:cc:6c:18:e1:29:ff:6e:05:4f:
ec:61:c0:b0:bf:7d:df:5f:c3:33:49:75:4f:48:36:
1b:56:5a:e1:b4:24:96:c8:2c:3b:41:02:76:97:90:
25:e8:04:45:fb:77:f5:2a:74:e1:71:9b:c0:ab:aa:
9f:16:c2:a3:4d:84:05:82:f0:fa:d3:dc:6b:ea:75:
fa:fc:03:07:6e:55:ef:8e:da:05:a2:1b:b6:93:c4:
6a:29:ef:59:83:af:47:9e:85:91:15:2d:b1:1a:3d:
2d:d9:8a:34:c9:db:94:08:20:70:d5:af:fd:13:93:
5a:a5:f6:07:3f:8b:79:0b:52:c4:cc:af:4a:5c:66:
53:0b:bb:55:f3:a9:a7:e8:17:60:36:bd:ce:23:a2:
85:26:d6:b4:2d:b3:80:67:c0:cf:9f:d1:02:73:63:
a9:09:74:e2:17:a1:92:8a:6a:2b:0c:fc:45:7d:6c:
2c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:43:70:D6:07:02:BE:DD:4F:99:AC:74:A7:CC:E1:07:B4:8A:00:48
X509v3 Authority Key Identifier:
keyid:01:86:7D:98:B0:52:17:AF:1A:FA:CA:72:26:BB:D6:13:37:07:49:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AYZ9mLBSF68a-spyJrvWEzcHSfA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/52bea4-0abd-4719-a64b-e47c58ce533c/1/1ENw1gcCvt1Pmax0p8zhB7SKAEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/52bea4-0abd-4719-a64b-e47c58ce533c/1/AYZ9mLBSF68a-spyJrvWEzcHSfA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.40.0/22
IPv6:
2a0b:fc0::/29
Signature Algorithm: sha256WithRSAEncryption
59:3c:2e:7f:ca:09:da:2c:0d:f1:e2:a7:1c:22:e0:d6:6b:8d:
ef:a3:89:a5:2f:b0:2c:ed:b9:ef:fc:54:b1:91:91:ba:11:d3:
77:fb:51:a7:09:1f:e6:74:b8:39:d7:f6:18:ff:63:09:a4:95:
ea:a9:e2:ba:99:a0:66:3d:5c:c8:cf:82:d7:2c:0b:d3:41:7e:
87:4f:0b:b3:b6:34:07:cf:be:a5:3c:b7:0e:5a:8a:8d:1f:8c:
e5:c3:b5:48:b8:c0:2c:25:2c:38:04:b6:84:72:de:5b:09:24:
f5:5b:26:d0:e8:36:06:53:0d:5b:c6:3c:4e:da:77:1e:6c:10:
18:73:8e:0f:a5:df:fc:a5:94:42:92:17:ff:4d:f9:f3:60:1c:
9a:2e:49:0b:8e:36:86:ed:d2:4b:e0:24:43:db:b6:4e:5e:fb:
35:4e:a1:f5:ea:4e:79:a1:de:da:d5:81:f8:7b:5a:50:76:9b:
6a:36:e0:9e:81:69:91:f3:ce:33:87:e0:61:cf:a4:00:46:7f:
3f:81:23:61:13:e9:bf:08:74:90:ef:44:d2:cc:9f:4e:36:bd:
47:88:7a:56:19:e5:29:b9:15:c2:7c:46:c4:bd:1c:c8:50:89:
79:20:c4:ff:96:a3:9f:26:fb:83:88:91:45:07:57:08:1a:02:
c7:a3:8b:66
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlj1i1KQ/djK6y5wywIINnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxODY3ZDk4YjA1MjE3YWYxYWZhY2E3MjI2YmJkNjEzMzcw
NzQ5ZjAwHhcNMjUwMTAyMDU0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDQzNzBkNjA3MDJiZWRkNGY5OWFjNzRhN2NjZTEwN2I0OGEwMDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Uk+ldVcmpzUx16uUsgbMp13/CUG
tRIv6n3cKqzQ+KaPXjObG92jeQWtNGL9hsLwZccbwhBfvPoMjaRIsgoUMyBjcsZs
8FYXDdIjf2btHRHMbBjhKf9uBU/sYcCwv33fX8MzSXVPSDYbVlrhtCSWyCw7QQJ2
l5Al6ARF+3f1KnThcZvAq6qfFsKjTYQFgvD609xr6nX6/AMHblXvjtoFohu2k8Rq
Ke9Zg69HnoWRFS2xGj0t2Yo0yduUCCBw1a/9E5NapfYHP4t5C1LEzK9KXGZTC7tV
86mn6BdgNr3OI6KFJta0LbOAZ8DPn9ECc2OpCXTiF6GSimorDPxFfWwszQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNRDcNYHAr7dT5msdKfM4Qe0igBIMB8GA1UdIwQY
MBaAFAGGfZiwUhevGvrKcia71hM3B0nwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVlaOW1MQlNGNjhhLXNweUpydldFemNIU2ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC81MmJlYTQtMGFiZC00NzE5LWE2NGIt
ZTQ3YzU4Y2U1MzNjLzEvMUVOdzFnY0N2dDFQbWF4MHA4emhCN1NLQUVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC81MmJlYTQtMGFiZC00NzE5LWE2NGItZTQ3YzU4Y2U1MzNj
LzEvQVlaOW1MQlNGNjhhLXNweUpydldFemNIU2ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuc4oMA0E
AgACMAcDBQMqCw/AMA0GCSqGSIb3DQEBCwUAA4IBAQBZPC5/ygnaLA3x4qccIuDW
a43vo4mlL7As7bnv/FSxkZG6EdN3+1GnCR/mdLg51/YY/2MJpJXqqeK6maBmPVzI
z4LXLAvTQX6HTwuztjQHz76lPLcOWoqNH4zlw7VIuMAsJSw4BLaEct5bCST1WybQ
6DYGUw1bxjxO2ncebBAYc44Ppd/8pZRCkhf/TfnzYByaLkkLjjaG7dJL4CRD27ZO
Xvs1TqH16k55od7a1YH4e1pQdptqNuCegWmR884zh+Bhz6QARn8/gSNhE+m/CHSQ
70TSzJ9ONr1HiHpWGeUpuRXCfEbEvRzIUIl5IMT/lqOfJvuDiJFFB1cIGgLHo4tm
-----END CERTIFICATE-----
Generated at Fri Apr 25 21:50:37 2025 by rpki-client