Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/b9a936-2ec7-494c-95d2-eab40be48cc1/1/1-73UFjQEbEaiw-VEpYxtRIeSwTw.roa
File: 1-73UFjQEbEaiw-VEpYxtRIeSwTw.roa (raw, json)
Hash identifier: Xec6kbupZB2RH/ACciM0eanhiUxUAjw16Uj0UlJXaPY=
Subject key identifier: FB:BD:D4:16:34:04:6C:46:A2:C3:E5:44:A5:8C:6D:44:87:92:C1:3C
Certificate issuer: /CN=dae70ef6feb813ed9dbb967d0513cf2043d3a347
Certificate serial: 01942522286B1DDAE0CC30930BFA2311A04E
Authority key identifier: DA:E7:0E:F6:FE:B8:13:ED:9D:BB:96:7D:05:13:CF:20:43:D3:A3:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ucO9v64E-2du5Z9BRPPIEPTo0c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/b9a936-2ec7-494c-95d2-eab40be48cc1/1/1-73UFjQEbEaiw-VEpYxtRIeSwTw.roa
Signing time: Thu 02 Jan 2025 03:49:43 +0000
ROA not before: Thu 02 Jan 2025 03:49:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201782
IP address blocks: 185.63.180.0/22 maxlen: 22
2a03:da0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:28:6b:1d:da:e0:cc:30:93:0b:fa:23:11:a0:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dae70ef6feb813ed9dbb967d0513cf2043d3a347
Validity
Not Before: Jan 2 03:49:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fbbdd41634046c46a2c3e544a58c6d448792c13c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:08:68:77:e4:ea:d9:86:aa:e6:8e:02:a0:68:
74:bc:b7:55:14:83:63:6f:16:d3:7c:49:b7:d3:eb:
e2:99:46:b9:2a:f3:8c:5f:5b:71:02:32:21:c9:ad:
65:61:3f:8f:44:c0:4f:fc:0f:84:ec:0d:34:15:7c:
f0:d6:dc:bd:08:66:96:46:27:a2:6c:35:c1:d7:db:
c2:e3:49:30:6d:da:0b:ae:fa:ab:6b:df:96:cd:8b:
d9:23:65:03:a5:91:1e:22:2b:6a:e2:35:4c:93:af:
83:cd:6e:7c:bf:72:71:05:f6:1c:4f:79:0e:d3:1e:
e9:e1:e7:ec:34:db:2c:16:0e:52:9d:2b:11:8c:fd:
54:2b:3b:32:6a:02:c2:02:8c:69:35:37:94:19:ae:
74:12:0c:6e:d1:b8:b5:5c:38:29:59:55:e3:b0:66:
5a:1a:ed:ae:93:ed:b3:4c:47:15:f2:c6:92:0f:62:
03:4a:14:53:77:ce:62:af:82:28:cf:ec:29:a8:aa:
5f:db:9a:d1:5d:55:a8:da:b0:3a:c4:ea:d3:91:a9:
ca:14:60:9b:d3:ce:2c:ba:97:a0:ae:fd:8d:2a:03:
54:32:94:97:12:7d:6f:9a:6b:cb:5f:97:62:17:b6:
bb:ec:ca:16:19:0f:ff:55:e7:1a:14:7a:10:32:d0:
2b:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:BD:D4:16:34:04:6C:46:A2:C3:E5:44:A5:8C:6D:44:87:92:C1:3C
X509v3 Authority Key Identifier:
keyid:DA:E7:0E:F6:FE:B8:13:ED:9D:BB:96:7D:05:13:CF:20:43:D3:A3:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ucO9v64E-2du5Z9BRPPIEPTo0c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/b9a936-2ec7-494c-95d2-eab40be48cc1/1/1-73UFjQEbEaiw-VEpYxtRIeSwTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/b9a936-2ec7-494c-95d2-eab40be48cc1/1/2ucO9v64E-2du5Z9BRPPIEPTo0c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.63.180.0/22
IPv6:
2a03:da0::/32
Signature Algorithm: sha256WithRSAEncryption
74:a0:04:12:24:06:21:b8:ed:89:dd:24:cc:20:f8:6b:1c:90:
8a:72:28:e6:3f:eb:b4:d7:aa:30:f2:a6:74:32:70:16:95:82:
1a:ff:49:dc:42:41:38:80:8a:99:9f:eb:b7:74:27:49:80:71:
d9:6f:e6:89:e8:bb:a8:f5:56:23:6f:1a:51:47:ab:7f:20:8d:
38:50:d9:c5:f3:b5:45:06:d5:b5:fa:0f:b1:1f:2f:f4:ab:8d:
20:20:f1:49:3d:b4:a1:2e:a4:46:54:3f:7d:1a:39:ef:98:07:
1d:d7:51:3f:8d:15:00:cb:4f:e9:2b:10:8f:91:e0:6e:07:56:
66:b2:26:58:46:ac:2b:d4:41:e9:81:7b:1c:f1:f4:be:d7:3e:
a8:4d:d2:31:3c:2b:35:8a:d2:75:84:3c:de:a0:06:54:d1:a4:
93:18:fb:5b:85:1a:52:a4:3c:b7:fa:81:99:e8:1e:42:bb:96:
ba:13:c5:1a:43:67:96:5c:dc:90:f3:74:68:ba:ff:d1:62:55:
78:21:c3:09:2d:41:0e:3b:99:5c:0c:45:e4:f0:54:76:21:21:
fd:c4:93:2f:1f:71:11:33:78:33:79:09:08:93:f2:f6:03:7e:
dd:97:78:ec:0e:47:ea:96:6f:af:10:c1:19:92:db:ef:e6:c0:
9e:bf:8c:e2
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQlIihrHdrgzDCTC/ojEaBOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZTcwZWY2ZmViODEzZWQ5ZGJiOTY3ZDA1MTNjZjIwNDNk
M2EzNDcwHhcNMjUwMTAyMDM0OTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmJkZDQxNjM0MDQ2YzQ2YTJjM2U1NDRhNThjNmQ0NDg3OTJjMTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvghod+Tq2Yaq5o4CoGh0vLdVFINj
bxbTfEm30+vimUa5KvOMX1txAjIhya1lYT+PRMBP/A+E7A00FXzw1ty9CGaWRiei
bDXB19vC40kwbdoLrvqra9+WzYvZI2UDpZEeIitq4jVMk6+DzW58v3JxBfYcT3kO
0x7p4efsNNssFg5SnSsRjP1UKzsyagLCAoxpNTeUGa50Egxu0bi1XDgpWVXjsGZa
Gu2uk+2zTEcV8saSD2IDShRTd85ir4Ioz+wpqKpf25rRXVWo2rA6xOrTkanKFGCb
084supegrv2NKgNUMpSXEn1vmmvLX5diF7a77MoWGQ//VecaFHoQMtArPwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPu91BY0BGxGosPlRKWMbUSHksE8MB8GA1UdIwQY
MBaAFNrnDvb+uBPtnbuWfQUTzyBD06NHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnVjTzl2NjRFLTJkdTVaOUJSUFBJRVBUbzBjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9iOWE5MzYtMmVjNy00OTRjLTk1ZDIt
ZWFiNDBiZTQ4Y2MxLzEvMS03M1VGalFFYkVhaXctVkVwWXh0UkllU3dUdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjcvYjlhOTM2LTJlYzctNDk0Yy05NWQyLWVhYjQwYmU0OGNj
MS8xLzJ1Y085djY0RS0yZHU1WjlCUlBQSUVQVG8wYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArk/tDAN
BAIAAjAHAwUAKgMNoDANBgkqhkiG9w0BAQsFAAOCAQEAdKAEEiQGIbjtid0kzCD4
axyQinIo5j/rtNeqMPKmdDJwFpWCGv9J3EJBOICKmZ/rt3QnSYBx2W/miei7qPVW
I28aUUerfyCNOFDZxfO1RQbVtfoPsR8v9KuNICDxST20oS6kRlQ/fRo575gHHddR
P40VAMtP6SsQj5HgbgdWZrImWEasK9RB6YF7HPH0vtc+qE3SMTwrNYrSdYQ83qAG
VNGkkxj7W4UaUqQ8t/qBmegeQruWuhPFGkNnllzckPN0aLr/0WJVeCHDCS1BDjuZ
XAxF5PBUdiEh/cSTLx9xETN4M3kJCJPy9gN+3Zd47A5H6pZvrxDBGZLb7+bAnr+M
4g==
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:34:03 2025 by rpki-client