Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/861937-99fe-4b48-99b2-dd907b774f22/1/laAeiRTjp4GNBXXdJU4pihb2rOA.roa
File: laAeiRTjp4GNBXXdJU4pihb2rOA.roa (raw, json)
Hash identifier: YlbPNBqwlpUxS0nbzs30Cair3ruQVsJt4FifX/AUy1E=
Subject key identifier: 95:A0:1E:89:14:E3:A7:81:8D:05:75:DD:25:4E:29:8A:16:F6:AC:E0
Certificate issuer: /CN=776564fc206c4bc5db58f7efbbb1e8f88499e233
Certificate serial: 019427482388021C34DB2991CE9D431D7E0D
Authority key identifier: 77:65:64:FC:20:6C:4B:C5:DB:58:F7:EF:BB:B1:E8:F8:84:99:E2:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d2Vk_CBsS8XbWPfvu7Ho-ISZ4jM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/861937-99fe-4b48-99b2-dd907b774f22/1/laAeiRTjp4GNBXXdJU4pihb2rOA.roa
Signing time: Thu 02 Jan 2025 13:50:26 +0000
ROA not before: Thu 02 Jan 2025 13:50:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203462
IP address blocks: 185.134.68.0/22 maxlen: 24
185.139.181.0/24 maxlen: 24
185.139.182.0/24 maxlen: 24
2a06:eb00::/29 maxlen: 29
2a06:eb00::/32 maxlen: 32
2a06:eb01::/32 maxlen: 32
2a06:eb02::/32 maxlen: 32
2a06:eb03::/32 maxlen: 32
2a06:eb04::/32 maxlen: 32
2a06:eb05::/32 maxlen: 32
2a06:eb06::/32 maxlen: 32
2a06:eb07::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:23:88:02:1c:34:db:29:91:ce:9d:43:1d:7e:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=776564fc206c4bc5db58f7efbbb1e8f88499e233
Validity
Not Before: Jan 2 13:50:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95a01e8914e3a7818d0575dd254e298a16f6ace0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b5:08:1d:c8:b2:de:31:01:71:a1:57:7a:20:
f7:70:ed:3c:d4:86:0b:9f:a2:82:cc:63:ee:17:99:
f0:57:56:2e:08:f0:0e:35:5d:e3:55:e2:da:69:ed:
08:fc:c7:2a:db:98:83:30:d9:72:09:d0:f9:89:9a:
07:e8:91:1d:fb:c2:21:91:b3:23:61:66:64:b8:bd:
3a:64:bb:fb:d4:2e:f4:e1:2b:af:e3:d6:54:c2:64:
b5:82:bf:02:4f:eb:19:1b:65:85:de:c9:d6:a1:af:
67:b6:2c:6a:0a:13:e3:d6:ff:92:9f:dc:1d:5f:4c:
49:7e:fb:99:77:c6:25:7f:d6:f3:0d:94:d7:44:80:
c7:00:59:ee:d8:5d:a4:df:65:70:39:90:8e:4a:3b:
6c:95:25:25:d9:f3:2d:a8:fd:c3:c5:9b:86:4f:8f:
09:b0:61:79:8a:6d:30:01:b8:c4:42:f4:53:df:13:
fc:da:41:8b:66:ef:35:01:7d:06:f4:37:45:f4:e8:
57:ab:94:b4:5f:91:7a:63:fc:7a:5f:d1:80:8c:d1:
77:23:8b:6d:a6:6a:c8:64:45:f6:9d:60:5f:d0:d6:
6a:15:63:ea:64:cd:08:89:fc:19:25:1c:82:f5:ed:
21:cc:53:ee:88:c8:05:36:25:2b:d9:43:86:c8:ea:
57:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:A0:1E:89:14:E3:A7:81:8D:05:75:DD:25:4E:29:8A:16:F6:AC:E0
X509v3 Authority Key Identifier:
keyid:77:65:64:FC:20:6C:4B:C5:DB:58:F7:EF:BB:B1:E8:F8:84:99:E2:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2Vk_CBsS8XbWPfvu7Ho-ISZ4jM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/861937-99fe-4b48-99b2-dd907b774f22/1/laAeiRTjp4GNBXXdJU4pihb2rOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/861937-99fe-4b48-99b2-dd907b774f22/1/d2Vk_CBsS8XbWPfvu7Ho-ISZ4jM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.134.68.0/22
185.139.181.0-185.139.182.255
IPv6:
2a06:eb00::/29
Signature Algorithm: sha256WithRSAEncryption
8b:58:53:b5:62:be:9e:3b:4f:1d:2c:f9:ba:9b:d8:2c:86:d3:
15:9e:c0:1d:67:60:85:60:d3:45:01:f5:8c:32:dd:ea:9e:c7:
3d:48:51:12:3b:0e:ca:51:c8:8e:86:5d:e6:a4:7a:cb:ba:ad:
3b:7b:d5:80:71:cb:1e:26:17:8b:7e:b4:64:53:8b:73:fd:3c:
95:a9:b5:6c:3b:8e:b7:77:94:3d:5c:a3:db:e7:94:d0:3a:a8:
7f:06:60:ce:9d:41:36:f8:e2:95:c3:54:a0:f8:01:e4:6c:ed:
1a:06:f1:59:60:b0:05:77:c2:0f:ba:0f:4e:79:d3:d0:b9:06:
ab:81:5d:2b:cc:10:0c:7c:57:22:3b:d7:c9:76:24:cf:59:21:
64:32:3c:b9:c8:86:c9:e4:c1:d0:b8:2b:61:50:5e:69:37:30:
5c:0c:96:9b:19:80:fb:5c:89:62:53:00:ee:78:2e:39:74:81:
a7:5f:88:ed:dd:80:40:cf:5f:8c:ab:8f:d1:b1:69:31:2d:b1:
d7:c0:ff:98:ad:85:94:17:dc:bf:bf:e3:4d:c2:f3:f7:00:db:
eb:36:85:37:be:ec:f5:95:d0:56:6e:4e:81:ca:76:6a:f5:d9:
3f:4a:eb:90:c2:d7:8e:30:b9:07:d3:ba:f3:b2:62:57:87:3d:
f2:48:93:a8
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQnSCOIAhw02ymRzp1DHX4NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NjU2NGZjMjA2YzRiYzVkYjU4ZjdlZmJiYjFlOGY4ODQ5
OWUyMzMwHhcNMjUwMTAyMTM1MDI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWEwMWU4OTE0ZTNhNzgxOGQwNTc1ZGQyNTRlMjk4YTE2ZjZhY2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7UIHciy3jEBcaFXeiD3cO081IYL
n6KCzGPuF5nwV1YuCPAONV3jVeLaae0I/Mcq25iDMNlyCdD5iZoH6JEd+8IhkbMj
YWZkuL06ZLv71C704Suv49ZUwmS1gr8CT+sZG2WF3snWoa9ntixqChPj1v+Sn9wd
X0xJfvuZd8Ylf9bzDZTXRIDHAFnu2F2k32VwOZCOSjtslSUl2fMtqP3DxZuGT48J
sGF5im0wAbjEQvRT3xP82kGLZu81AX0G9DdF9OhXq5S0X5F6Y/x6X9GAjNF3I4tt
pmrIZEX2nWBf0NZqFWPqZM0IifwZJRyC9e0hzFPuiMgFNiUr2UOGyOpXzQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJWgHokU46eBjQV13SVOKYoW9qzgMB8GA1UdIwQY
MBaAFHdlZPwgbEvF21j377ux6PiEmeIzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDJWa19DQnNTOFhiV1BmdnU3SG8tSVNaNGpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi84NjE5MzctOTlmZS00YjQ4LTk5YjIt
ZGQ5MDdiNzc0ZjIyLzEvbGFBZWlSVGpwNEdOQlhYZEpVNHBpaGIyck9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi84NjE5MzctOTlmZS00YjQ4LTk5YjItZGQ5MDdiNzc0ZjIy
LzEvZDJWa19DQnNTOFhiV1BmdnU3SG8tSVNaNGpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCuYZEMAwD
BAC5i7UDBAC5i7YwDQQCAAIwBwMFAyoG6wAwDQYJKoZIhvcNAQELBQADggEBAItY
U7Vivp47Tx0s+bqb2CyG0xWewB1nYIVg00UB9Ywy3eqexz1IURI7DspRyI6GXeak
esu6rTt71YBxyx4mF4t+tGRTi3P9PJWptWw7jrd3lD1co9vnlNA6qH8GYM6dQTb4
4pXDVKD4AeRs7RoG8VlgsAV3wg+6D05509C5BquBXSvMEAx8VyI718l2JM9ZIWQy
PLnIhsnkwdC4K2FQXmk3MFwMlpsZgPtciWJTAO54Ljl0gadfiO3dgEDPX4yrj9Gx
aTEtsdfA/5ithZQX3L+/403C8/cA2+s2hTe+7PWV0FZuToHKdmr12T9K65DC144w
uQfTuvOyYleHPfJIk6g=
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:01:56 2025 by rpki-client