Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/ea41e0-7b51-490f-8d1f-77d65ef305b0/1/p2E40VAywU1E-b5C3yq5INQnhfY.roa
File: p2E40VAywU1E-b5C3yq5INQnhfY.roa (raw, json)
Hash identifier: +wh8lIkPmW8LdXYFPZaG+wiXZeTnTUYIdRcRymup/Rw=
Subject key identifier: A7:61:38:D1:50:32:C1:4D:44:F9:BE:42:DF:2A:B9:20:D4:27:85:F6
Certificate issuer: /CN=5904abeb0ed4ff866c065fe36c2c6284e2520b42
Certificate serial: 019424458F4BE11B7482549A799E1700954B
Authority key identifier: 59:04:AB:EB:0E:D4:FF:86:6C:06:5F:E3:6C:2C:62:84:E2:52:0B:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WQSr6w7U_4ZsBl_jbCxihOJSC0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/ea41e0-7b51-490f-8d1f-77d65ef305b0/1/p2E40VAywU1E-b5C3yq5INQnhfY.roa
Signing time: Wed 01 Jan 2025 23:48:45 +0000
ROA not before: Wed 01 Jan 2025 23:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199562
IP address blocks: 185.10.224.0/22 maxlen: 24
185.10.227.0/24 maxlen: 24
2a03:6640::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:8f:4b:e1:1b:74:82:54:9a:79:9e:17:00:95:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5904abeb0ed4ff866c065fe36c2c6284e2520b42
Validity
Not Before: Jan 1 23:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a76138d15032c14d44f9be42df2ab920d42785f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:24:86:45:17:72:5d:f4:79:15:60:e1:4d:ed:
0a:5c:b6:cf:7d:03:84:15:36:38:48:d8:a8:8d:4a:
a6:f6:cb:c8:8e:a3:26:6e:b3:04:ea:72:22:23:05:
03:10:b7:d6:26:74:96:ac:57:e7:32:d5:73:3d:16:
a3:f2:5a:22:d0:d8:ec:47:11:4d:c0:06:a3:7f:b0:
d5:d1:50:68:24:33:21:a2:d3:17:ef:91:a3:8e:bb:
40:7a:11:bb:c3:c2:ee:45:83:51:0a:93:1f:06:6d:
83:1a:71:60:a7:7e:6c:2a:23:4e:a5:3a:c7:ab:fa:
c4:c9:06:29:f0:5d:32:30:ea:43:6f:12:1e:5b:52:
af:ad:18:8b:d3:fa:ef:ec:b6:c0:aa:67:d8:e7:4c:
32:4d:19:bf:80:e5:a3:b1:3a:59:33:aa:b6:b5:4d:
cf:11:a7:d0:bd:dc:75:b9:76:80:f8:85:1e:a0:e2:
da:d9:16:8b:6a:d9:5c:8b:d0:2a:06:0c:8e:37:86:
a3:b1:ac:3e:d9:de:c8:b0:2c:14:02:4d:6f:15:16:
70:69:38:66:49:f9:1d:da:ae:56:48:73:71:0b:61:
25:64:b7:34:c4:32:5a:6b:ad:fb:99:02:ab:5f:bd:
67:a5:20:78:8c:7a:58:88:f9:5a:f2:55:ae:74:8e:
1f:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:61:38:D1:50:32:C1:4D:44:F9:BE:42:DF:2A:B9:20:D4:27:85:F6
X509v3 Authority Key Identifier:
keyid:59:04:AB:EB:0E:D4:FF:86:6C:06:5F:E3:6C:2C:62:84:E2:52:0B:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WQSr6w7U_4ZsBl_jbCxihOJSC0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/ea41e0-7b51-490f-8d1f-77d65ef305b0/1/p2E40VAywU1E-b5C3yq5INQnhfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/ea41e0-7b51-490f-8d1f-77d65ef305b0/1/WQSr6w7U_4ZsBl_jbCxihOJSC0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.10.224.0/22
IPv6:
2a03:6640::/32
Signature Algorithm: sha256WithRSAEncryption
8a:50:ff:f9:e9:a3:32:ba:cc:0b:0d:ba:5c:f2:9d:9f:93:04:
ce:3c:c7:af:e0:35:ba:b6:3a:10:aa:a4:fd:75:cd:6a:c7:81:
bf:97:23:c6:dd:af:28:cf:f4:8b:1d:80:48:11:30:23:dd:33:
01:40:f9:e5:5c:9e:a8:a3:2f:f7:05:c3:e0:14:de:5b:b1:72:
d0:64:6e:a7:64:d6:43:a3:ce:f4:d6:ee:f0:df:f8:12:fd:76:
25:d5:bb:43:9b:c6:53:f2:c1:ce:e5:c7:24:29:92:a5:1f:66:
e2:76:9b:48:43:a6:c2:46:14:7d:f7:6f:8c:6a:9e:59:6f:13:
91:1d:6c:79:16:84:ba:4a:dc:33:38:ca:5f:ca:3d:5a:f7:5a:
4d:ac:fe:41:8b:0d:89:02:2e:be:d7:2d:ff:4f:03:69:11:d6:
19:20:b9:7f:6b:09:42:88:07:1b:4c:db:f9:7a:db:90:37:5e:
16:98:73:41:8f:fd:16:a2:cd:c5:fd:7a:05:95:ce:73:4e:25:
5a:b7:1a:8d:72:b9:be:fd:4d:33:30:96:4e:20:88:7f:2e:fd:
80:9a:d8:fb:c9:b8:30:45:79:50:ad:37:5d:59:28:41:60:d5:
d7:bb:5f:76:bb:24:a0:0f:51:5d:a2:e0:3c:c0:57:70:1a:6d:
7f:8c:df:28
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQkRY9L4Rt0glSaeZ4XAJVLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5MDRhYmViMGVkNGZmODY2YzA2NWZlMzZjMmM2Mjg0ZTI1
MjBiNDIwHhcNMjUwMTAxMjM0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzYxMzhkMTUwMzJjMTRkNDRmOWJlNDJkZjJhYjkyMGQ0Mjc4NWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCSGRRdyXfR5FWDhTe0KXLbPfQOE
FTY4SNiojUqm9svIjqMmbrME6nIiIwUDELfWJnSWrFfnMtVzPRaj8loi0NjsRxFN
wAajf7DV0VBoJDMhotMX75GjjrtAehG7w8LuRYNRCpMfBm2DGnFgp35sKiNOpTrH
q/rEyQYp8F0yMOpDbxIeW1KvrRiL0/rv7LbAqmfY50wyTRm/gOWjsTpZM6q2tU3P
EafQvdx1uXaA+IUeoOLa2RaLatlci9AqBgyON4ajsaw+2d7IsCwUAk1vFRZwaThm
Sfkd2q5WSHNxC2ElZLc0xDJaa637mQKrX71npSB4jHpYiPla8lWudI4fnQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKdhONFQMsFNRPm+Qt8quSDUJ4X2MB8GA1UdIwQY
MBaAFFkEq+sO1P+GbAZf42wsYoTiUgtCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1FTcjZ3N1VfNFpzQmxfamJDeGloT0pTQzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9lYTQxZTAtN2I1MS00OTBmLThkMWYt
NzdkNjVlZjMwNWIwLzEvcDJFNDBWQXl3VTFFLWI1QzN5cTVJTlFuaGZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9lYTQxZTAtN2I1MS00OTBmLThkMWYtNzdkNjVlZjMwNWIw
LzEvV1FTcjZ3N1VfNFpzQmxfamJDeGloT0pTQzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQrgMA0E
AgACMAcDBQAqA2ZAMA0GCSqGSIb3DQEBCwUAA4IBAQCKUP/56aMyuswLDbpc8p2f
kwTOPMev4DW6tjoQqqT9dc1qx4G/lyPG3a8oz/SLHYBIETAj3TMBQPnlXJ6ooy/3
BcPgFN5bsXLQZG6nZNZDo8701u7w3/gS/XYl1btDm8ZT8sHO5cckKZKlH2bidptI
Q6bCRhR992+Map5ZbxORHWx5FoS6StwzOMpfyj1a91pNrP5Biw2JAi6+1y3/TwNp
EdYZILl/awlCiAcbTNv5etuQN14WmHNBj/0Wos3F/XoFlc5zTiVatxqNcrm+/U0z
MJZOIIh/Lv2Amtj7ybgwRXlQrTddWShBYNXXu192uySgD1FdouA8wFdwGm1/jN8o
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:28:22 2025 by rpki-client