Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/2E5B6hTQ8FYt2qCEddzv6E09HfU.roa
File: 2E5B6hTQ8FYt2qCEddzv6E09HfU.roa (raw, json)
Hash identifier: YU3JzyaYxmpBfxew9K/2XcID/FBkgDQAWKRh4zEO3iM=
Subject key identifier: D8:4E:41:EA:14:D0:F0:56:2D:DA:A0:84:75:DC:EF:E8:4D:3D:1D:F5
Certificate issuer: /CN=a316c7659af1d56bc718faf614f092758f5edc7f
Certificate serial: 0194258F1576318DBACFBA5D28256EAE76E1
Authority key identifier: A3:16:C7:65:9A:F1:D5:6B:C7:18:FA:F6:14:F0:92:75:8F:5E:DC:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oxbHZZrx1WvHGPr2FPCSdY9e3H8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/2E5B6hTQ8FYt2qCEddzv6E09HfU.roa
Signing time: Thu 02 Jan 2025 05:48:41 +0000
ROA not before: Thu 02 Jan 2025 05:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206998
IP address blocks: 185.221.85.0/24 maxlen: 24
185.221.86.0/24 maxlen: 24
2a0d:8000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:15:76:31:8d:ba:cf:ba:5d:28:25:6e:ae:76:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a316c7659af1d56bc718faf614f092758f5edc7f
Validity
Not Before: Jan 2 05:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d84e41ea14d0f0562ddaa08475dcefe84d3d1df5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:aa:14:69:bf:32:78:c4:90:af:15:6b:a2:1d:
4e:2f:66:db:5c:56:a3:6e:37:7f:63:c3:6b:6d:c6:
fb:c6:08:02:0b:3b:c7:bd:39:cf:b2:de:6a:9b:a7:
58:f2:af:59:41:f0:6d:76:7f:29:fe:78:14:bc:74:
4b:dc:0b:2d:1d:db:cf:54:eb:48:d9:f0:3d:63:af:
0c:0f:21:06:8e:55:9f:4b:3a:89:92:96:80:47:d7:
74:35:36:3a:93:b9:ab:67:76:60:46:83:88:f1:55:
e0:74:53:25:b8:ec:ac:b2:e8:94:58:e0:17:58:16:
ad:ef:01:71:c1:99:8c:73:e8:cb:b7:90:73:c5:37:
c4:2c:dd:fe:1f:47:cb:9b:3c:3e:73:d6:51:58:a5:
00:68:ef:f3:b1:f3:d2:74:28:e7:7f:90:70:a6:51:
dd:55:92:fd:c2:09:59:b4:2a:5c:b3:12:52:c5:a8:
a7:f7:d2:18:40:fa:e6:85:51:c8:03:b4:1c:a0:d7:
bb:00:88:07:31:79:db:58:2a:3c:8b:a0:12:d6:90:
d2:04:89:3d:a1:54:ca:e5:81:44:6f:de:f1:8f:cf:
b6:b3:9c:6f:82:c5:f6:d2:57:3b:3f:0d:09:02:cd:
97:50:4d:4f:37:e9:16:8f:fc:eb:81:17:63:1a:78:
af:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:4E:41:EA:14:D0:F0:56:2D:DA:A0:84:75:DC:EF:E8:4D:3D:1D:F5
X509v3 Authority Key Identifier:
keyid:A3:16:C7:65:9A:F1:D5:6B:C7:18:FA:F6:14:F0:92:75:8F:5E:DC:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oxbHZZrx1WvHGPr2FPCSdY9e3H8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/2E5B6hTQ8FYt2qCEddzv6E09HfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/oxbHZZrx1WvHGPr2FPCSdY9e3H8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.85.0-185.221.86.255
IPv6:
2a0d:8000::/48
Signature Algorithm: sha256WithRSAEncryption
a5:10:8a:15:5a:f3:e1:58:84:7a:27:e1:a0:a1:a9:39:da:84:
89:a4:dd:17:a7:aa:d9:80:74:bc:f4:a2:dc:b1:42:4e:ac:8c:
60:32:95:ab:3a:21:ed:18:a8:2d:bf:b5:3e:74:6c:4f:ca:03:
c8:3c:0a:dd:5f:48:a3:65:f9:4d:76:ee:ea:f9:61:c0:81:85:
8a:91:ad:8c:54:a8:88:33:69:b0:78:f9:f2:86:cf:2a:85:f9:
c9:c3:38:64:a5:fd:63:bb:d7:b7:df:61:38:33:1c:ce:c2:9d:
64:1e:b1:6e:b9:5f:be:8e:f5:f0:00:4d:7a:40:8e:33:81:e7:
5a:f9:6f:a9:f8:78:6e:42:1e:2d:ab:f9:02:9f:5c:23:e2:df:
14:96:c0:53:2a:1d:ef:79:d4:8a:6a:65:8a:bc:34:4e:81:44:
f8:00:14:99:67:74:24:7f:20:c6:80:7a:b1:e2:9c:60:32:86:
3a:cb:0c:0c:54:bf:f2:9f:a9:f3:30:7c:1b:15:2f:37:d0:61:
26:a5:ca:1c:3b:35:a3:dd:e2:4c:11:58:52:bf:df:81:a4:70:
eb:88:26:78:e3:01:a8:98:5b:64:2a:25:50:38:83:0f:9b:38:
3d:f3:b9:f3:04:0a:5c:2b:0e:21:6b:a4:05:4c:97:a2:cd:a8:
33:5c:dc:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQljxV2MY26z7pdKCVurnbhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMTZjNzY1OWFmMWQ1NmJjNzE4ZmFmNjE0ZjA5Mjc1OGY1
ZWRjN2YwHhcNMjUwMTAyMDU0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODRlNDFlYTE0ZDBmMDU2MmRkYWEwODQ3NWRjZWZlODRkM2QxZGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaoUab8yeMSQrxVroh1OL2bbXFaj
bjd/Y8Nrbcb7xggCCzvHvTnPst5qm6dY8q9ZQfBtdn8p/ngUvHRL3AstHdvPVOtI
2fA9Y68MDyEGjlWfSzqJkpaAR9d0NTY6k7mrZ3ZgRoOI8VXgdFMluOyssuiUWOAX
WBat7wFxwZmMc+jLt5BzxTfELN3+H0fLmzw+c9ZRWKUAaO/zsfPSdCjnf5BwplHd
VZL9wglZtCpcsxJSxain99IYQPrmhVHIA7QcoNe7AIgHMXnbWCo8i6AS1pDSBIk9
oVTK5YFEb97xj8+2s5xvgsX20lc7Pw0JAs2XUE1PN+kWj/zrgRdjGnivZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNhOQeoU0PBWLdqghHXc7+hNPR31MB8GA1UdIwQY
MBaAFKMWx2Wa8dVrxxj69hTwknWPXtx/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3hiSFpacngxV3ZIR1ByMkZQQ1NkWTllM0g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8zMGQ0ZTgtZTA5MC00YmYyLTgxODUt
MzY4N2M4MThlZGU1LzEvMkU1QjZoVFE4Rll0MnFDRWRkenY2RTA5SGZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8zMGQ0ZTgtZTA5MC00YmYyLTgxODUtMzY4N2M4MThlZGU1
LzEvb3hiSFpacngxV3ZIR1ByMkZQQ1NkWTllM0g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAC53VUD
BAC53VYwDwQCAAIwCQMHACoNgAAAADANBgkqhkiG9w0BAQsFAAOCAQEApRCKFVrz
4ViEeifhoKGpOdqEiaTdF6eq2YB0vPSi3LFCTqyMYDKVqzoh7RioLb+1PnRsT8oD
yDwK3V9Io2X5TXbu6vlhwIGFipGtjFSoiDNpsHj58obPKoX5ycM4ZKX9Y7vXt99h
ODMczsKdZB6xbrlfvo718ABNekCOM4HnWvlvqfh4bkIeLav5Ap9cI+LfFJbAUyod
73nUimplirw0ToFE+AAUmWd0JH8gxoB6seKcYDKGOssMDFS/8p+p8zB8GxUvN9Bh
JqXKHDs1o93iTBFYUr/fgaRw64gmeOMBqJhbZColUDiDD5s4PfO58wQKXCsOIWuk
BUyXos2oM1zc9A==
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:09:50 2025 by rpki-client