Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/5b21e3-3944-4ce6-aaf5-c0ba2f3fc72a/1/_b0z6FtQr_-kzugLqg8I9Bk1i60.roa
File: _b0z6FtQr_-kzugLqg8I9Bk1i60.roa (raw, json)
Hash identifier: wcGQMCEvkyuwbezuT9c/jFgmFbPZsuwa534V81cijII=
Subject key identifier: FD:BD:33:E8:5B:50:AF:FF:A4:CE:E8:0B:AA:0F:08:F4:19:35:8B:AD
Certificate issuer: /CN=5776d9a0b55bd495a1be3c5c03fa251d3de8b8c5
Certificate serial: 019427B547F85E1A992FB7E1EA66EE94F7CE
Authority key identifier: 57:76:D9:A0:B5:5B:D4:95:A1:BE:3C:5C:03:FA:25:1D:3D:E8:B8:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3bZoLVb1JWhvjxcA_olHT3ouMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/5b21e3-3944-4ce6-aaf5-c0ba2f3fc72a/1/_b0z6FtQr_-kzugLqg8I9Bk1i60.roa
Signing time: Thu 02 Jan 2025 15:49:39 +0000
ROA not before: Thu 02 Jan 2025 15:49:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47753
IP address blocks: 185.249.254.0/24 maxlen: 24
2a10:a641::/40 maxlen: 40
2a10:a647::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:47:f8:5e:1a:99:2f:b7:e1:ea:66:ee:94:f7:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5776d9a0b55bd495a1be3c5c03fa251d3de8b8c5
Validity
Not Before: Jan 2 15:49:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fdbd33e85b50afffa4cee80baa0f08f419358bad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d0:aa:6d:ad:1d:07:16:e3:57:7f:04:9a:3d:
86:85:20:ff:12:51:22:90:ec:57:65:8a:ae:99:e5:
ab:68:c7:76:c9:d3:3f:6a:6c:f1:02:98:83:97:11:
f8:55:44:07:a6:b8:ff:9c:94:e4:8c:af:77:bf:9e:
84:5e:4c:0c:ed:12:90:4b:12:1f:7d:7e:15:2c:d2:
d2:74:15:f5:63:8d:07:9a:f3:6b:f3:fc:43:2f:a3:
1a:a4:20:8c:9c:8b:f8:c2:c5:da:d5:6f:61:a2:e2:
6a:35:15:32:17:0d:96:45:85:df:50:bc:f6:21:49:
e5:35:d6:33:6c:e8:79:78:1c:6c:69:90:85:89:09:
18:00:6f:78:46:a4:d3:80:ca:0b:78:48:f4:64:e4:
60:66:2f:f6:fc:33:aa:cb:ef:46:82:22:2d:76:3b:
bd:4c:7c:7f:ab:75:a0:aa:fb:2c:b0:8f:be:3c:2a:
d0:72:fb:df:57:ea:e8:85:dc:58:2d:1e:7c:b8:83:
2d:a0:ab:d1:4e:a7:e7:ac:b0:5c:0f:97:3d:9f:37:
78:ca:9d:62:1a:fe:eb:54:6a:bd:79:b8:13:f8:9d:
7a:7d:14:75:2b:95:1b:76:c9:b9:89:38:d8:70:b1:
50:f1:d6:71:d8:f3:67:2d:5c:a0:6e:cc:da:6b:84:
f5:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:BD:33:E8:5B:50:AF:FF:A4:CE:E8:0B:AA:0F:08:F4:19:35:8B:AD
X509v3 Authority Key Identifier:
keyid:57:76:D9:A0:B5:5B:D4:95:A1:BE:3C:5C:03:FA:25:1D:3D:E8:B8:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3bZoLVb1JWhvjxcA_olHT3ouMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5b21e3-3944-4ce6-aaf5-c0ba2f3fc72a/1/_b0z6FtQr_-kzugLqg8I9Bk1i60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5b21e3-3944-4ce6-aaf5-c0ba2f3fc72a/1/V3bZoLVb1JWhvjxcA_olHT3ouMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.254.0/24
IPv6:
2a10:a641::/40
2a10:a647::/32
Signature Algorithm: sha256WithRSAEncryption
23:b1:97:1c:26:9f:a3:a8:ec:fa:ca:e6:2e:de:eb:cc:47:77:
b4:52:7e:1f:2c:2f:91:38:1e:ce:b3:61:4b:ff:92:e2:9b:47:
78:de:85:bc:0e:c4:1a:4f:80:ec:f7:f1:09:3e:17:23:3b:5a:
8a:97:5c:5b:d3:3f:29:29:e3:a8:35:b6:a0:10:e8:12:a1:85:
b1:c1:0a:9f:83:3e:2f:fd:7c:31:e7:95:54:39:4f:6d:08:4c:
b6:1a:3d:d0:a9:94:99:51:de:61:01:18:ac:11:04:9d:a8:4b:
59:e2:80:26:87:16:e8:b4:16:e4:07:41:13:a7:96:28:c7:39:
f5:4e:4f:cc:87:9a:e6:5e:46:dc:2a:16:87:b7:a2:00:8c:01:
31:62:3d:27:c4:dd:c5:c3:52:aa:d4:31:d3:6f:eb:2b:4e:96:
f4:56:81:8e:7a:65:9c:a3:9b:bf:16:06:c4:8d:a4:fd:f7:7a:
9a:fa:da:cb:fe:32:24:52:16:61:66:d2:62:de:ad:e8:73:a1:
92:0f:87:19:c6:be:65:bf:02:cc:c4:54:a6:e4:d3:11:84:b9:
c6:a1:c0:22:d2:cd:c2:50:d7:c0:b7:22:53:d6:16:03:ca:29:
03:02:1c:a0:53:f3:61:e2:a7:c8:ac:7c:52:9e:fc:d5:a9:ba:
7d:1c:08:11
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQntUf4XhqZL7fh6mbulPfOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NzZkOWEwYjU1YmQ0OTVhMWJlM2M1YzAzZmEyNTFkM2Rl
OGI4YzUwHhcNMjUwMTAyMTU0OTM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGJkMzNlODViNTBhZmZmYTRjZWU4MGJhYTBmMDhmNDE5MzU4YmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNCqba0dBxbjV38Emj2GhSD/ElEi
kOxXZYqumeWraMd2ydM/amzxApiDlxH4VUQHprj/nJTkjK93v56EXkwM7RKQSxIf
fX4VLNLSdBX1Y40HmvNr8/xDL6MapCCMnIv4wsXa1W9houJqNRUyFw2WRYXfULz2
IUnlNdYzbOh5eBxsaZCFiQkYAG94RqTTgMoLeEj0ZORgZi/2/DOqy+9GgiItdju9
THx/q3WgqvsssI++PCrQcvvfV+rohdxYLR58uIMtoKvRTqfnrLBcD5c9nzd4yp1i
Gv7rVGq9ebgT+J16fRR1K5Ubdsm5iTjYcLFQ8dZx2PNnLVygbszaa4T1PQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFP29M+hbUK//pM7oC6oPCPQZNYutMB8GA1UdIwQY
MBaAFFd22aC1W9SVob48XAP6JR096LjFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjNiWm9MVmIxSldodmp4Y0Ffb2xIVDNvdU1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS81YjIxZTMtMzk0NC00Y2U2LWFhZjUt
YzBiYTJmM2ZjNzJhLzEvX2IwejZGdFFyXy1renVnTHFnOEk5QmsxaTYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS81YjIxZTMtMzk0NC00Y2U2LWFhZjUtYzBiYTJmM2ZjNzJh
LzEvVjNiWm9MVmIxSldodmp4Y0Ffb2xIVDNvdU1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAMBAIAATAGAwQAufn+MBUE
AgACMA8DBgAqEKZBAAMFACoQpkcwDQYJKoZIhvcNAQELBQADggEBACOxlxwmn6Oo
7PrK5i7e68xHd7RSfh8sL5E4Hs6zYUv/kuKbR3jehbwOxBpPgOz38Qk+FyM7WoqX
XFvTPykp46g1tqAQ6BKhhbHBCp+DPi/9fDHnlVQ5T20ITLYaPdCplJlR3mEBGKwR
BJ2oS1nigCaHFui0FuQHQROnlijHOfVOT8yHmuZeRtwqFoe3ogCMATFiPSfE3cXD
UqrUMdNv6ytOlvRWgY56ZZyjm78WBsSNpP33epr62sv+MiRSFmFm0mLerehzoZIP
hxnGvmW/AszEVKbk0xGEucahwCLSzcJQ18C3IlPWFgPKKQMCHKBT82Hip8isfFKe
/NWpun0cCBE=
-----END CERTIFICATE-----
Generated at Sat Apr 26 05:38:42 2025 by rpki-client