Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/28bd13-8a3b-4550-9700-f0f93cca2479/1/opYZOi4k9YDcS_3foMnJJa-4gCI.roa
File: opYZOi4k9YDcS_3foMnJJa-4gCI.roa (raw, json)
Hash identifier: VbpgC06Lnc7NWswjuIad3/ZduRJ+GtOZh31gorgG7Xk=
Subject key identifier: A2:96:19:3A:2E:24:F5:80:DC:4B:FD:DF:A0:C9:C9:25:AF:B8:80:22
Certificate issuer: /CN=f4f430d0805f42ffa3bcd0c0b7c550805117923a
Certificate serial: 01941F8C56F8F5C67E25ABCA4DD538434CD0
Authority key identifier: F4:F4:30:D0:80:5F:42:FF:A3:BC:D0:C0:B7:C5:50:80:51:17:92:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9PQw0IBfQv-jvNDAt8VQgFEXkjo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/28bd13-8a3b-4550-9700-f0f93cca2479/1/opYZOi4k9YDcS_3foMnJJa-4gCI.roa
Signing time: Wed 01 Jan 2025 01:47:58 +0000
ROA not before: Wed 01 Jan 2025 01:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200480
IP address blocks: 185.105.240.0/22 maxlen: 22
185.105.240.0/24 maxlen: 24
2a06:38c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:56:f8:f5:c6:7e:25:ab:ca:4d:d5:38:43:4c:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4f430d0805f42ffa3bcd0c0b7c550805117923a
Validity
Not Before: Jan 1 01:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a296193a2e24f580dc4bfddfa0c9c925afb88022
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:79:de:1b:fb:c3:80:29:eb:7c:b2:61:95:a0:
72:ab:81:ad:87:b1:07:e1:fc:69:59:1e:6c:1f:47:
b6:52:e4:0e:ce:27:c1:b5:0d:4c:e3:3f:3e:8e:08:
cd:41:73:85:96:21:69:dc:1e:62:72:73:3c:42:86:
24:54:43:ba:8c:8a:35:ca:e8:ba:a6:da:16:7d:dc:
6d:9f:aa:11:9d:9e:ea:ce:9e:1c:64:f3:c6:8e:d8:
13:ad:20:b8:fd:02:17:f7:9c:65:26:86:d5:fc:ef:
bc:ac:6f:f7:8b:f9:f4:f7:ba:7c:a6:e3:c2:0e:1e:
f6:9c:98:6c:1e:14:55:40:9e:00:0c:35:8c:fa:80:
3c:0e:5b:de:0f:9e:f7:98:b5:82:ce:72:2b:6c:fc:
9e:02:0b:c0:e6:bc:bc:8c:d5:f3:24:fd:33:85:b9:
41:15:64:8e:d6:ee:97:0f:60:13:31:18:e2:9a:e3:
14:d8:61:ce:e4:98:8f:57:20:20:e5:2d:51:3f:c5:
42:bd:29:90:dd:e7:83:3d:27:d3:ae:67:33:8a:3e:
ed:9b:32:bb:a8:b7:1b:13:e4:e9:74:70:e7:13:1a:
bd:89:80:e3:43:2d:de:4e:43:d5:65:69:3f:d6:4e:
d9:02:6b:98:46:a2:f3:5e:0a:3d:7f:4e:f0:d0:9b:
81:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:96:19:3A:2E:24:F5:80:DC:4B:FD:DF:A0:C9:C9:25:AF:B8:80:22
X509v3 Authority Key Identifier:
keyid:F4:F4:30:D0:80:5F:42:FF:A3:BC:D0:C0:B7:C5:50:80:51:17:92:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9PQw0IBfQv-jvNDAt8VQgFEXkjo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/28bd13-8a3b-4550-9700-f0f93cca2479/1/opYZOi4k9YDcS_3foMnJJa-4gCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/28bd13-8a3b-4550-9700-f0f93cca2479/1/9PQw0IBfQv-jvNDAt8VQgFEXkjo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.105.240.0/22
IPv6:
2a06:38c0::/29
Signature Algorithm: sha256WithRSAEncryption
32:57:e7:da:86:7b:57:cf:28:31:f0:94:ff:0c:e9:cc:d7:48:
89:8f:4c:8f:df:97:e1:63:72:6d:a8:ac:ac:fa:57:8b:36:ce:
66:28:ea:be:86:ea:6a:fd:89:9d:d5:7f:d4:0d:cb:ce:ac:3b:
a3:a0:3f:6a:64:f1:da:e0:fa:96:24:c0:a8:df:d8:08:fb:1c:
3d:5d:e8:99:b9:c4:da:e0:b9:d4:d3:d8:79:15:f3:59:f5:33:
59:0f:a1:c0:10:45:d3:07:bd:04:81:82:71:22:e0:dd:2d:3c:
3d:fb:cd:06:10:51:ce:0e:6e:e6:eb:d9:63:20:32:3d:3b:98:
ef:b6:2a:ea:f7:e8:55:56:a4:d2:04:be:e2:94:32:f3:b4:2d:
37:ed:c4:a1:ee:c3:70:1a:8a:9b:aa:b7:dd:16:5e:bb:ee:90:
b5:46:97:cb:b2:9f:25:0e:8b:c6:ec:46:2e:1a:3e:bc:be:ee:
d0:21:78:14:0a:c0:56:f6:66:31:56:c8:58:31:fa:e3:32:74:
52:a7:20:7e:e2:29:86:e0:69:df:28:79:74:76:2a:74:0c:42:
70:2e:bc:56:0a:9f:a3:e9:0d:ec:dc:f0:9c:b3:be:f1:56:02:
22:d2:b0:62:22:43:61:91:bd:6f:ee:c9:48:86:88:29:a2:32:
12:ed:43:8d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQfjFb49cZ+JavKTdU4Q0zQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZjQzMGQwODA1ZjQyZmZhM2JjZDBjMGI3YzU1MDgwNTEx
NzkyM2EwHhcNMjUwMTAxMDE0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjk2MTkzYTJlMjRmNTgwZGM0YmZkZGZhMGM5YzkyNWFmYjg4MDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HneG/vDgCnrfLJhlaByq4Gth7EH
4fxpWR5sH0e2UuQOzifBtQ1M4z8+jgjNQXOFliFp3B5icnM8QoYkVEO6jIo1yui6
ptoWfdxtn6oRnZ7qzp4cZPPGjtgTrSC4/QIX95xlJobV/O+8rG/3i/n097p8puPC
Dh72nJhsHhRVQJ4ADDWM+oA8DlveD573mLWCznIrbPyeAgvA5ry8jNXzJP0zhblB
FWSO1u6XD2ATMRjimuMU2GHO5JiPVyAg5S1RP8VCvSmQ3eeDPSfTrmczij7tmzK7
qLcbE+TpdHDnExq9iYDjQy3eTkPVZWk/1k7ZAmuYRqLzXgo9f07w0JuBgQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKKWGTouJPWA3Ev936DJySWvuIAiMB8GA1UdIwQY
MBaAFPT0MNCAX0L/o7zQwLfFUIBRF5I6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVBRdzBJQmZRdi1qdk5EQXQ4VlFnRkVYa2pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8yOGJkMTMtOGEzYi00NTUwLTk3MDAt
ZjBmOTNjY2EyNDc5LzEvb3BZWk9pNGs5WURjU18zZm9NbkpKYS00Z0NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8yOGJkMTMtOGEzYi00NTUwLTk3MDAtZjBmOTNjY2EyNDc5
LzEvOVBRdzBJQmZRdi1qdk5EQXQ4VlFnRkVYa2pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWnwMA0E
AgACMAcDBQMqBjjAMA0GCSqGSIb3DQEBCwUAA4IBAQAyV+fahntXzygx8JT/DOnM
10iJj0yP35fhY3JtqKys+leLNs5mKOq+hupq/Ymd1X/UDcvOrDujoD9qZPHa4PqW
JMCo39gI+xw9XeiZucTa4LnU09h5FfNZ9TNZD6HAEEXTB70EgYJxIuDdLTw9+80G
EFHODm7m69ljIDI9O5jvtirq9+hVVqTSBL7ilDLztC037cSh7sNwGoqbqrfdFl67
7pC1RpfLsp8lDovG7EYuGj68vu7QIXgUCsBW9mYxVshYMfrjMnRSpyB+4imG4Gnf
KHl0dip0DEJwLrxWCp+j6Q3s3PCcs77xVgIi0rBiIkNhkb1v7slIhogpojIS7UON
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:39:03 2025 by rpki-client