Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/baa4bc-924e-4364-9f13-a5c96e211605/1/bOFB3LalOSOdSrbz-a4cUkkG03M.roa
File: bOFB3LalOSOdSrbz-a4cUkkG03M.roa (raw, json)
Hash identifier: SZa6u36skxx1rALcmnxtRi0278XWZ89tCnch5FRpzoM=
Subject key identifier: 6C:E1:41:DC:B6:A5:39:23:9D:4A:B6:F3:F9:AE:1C:52:49:06:D3:73
Certificate issuer: /CN=4806b9e62f1b00f2cf98d0dcc583292afacb522f
Certificate serial: 019420D6138022F6B04B65E103357F668C87
Authority key identifier: 48:06:B9:E6:2F:1B:00:F2:CF:98:D0:DC:C5:83:29:2A:FA:CB:52:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAa55i8bAPLPmNDcxYMpKvrLUi8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/baa4bc-924e-4364-9f13-a5c96e211605/1/bOFB3LalOSOdSrbz-a4cUkkG03M.roa
Signing time: Wed 01 Jan 2025 07:48:08 +0000
ROA not before: Wed 01 Jan 2025 07:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211850
IP address blocks: 185.235.207.0/24 maxlen: 24
2a10:86c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:13:80:22:f6:b0:4b:65:e1:03:35:7f:66:8c:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4806b9e62f1b00f2cf98d0dcc583292afacb522f
Validity
Not Before: Jan 1 07:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ce141dcb6a539239d4ab6f3f9ae1c524906d373
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ad:df:dc:c5:52:df:9f:ff:45:b9:24:44:fd:
de:d3:71:22:8a:9b:b7:68:74:3b:48:e0:06:70:c6:
d5:bd:a8:4f:84:b5:c3:cb:81:ff:3e:4d:25:2c:c2:
87:56:89:f0:ad:7b:1f:46:16:0a:9a:e7:60:16:a5:
93:8b:68:3a:a8:5a:a4:50:60:6c:bc:a7:58:50:19:
c7:b5:92:64:66:c8:37:a7:26:b5:ff:b9:58:27:92:
f7:c0:53:2a:18:04:ae:a7:0a:9e:4e:e5:a0:46:bb:
78:c9:14:48:b5:3b:cc:99:2f:4e:8e:12:07:17:19:
57:3a:90:55:34:52:f0:8a:4b:f3:80:3b:41:e2:1d:
76:fd:78:5f:37:80:70:c6:5e:ff:24:fb:de:77:7b:
20:59:94:99:95:01:15:db:9d:37:08:6b:0d:f6:41:
f5:c8:4f:e5:96:ff:f6:b3:e8:7d:ec:dc:96:b1:fd:
22:1c:cb:7d:42:7e:c2:94:9a:74:c3:15:23:1a:69:
c6:1e:df:ee:1b:05:81:da:c1:8b:99:f8:0f:0e:ff:
68:8b:3e:f7:54:d3:80:b9:69:ce:1e:3c:37:a5:74:
21:ac:18:ee:fb:d7:d2:34:00:9f:10:d1:47:2d:63:
5d:a0:60:81:08:f0:88:bf:15:4f:dd:fc:0a:a2:29:
f1:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:E1:41:DC:B6:A5:39:23:9D:4A:B6:F3:F9:AE:1C:52:49:06:D3:73
X509v3 Authority Key Identifier:
keyid:48:06:B9:E6:2F:1B:00:F2:CF:98:D0:DC:C5:83:29:2A:FA:CB:52:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAa55i8bAPLPmNDcxYMpKvrLUi8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/baa4bc-924e-4364-9f13-a5c96e211605/1/bOFB3LalOSOdSrbz-a4cUkkG03M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/baa4bc-924e-4364-9f13-a5c96e211605/1/SAa55i8bAPLPmNDcxYMpKvrLUi8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.207.0/24
IPv6:
2a10:86c0::/29
Signature Algorithm: sha256WithRSAEncryption
88:46:7d:04:e7:66:20:0f:25:90:b3:b3:28:9d:a8:a4:16:60:
76:20:ab:52:0c:df:b8:1e:ea:e8:46:6e:25:92:46:18:7f:5d:
43:4e:ce:83:31:d6:19:8b:de:1b:a3:d7:b2:cc:2c:e9:3a:f0:
39:f5:f8:75:f5:b0:bb:61:1f:ec:2f:3b:cd:20:09:3f:12:f3:
12:1e:29:3a:5e:76:0a:ab:08:70:38:40:90:70:29:64:b4:e6:
9f:9e:c1:b9:06:71:ca:e1:2b:83:95:b5:5a:af:d2:f7:a2:e8:
e6:23:e4:de:56:d4:9e:53:f0:9a:e7:db:af:2d:ef:60:cc:4b:
74:14:88:61:c5:5d:d7:09:75:11:5b:72:6a:13:bf:1a:ef:e6:
68:09:fc:98:f0:5a:e9:2a:c9:a0:00:e1:58:04:8a:3d:2e:63:
a9:2d:ea:61:4f:0c:84:15:3a:63:09:21:01:72:b2:f7:1f:bf:
7d:e3:f7:4e:45:73:67:c4:19:31:1e:b6:2a:4f:0b:ed:07:fb:
17:d5:6a:3f:58:26:4c:44:5e:41:87:fa:0f:26:4a:20:3e:a9:
a2:b7:50:cf:4f:42:ef:9f:c8:ae:df:58:c2:f2:68:19:a5:b8:
ec:bb:84:1c:de:74:fb:30:c7:b7:a5:b7:ed:4c:a1:45:47:ce:
ef:e5:36:d1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQg1hOAIvawS2XhAzV/ZoyHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDZiOWU2MmYxYjAwZjJjZjk4ZDBkY2M1ODMyOTJhZmFj
YjUyMmYwHhcNMjUwMTAxMDc0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2UxNDFkY2I2YTUzOTIzOWQ0YWI2ZjNmOWFlMWM1MjQ5MDZkMzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAta3f3MVS35//RbkkRP3e03Eiipu3
aHQ7SOAGcMbVvahPhLXDy4H/Pk0lLMKHVonwrXsfRhYKmudgFqWTi2g6qFqkUGBs
vKdYUBnHtZJkZsg3pya1/7lYJ5L3wFMqGASupwqeTuWgRrt4yRRItTvMmS9OjhIH
FxlXOpBVNFLwikvzgDtB4h12/XhfN4Bwxl7/JPved3sgWZSZlQEV2503CGsN9kH1
yE/llv/2s+h97NyWsf0iHMt9Qn7ClJp0wxUjGmnGHt/uGwWB2sGLmfgPDv9oiz73
VNOAuWnOHjw3pXQhrBju+9fSNACfENFHLWNdoGCBCPCIvxVP3fwKoinxfwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGzhQdy2pTkjnUq28/muHFJJBtNzMB8GA1UdIwQY
MBaAFEgGueYvGwDyz5jQ3MWDKSr6y1IvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FhNTVpOGJBUExQbU5EY3hZTXBLdnJMVWk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9iYWE0YmMtOTI0ZS00MzY0LTlmMTMt
YTVjOTZlMjExNjA1LzEvYk9GQjNMYWxPU09kU3Jiei1hNGNVa2tHMDNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9iYWE0YmMtOTI0ZS00MzY0LTlmMTMtYTVjOTZlMjExNjA1
LzEvU0FhNTVpOGJBUExQbU5EY3hZTXBLdnJMVWk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuevPMA0E
AgACMAcDBQMqEIbAMA0GCSqGSIb3DQEBCwUAA4IBAQCIRn0E52YgDyWQs7Monaik
FmB2IKtSDN+4HuroRm4lkkYYf11DTs6DMdYZi94bo9eyzCzpOvA59fh19bC7YR/s
LzvNIAk/EvMSHik6XnYKqwhwOECQcClktOafnsG5BnHK4SuDlbVar9L3oujmI+Te
VtSeU/Ca59uvLe9gzEt0FIhhxV3XCXURW3JqE78a7+ZoCfyY8FrpKsmgAOFYBIo9
LmOpLephTwyEFTpjCSEBcrL3H7994/dORXNnxBkxHrYqTwvtB/sX1Wo/WCZMRF5B
h/oPJkogPqmit1DPT0Lvn8iu31jC8mgZpbjsu4Qc3nT7MMe3pbftTKFFR87v5TbR
-----END CERTIFICATE-----
Generated at Fri Apr 25 15:06:29 2025 by rpki-client