Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/e7c7f2-5784-4265-84b3-a5431b07d09e/1/IkDVoWMCW8T1OT9ORyQk9bDyazo.roa
File: IkDVoWMCW8T1OT9ORyQk9bDyazo.roa (raw, json)
Hash identifier: ezW06KpxDOFFcxPPKXXfQ4CRQ3FYkfmYYJN8bIHB94g=
Subject key identifier: 22:40:D5:A1:63:02:5B:C4:F5:39:3F:4E:47:24:24:F5:B0:F2:6B:3A
Certificate issuer: /CN=2549f45ef20b506ea8ef4cb682c2ca2701b290b4
Certificate serial: 019422FC20CD8BEA8B8A174EFE00F165B280
Authority key identifier: 25:49:F4:5E:F2:0B:50:6E:A8:EF:4C:B6:82:C2:CA:27:01:B2:90:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JUn0XvILUG6o70y2gsLKJwGykLQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/e7c7f2-5784-4265-84b3-a5431b07d09e/1/IkDVoWMCW8T1OT9ORyQk9bDyazo.roa
Signing time: Wed 01 Jan 2025 17:48:56 +0000
ROA not before: Wed 01 Jan 2025 17:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205726
IP address blocks: 185.208.56.0/22 maxlen: 22
185.208.56.0/24 maxlen: 24
185.208.57.0/24 maxlen: 24
185.208.58.0/24 maxlen: 24
185.208.59.0/24 maxlen: 24
2a0b:31c0::/29 maxlen: 29
2a0b:31c0::/48 maxlen: 48
2a0b:31c0:1::/48 maxlen: 48
2a0b:31c0:2::/48 maxlen: 48
2a0b:31c0:3::/48 maxlen: 48
2a0b:31c0:4::/48 maxlen: 48
2a0b:31c0:5::/48 maxlen: 48
2a0b:31c0:563::/48 maxlen: 48
2a0b:31c0:1337::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:20:cd:8b:ea:8b:8a:17:4e:fe:00:f1:65:b2:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2549f45ef20b506ea8ef4cb682c2ca2701b290b4
Validity
Not Before: Jan 1 17:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2240d5a163025bc4f5393f4e472424f5b0f26b3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b9:58:8c:19:02:35:73:87:06:5a:8b:8e:44:
97:30:25:e9:dd:3b:ca:e2:da:6e:e6:52:16:68:d1:
fb:c5:53:89:55:36:8f:91:50:35:ab:ce:91:ad:65:
d5:68:e2:21:73:e3:ab:97:2b:e2:2e:ec:f9:ac:04:
ef:4d:5c:85:04:55:26:bb:79:e0:72:c2:69:1e:07:
b0:da:5d:2e:df:dd:6a:67:3a:d7:a7:b5:ab:45:d8:
82:fc:8d:c1:70:d0:31:a0:cb:38:55:d6:60:b3:30:
8e:37:fd:45:41:ce:18:aa:d6:ff:34:96:b1:f9:35:
10:b7:80:76:10:85:a9:2b:28:ba:22:bd:58:71:9c:
35:1c:79:65:6d:1b:0c:a9:08:05:09:80:1a:e6:9a:
b0:dc:2f:a6:5e:7c:14:10:76:35:76:01:8e:cf:db:
fe:a0:23:d9:6e:61:b4:99:ca:d0:4a:57:dd:39:70:
e3:41:60:81:d7:09:39:89:a0:8a:7a:db:7b:98:f3:
6f:35:1a:13:59:02:f0:24:9f:fc:e2:13:7b:92:24:
55:6d:24:47:23:81:32:88:5a:26:93:68:0e:10:7c:
7d:ad:3f:57:60:c6:04:4c:06:d2:32:85:21:f7:c9:
90:f1:c1:23:fa:18:df:18:b4:6d:35:92:dd:21:9d:
4d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:40:D5:A1:63:02:5B:C4:F5:39:3F:4E:47:24:24:F5:B0:F2:6B:3A
X509v3 Authority Key Identifier:
keyid:25:49:F4:5E:F2:0B:50:6E:A8:EF:4C:B6:82:C2:CA:27:01:B2:90:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JUn0XvILUG6o70y2gsLKJwGykLQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/e7c7f2-5784-4265-84b3-a5431b07d09e/1/IkDVoWMCW8T1OT9ORyQk9bDyazo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/e7c7f2-5784-4265-84b3-a5431b07d09e/1/JUn0XvILUG6o70y2gsLKJwGykLQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.56.0/22
IPv6:
2a0b:31c0::/29
Signature Algorithm: sha256WithRSAEncryption
60:e3:ce:be:7a:fe:6c:19:b5:ce:af:8c:da:68:08:3a:dc:96:
71:67:61:4a:f4:5e:b7:11:33:0c:35:89:39:8c:09:76:32:c3:
8a:f9:c3:81:c4:b7:83:46:45:27:ca:1f:c9:46:2b:8b:60:c3:
03:f4:21:58:ee:41:e2:c6:91:dd:18:ad:5c:a1:2d:9b:35:fd:
e7:4c:56:da:5a:b6:01:e3:66:c9:7a:f9:bb:2d:d8:e0:ff:79:
53:c6:a8:2f:7d:b2:2e:b1:da:26:3b:51:06:1c:0b:4d:00:4a:
8b:26:f7:51:d0:5c:9f:7f:77:2d:70:a4:c6:45:5d:72:e5:d1:
af:56:15:2c:fe:b6:45:5c:99:e1:3f:b3:70:ff:1b:0d:79:d4:
48:41:9c:ed:b1:0a:ef:36:db:a9:d5:8e:3b:41:0e:84:86:1f:
d4:f6:cc:51:8f:17:79:3a:63:32:15:3c:5d:45:4f:43:0a:f1:
9e:16:3d:ae:48:7f:a9:20:4f:83:6c:7f:36:8f:be:ad:44:bb:
16:f2:20:02:38:d4:92:27:6d:e5:57:e8:95:ca:e6:4c:a3:69:
b3:b3:0d:53:98:62:16:3f:29:ed:d7:4d:65:c0:96:bf:e4:49:
74:99:85:e6:ed:8f:8d:69:a5:8a:16:7b:29:70:3f:e0:eb:30:
fa:7c:0c:31
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQi/CDNi+qLihdO/gDxZbKAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1NDlmNDVlZjIwYjUwNmVhOGVmNGNiNjgyYzJjYTI3MDFi
MjkwYjQwHhcNMjUwMTAxMTc0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjQwZDVhMTYzMDI1YmM0ZjUzOTNmNGU0NzI0MjRmNWIwZjI2YjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7lYjBkCNXOHBlqLjkSXMCXp3TvK
4tpu5lIWaNH7xVOJVTaPkVA1q86RrWXVaOIhc+OrlyviLuz5rATvTVyFBFUmu3ng
csJpHgew2l0u391qZzrXp7WrRdiC/I3BcNAxoMs4VdZgszCON/1FQc4Yqtb/NJax
+TUQt4B2EIWpKyi6Ir1YcZw1HHllbRsMqQgFCYAa5pqw3C+mXnwUEHY1dgGOz9v+
oCPZbmG0mcrQSlfdOXDjQWCB1wk5iaCKett7mPNvNRoTWQLwJJ/84hN7kiRVbSRH
I4EyiFomk2gOEHx9rT9XYMYETAbSMoUh98mQ8cEj+hjfGLRtNZLdIZ1NXQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCJA1aFjAlvE9Tk/TkckJPWw8ms6MB8GA1UdIwQY
MBaAFCVJ9F7yC1BuqO9MtoLCyicBspC0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlVuMFh2SUxVRzZvNzB5MmdzTEtKd0d5a0xRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9lN2M3ZjItNTc4NC00MjY1LTg0YjMt
YTU0MzFiMDdkMDllLzEvSWtEVm9XTUNXOFQxT1Q5T1J5UWs5YkR5YXpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9lN2M3ZjItNTc4NC00MjY1LTg0YjMtYTU0MzFiMDdkMDll
LzEvSlVuMFh2SUxVRzZvNzB5MmdzTEtKd0d5a0xRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudA4MA0E
AgACMAcDBQMqCzHAMA0GCSqGSIb3DQEBCwUAA4IBAQBg486+ev5sGbXOr4zaaAg6
3JZxZ2FK9F63ETMMNYk5jAl2MsOK+cOBxLeDRkUnyh/JRiuLYMMD9CFY7kHixpHd
GK1coS2bNf3nTFbaWrYB42bJevm7Ldjg/3lTxqgvfbIusdomO1EGHAtNAEqLJvdR
0Fyff3ctcKTGRV1y5dGvVhUs/rZFXJnhP7Nw/xsNedRIQZztsQrvNtup1Y47QQ6E
hh/U9sxRjxd5OmMyFTxdRU9DCvGeFj2uSH+pIE+DbH82j76tRLsW8iACONSSJ23l
V+iVyuZMo2mzsw1TmGIWPynt101lwJa/5El0mYXm7Y+NaaWKFnspcD/g6zD6fAwx
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:58:52 2025 by rpki-client