Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/81a79c-b90f-4050-b21c-78d169e3df1f/1/87kSYonFcZwIXqn-oUHMTUjS7ZQ.roa
File: 87kSYonFcZwIXqn-oUHMTUjS7ZQ.roa (raw, json)
Hash identifier: r4G2JQElUAKaln7jVsL6rlmZ7oG6sWqE3/UqSsTnjMU=
Subject key identifier: F3:B9:12:62:89:C5:71:9C:08:5E:A9:FE:A1:41:CC:4D:48:D2:ED:94
Certificate issuer: /CN=795b319e7b5b00401df9805b095ebf5ae2ce959c
Certificate serial: 01942444DCB3C6DA53BE4812594F026AC899
Authority key identifier: 79:5B:31:9E:7B:5B:00:40:1D:F9:80:5B:09:5E:BF:5A:E2:CE:95:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eVsxnntbAEAd-YBbCV6_WuLOlZw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/81a79c-b90f-4050-b21c-78d169e3df1f/1/87kSYonFcZwIXqn-oUHMTUjS7ZQ.roa
Signing time: Wed 01 Jan 2025 23:48:00 +0000
ROA not before: Wed 01 Jan 2025 23:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203605
IP address blocks: 185.198.192.0/23 maxlen: 24
185.198.194.0/23 maxlen: 24
2a0a:8e40::/29 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:dc:b3:c6:da:53:be:48:12:59:4f:02:6a:c8:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=795b319e7b5b00401df9805b095ebf5ae2ce959c
Validity
Not Before: Jan 1 23:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3b9126289c5719c085ea9fea141cc4d48d2ed94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:41:50:d6:36:03:e5:a4:70:34:1b:1b:85:57:
0f:bc:19:fa:21:ef:34:e2:56:03:0c:36:53:10:b3:
81:63:b4:59:2a:f2:b5:18:0a:27:c8:db:ce:8a:cc:
26:34:a9:d6:f3:48:1b:aa:71:f6:8b:41:ff:e7:06:
9c:8f:88:70:8a:27:5c:8a:c4:b5:46:40:de:82:8a:
fa:f7:71:f6:20:5c:cb:c0:77:fd:ab:57:ff:41:2d:
24:6a:db:5c:51:46:07:ac:b4:3f:60:13:73:3b:34:
41:a0:96:dc:3c:5d:ea:fb:a4:0d:f5:0a:5a:a6:b0:
f6:b2:78:da:bf:f2:2c:b2:d0:ff:00:a3:72:e8:c6:
8b:4b:88:78:35:a4:ac:0d:64:38:29:d8:40:47:d6:
2d:0c:b0:0b:e8:b4:c7:95:68:77:e0:d8:07:94:e8:
db:0d:22:2b:08:10:1b:30:b8:89:e5:af:86:10:17:
52:56:4f:6d:15:06:f5:29:75:dc:45:c2:8f:45:53:
ac:12:a4:b3:b5:5b:f7:ba:df:f8:e0:65:a1:0a:47:
d1:31:c4:f4:8d:dc:2a:60:27:b6:c1:82:33:f1:4a:
a2:a1:5f:d4:87:45:94:2e:bc:3b:f8:c4:be:8c:42:
12:38:c5:94:52:b9:13:a5:13:8d:53:e1:35:4f:f7:
ed:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:B9:12:62:89:C5:71:9C:08:5E:A9:FE:A1:41:CC:4D:48:D2:ED:94
X509v3 Authority Key Identifier:
keyid:79:5B:31:9E:7B:5B:00:40:1D:F9:80:5B:09:5E:BF:5A:E2:CE:95:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eVsxnntbAEAd-YBbCV6_WuLOlZw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/81a79c-b90f-4050-b21c-78d169e3df1f/1/87kSYonFcZwIXqn-oUHMTUjS7ZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/81a79c-b90f-4050-b21c-78d169e3df1f/1/eVsxnntbAEAd-YBbCV6_WuLOlZw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.192.0/22
IPv6:
2a0a:8e40::/29
Signature Algorithm: sha256WithRSAEncryption
09:06:71:37:9e:ee:5f:62:f3:18:bb:ac:b3:79:cf:0c:3a:5a:
f6:ce:21:4f:21:ca:7d:a1:4e:ad:f4:f3:ca:47:6a:ca:ab:29:
fd:e3:0a:2a:59:55:c3:1c:1e:0a:83:53:22:bb:7a:5b:48:1b:
3d:d8:16:fd:46:5f:ac:ab:3b:b4:7e:11:84:9a:05:e5:d2:ff:
1a:8c:3e:16:9a:17:bd:08:27:c6:85:cd:95:0e:42:d7:ef:85:
84:9b:81:2e:c6:f5:8a:20:05:c2:57:c3:d3:d5:0d:73:52:26:
8e:f5:c7:c1:25:da:cf:2b:91:b0:e0:59:24:3f:ab:1c:6c:2b:
2b:c3:13:32:fa:52:60:5b:4b:c5:72:31:9a:39:bf:8f:99:94:
0d:69:29:0b:fa:24:17:dd:ef:60:10:ab:9b:c6:a9:17:91:72:
6e:ef:de:77:9f:ad:b4:bc:3b:d1:60:d1:5d:08:08:c4:44:82:
08:a5:ad:6f:da:70:eb:b0:f8:85:99:e3:71:71:00:84:e0:18:
83:1c:bc:96:7a:41:6f:14:34:1c:9c:40:1d:02:17:38:80:85:
c2:93:b4:fa:c1:81:40:0f:2e:aa:20:ed:26:a8:5a:a6:df:05:
b2:67:8d:2f:81:50:75:91:f8:47:42:e9:d9:2e:ed:11:cf:25:
04:f0:f6:95
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQkRNyzxtpTvkgSWU8CasiZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5NWIzMTllN2I1YjAwNDAxZGY5ODA1YjA5NWViZjVhZTJj
ZTk1OWMwHhcNMjUwMTAxMjM0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2I5MTI2Mjg5YzU3MTljMDg1ZWE5ZmVhMTQxY2M0ZDQ4ZDJlZDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEFQ1jYD5aRwNBsbhVcPvBn6Ie80
4lYDDDZTELOBY7RZKvK1GAonyNvOiswmNKnW80gbqnH2i0H/5wacj4hwiidcisS1
RkDegor693H2IFzLwHf9q1f/QS0kattcUUYHrLQ/YBNzOzRBoJbcPF3q+6QN9Qpa
prD2snjav/IsstD/AKNy6MaLS4h4NaSsDWQ4KdhAR9YtDLAL6LTHlWh34NgHlOjb
DSIrCBAbMLiJ5a+GEBdSVk9tFQb1KXXcRcKPRVOsEqSztVv3ut/44GWhCkfRMcT0
jdwqYCe2wYIz8UqioV/Uh0WULrw7+MS+jEISOMWUUrkTpRONU+E1T/ftHQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPO5EmKJxXGcCF6p/qFBzE1I0u2UMB8GA1UdIwQY
MBaAFHlbMZ57WwBAHfmAWwlev1rizpWcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVZzeG5udGJBRUFkLVlCYkNWNl9XdUxPbFp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC84MWE3OWMtYjkwZi00MDUwLWIyMWMt
NzhkMTY5ZTNkZjFmLzEvODdrU1lvbkZjWndJWHFuLW9VSE1UVWpTN1pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC84MWE3OWMtYjkwZi00MDUwLWIyMWMtNzhkMTY5ZTNkZjFm
LzEvZVZzeG5udGJBRUFkLVlCYkNWNl9XdUxPbFp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucbAMA0E
AgACMAcDBQMqCo5AMA0GCSqGSIb3DQEBCwUAA4IBAQAJBnE3nu5fYvMYu6yzec8M
Olr2ziFPIcp9oU6t9PPKR2rKqyn94woqWVXDHB4Kg1Miu3pbSBs92Bb9Rl+sqzu0
fhGEmgXl0v8ajD4Wmhe9CCfGhc2VDkLX74WEm4EuxvWKIAXCV8PT1Q1zUiaO9cfB
JdrPK5Gw4FkkP6scbCsrwxMy+lJgW0vFcjGaOb+PmZQNaSkL+iQX3e9gEKubxqkX
kXJu7953n620vDvRYNFdCAjERIIIpa1v2nDrsPiFmeNxcQCE4BiDHLyWekFvFDQc
nEAdAhc4gIXCk7T6wYFADy6qIO0mqFqm3wWyZ40vgVB1kfhHQunZLu0RzyUE8PaV
-----END CERTIFICATE-----
Generated at Mon Apr 28 17:57:27 2025 by rpki-client