Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/137786-466c-4b58-a7af-f33741295101/1/Li-Y8dn1F69FZoMGQvQz_fZ7l4Y.roa
File: Li-Y8dn1F69FZoMGQvQz_fZ7l4Y.roa (raw, json)
Hash identifier: caOJpFofpginvCZ1ci6afUcY092BORN7MXA50NlfY8Y=
Subject key identifier: 2E:2F:98:F1:D9:F5:17:AF:45:66:83:06:42:F4:33:FD:F6:7B:97:86
Certificate issuer: /CN=bfeaab1ba68e87c9f7ab0d9050bff9f20a6267da
Certificate serial: 019420D5EB3F5E2C619D4E89045C1BA85CDC
Authority key identifier: BF:EA:AB:1B:A6:8E:87:C9:F7:AB:0D:90:50:BF:F9:F2:0A:62:67:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v-qrG6aOh8n3qw2QUL_58gpiZ9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/137786-466c-4b58-a7af-f33741295101/1/Li-Y8dn1F69FZoMGQvQz_fZ7l4Y.roa
Signing time: Wed 01 Jan 2025 07:47:57 +0000
ROA not before: Wed 01 Jan 2025 07:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206310
IP address blocks: 185.187.216.0/22 maxlen: 22
185.209.184.0/22 maxlen: 22
2a0b:af80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:eb:3f:5e:2c:61:9d:4e:89:04:5c:1b:a8:5c:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfeaab1ba68e87c9f7ab0d9050bff9f20a6267da
Validity
Not Before: Jan 1 07:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e2f98f1d9f517af4566830642f433fdf67b9786
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:2b:19:60:38:84:a5:45:4f:45:bb:a9:05:37:
ee:7d:ef:38:f4:36:18:07:c1:88:b1:1f:19:8d:4d:
f3:e5:56:77:c0:e9:5a:e1:a6:de:f6:2d:4f:44:a9:
ad:82:39:54:2c:47:99:74:ac:d0:f6:c3:b1:68:67:
3d:fc:65:9e:0f:d3:fc:da:56:29:53:70:4f:6a:2e:
51:12:d9:4d:8d:ad:d0:b2:fe:29:cf:81:b1:64:35:
33:8d:d7:ad:39:1d:81:56:4e:09:ff:a0:a8:23:15:
92:21:da:a8:6e:61:9f:1f:3e:ba:c3:42:7d:88:e8:
d7:e4:4a:9b:95:9e:1b:f8:2d:3e:d1:e2:eb:83:b5:
54:cb:f6:85:12:d7:ec:2a:de:82:38:bd:67:e9:af:
21:cc:6b:58:a8:06:01:4b:12:11:3a:2d:2b:0a:6f:
36:d7:84:84:27:6f:ff:5f:7a:f1:fd:50:61:1c:10:
86:e0:b2:ff:88:cf:52:74:16:4b:89:85:4b:ec:a6:
a5:3f:0b:09:55:2b:67:6d:66:b4:3f:43:50:f7:93:
0a:14:b6:d2:db:16:5b:9b:45:03:da:82:5c:4e:47:
d1:c3:33:c4:39:61:11:a3:fa:f5:dd:8e:55:90:a5:
b0:a5:8b:ff:d3:ed:57:9a:19:ea:67:9b:8e:dc:ef:
45:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:2F:98:F1:D9:F5:17:AF:45:66:83:06:42:F4:33:FD:F6:7B:97:86
X509v3 Authority Key Identifier:
keyid:BF:EA:AB:1B:A6:8E:87:C9:F7:AB:0D:90:50:BF:F9:F2:0A:62:67:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-qrG6aOh8n3qw2QUL_58gpiZ9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/137786-466c-4b58-a7af-f33741295101/1/Li-Y8dn1F69FZoMGQvQz_fZ7l4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/137786-466c-4b58-a7af-f33741295101/1/v-qrG6aOh8n3qw2QUL_58gpiZ9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.216.0/22
185.209.184.0/22
IPv6:
2a0b:af80::/29
Signature Algorithm: sha256WithRSAEncryption
66:c0:a7:dd:8e:33:37:da:b9:05:6c:90:d7:7e:67:3b:af:98:
84:00:01:cc:13:66:7c:e4:49:03:b4:23:b7:c1:6c:e4:88:a3:
44:9a:28:21:4a:20:3e:c4:37:5f:6a:b2:c5:33:e0:20:06:4f:
1f:41:b4:7b:ec:17:d4:c4:27:8a:e3:14:c8:22:e9:e5:15:e6:
ab:df:d5:e3:86:b5:b3:07:bd:5c:25:96:69:da:61:56:f9:ee:
41:26:f4:c5:b7:8d:e2:e8:e3:d9:09:9b:d5:a2:5d:d9:40:f2:
17:6e:c7:21:5f:78:a5:86:24:c1:d0:2c:2e:80:f8:d2:66:64:
95:9c:e4:0b:2a:37:26:ac:a6:a4:ba:8f:37:ea:8e:06:5a:ed:
fa:d9:7c:0c:99:4e:81:f7:90:2d:42:a2:48:1a:cb:29:d9:90:
ed:f1:c5:03:85:cc:d7:d0:e6:2b:e9:7a:b4:f0:86:a2:1e:4f:
d7:60:05:a6:74:79:39:ba:f9:1f:1d:04:07:0b:1b:14:23:c2:
ae:92:0b:08:9c:0a:b6:fb:31:e8:04:7a:15:bb:e8:bf:fe:5d:
e6:b7:e5:f6:ef:e4:59:eb:a7:70:bc:eb:3b:1a:ad:06:ae:68:
0d:8d:38:1f:80:f1:ae:fb:75:a3:3c:37:ea:eb:2c:53:db:17:
cf:1a:1f:9a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQg1es/XixhnU6JBFwbqFzcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZWFhYjFiYTY4ZTg3YzlmN2FiMGQ5MDUwYmZmOWYyMGE2
MjY3ZGEwHhcNMjUwMTAxMDc0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTJmOThmMWQ5ZjUxN2FmNDU2NjgzMDY0MmY0MzNmZGY2N2I5Nzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSsZYDiEpUVPRbupBTfufe849DYY
B8GIsR8ZjU3z5VZ3wOla4abe9i1PRKmtgjlULEeZdKzQ9sOxaGc9/GWeD9P82lYp
U3BPai5REtlNja3Qsv4pz4GxZDUzjdetOR2BVk4J/6CoIxWSIdqobmGfHz66w0J9
iOjX5EqblZ4b+C0+0eLrg7VUy/aFEtfsKt6COL1n6a8hzGtYqAYBSxIROi0rCm82
14SEJ2//X3rx/VBhHBCG4LL/iM9SdBZLiYVL7KalPwsJVStnbWa0P0NQ95MKFLbS
2xZbm0UD2oJcTkfRwzPEOWERo/r13Y5VkKWwpYv/0+1XmhnqZ5uO3O9FCQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFC4vmPHZ9RevRWaDBkL0M/32e5eGMB8GA1UdIwQY
MBaAFL/qqxumjofJ96sNkFC/+fIKYmfaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdi1xckc2YU9oOG4zcXcyUVVMXzU4Z3BpWjlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8xMzc3ODYtNDY2Yy00YjU4LWE3YWYt
ZjMzNzQxMjk1MTAxLzEvTGktWThkbjFGNjlGWm9NR1F2UXpfZlo3bDRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8xMzc3ODYtNDY2Yy00YjU4LWE3YWYtZjMzNzQxMjk1MTAx
LzEvdi1xckc2YU9oOG4zcXcyUVVMXzU4Z3BpWjlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCubvYAwQC
udG4MA0EAgACMAcDBQMqC6+AMA0GCSqGSIb3DQEBCwUAA4IBAQBmwKfdjjM32rkF
bJDXfmc7r5iEAAHME2Z85EkDtCO3wWzkiKNEmighSiA+xDdfarLFM+AgBk8fQbR7
7BfUxCeK4xTIIunlFear39XjhrWzB71cJZZp2mFW+e5BJvTFt43i6OPZCZvVol3Z
QPIXbschX3ilhiTB0CwugPjSZmSVnOQLKjcmrKakuo836o4GWu362XwMmU6B95At
QqJIGssp2ZDt8cUDhczX0OYr6Xq08IaiHk/XYAWmdHk5uvkfHQQHCxsUI8KukgsI
nAq2+zHoBHoVu+i//l3mt+X27+RZ66dwvOs7Gq0GrmgNjTgfgPGu+3WjPDfq6yxT
2xfPGh+a
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:08:09 2025 by rpki-client