Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/f70062-c16d-4e5c-9ae7-2a46f6fac4ca/1/jO8_WTUfYU8WgAweNsy-XdM5HxE.roa
File: jO8_WTUfYU8WgAweNsy-XdM5HxE.roa (raw, json)
Hash identifier: DSCWbkkOzf+/qzK5D7cI20PP8IqsbGas6Mu8jntukrs=
Subject key identifier: 8C:EF:3F:59:35:1F:61:4F:16:80:0C:1E:36:CC:BE:5D:D3:39:1F:11
Certificate issuer: /CN=ee25026e5955dcdd111476f9b6849d728185469b
Certificate serial: 019426D9D6055AAAEF3370A3903E40B0C8C9
Authority key identifier: EE:25:02:6E:59:55:DC:DD:11:14:76:F9:B6:84:9D:72:81:85:46:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7iUCbllV3N0RFHb5toSdcoGFRps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/f70062-c16d-4e5c-9ae7-2a46f6fac4ca/1/jO8_WTUfYU8WgAweNsy-XdM5HxE.roa
Signing time: Thu 02 Jan 2025 11:49:57 +0000
ROA not before: Thu 02 Jan 2025 11:49:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200683
IP address blocks: 185.68.4.0/22 maxlen: 22
185.231.67.0/24 maxlen: 24
188.64.212.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:d6:05:5a:aa:ef:33:70:a3:90:3e:40:b0:c8:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee25026e5955dcdd111476f9b6849d728185469b
Validity
Not Before: Jan 2 11:49:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8cef3f59351f614f16800c1e36ccbe5dd3391f11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d2:37:3f:8b:13:8e:1f:3b:a1:cf:6b:da:43:
ac:0d:6f:c7:8c:58:df:e0:55:7d:d3:82:5e:69:ef:
f4:60:c0:99:8f:b2:83:e9:fc:66:48:23:df:fd:75:
50:47:b7:d4:50:10:a5:2e:b1:a6:0c:8d:72:8b:28:
48:cd:a4:e0:aa:3c:c8:c8:98:12:9b:6a:09:e0:75:
b4:fa:0c:12:ce:e1:85:83:28:48:f0:6d:57:a2:f4:
8a:ca:fb:84:f0:d9:fc:fa:8a:79:8b:1a:fa:fe:94:
49:79:13:e5:df:23:0a:25:6a:51:e4:c4:11:bf:e9:
70:8f:50:cd:ec:67:7c:6b:dc:c7:6d:d6:21:c8:47:
b5:53:76:d7:1d:65:5b:2e:fc:a3:54:26:8c:2d:c6:
df:b7:fa:fb:3a:06:bd:dc:74:8c:a4:66:69:8c:a8:
6b:b5:f1:34:34:64:85:1b:47:fd:a1:33:31:a8:de:
d3:75:28:a3:8a:6a:e0:8f:2e:e7:9d:1d:5b:92:a5:
c7:4c:d6:17:7d:07:0b:06:ed:b2:7c:05:27:d9:c5:
ec:57:ac:ee:c5:ce:07:be:98:39:7f:60:fa:04:56:
3b:bb:c0:88:92:d5:8e:4a:02:0b:76:cd:91:8f:9f:
d5:e9:e7:93:44:d9:8e:d2:62:05:ae:1d:5f:92:f1:
18:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:EF:3F:59:35:1F:61:4F:16:80:0C:1E:36:CC:BE:5D:D3:39:1F:11
X509v3 Authority Key Identifier:
keyid:EE:25:02:6E:59:55:DC:DD:11:14:76:F9:B6:84:9D:72:81:85:46:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7iUCbllV3N0RFHb5toSdcoGFRps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/f70062-c16d-4e5c-9ae7-2a46f6fac4ca/1/jO8_WTUfYU8WgAweNsy-XdM5HxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/f70062-c16d-4e5c-9ae7-2a46f6fac4ca/1/7iUCbllV3N0RFHb5toSdcoGFRps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.4.0/22
185.231.67.0/24
188.64.212.0/22
Signature Algorithm: sha256WithRSAEncryption
88:48:fb:c2:ce:17:15:9b:04:4d:87:cf:d6:62:40:e1:ba:52:
23:f4:07:e7:25:37:90:f7:21:14:45:6b:0e:41:1e:88:f8:6a:
56:6b:00:f3:e2:fd:a8:29:31:9a:d7:19:7a:e7:e3:ee:9c:ff:
7e:d9:e3:72:38:ad:2e:88:b3:bf:28:18:90:81:f3:56:ac:33:
39:e0:70:85:ce:32:e1:17:a2:71:81:22:a4:f9:96:db:ae:f3:
4e:b0:7d:7b:f8:f7:f3:3e:28:00:e8:e4:32:3a:ee:e5:02:35:
51:ea:c4:f6:10:8b:b0:44:c3:24:c4:c0:9c:5d:01:c4:91:94:
0e:0b:49:11:d6:d0:61:f7:c3:7a:d0:a8:cb:23:c0:b4:dd:02:
43:68:09:4d:6e:39:cf:39:ac:cb:ee:bb:0a:ac:b3:71:a7:e7:
38:71:ff:ed:81:90:5b:fd:2c:72:2e:64:46:1e:57:1b:2b:67:
77:9f:5e:df:5b:20:9b:70:ea:cf:17:50:0b:e5:d7:22:c5:e5:
ec:21:b2:a3:b0:cc:be:5a:75:b1:1d:4a:8c:9e:5a:da:ef:8a:
c1:9f:55:10:b8:1e:09:2e:f5:2f:8a:bd:66:57:c4:97:5a:09:
2d:9f:c0:d7:72:f1:5c:44:33:c7:b2:b7:14:5e:2e:a5:38:6e:
6d:84:66:c2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQm2dYFWqrvM3CjkD5AsMjJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMjUwMjZlNTk1NWRjZGQxMTE0NzZmOWI2ODQ5ZDcyODE4
NTQ2OWIwHhcNMjUwMTAyMTE0OTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2VmM2Y1OTM1MWY2MTRmMTY4MDBjMWUzNmNjYmU1ZGQzMzkxZjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNI3P4sTjh87oc9r2kOsDW/HjFjf
4FV904Jeae/0YMCZj7KD6fxmSCPf/XVQR7fUUBClLrGmDI1yiyhIzaTgqjzIyJgS
m2oJ4HW0+gwSzuGFgyhI8G1XovSKyvuE8Nn8+op5ixr6/pRJeRPl3yMKJWpR5MQR
v+lwj1DN7Gd8a9zHbdYhyEe1U3bXHWVbLvyjVCaMLcbft/r7Oga93HSMpGZpjKhr
tfE0NGSFG0f9oTMxqN7TdSijimrgjy7nnR1bkqXHTNYXfQcLBu2yfAUn2cXsV6zu
xc4Hvpg5f2D6BFY7u8CIktWOSgILds2Rj5/V6eeTRNmO0mIFrh1fkvEYTQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIzvP1k1H2FPFoAMHjbMvl3TOR8RMB8GA1UdIwQY
MBaAFO4lAm5ZVdzdERR2+baEnXKBhUabMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2lVQ2JsbFYzTjBSRkhiNXRvU2Rjb0dGUnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9mNzAwNjItYzE2ZC00ZTVjLTlhZTct
MmE0NmY2ZmFjNGNhLzEvak84X1dUVWZZVThXZ0F3ZU5zeS1YZE01SHhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9mNzAwNjItYzE2ZC00ZTVjLTlhZTctMmE0NmY2ZmFjNGNh
LzEvN2lVQ2JsbFYzTjBSRkhiNXRvU2Rjb0dGUnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuUQEAwQA
uedDAwQCvEDUMA0GCSqGSIb3DQEBCwUAA4IBAQCISPvCzhcVmwRNh8/WYkDhulIj
9AfnJTeQ9yEURWsOQR6I+GpWawDz4v2oKTGa1xl65+PunP9+2eNyOK0uiLO/KBiQ
gfNWrDM54HCFzjLhF6JxgSKk+ZbbrvNOsH17+PfzPigA6OQyOu7lAjVR6sT2EIuw
RMMkxMCcXQHEkZQOC0kR1tBh98N60KjLI8C03QJDaAlNbjnPOazL7rsKrLNxp+c4
cf/tgZBb/SxyLmRGHlcbK2d3n17fWyCbcOrPF1AL5dcixeXsIbKjsMy+WnWxHUqM
nlra74rBn1UQuB4JLvUvir1mV8SXWgktn8DXcvFcRDPHsrcUXi6lOG5thGbC
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:47:19 2025 by rpki-client