Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cf7d5c-04a5-48a7-b8c6-37a442e65f18/1/ID_lbNPN5Y-E-d8mbQhTW4YaucM.roa
File: ID_lbNPN5Y-E-d8mbQhTW4YaucM.roa (raw, json)
Hash identifier: pqF3+TVfZVLtWeeY0X/7rX4dAra1r0f5BNTNZcfYgyw=
Subject key identifier: 20:3F:E5:6C:D3:CD:E5:8F:84:F9:DF:26:6D:08:53:5B:86:1A:B9:C3
Certificate issuer: /CN=64a9856db1ab3b24f09e9cb92743768668301411
Certificate serial: 01942444B7FBBB6A3E8F6AC63CCE5AA03F37
Authority key identifier: 64:A9:85:6D:B1:AB:3B:24:F0:9E:9C:B9:27:43:76:86:68:30:14:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZKmFbbGrOyTwnpy5J0N2hmgwFBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cf7d5c-04a5-48a7-b8c6-37a442e65f18/1/ID_lbNPN5Y-E-d8mbQhTW4YaucM.roa
Signing time: Wed 01 Jan 2025 23:47:50 +0000
ROA not before: Wed 01 Jan 2025 23:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212583
IP address blocks: 185.196.60.0/24 maxlen: 24
195.85.2.0/23 maxlen: 23
2a10:7840::/31 maxlen: 31
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:b7:fb:bb:6a:3e:8f:6a:c6:3c:ce:5a:a0:3f:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64a9856db1ab3b24f09e9cb92743768668301411
Validity
Not Before: Jan 1 23:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=203fe56cd3cde58f84f9df266d08535b861ab9c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:cf:a5:20:66:5e:bc:ba:e6:85:4d:b0:d0:c5:
f5:07:48:2d:09:ff:73:90:81:cf:66:c2:3d:a5:19:
a7:d7:00:8e:e3:ba:7b:3e:5a:d1:f9:6c:a2:5d:6c:
21:71:42:46:b7:be:2c:e9:81:8a:37:65:c6:63:7a:
ed:15:7f:42:99:c0:0a:75:7b:7b:47:1d:ee:50:63:
c2:3a:58:36:b7:e0:f1:87:ae:c6:49:6e:d2:ab:73:
88:1d:35:83:78:6d:00:a2:ab:d9:c0:5a:7b:ca:2c:
04:19:6d:d0:8f:4b:51:ae:86:0f:05:fd:13:5f:d0:
1b:1e:58:3d:36:b7:5a:2c:f1:c1:9d:37:a1:ef:71:
0d:9a:34:41:d1:93:f4:34:dd:ce:6a:66:b3:4b:35:
0d:9b:b8:6d:e2:90:d3:28:67:76:c2:56:7b:6f:1c:
c4:b9:42:bd:60:7f:1a:c7:d0:b8:ae:34:f2:02:24:
81:25:c7:1d:5e:f7:ac:09:4a:d9:eb:c4:34:98:27:
c4:bd:ed:a5:06:34:07:d2:bf:6f:e6:71:88:41:3e:
53:9f:38:91:a3:44:3a:fc:b6:3d:41:ac:f6:41:bc:
52:dc:ac:ac:77:99:44:3e:73:24:7b:86:08:69:cc:
cd:b4:13:bc:f3:ca:70:00:cd:61:46:03:ac:3f:bb:
52:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:3F:E5:6C:D3:CD:E5:8F:84:F9:DF:26:6D:08:53:5B:86:1A:B9:C3
X509v3 Authority Key Identifier:
keyid:64:A9:85:6D:B1:AB:3B:24:F0:9E:9C:B9:27:43:76:86:68:30:14:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZKmFbbGrOyTwnpy5J0N2hmgwFBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cf7d5c-04a5-48a7-b8c6-37a442e65f18/1/ID_lbNPN5Y-E-d8mbQhTW4YaucM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cf7d5c-04a5-48a7-b8c6-37a442e65f18/1/ZKmFbbGrOyTwnpy5J0N2hmgwFBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.60.0/24
195.85.2.0/23
IPv6:
2a10:7840::/31
Signature Algorithm: sha256WithRSAEncryption
8e:60:23:7e:2f:6e:d3:11:0f:11:75:87:2c:89:43:28:94:dd:
75:69:32:b1:df:ba:a5:9f:c5:75:28:52:98:e7:0f:b1:c5:b4:
d9:2a:0c:3c:33:89:40:96:4e:f2:4c:4a:f0:68:ec:03:b8:a9:
7a:f4:80:78:d2:08:37:0c:19:52:1a:15:20:ce:b6:63:01:49:
79:82:49:00:3e:a3:5f:7e:68:aa:00:cf:ed:be:d4:be:a9:8d:
51:84:84:2e:2d:c4:93:c1:92:1b:48:e0:94:99:72:31:a1:80:
11:5e:49:63:a9:10:14:24:cf:48:5c:b3:66:c7:d1:12:55:22:
f7:f9:b7:1f:1d:c4:06:96:09:1e:82:29:86:2e:1d:6b:e4:3a:
a6:b8:58:4e:eb:39:ab:da:cb:7c:cc:4e:b1:37:1c:b2:95:cb:
99:ac:bb:9a:2d:b3:5f:f5:71:53:1c:68:ed:00:3c:90:cb:0a:
bd:4d:ff:53:cd:f2:6d:65:d0:28:c8:a5:6f:0f:3a:71:fb:f3:
da:3c:f7:4b:ec:2b:ec:34:2e:f6:52:0c:f9:5a:51:70:1b:fd:
97:d0:44:e5:ca:c1:2b:9d:c0:42:78:62:e4:07:5d:20:1c:6f:
c1:37:d6:f3:88:5c:5f:63:e4:0c:98:56:af:da:71:dc:ca:0d:
0e:e6:63:04
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQkRLf7u2o+j2rGPM5aoD83MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YTk4NTZkYjFhYjNiMjRmMDllOWNiOTI3NDM3Njg2Njgz
MDE0MTEwHhcNMjUwMTAxMjM0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDNmZTU2Y2QzY2RlNThmODRmOWRmMjY2ZDA4NTM1Yjg2MWFiOWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsc+lIGZevLrmhU2w0MX1B0gtCf9z
kIHPZsI9pRmn1wCO47p7PlrR+WyiXWwhcUJGt74s6YGKN2XGY3rtFX9CmcAKdXt7
Rx3uUGPCOlg2t+Dxh67GSW7Sq3OIHTWDeG0AoqvZwFp7yiwEGW3Qj0tRroYPBf0T
X9AbHlg9NrdaLPHBnTeh73ENmjRB0ZP0NN3OamazSzUNm7ht4pDTKGd2wlZ7bxzE
uUK9YH8ax9C4rjTyAiSBJccdXvesCUrZ68Q0mCfEve2lBjQH0r9v5nGIQT5TnziR
o0Q6/LY9Qaz2QbxS3Kysd5lEPnMke4YIaczNtBO888pwAM1hRgOsP7tSfQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCA/5WzTzeWPhPnfJm0IU1uGGrnDMB8GA1UdIwQY
MBaAFGSphW2xqzsk8J6cuSdDdoZoMBQRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkttRmJiR3JPeVR3bnB5NUowTjJobWd3RkJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZjdkNWMtMDRhNS00OGE3LWI4YzYt
MzdhNDQyZTY1ZjE4LzEvSURfbGJOUE41WS1FLWQ4bWJRaFRXNFlhdWNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZjdkNWMtMDRhNS00OGE3LWI4YzYtMzdhNDQyZTY1ZjE4
LzEvWkttRmJiR3JPeVR3bnB5NUowTjJobWd3RkJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAucQ8AwQB
w1UCMA0EAgACMAcDBQEqEHhAMA0GCSqGSIb3DQEBCwUAA4IBAQCOYCN+L27TEQ8R
dYcsiUMolN11aTKx37qln8V1KFKY5w+xxbTZKgw8M4lAlk7yTErwaOwDuKl69IB4
0gg3DBlSGhUgzrZjAUl5gkkAPqNffmiqAM/tvtS+qY1RhIQuLcSTwZIbSOCUmXIx
oYARXkljqRAUJM9IXLNmx9ESVSL3+bcfHcQGlgkegimGLh1r5DqmuFhO6zmr2st8
zE6xNxyylcuZrLuaLbNf9XFTHGjtADyQywq9Tf9TzfJtZdAoyKVvDzpx+/PaPPdL
7CvsNC72Ugz5WlFwG/2X0ETlysErncBCeGLkB10gHG/BN9bziFxfY+QMmFav2nHc
yg0O5mME
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:35:04 2025 by rpki-client