Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/d06f5f-ad69-4885-8c71-aace70abc6a0/1/s9vftAOB-g2w5mpIAbtd2ux_YeM.roa
File: s9vftAOB-g2w5mpIAbtd2ux_YeM.roa (raw, json)
Hash identifier: vWHWtXPoZqDrxtoN/353NMnYSKtaPj8wKrdcVBwN80A=
Subject key identifier: B3:DB:DF:B4:03:81:FA:0D:B0:E6:6A:48:01:BB:5D:DA:EC:7F:61:E3
Certificate issuer: /CN=d70b07459e2f116fb5a97f11bae75c0db491c196
Certificate serial: 019421B2477AC82456771C11330AC2BFFF96
Authority key identifier: D7:0B:07:45:9E:2F:11:6F:B5:A9:7F:11:BA:E7:5C:0D:B4:91:C1:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1wsHRZ4vEW-1qX8RuudcDbSRwZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/d06f5f-ad69-4885-8c71-aace70abc6a0/1/s9vftAOB-g2w5mpIAbtd2ux_YeM.roa
Signing time: Wed 01 Jan 2025 11:48:39 +0000
ROA not before: Wed 01 Jan 2025 11:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204760
IP address blocks: 185.22.0.0/22 maxlen: 22
185.241.64.0/22 maxlen: 24
2a0c:9c80::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:47:7a:c8:24:56:77:1c:11:33:0a:c2:bf:ff:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d70b07459e2f116fb5a97f11bae75c0db491c196
Validity
Not Before: Jan 1 11:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3dbdfb40381fa0db0e66a4801bb5ddaec7f61e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:ae:be:5f:07:e7:85:7b:7a:6d:43:40:30:dd:
8e:d0:66:09:06:a9:19:5b:7a:bb:fc:c4:c0:47:57:
e3:57:23:ff:b5:3e:ee:d9:f3:49:68:23:1c:ca:c7:
07:ca:cd:63:60:4f:28:24:cb:36:8c:9b:ef:44:74:
b7:1b:81:22:6f:9a:9d:91:7f:ab:23:73:bb:fe:66:
84:57:7f:8e:00:fb:c4:87:31:2c:4a:dc:27:39:0e:
5f:7a:ea:87:ec:34:d5:8d:04:2e:da:57:25:49:53:
24:86:b1:00:87:5d:a1:01:f5:88:93:d5:b0:cc:58:
01:5d:5e:e6:5c:cf:73:5a:31:26:db:5d:d6:ce:ca:
63:4d:4b:37:a8:0a:ab:7b:1a:81:80:d6:ac:fd:ac:
e4:e0:27:78:ef:c9:a9:b2:94:4d:24:55:55:66:62:
6a:50:0e:5e:6f:93:cb:74:7d:93:2a:f0:42:bb:58:
2e:58:3d:e4:99:2b:15:dd:fa:52:ec:e9:65:b2:cd:
06:03:d2:87:82:8b:b7:92:a0:e2:24:d8:b9:e2:56:
dd:ab:1c:d1:14:a4:69:f4:e3:90:78:11:ea:89:4d:
59:97:7f:39:f9:82:e3:78:18:29:cc:ac:07:b6:fd:
e1:44:18:8f:3c:98:40:0e:4c:ab:fa:29:d3:d4:72:
65:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:DB:DF:B4:03:81:FA:0D:B0:E6:6A:48:01:BB:5D:DA:EC:7F:61:E3
X509v3 Authority Key Identifier:
keyid:D7:0B:07:45:9E:2F:11:6F:B5:A9:7F:11:BA:E7:5C:0D:B4:91:C1:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1wsHRZ4vEW-1qX8RuudcDbSRwZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/d06f5f-ad69-4885-8c71-aace70abc6a0/1/s9vftAOB-g2w5mpIAbtd2ux_YeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/d06f5f-ad69-4885-8c71-aace70abc6a0/1/1wsHRZ4vEW-1qX8RuudcDbSRwZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.0.0/22
185.241.64.0/22
IPv6:
2a0c:9c80::/29
Signature Algorithm: sha256WithRSAEncryption
29:b4:86:64:7d:0b:c5:41:85:b9:6a:1e:67:63:27:c6:df:2d:
56:b4:5b:df:d5:76:63:83:14:af:db:6a:4d:3a:c6:21:bd:b2:
d2:32:72:78:29:70:d0:ba:2c:7d:95:d1:9e:c3:fb:ed:7b:f4:
a7:c6:9c:e5:e6:2f:24:0a:32:20:5d:b2:67:8c:b7:69:7b:b0:
b0:f2:ae:14:ca:bf:31:4f:f2:a7:6b:72:01:73:58:68:d2:39:
74:14:6d:0a:35:21:b1:d1:cf:aa:ce:dd:6b:a7:39:23:bd:e7:
4f:c1:ff:3a:6a:4c:a5:3b:29:c2:2c:93:27:34:75:79:8d:f3:
f1:cf:fc:79:ee:72:02:41:e0:1a:1b:d3:58:b4:f2:88:cd:cd:
73:ac:80:30:6c:a7:2e:68:47:23:ab:a5:a7:53:ed:2c:0b:76:
b7:be:d9:43:c2:5f:fc:74:de:16:c9:d2:c6:6f:54:2c:d6:64:
e6:53:13:32:ee:9f:c4:c1:86:10:bc:dc:17:58:53:0e:1f:db:
3f:f4:5d:52:b8:99:de:bb:a1:1b:42:5b:78:c7:42:12:ba:5b:
6b:4c:17:e8:3d:d7:32:4b:72:f1:37:19:97:58:80:1e:9c:38:
99:18:0c:03:ef:0d:90:ae:34:a5:0b:fe:17:4d:e7:fc:98:c8:
c5:cc:72:a7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQhskd6yCRWdxwRMwrCv/+WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MGIwNzQ1OWUyZjExNmZiNWE5N2YxMWJhZTc1YzBkYjQ5
MWMxOTYwHhcNMjUwMTAxMTE0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2RiZGZiNDAzODFmYTBkYjBlNjZhNDgwMWJiNWRkYWVjN2Y2MWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5q6+XwfnhXt6bUNAMN2O0GYJBqkZ
W3q7/MTAR1fjVyP/tT7u2fNJaCMcyscHys1jYE8oJMs2jJvvRHS3G4Eib5qdkX+r
I3O7/maEV3+OAPvEhzEsStwnOQ5feuqH7DTVjQQu2lclSVMkhrEAh12hAfWIk9Ww
zFgBXV7mXM9zWjEm213WzspjTUs3qAqrexqBgNas/azk4Cd478mpspRNJFVVZmJq
UA5eb5PLdH2TKvBCu1guWD3kmSsV3fpS7Ollss0GA9KHgou3kqDiJNi54lbdqxzR
FKRp9OOQeBHqiU1Zl385+YLjeBgpzKwHtv3hRBiPPJhADkyr+inT1HJlNQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLPb37QDgfoNsOZqSAG7Xdrsf2HjMB8GA1UdIwQY
MBaAFNcLB0WeLxFvtal/EbrnXA20kcGWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXdzSFJaNHZFVy0xcVg4UnV1ZGNEYlNSd1pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9kMDZmNWYtYWQ2OS00ODg1LThjNzEt
YWFjZTcwYWJjNmEwLzEvczl2ZnRBT0ItZzJ3NW1wSUFidGQydXhfWWVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9kMDZmNWYtYWQ2OS00ODg1LThjNzEtYWFjZTcwYWJjNmEw
LzEvMXdzSFJaNHZFVy0xcVg4UnV1ZGNEYlNSd1pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuRYAAwQC
ufFAMA0EAgACMAcDBQMqDJyAMA0GCSqGSIb3DQEBCwUAA4IBAQAptIZkfQvFQYW5
ah5nYyfG3y1WtFvf1XZjgxSv22pNOsYhvbLSMnJ4KXDQuix9ldGew/vte/Snxpzl
5i8kCjIgXbJnjLdpe7Cw8q4Uyr8xT/Kna3IBc1ho0jl0FG0KNSGx0c+qzt1rpzkj
vedPwf86akylOynCLJMnNHV5jfPxz/x57nICQeAaG9NYtPKIzc1zrIAwbKcuaEcj
q6WnU+0sC3a3vtlDwl/8dN4WydLGb1Qs1mTmUxMy7p/EwYYQvNwXWFMOH9s/9F1S
uJneu6EbQlt4x0ISultrTBfoPdcyS3LxNxmXWIAenDiZGAwD7w2QrjSlC/4XTef8
mMjFzHKn
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:58:47 2025 by rpki-client