Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/bda3ef-4a2f-4ccc-b295-b22eb948515c/1/8aYlnDZg4v75vC6LNHm5OghRmm0.roa
File: 8aYlnDZg4v75vC6LNHm5OghRmm0.roa (raw, json)
Hash identifier: ST2fwGD3DZOiSeI3vgn+uSP6XW7Dy6QYeIzwYCfP/n0=
Subject key identifier: F1:A6:25:9C:36:60:E2:FE:F9:BC:2E:8B:34:79:B9:3A:08:51:9A:6D
Certificate issuer: /CN=e585baea62f8d60626248738c45dfbd221737f4c
Certificate serial: 019421B1857AADE80F64DDEE3960427369A9
Authority key identifier: E5:85:BA:EA:62:F8:D6:06:26:24:87:38:C4:5D:FB:D2:21:73:7F:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5YW66mL41gYmJIc4xF370iFzf0w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/bda3ef-4a2f-4ccc-b295-b22eb948515c/1/8aYlnDZg4v75vC6LNHm5OghRmm0.roa
Signing time: Wed 01 Jan 2025 11:47:49 +0000
ROA not before: Wed 01 Jan 2025 11:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200460
IP address blocks: 185.97.32.0/24 maxlen: 24
185.97.33.0/24 maxlen: 24
185.97.34.0/24 maxlen: 24
185.97.35.0/24 maxlen: 24
2a00:66c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:85:7a:ad:e8:0f:64:dd:ee:39:60:42:73:69:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e585baea62f8d60626248738c45dfbd221737f4c
Validity
Not Before: Jan 1 11:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f1a6259c3660e2fef9bc2e8b3479b93a08519a6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:3e:85:4d:6a:ed:a1:f5:78:11:0e:e6:cc:e0:
48:12:9e:75:7d:63:55:5e:35:ae:ae:77:74:c3:a6:
86:c5:b9:d0:ae:b5:e1:35:f7:78:44:76:3f:cc:12:
d1:f0:8d:31:3b:ef:f4:80:c6:60:75:ef:5b:f6:b6:
cd:d2:e8:0e:8c:f5:7e:d3:f8:2f:f3:d4:6a:30:9d:
77:f2:8b:79:d8:da:16:bd:41:05:15:aa:33:f9:d9:
5c:e7:cd:b4:9f:ea:5a:3f:1b:12:af:ac:8c:a7:a8:
2d:18:41:ba:8c:30:e4:f4:98:56:08:46:a0:36:38:
c3:f0:ef:de:de:da:28:d3:9c:e3:fb:58:1c:00:e7:
78:c0:13:fc:1d:fa:e1:62:7e:77:19:36:34:5a:ba:
2b:05:af:72:f4:5c:e9:30:36:ab:b3:ab:9b:79:8c:
17:77:df:a6:f0:bf:7c:b4:ef:bd:25:b8:21:99:a0:
ce:df:ac:f9:ac:38:38:46:ab:ad:e5:ce:17:7f:cc:
6d:1a:e9:70:e3:7b:e4:e2:36:71:ef:88:36:50:3f:
4f:bc:51:63:5f:2f:14:a3:26:84:1e:ff:42:46:d4:
6a:a4:9f:12:8d:0a:05:80:3c:cf:bf:5f:65:63:3c:
71:a0:65:50:19:fa:7f:1c:ec:5f:55:0b:b7:7b:01:
b4:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:A6:25:9C:36:60:E2:FE:F9:BC:2E:8B:34:79:B9:3A:08:51:9A:6D
X509v3 Authority Key Identifier:
keyid:E5:85:BA:EA:62:F8:D6:06:26:24:87:38:C4:5D:FB:D2:21:73:7F:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5YW66mL41gYmJIc4xF370iFzf0w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/bda3ef-4a2f-4ccc-b295-b22eb948515c/1/8aYlnDZg4v75vC6LNHm5OghRmm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/bda3ef-4a2f-4ccc-b295-b22eb948515c/1/5YW66mL41gYmJIc4xF370iFzf0w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.97.32.0/22
IPv6:
2a00:66c0::/32
Signature Algorithm: sha256WithRSAEncryption
97:49:61:9a:0b:ae:8b:9f:7b:62:4a:f0:58:37:58:65:22:cd:
d8:e4:99:db:0d:fd:99:68:38:0a:e2:73:39:f7:f9:27:50:a8:
ed:7b:a4:c3:9b:4b:40:01:16:44:15:66:5c:5e:7a:11:88:4d:
3d:bf:1f:ce:17:0e:ea:a7:e1:ac:68:91:63:49:8e:c2:5e:5d:
de:85:e6:87:72:9b:e4:c2:2a:68:07:b3:71:53:90:13:fb:b4:
46:93:ca:66:a1:7a:a3:f5:0e:8d:b2:f2:3d:b7:f9:9c:5d:97:
e6:44:b6:a3:fc:be:c4:75:ff:18:e6:a5:fa:1e:95:bc:83:de:
dc:2b:7f:8c:cd:22:d4:25:74:e4:51:c9:56:ce:e0:b8:b5:65:
d1:0d:52:c3:e9:d2:77:ae:0b:bd:00:42:b6:2e:7d:ce:45:1f:
57:dc:46:d8:f3:76:2b:e3:a3:a4:75:95:1e:aa:ef:1a:23:e6:
dc:62:b2:b4:19:4c:3a:30:13:01:9f:62:41:26:71:c4:2b:24:
f7:f7:ae:7b:1d:48:32:2f:61:91:24:fb:97:fe:3c:a0:ca:2b:
c7:6e:f8:f3:16:5d:60:bf:53:eb:e5:06:f4:cc:7a:51:55:f8:
9f:10:e6:a3:6e:0a:f7:4b:fb:85:3b:04:ad:8e:a2:73:86:a3:
4c:1d:f0:2f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhsYV6regPZN3uOWBCc2mpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ODViYWVhNjJmOGQ2MDYyNjI0ODczOGM0NWRmYmQyMjE3
MzdmNGMwHhcNMjUwMTAxMTE0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWE2MjU5YzM2NjBlMmZlZjliYzJlOGIzNDc5YjkzYTA4NTE5YTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmD6FTWrtofV4EQ7mzOBIEp51fWNV
XjWurnd0w6aGxbnQrrXhNfd4RHY/zBLR8I0xO+/0gMZgde9b9rbN0ugOjPV+0/gv
89RqMJ138ot52NoWvUEFFaoz+dlc5820n+paPxsSr6yMp6gtGEG6jDDk9JhWCEag
NjjD8O/e3too05zj+1gcAOd4wBP8HfrhYn53GTY0WrorBa9y9FzpMDars6ubeYwX
d9+m8L98tO+9JbghmaDO36z5rDg4Rqut5c4Xf8xtGulw43vk4jZx74g2UD9PvFFj
Xy8UoyaEHv9CRtRqpJ8SjQoFgDzPv19lYzxxoGVQGfp/HOxfVQu3ewG06wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPGmJZw2YOL++bwuizR5uToIUZptMB8GA1UdIwQY
MBaAFOWFuupi+NYGJiSHOMRd+9Ihc39MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVlXNjZtTDQxZ1ltSkljNHhGMzcwaUZ6ZjB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9iZGEzZWYtNGEyZi00Y2NjLWIyOTUt
YjIyZWI5NDg1MTVjLzEvOGFZbG5EWmc0djc1dkM2TE5IbTVPZ2hSbW0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9iZGEzZWYtNGEyZi00Y2NjLWIyOTUtYjIyZWI5NDg1MTVj
LzEvNVlXNjZtTDQxZ1ltSkljNHhGMzcwaUZ6ZjB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWEgMA0E
AgACMAcDBQAqAGbAMA0GCSqGSIb3DQEBCwUAA4IBAQCXSWGaC66Ln3tiSvBYN1hl
Is3Y5JnbDf2ZaDgK4nM59/knUKjte6TDm0tAARZEFWZcXnoRiE09vx/OFw7qp+Gs
aJFjSY7CXl3eheaHcpvkwipoB7NxU5AT+7RGk8pmoXqj9Q6NsvI9t/mcXZfmRLaj
/L7Edf8Y5qX6HpW8g97cK3+MzSLUJXTkUclWzuC4tWXRDVLD6dJ3rgu9AEK2Ln3O
RR9X3EbY83Yr46OkdZUequ8aI+bcYrK0GUw6MBMBn2JBJnHEKyT39657HUgyL2GR
JPuX/jygyivHbvjzFl1gv1Pr5Qb0zHpRVfifEOajbgr3S/uFOwStjqJzhqNMHfAv
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:57:56 2025 by rpki-client