Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/525952-7afb-443d-af0a-77c3e1c8f6de/1/n0PQVaq6lp0buyh71HmvCGJy3cY.roa
File: n0PQVaq6lp0buyh71HmvCGJy3cY.roa (raw, json)
Hash identifier: QL9cb+VrnWZDKfgvQ3BKYLRd9xHYcd+B/V/qEKLIfgU=
Subject key identifier: 9F:43:D0:55:AA:BA:96:9D:1B:BB:28:7B:D4:79:AF:08:62:72:DD:C6
Certificate issuer: /CN=c66261c339c5edf8d8c483f08e46b8480a805ef1
Certificate serial: 0194236A3B179FFACED045907D644D169E37
Authority key identifier: C6:62:61:C3:39:C5:ED:F8:D8:C4:83:F0:8E:46:B8:48:0A:80:5E:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJhwznF7fjYxIPwjka4SAqAXvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/525952-7afb-443d-af0a-77c3e1c8f6de/1/n0PQVaq6lp0buyh71HmvCGJy3cY.roa
Signing time: Wed 01 Jan 2025 19:49:12 +0000
ROA not before: Wed 01 Jan 2025 19:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202844
IP address blocks: 185.151.208.0/22 maxlen: 22
185.151.208.0/23 maxlen: 23
185.151.210.0/23 maxlen: 23
2a0e:e640::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:3b:17:9f:fa:ce:d0:45:90:7d:64:4d:16:9e:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66261c339c5edf8d8c483f08e46b8480a805ef1
Validity
Not Before: Jan 1 19:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f43d055aaba969d1bbb287bd479af086272ddc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:66:53:be:d9:44:32:7f:a0:86:27:5d:7d:77:
2d:b2:f2:66:b2:e3:48:d5:29:11:de:51:b4:2c:55:
60:15:0e:cb:d5:3f:6a:ee:70:d5:3a:14:9c:d3:0d:
fd:4b:2c:56:96:ce:fc:78:9c:99:51:e5:24:a3:02:
47:98:88:aa:df:e3:6b:d0:b7:e5:e7:1f:65:c5:7c:
37:6a:6a:5d:c7:f1:ec:ca:31:7a:d9:82:3f:5b:0e:
12:ce:74:c2:ca:46:19:dd:5f:3e:d8:00:83:f4:54:
11:1a:a1:14:5e:89:f3:13:72:40:77:81:ec:2d:7e:
f1:bf:e4:b8:34:03:ac:e1:8b:2c:16:f6:ec:8e:d1:
b5:58:53:db:42:c4:3d:48:68:d6:46:7c:2a:9c:af:
2e:62:aa:75:a0:49:7a:f1:31:4e:9e:ee:85:e6:1a:
61:d3:4e:fb:18:4a:8f:dc:70:21:dd:2d:47:dd:db:
22:50:25:a0:97:51:f7:c7:66:14:ac:ec:dc:89:9b:
29:a0:14:62:3e:46:f0:be:75:95:53:de:a1:84:69:
c5:35:8c:10:82:10:95:fc:fb:7e:3a:2c:4d:cf:ad:
e8:3e:3d:3f:3d:13:aa:9f:da:a9:d2:fe:f9:ca:74:
5d:db:02:66:1d:33:b6:33:10:08:8b:6e:27:ac:5f:
d6:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:43:D0:55:AA:BA:96:9D:1B:BB:28:7B:D4:79:AF:08:62:72:DD:C6
X509v3 Authority Key Identifier:
keyid:C6:62:61:C3:39:C5:ED:F8:D8:C4:83:F0:8E:46:B8:48:0A:80:5E:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJhwznF7fjYxIPwjka4SAqAXvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/525952-7afb-443d-af0a-77c3e1c8f6de/1/n0PQVaq6lp0buyh71HmvCGJy3cY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/525952-7afb-443d-af0a-77c3e1c8f6de/1/xmJhwznF7fjYxIPwjka4SAqAXvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.151.208.0/22
IPv6:
2a0e:e640::/29
Signature Algorithm: sha256WithRSAEncryption
4a:8c:0d:29:3c:db:10:95:ef:75:f3:05:9b:19:60:2d:b7:35:
fc:66:77:96:15:d2:78:ff:51:4a:2f:5d:04:6b:29:1b:30:c9:
ca:5d:b2:0a:2c:03:3b:c9:50:83:37:3f:25:a6:66:48:28:fa:
a8:7b:0b:89:ff:8d:4d:e4:87:30:b5:c5:ce:3f:ba:29:04:11:
9e:9f:bd:5a:7a:05:8d:1c:67:b4:00:d8:f9:e0:83:db:62:a2:
9e:57:8f:d0:fa:7e:5b:c0:d1:11:82:86:2d:44:80:98:3b:f9:
9e:9f:c1:b3:aa:d4:cf:f5:ee:b6:02:57:79:07:6b:68:0a:7a:
0b:67:85:db:5e:9b:b3:b6:21:43:09:eb:2d:91:82:a4:94:e7:
88:63:59:51:eb:6b:5f:96:7d:c7:9a:a2:b5:17:28:17:10:13:
41:b0:e9:2c:7f:6a:7e:d3:2e:f9:31:7c:f6:83:83:bc:a4:c3:
1d:9a:35:71:ca:f3:65:10:4a:10:2b:69:b7:8a:b3:57:3a:84:
75:f2:97:dc:f5:31:e5:2d:4f:22:81:a8:69:06:7d:4d:12:a9:
54:e9:52:9b:77:70:35:48:22:09:c5:87:c8:2a:bd:5b:b9:a0:
25:81:90:f8:cb:3a:bc:a8:3c:aa:66:9e:d9:39:51:ca:c6:5f:
6a:b6:45:ec
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQjajsXn/rO0EWQfWRNFp43MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2MWMzMzljNWVkZjhkOGM0ODNmMDhlNDZiODQ4MGE4
MDVlZjEwHhcNMjUwMTAxMTk0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjQzZDA1NWFhYmE5NjlkMWJiYjI4N2JkNDc5YWYwODYyNzJkZGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGZTvtlEMn+ghiddfXctsvJmsuNI
1SkR3lG0LFVgFQ7L1T9q7nDVOhSc0w39SyxWls78eJyZUeUkowJHmIiq3+Nr0Lfl
5x9lxXw3ampdx/HsyjF62YI/Ww4SznTCykYZ3V8+2ACD9FQRGqEUXonzE3JAd4Hs
LX7xv+S4NAOs4YssFvbsjtG1WFPbQsQ9SGjWRnwqnK8uYqp1oEl68TFOnu6F5hph
0077GEqP3HAh3S1H3dsiUCWgl1H3x2YUrOzciZspoBRiPkbwvnWVU96hhGnFNYwQ
ghCV/Pt+OixNz63oPj0/PROqn9qp0v75ynRd2wJmHTO2MxAIi24nrF/WKQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ9D0FWqupadG7soe9R5rwhict3GMB8GA1UdIwQY
MBaAFMZiYcM5xe342MSD8I5GuEgKgF7xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KaHd6bkY3ZmpZeElQd2prYTRTQXFBWHZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS81MjU5NTItN2FmYi00NDNkLWFmMGEt
NzdjM2UxYzhmNmRlLzEvbjBQUVZhcTZscDBidXloNzFIbXZDR0p5M2NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS81MjU5NTItN2FmYi00NDNkLWFmMGEtNzdjM2UxYzhmNmRl
LzEveG1KaHd6bkY3ZmpZeElQd2prYTRTQXFBWHZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZfQMA0E
AgACMAcDBQMqDuZAMA0GCSqGSIb3DQEBCwUAA4IBAQBKjA0pPNsQle918wWbGWAt
tzX8ZneWFdJ4/1FKL10EaykbMMnKXbIKLAM7yVCDNz8lpmZIKPqoewuJ/41N5Icw
tcXOP7opBBGen71aegWNHGe0ANj54IPbYqKeV4/Q+n5bwNERgoYtRICYO/men8Gz
qtTP9e62Ald5B2toCnoLZ4XbXpuztiFDCestkYKklOeIY1lR62tfln3HmqK1FygX
EBNBsOksf2p+0y75MXz2g4O8pMMdmjVxyvNlEEoQK2m3irNXOoR18pfc9THlLU8i
gahpBn1NEqlU6VKbd3A1SCIJxYfIKr1buaAlgZD4yzq8qDyqZp7ZOVHKxl9qtkXs
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:15:47 2025 by rpki-client