Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/ed8eba-6bd4-4438-b3e0-c496f9cafa83/1/Lf8_T-o7ZHygGu0g3mlzua1_1HA.roa
File: Lf8_T-o7ZHygGu0g3mlzua1_1HA.roa (raw, json)
Hash identifier: CQIDTTHcfVlCnxAPq4hAkvv2QsASVNkVlmr+LBxrlLU=
Subject key identifier: 2D:FF:3F:4F:EA:3B:64:7C:A0:1A:ED:20:DE:69:73:B9:AD:7F:D4:70
Certificate issuer: /CN=7490ce6b6f8f750e03584ebbd7bdad0f11fbe31c
Certificate serial: 019423D6BC1F2D37F6CF4A017D994D4DBD25
Authority key identifier: 74:90:CE:6B:6F:8F:75:0E:03:58:4E:BB:D7:BD:AD:0F:11:FB:E3:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJDOa2-PdQ4DWE67172tDxH74xw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/ed8eba-6bd4-4438-b3e0-c496f9cafa83/1/Lf8_T-o7ZHygGu0g3mlzua1_1HA.roa
Signing time: Wed 01 Jan 2025 21:47:42 +0000
ROA not before: Wed 01 Jan 2025 21:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198473
IP address blocks: 2.59.184.0/22 maxlen: 22
91.235.100.0/24 maxlen: 24
185.149.229.0/24 maxlen: 24
185.149.230.0/24 maxlen: 24
2a10:b080::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:bc:1f:2d:37:f6:cf:4a:01:7d:99:4d:4d:bd:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7490ce6b6f8f750e03584ebbd7bdad0f11fbe31c
Validity
Not Before: Jan 1 21:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2dff3f4fea3b647ca01aed20de6973b9ad7fd470
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:3f:7a:a3:17:42:63:20:a9:34:7c:56:39:c9:
6d:af:74:6a:50:01:fc:ea:5f:df:19:6c:46:c4:ed:
88:06:75:99:47:ce:76:0f:8f:bc:2c:a5:26:ee:83:
db:7f:83:0a:da:26:42:c9:63:e5:02:02:8d:24:eb:
35:5f:87:05:34:83:be:4d:0d:63:b3:ef:c6:18:6e:
38:3b:b4:c8:e0:88:86:fb:c9:ae:f3:87:1f:ef:b1:
d8:ad:1f:be:8e:d6:6f:fa:70:9d:e6:e8:c4:14:bf:
82:27:da:9e:1e:3d:d2:b8:5a:f7:0a:67:01:17:42:
7b:e1:dd:fe:50:3f:15:59:e0:5f:74:ca:d4:01:9c:
5e:94:0c:f6:f4:9a:aa:e2:4c:61:af:30:a9:e7:c3:
19:03:11:cd:48:59:5e:3c:3c:56:6a:91:03:c0:b1:
db:0d:c5:a2:1e:66:2b:d7:d7:3f:bc:4b:45:16:5b:
e0:3b:19:93:a8:ff:a9:13:99:34:4f:a8:34:1a:68:
e4:81:84:1e:b0:ed:59:86:ce:91:19:4c:ec:1e:bf:
73:94:51:b8:2e:49:cf:17:ec:4f:f8:cd:08:b5:91:
40:6c:32:7e:57:f3:23:0d:f5:62:7c:29:31:53:89:
d3:67:ef:72:eb:ec:10:d1:a4:31:92:31:1d:49:f8:
9b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:FF:3F:4F:EA:3B:64:7C:A0:1A:ED:20:DE:69:73:B9:AD:7F:D4:70
X509v3 Authority Key Identifier:
keyid:74:90:CE:6B:6F:8F:75:0E:03:58:4E:BB:D7:BD:AD:0F:11:FB:E3:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJDOa2-PdQ4DWE67172tDxH74xw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/ed8eba-6bd4-4438-b3e0-c496f9cafa83/1/Lf8_T-o7ZHygGu0g3mlzua1_1HA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/ed8eba-6bd4-4438-b3e0-c496f9cafa83/1/dJDOa2-PdQ4DWE67172tDxH74xw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.184.0/22
91.235.100.0/24
185.149.229.0-185.149.230.255
IPv6:
2a10:b080::/29
Signature Algorithm: sha256WithRSAEncryption
60:33:03:6b:e3:c9:d5:32:23:25:00:e4:5c:72:3e:d0:f2:80:
11:74:30:2a:d0:a1:ec:8b:a2:14:46:d0:96:ad:3c:56:96:53:
95:14:6d:43:e0:68:ad:05:fb:c4:e2:9f:ea:f5:63:45:8c:00:
77:7f:95:3f:b9:e7:72:35:cb:50:6f:06:01:e9:93:63:47:9a:
5d:e5:50:90:50:46:20:95:c9:08:d2:35:70:23:87:74:0c:c9:
07:2a:60:66:90:9d:fb:95:d5:5f:23:03:a6:31:56:e1:8a:49:
65:a6:e6:26:14:dd:db:da:2e:7f:4d:f8:0e:1d:ab:25:7b:95:
7a:5f:77:fe:ea:ac:6f:60:95:cd:10:02:d0:cb:f8:f3:b2:80:
42:f1:ba:d2:7d:62:f6:2e:a8:52:5f:01:22:40:cf:f8:ce:d4:
70:7c:c8:e1:90:fa:de:a6:04:1d:2e:a6:f4:a4:c3:db:09:c2:
25:e1:fe:d0:67:3e:40:7c:f5:6e:6b:92:0f:fc:d1:ba:6a:30:
ba:25:2c:17:11:a4:9c:75:a4:57:f3:a3:d3:32:d8:b4:50:12:
e7:88:17:ce:ec:03:28:a9:94:df:b1:3f:55:ef:9f:cc:f0:e1:
ea:a3:54:a7:23:79:22:2c:1b:13:16:dc:07:0b:33:a2:09:42:
87:d5:2a:43
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQj1rwfLTf2z0oBfZlNTb0lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTBjZTZiNmY4Zjc1MGUwMzU4NGViYmQ3YmRhZDBmMTFm
YmUzMWMwHhcNMjUwMTAxMjE0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGZmM2Y0ZmVhM2I2NDdjYTAxYWVkMjBkZTY5NzNiOWFkN2ZkNDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApD96oxdCYyCpNHxWOcltr3RqUAH8
6l/fGWxGxO2IBnWZR852D4+8LKUm7oPbf4MK2iZCyWPlAgKNJOs1X4cFNIO+TQ1j
s+/GGG44O7TI4IiG+8mu84cf77HYrR++jtZv+nCd5ujEFL+CJ9qeHj3SuFr3CmcB
F0J74d3+UD8VWeBfdMrUAZxelAz29Jqq4kxhrzCp58MZAxHNSFlePDxWapEDwLHb
DcWiHmYr19c/vEtFFlvgOxmTqP+pE5k0T6g0GmjkgYQesO1Zhs6RGUzsHr9zlFG4
LknPF+xP+M0ItZFAbDJ+V/MjDfVifCkxU4nTZ+9y6+wQ0aQxkjEdSfibfQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFC3/P0/qO2R8oBrtIN5pc7mtf9RwMB8GA1UdIwQY
MBaAFHSQzmtvj3UOA1hOu9e9rQ8R++McMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpET2EyLVBkUTREV0U2NzE3MnREeEg3NHh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9lZDhlYmEtNmJkNC00NDM4LWIzZTAt
YzQ5NmY5Y2FmYTgzLzEvTGY4X1QtbzdaSHlnR3UwZzNtbHp1YTFfMUhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9lZDhlYmEtNmJkNC00NDM4LWIzZTAtYzQ5NmY5Y2FmYTgz
LzEvZEpET2EyLVBkUTREV0U2NzE3MnREeEg3NHh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCAju4AwQA
W+tkMAwDBAC5leUDBAC5leYwDQQCAAIwBwMFAyoQsIAwDQYJKoZIhvcNAQELBQAD
ggEBAGAzA2vjydUyIyUA5FxyPtDygBF0MCrQoeyLohRG0JatPFaWU5UUbUPgaK0F
+8Tin+r1Y0WMAHd/lT+553I1y1BvBgHpk2NHml3lUJBQRiCVyQjSNXAjh3QMyQcq
YGaQnfuV1V8jA6YxVuGKSWWm5iYU3dvaLn9N+A4dqyV7lXpfd/7qrG9glc0QAtDL
+POygELxutJ9YvYuqFJfASJAz/jO1HB8yOGQ+t6mBB0upvSkw9sJwiXh/tBnPkB8
9W5rkg/80bpqMLolLBcRpJx1pFfzo9My2LRQEueIF87sAyiplN+xP1Xvn8zw4eqj
VKcjeSIsGxMW3AcLM6IJQofVKkM=
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:24:18 2025 by rpki-client