Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/bbed40-6281-48bf-9e9d-31d5ac3ac9b5/1/1UUzQz9IbF2e66Ol4cJrdmQHvcw.roa
File: 1UUzQz9IbF2e66Ol4cJrdmQHvcw.roa (raw, json)
Hash identifier: 4KAvXD05gs+2GPIvm1DcbHtSbkzi/2GtGdiO5Z3sJAE=
Subject key identifier: D5:45:33:43:3F:48:6C:5D:9E:EB:A3:A5:E1:C2:6B:76:64:07:BD:CC
Certificate issuer: /CN=2b7c4264dacdfacb3b7a3aeeed565975aa52434c
Certificate serial: 0185AAC486507E0B9D945390240A47BD2230
Authority key identifier: 2B:7C:42:64:DA:CD:FA:CB:3B:7A:3A:EE:ED:56:59:75:AA:52:43:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K3xCZNrN-ss7ejru7VZZdapSQ0w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/bbed40-6281-48bf-9e9d-31d5ac3ac9b5/1/1UUzQz9IbF2e66Ol4cJrdmQHvcw.roa
Signing time: Fri 13 Jan 2023 10:54:44 +0000
ROA not before: Fri 13 Jan 2023 10:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34762
IP address blocks: 185.190.84.0/22 maxlen: 24
185.190.86.0/23 maxlen: 24
185.175.196.0/22 maxlen: 24
2a0a:640::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:aa:c4:86:50:7e:0b:9d:94:53:90:24:0a:47:bd:22:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b7c4264dacdfacb3b7a3aeeed565975aa52434c
Validity
Not Before: Jan 13 10:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d54533433f486c5d9eeba3a5e1c26b766407bdcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:b5:cf:57:7c:3e:0a:18:d0:e1:7e:de:23:ae:
0f:3b:07:4b:aa:25:cd:e1:b4:d2:35:06:4b:22:a5:
2f:ff:a3:a9:c4:93:a5:3e:c5:23:84:46:6f:97:ec:
3b:c0:1c:e7:77:9b:31:ff:c3:5e:aa:78:20:12:e7:
18:e9:53:f8:69:88:98:cb:eb:ea:27:67:9c:41:e5:
7d:85:7c:63:ad:4a:87:91:9d:a5:d9:6d:77:83:0b:
d7:0f:ec:91:fd:24:f1:9f:10:ff:47:32:5e:9e:72:
51:6e:26:7d:8c:0e:7f:67:39:9a:b6:4e:4e:ef:50:
60:5d:4b:90:e7:de:76:ed:01:22:40:ab:fe:ef:44:
4b:a4:f7:5d:e0:cf:af:6c:c3:7f:38:70:30:64:ab:
b0:59:48:5a:c7:58:43:73:3a:e1:32:0d:13:28:c7:
e5:b7:4f:de:44:2b:a0:5e:36:9a:b5:dd:0b:b5:47:
3c:2c:53:17:cf:ed:43:21:29:94:54:da:f7:f8:72:
34:eb:ec:13:83:8f:8e:cb:b1:67:77:fe:dd:c3:b7:
50:dc:a1:48:3f:e6:2d:e9:40:b4:23:df:e1:25:94:
23:a5:52:1d:06:3c:b9:8d:6a:43:bb:c4:1d:48:db:
77:37:41:7f:52:33:fe:d3:a5:cf:81:ad:7d:e8:77:
c5:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:45:33:43:3F:48:6C:5D:9E:EB:A3:A5:E1:C2:6B:76:64:07:BD:CC
X509v3 Authority Key Identifier:
keyid:2B:7C:42:64:DA:CD:FA:CB:3B:7A:3A:EE:ED:56:59:75:AA:52:43:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K3xCZNrN-ss7ejru7VZZdapSQ0w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bbed40-6281-48bf-9e9d-31d5ac3ac9b5/1/1UUzQz9IbF2e66Ol4cJrdmQHvcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bbed40-6281-48bf-9e9d-31d5ac3ac9b5/1/K3xCZNrN-ss7ejru7VZZdapSQ0w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.175.196.0/22
185.190.84.0/22
IPv6:
2a0a:640::/32
Signature Algorithm: sha256WithRSAEncryption
24:e3:f1:3c:8d:72:39:e9:7d:4d:1b:9e:b9:72:b0:a6:70:9a:
88:16:6b:bf:33:10:84:7a:d6:eb:59:f1:3a:d9:ca:ea:9c:9d:
3f:1e:e2:32:cb:cf:30:a1:6d:a7:d2:fb:9a:12:2e:b7:af:18:
ba:0b:1a:e0:bf:eb:a5:40:03:d7:00:11:8c:11:cd:30:6a:dc:
a4:e7:d6:6d:90:0b:a5:08:87:41:27:6b:29:b6:73:10:15:14:
8d:5f:ff:17:8f:f8:2b:28:1e:dc:81:17:d3:d7:21:8d:15:e8:
f9:10:db:4f:33:ea:c9:81:c7:d6:80:54:b2:35:76:8e:a2:f7:
cb:7e:72:70:1f:8c:7b:87:9b:ea:29:9c:dd:c3:bf:29:56:d8:
71:aa:68:01:f8:c0:42:af:0c:44:df:53:d6:28:2d:f4:0f:d8:
07:4a:e5:e0:63:36:11:ad:1b:37:a6:83:25:72:dc:ba:da:fb:
96:57:43:19:9f:ee:1f:51:24:1d:b7:14:7d:c0:d5:99:0f:e1:
7f:75:3f:d7:92:83:4c:25:c4:57:bd:d1:cf:a5:01:e2:e5:c2:
ed:59:3d:2e:0b:cf:37:4d:85:ef:9a:62:65:3b:50:1f:71:08:
c9:c5:7c:5b:87:87:d3:0d:2d:88:83:b0:a2:cf:2a:26:1c:d3:
02:62:0b:95
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYWqxIZQfgudlFOQJApHvSIwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiN2M0MjY0ZGFjZGZhY2IzYjdhM2FlZWVkNTY1OTc1YWE1
MjQzNGMwHhcNMjMwMTEzMTA1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTQ1MzM0MzNmNDg2YzVkOWVlYmEzYTVlMWMyNmI3NjY0MDdiZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrXPV3w+ChjQ4X7eI64POwdLqiXN
4bTSNQZLIqUv/6OpxJOlPsUjhEZvl+w7wBznd5sx/8NeqnggEucY6VP4aYiYy+vq
J2ecQeV9hXxjrUqHkZ2l2W13gwvXD+yR/STxnxD/RzJennJRbiZ9jA5/Zzmatk5O
71BgXUuQ59527QEiQKv+70RLpPdd4M+vbMN/OHAwZKuwWUhax1hDczrhMg0TKMfl
t0/eRCugXjaatd0LtUc8LFMXz+1DISmUVNr3+HI06+wTg4+Oy7Fnd/7dw7dQ3KFI
P+Yt6UC0I9/hJZQjpVIdBjy5jWpDu8QdSNt3N0F/UjP+06XPga196HfFsQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNVFM0M/SGxdnuujpeHCa3ZkB73MMB8GA1UdIwQY
MBaAFCt8QmTazfrLO3o67u1WWXWqUkNMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzN4Q1pOck4tc3M3ZWpydTdWWlpkYXBTUTB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iYmVkNDAtNjI4MS00OGJmLTllOWQt
MzFkNWFjM2FjOWI1LzEvMVVVelF6OUliRjJlNjZPbDRjSnJkbVFIdmN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9iYmVkNDAtNjI4MS00OGJmLTllOWQtMzFkNWFjM2FjOWI1
LzEvSzN4Q1pOck4tc3M3ZWpydTdWWlpkYXBTUTB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCua/EAwQC
ub5UMA0EAgACMAcDBQAqCgZAMA0GCSqGSIb3DQEBCwUAA4IBAQAk4/E8jXI56X1N
G565crCmcJqIFmu/MxCEetbrWfE62crqnJ0/HuIyy88woW2n0vuaEi63rxi6Cxrg
v+ulQAPXABGMEc0watyk59ZtkAulCIdBJ2sptnMQFRSNX/8Xj/grKB7cgRfT1yGN
Fej5ENtPM+rJgcfWgFSyNXaOovfLfnJwH4x7h5vqKZzdw78pVthxqmgB+MBCrwxE
31PWKC30D9gHSuXgYzYRrRs3poMlcty62vuWV0MZn+4fUSQdtxR9wNWZD+F/dT/X
koNMJcRXvdHPpQHi5cLtWT0uC883TYXvmmJlO1AfcQjJxXxbh4fTDS2Ig7Cizyom
HNMCYguV
-----END CERTIFICATE-----
Generated at Tue Apr 29 20:17:55 2025 by rpki-client