Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/53d56a-096e-458a-9a94-08a68632a63a/1/dagjZoA2cgv7IOwssRcqkxBEGlA.roa
File: dagjZoA2cgv7IOwssRcqkxBEGlA.roa (raw, json)
Hash identifier: MlQsKiZwSfxtbg0qv4PHAKQxosBgQWpaFiAz9StErlg=
Subject key identifier: 75:A8:23:66:80:36:72:0B:FB:20:EC:2C:B1:17:2A:93:10:44:1A:50
Certificate issuer: /CN=709d69957d333432accac810231e289388e302e2
Certificate serial: 019425218663A013E65ECA0F84A4659F4A3B
Authority key identifier: 70:9D:69:95:7D:33:34:32:AC:CA:C8:10:23:1E:28:93:88:E3:02:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJ1plX0zNDKsysgQIx4ok4jjAuI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/53d56a-096e-458a-9a94-08a68632a63a/1/dagjZoA2cgv7IOwssRcqkxBEGlA.roa
Signing time: Thu 02 Jan 2025 03:49:01 +0000
ROA not before: Thu 02 Jan 2025 03:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197183
IP address blocks: 185.114.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:86:63:a0:13:e6:5e:ca:0f:84:a4:65:9f:4a:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=709d69957d333432accac810231e289388e302e2
Validity
Not Before: Jan 2 03:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75a823668036720bfb20ec2cb1172a9310441a50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e0:3b:ba:fb:34:e1:66:40:2e:0e:0d:cb:8a:
0a:cd:f4:49:09:87:d1:55:ca:04:cf:ea:69:96:ad:
49:df:94:0d:97:15:23:8e:6b:79:98:86:91:bb:9e:
9c:1b:e6:da:f9:76:8a:20:2e:e2:a0:a8:2b:ba:be:
31:ab:0f:3e:40:50:37:f6:e7:28:b4:7d:16:8f:82:
c3:c4:65:4b:21:8f:cc:2e:1c:db:3e:d9:eb:38:56:
02:ee:66:0b:81:e6:51:0a:3d:80:95:eb:c1:7e:4f:
da:07:52:db:24:88:14:15:58:97:49:17:d5:1a:cc:
48:e7:df:11:86:3f:ae:3f:77:04:03:3c:5f:f8:c8:
cd:26:ce:9b:b7:ad:b8:9e:98:e3:d4:2f:65:0e:75:
7c:c2:73:b4:10:41:df:13:48:3b:9d:8b:fc:30:43:
5f:bf:33:9f:9e:18:ea:68:5d:2d:db:8d:23:e0:33:
4b:00:47:56:16:6a:7f:f2:7f:8c:7d:77:ed:d6:ed:
a9:2a:93:c1:78:21:de:43:ef:aa:15:c5:10:31:bd:
14:45:18:23:d1:78:28:93:57:79:19:22:81:35:27:
88:f6:96:91:2e:de:10:29:d5:67:4a:8c:3d:d1:04:
05:76:9c:29:90:64:0d:21:fa:05:6a:04:23:bd:bc:
bb:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:A8:23:66:80:36:72:0B:FB:20:EC:2C:B1:17:2A:93:10:44:1A:50
X509v3 Authority Key Identifier:
keyid:70:9D:69:95:7D:33:34:32:AC:CA:C8:10:23:1E:28:93:88:E3:02:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJ1plX0zNDKsysgQIx4ok4jjAuI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/53d56a-096e-458a-9a94-08a68632a63a/1/dagjZoA2cgv7IOwssRcqkxBEGlA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/53d56a-096e-458a-9a94-08a68632a63a/1/cJ1plX0zNDKsysgQIx4ok4jjAuI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.175.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:3f:f1:4a:dc:32:3a:c0:af:a8:f5:42:57:f8:93:e5:0d:a3:
65:cb:36:7c:74:37:dd:4d:21:e9:df:f9:26:87:7b:50:67:35:
3f:af:28:b4:ef:ca:b9:f3:b1:c6:e0:7e:0e:f4:3b:e2:9f:4f:
02:6b:6a:95:18:7b:0a:d2:5a:59:59:30:a6:26:be:6a:47:66:
09:5a:b6:f8:48:74:39:9a:d4:73:e3:e7:0d:1f:e3:d2:e7:e0:
0f:8b:9d:c9:81:ac:b9:3a:4a:a6:68:87:f1:57:48:af:27:1e:
38:62:3f:cb:74:b0:48:86:ef:31:31:ae:dd:3b:85:36:bc:27:
33:e5:37:e6:6e:d4:36:11:9b:84:49:49:bd:68:9b:b3:3b:1f:
64:bb:36:4c:cb:5c:c6:ad:e8:67:81:0e:52:42:a0:6d:63:10:
9d:f9:41:6f:82:7a:db:0f:e9:e9:b0:0e:ec:16:a5:40:98:c9:
b3:34:df:7e:5f:f3:3a:be:38:c5:3d:03:78:95:cc:0c:27:83:
0b:d3:47:9a:9d:87:fb:db:7a:1a:b3:b3:17:e8:cd:8d:48:a1:
ff:a1:6f:40:41:07:bb:a4:dc:7f:94:95:f9:e1:e6:3c:14:02:
98:36:be:ee:33:1c:03:05:6b:ce:1b:07:40:46:de:53:04:01:
d4:00:56:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIYZjoBPmXsoPhKRln0o7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOWQ2OTk1N2QzMzM0MzJhY2NhYzgxMDIzMWUyODkzODhl
MzAyZTIwHhcNMjUwMTAyMDM0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWE4MjM2NjgwMzY3MjBiZmIyMGVjMmNiMTE3MmE5MzEwNDQxYTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzuA7uvs04WZALg4Ny4oKzfRJCYfR
VcoEz+pplq1J35QNlxUjjmt5mIaRu56cG+ba+XaKIC7ioKgrur4xqw8+QFA39uco
tH0Wj4LDxGVLIY/MLhzbPtnrOFYC7mYLgeZRCj2AlevBfk/aB1LbJIgUFViXSRfV
GsxI598Rhj+uP3cEAzxf+MjNJs6bt624npjj1C9lDnV8wnO0EEHfE0g7nYv8MENf
vzOfnhjqaF0t240j4DNLAEdWFmp/8n+MfXft1u2pKpPBeCHeQ++qFcUQMb0URRgj
0Xgok1d5GSKBNSeI9paRLt4QKdVnSow90QQFdpwpkGQNIfoFagQjvby7GQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHWoI2aANnIL+yDsLLEXKpMQRBpQMB8GA1UdIwQY
MBaAFHCdaZV9MzQyrMrIECMeKJOI4wLiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0oxcGxYMHpOREtzeXNnUUl4NG9rNGpqQXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81M2Q1NmEtMDk2ZS00NThhLTlhOTQt
MDhhNjg2MzJhNjNhLzEvZGFnalpvQTJjZ3Y3SU93c3NSY3FreEJFR2xBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81M2Q1NmEtMDk2ZS00NThhLTlhOTQtMDhhNjg2MzJhNjNh
LzEvY0oxcGxYMHpOREtzeXNnUUl4NG9rNGpqQXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXKvMA0G
CSqGSIb3DQEBCwUAA4IBAQCPP/FK3DI6wK+o9UJX+JPlDaNlyzZ8dDfdTSHp3/km
h3tQZzU/ryi078q587HG4H4O9Dvin08Ca2qVGHsK0lpZWTCmJr5qR2YJWrb4SHQ5
mtRz4+cNH+PS5+APi53Jgay5OkqmaIfxV0ivJx44Yj/LdLBIhu8xMa7dO4U2vCcz
5TfmbtQ2EZuESUm9aJuzOx9kuzZMy1zGrehngQ5SQqBtYxCd+UFvgnrbD+npsA7s
FqVAmMmzNN9+X/M6vjjFPQN4lcwMJ4ML00eanYf723oas7MX6M2NSKH/oW9AQQe7
pNx/lJX54eY8FAKYNr7uMxwDBWvOGwdARt5TBAHUAFZD
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:15:03 2025 by rpki-client