Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/k0j78iVx37wwO7bDjCAVoyijDeU.roa
File: k0j78iVx37wwO7bDjCAVoyijDeU.roa (raw, json)
Hash identifier: x4YCjAIVRyxgn0vQG0zlSLFCcDO0MbVYoCzpTeJPa0I=
Subject key identifier: 93:48:FB:F2:25:71:DF:BC:30:3B:B6:C3:8C:20:15:A3:28:A3:0D:E5
Certificate issuer: /CN=3e24c7ecfa37d2487152fb9bbbab50be79de2619
Certificate serial: 019420684F8517525F7BDE112829B197EA4E
Authority key identifier: 3E:24:C7:EC:FA:37:D2:48:71:52:FB:9B:BB:AB:50:BE:79:DE:26:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/k0j78iVx37wwO7bDjCAVoyijDeU.roa
Signing time: Wed 01 Jan 2025 05:48:14 +0000
ROA not before: Wed 01 Jan 2025 05:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 185.71.228.0/24 maxlen: 24
185.71.229.0/24 maxlen: 24
185.125.84.0/24 maxlen: 24
193.0.181.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:4f:85:17:52:5f:7b:de:11:28:29:b1:97:ea:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e24c7ecfa37d2487152fb9bbbab50be79de2619
Validity
Not Before: Jan 1 05:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9348fbf22571dfbc303bb6c38c2015a328a30de5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:6d:e3:03:f2:72:e7:5c:8b:d6:d4:7b:2a:5d:
11:78:41:71:8f:b5:b8:2f:e2:3f:de:5c:16:b1:1f:
7b:84:de:89:fc:a0:05:63:d3:6f:0f:ee:7d:a5:b9:
51:7b:c0:c2:e1:1a:e7:67:28:2d:80:bf:99:5c:c8:
c5:d4:10:68:0d:7a:b0:69:32:25:92:81:1b:84:9a:
5f:e4:ab:85:a4:95:70:60:0a:c4:9e:18:d1:1e:65:
08:2d:a7:d3:76:6e:68:71:94:75:e7:f0:b9:c0:4a:
7b:ba:54:53:29:2c:e2:3e:b0:3e:4c:10:0c:f1:8c:
12:ff:26:c6:bb:85:b0:ee:67:87:43:a7:30:4b:0b:
cc:9b:f7:50:18:a3:ba:54:04:69:d1:35:8c:8d:0e:
bd:75:b3:ee:32:06:e6:67:8c:c8:0e:b8:40:eb:54:
bf:b9:58:4b:0c:59:88:83:b0:a3:0e:a6:48:35:e7:
86:4e:d9:97:ff:49:2d:b7:61:18:82:26:22:93:cc:
d1:0f:80:4e:f0:02:4d:d6:93:7e:a8:53:0a:34:22:
9b:30:81:50:c6:fd:0c:12:b0:65:fa:8c:79:9c:6d:
37:a9:c2:6c:dc:c2:fe:c1:81:4c:dc:c8:ec:1e:03:
f3:89:57:c3:a3:b9:99:0c:36:25:22:74:34:68:43:
2a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:48:FB:F2:25:71:DF:BC:30:3B:B6:C3:8C:20:15:A3:28:A3:0D:E5
X509v3 Authority Key Identifier:
keyid:3E:24:C7:EC:FA:37:D2:48:71:52:FB:9B:BB:AB:50:BE:79:DE:26:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/k0j78iVx37wwO7bDjCAVoyijDeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/PiTH7Po30khxUvubu6tQvnneJhk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.228.0/23
185.125.84.0/24
193.0.181.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:50:c2:85:e8:39:15:6c:56:34:c2:54:7d:14:33:36:0e:97:
69:81:f5:73:2f:16:d6:c2:90:cb:6c:e5:ec:ca:e7:17:01:41:
b7:c3:78:61:41:19:d8:17:00:45:d7:b1:62:66:cf:f2:62:2c:
ac:6c:22:64:8e:66:be:9f:21:fa:32:15:7e:8d:a8:79:6e:38:
7b:bf:0b:be:d9:1f:32:0c:0b:5e:5a:3b:cc:64:b0:21:95:a1:
f2:1a:29:f9:56:bd:1d:77:f5:5c:d3:94:61:a9:00:3d:a3:7d:
e5:80:1d:0d:0c:d2:7e:20:bf:2f:87:2e:f5:8f:83:d8:c9:ec:
80:93:f7:6c:e0:cf:27:7f:0f:37:9f:5f:e1:6e:6c:6c:7f:41:
fe:f4:69:86:f8:f1:1c:aa:47:6f:9d:36:de:77:9f:81:55:32:
ef:52:94:cb:50:2e:7f:04:38:ba:36:71:c1:be:fb:4c:dd:b6:
ef:a9:03:91:a3:c6:6a:44:25:7d:b4:ad:fb:11:f5:fd:97:37:
58:21:d6:ae:0e:2a:a1:46:b8:33:da:43:0f:d0:2d:31:97:83:
0e:87:26:aa:39:4f:50:34:a1:ca:ed:54:27:04:17:6a:b1:62:
40:96:62:2b:78:60:91:67:4b:e4:85:4e:db:43:37:68:6f:55:
e1:54:66:33
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQgaE+FF1Jfe94RKCmxl+pOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjRjN2VjZmEzN2QyNDg3MTUyZmI5YmJiYWI1MGJlNzlk
ZTI2MTkwHhcNMjUwMTAxMDU0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzQ4ZmJmMjI1NzFkZmJjMzAzYmI2YzM4YzIwMTVhMzI4YTMwZGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlG3jA/Jy51yL1tR7Kl0ReEFxj7W4
L+I/3lwWsR97hN6J/KAFY9NvD+59pblRe8DC4RrnZygtgL+ZXMjF1BBoDXqwaTIl
koEbhJpf5KuFpJVwYArEnhjRHmUILafTdm5ocZR15/C5wEp7ulRTKSziPrA+TBAM
8YwS/ybGu4Ww7meHQ6cwSwvMm/dQGKO6VARp0TWMjQ69dbPuMgbmZ4zIDrhA61S/
uVhLDFmIg7CjDqZINeeGTtmX/0ktt2EYgiYik8zRD4BO8AJN1pN+qFMKNCKbMIFQ
xv0MErBl+ox5nG03qcJs3ML+wYFM3MjsHgPziVfDo7mZDDYlInQ0aEMqhwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJNI+/Ilcd+8MDu2w4wgFaMoow3lMB8GA1UdIwQY
MBaAFD4kx+z6N9JIcVL7m7urUL553iYZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlUSDdQbzMwa2h4VXZ1YnU2dFF2bm5lSmhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zOWE1ZmMtZDI2ZS00ZDUzLTkxZTMt
NDkzZDc3NGFhMWZmLzEvazBqNzhpVngzN3d3TzdiRGpDQVZveWlqRGVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8zOWE1ZmMtZDI2ZS00ZDUzLTkxZTMtNDkzZDc3NGFhMWZm
LzEvUGlUSDdQbzMwa2h4VXZ1YnU2dFF2bm5lSmhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBuUfkAwQA
uX1UAwQAwQC1MA0GCSqGSIb3DQEBCwUAA4IBAQCrUMKF6DkVbFY0wlR9FDM2Dpdp
gfVzLxbWwpDLbOXsyucXAUG3w3hhQRnYFwBF17FiZs/yYiysbCJkjma+nyH6MhV+
jah5bjh7vwu+2R8yDAteWjvMZLAhlaHyGin5Vr0dd/Vc05RhqQA9o33lgB0NDNJ+
IL8vhy71j4PYyeyAk/ds4M8nfw83n1/hbmxsf0H+9GmG+PEcqkdvnTbed5+BVTLv
UpTLUC5/BDi6NnHBvvtM3bbvqQORo8ZqRCV9tK37EfX9lzdYIdauDiqhRrgz2kMP
0C0xl4MOhyaqOU9QNKHK7VQnBBdqsWJAlmIreGCRZ0vkhU7bQzdob1XhVGYz
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:24:01 2025 by rpki-client