Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/cb51f5-a843-49c4-9f19-10eb8adfea7e/1/C2SAzy7mKgCswx8rNIKEBdaDIlQ.roa
File: C2SAzy7mKgCswx8rNIKEBdaDIlQ.roa (raw, json)
Hash identifier: wG/EXCjH8YdNKE8/gDy3nKvr8/OTyii7rZL0CvSQyLI=
Subject key identifier: 0B:64:80:CF:2E:E6:2A:00:AC:C3:1F:2B:34:82:84:05:D6:83:22:54
Certificate issuer: /CN=e3d0a84bab3def41d6aaa9028de7a475d32d12bd
Certificate serial: 0194228E1BB21C457658A25F2A26C13BA1D1
Authority key identifier: E3:D0:A8:4B:AB:3D:EF:41:D6:AA:A9:02:8D:E7:A4:75:D3:2D:12:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/49CoS6s970HWqqkCjeekddMtEr0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/cb51f5-a843-49c4-9f19-10eb8adfea7e/1/C2SAzy7mKgCswx8rNIKEBdaDIlQ.roa
Signing time: Wed 01 Jan 2025 15:48:45 +0000
ROA not before: Wed 01 Jan 2025 15:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8220
IP address blocks: 185.238.141.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:1b:b2:1c:45:76:58:a2:5f:2a:26:c1:3b:a1:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3d0a84bab3def41d6aaa9028de7a475d32d12bd
Validity
Not Before: Jan 1 15:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b6480cf2ee62a00acc31f2b34828405d6832254
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:8c:97:a7:a9:49:ac:61:6d:3e:e6:ae:28:2c:
50:2e:9a:ff:f9:42:bc:db:de:7b:69:75:97:1f:7b:
0a:d2:ef:dd:8b:7e:08:44:d0:e2:ff:3b:0a:20:d5:
e1:73:7b:48:bf:e8:4e:55:fb:bc:8f:07:48:5d:62:
95:be:fe:69:b2:7d:4b:4f:70:ba:35:11:bc:8e:5b:
6a:14:5e:ad:05:29:a2:78:91:da:1f:50:26:a1:db:
f8:7e:b8:eb:17:3d:d9:41:82:54:c9:42:76:b5:1c:
2f:c3:0c:8d:24:9d:d4:2a:c9:23:70:99:74:3e:bb:
c9:52:ed:5d:da:0f:75:8a:0c:28:dd:8a:23:2e:ee:
45:59:a8:59:ef:ed:af:80:a0:79:b4:ad:31:45:f3:
46:d4:fd:40:01:95:87:c1:32:86:e7:5f:22:0c:1d:
a2:57:35:3e:3d:0b:ca:00:56:f4:40:1f:26:2f:70:
0e:9e:5c:8f:c9:ee:a3:b6:0d:b6:27:39:6b:7c:97:
2e:bf:24:4e:e7:51:ce:62:d1:46:70:ba:c8:64:10:
fe:66:9c:03:54:47:91:f3:71:2f:d4:5d:4b:b5:bb:
4f:49:72:12:46:31:37:e5:31:15:3a:bc:98:90:e8:
03:ef:c5:aa:6f:a3:3a:f8:4b:db:fa:5d:17:1f:0f:
0d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:64:80:CF:2E:E6:2A:00:AC:C3:1F:2B:34:82:84:05:D6:83:22:54
X509v3 Authority Key Identifier:
keyid:E3:D0:A8:4B:AB:3D:EF:41:D6:AA:A9:02:8D:E7:A4:75:D3:2D:12:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/49CoS6s970HWqqkCjeekddMtEr0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/cb51f5-a843-49c4-9f19-10eb8adfea7e/1/C2SAzy7mKgCswx8rNIKEBdaDIlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/cb51f5-a843-49c4-9f19-10eb8adfea7e/1/49CoS6s970HWqqkCjeekddMtEr0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.141.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:9f:5e:07:76:43:14:d3:74:fe:ef:3f:a2:7b:bf:29:45:a3:
37:ad:68:77:58:d7:99:14:55:78:6f:0d:5c:d7:7c:aa:99:b8:
e2:be:1b:d9:a8:b6:3c:17:0e:65:e0:ca:2b:af:5d:d4:4e:37:
3c:2c:b1:6e:c1:ee:47:64:48:e9:81:e8:5c:05:82:50:14:12:
af:ed:ac:e0:0a:ed:94:fa:aa:82:5d:15:81:bd:c9:2e:e8:ae:
55:aa:2f:17:e0:a3:88:9b:71:06:83:6e:4b:a2:e1:7d:f4:e5:
e8:0c:33:71:81:7c:9d:c6:f1:44:83:47:6a:a2:14:46:d1:8c:
a8:6b:fa:ab:e8:cc:12:8f:4c:cf:4a:cd:68:97:30:b6:0f:b6:
ed:e8:54:18:56:ce:bb:62:db:c9:9c:89:f6:05:8c:5e:d5:cc:
e1:78:dd:8e:ad:ce:98:9e:eb:33:c5:7d:3f:81:e3:16:c0:9f:
12:51:cc:34:7b:81:72:2f:83:d4:e2:d4:30:74:79:d2:b7:36:
c5:cb:74:f5:d0:9b:40:51:fe:5d:ce:a2:29:f4:7a:4c:5c:ba:
9b:55:d1:04:13:00:a9:73:2f:8a:b7:0d:95:38:df:0d:8a:e7:
73:c1:f5:25:7a:73:51:fa:18:c2:9e:41:bc:c0:d3:68:26:d6:
4c:06:c0:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijhuyHEV2WKJfKibBO6HRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzZDBhODRiYWIzZGVmNDFkNmFhYTkwMjhkZTdhNDc1ZDMy
ZDEyYmQwHhcNMjUwMTAxMTU0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjY0ODBjZjJlZTYyYTAwYWNjMzFmMmIzNDgyODQwNWQ2ODMyMjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIyXp6lJrGFtPuauKCxQLpr/+UK8
2957aXWXH3sK0u/di34IRNDi/zsKINXhc3tIv+hOVfu8jwdIXWKVvv5psn1LT3C6
NRG8jltqFF6tBSmieJHaH1Amodv4frjrFz3ZQYJUyUJ2tRwvwwyNJJ3UKskjcJl0
PrvJUu1d2g91igwo3YojLu5FWahZ7+2vgKB5tK0xRfNG1P1AAZWHwTKG518iDB2i
VzU+PQvKAFb0QB8mL3AOnlyPye6jtg22JzlrfJcuvyRO51HOYtFGcLrIZBD+ZpwD
VEeR83Ev1F1LtbtPSXISRjE35TEVOryYkOgD78Wqb6M6+Evb+l0XHw8NzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAtkgM8u5ioArMMfKzSChAXWgyJUMB8GA1UdIwQY
MBaAFOPQqEurPe9B1qqpAo3npHXTLRK9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDlDb1M2czk3MEhXcXFrQ2plZWtkZE10RXIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9jYjUxZjUtYTg0My00OWM0LTlmMTkt
MTBlYjhhZGZlYTdlLzEvQzJTQXp5N21LZ0Nzd3g4ck5JS0VCZGFESWxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9jYjUxZjUtYTg0My00OWM0LTlmMTktMTBlYjhhZGZlYTdl
LzEvNDlDb1M2czk3MEhXcXFrQ2plZWtkZE10RXIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAue6NMA0G
CSqGSIb3DQEBCwUAA4IBAQCrn14HdkMU03T+7z+ie78pRaM3rWh3WNeZFFV4bw1c
13yqmbjivhvZqLY8Fw5l4Morr13UTjc8LLFuwe5HZEjpgehcBYJQFBKv7azgCu2U
+qqCXRWBvcku6K5Vqi8X4KOIm3EGg25LouF99OXoDDNxgXydxvFEg0dqohRG0Yyo
a/qr6MwSj0zPSs1olzC2D7bt6FQYVs67YtvJnIn2BYxe1czheN2Orc6YnuszxX0/
geMWwJ8SUcw0e4FyL4PU4tQwdHnStzbFy3T10JtAUf5dzqIp9HpMXLqbVdEEEwCp
cy+Ktw2VON8NiudzwfUlenNR+hjCnkG8wNNoJtZMBsAi
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:40:29 2025 by rpki-client