Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/z6d9djVL2RnXuevi6Ot8E8e62tc.roa
File: z6d9djVL2RnXuevi6Ot8E8e62tc.roa (raw, json)
Hash identifier: o9Kh9fFp+5NbfQXFw6W0ABs1khVR+g751jXSLlxLU4c=
Subject key identifier: CF:A7:7D:76:35:4B:D9:19:D7:B9:EB:E2:E8:EB:7C:13:C7:BA:DA:D7
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 0194221F7A374548E30B9B42F4D2F97CAB8C
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/z6d9djVL2RnXuevi6Ot8E8e62tc.roa
Signing time: Wed 01 Jan 2025 13:47:55 +0000
ROA not before: Wed 01 Jan 2025 13:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47390
IP address blocks: 185.220.187.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:7a:37:45:48:e3:0b:9b:42:f4:d2:f9:7c:ab:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Jan 1 13:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cfa77d76354bd919d7b9ebe2e8eb7c13c7badad7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c8:d7:21:31:40:4d:41:93:e0:1b:72:58:f2:
03:c1:8c:d7:11:d8:36:c3:ff:c8:55:da:c4:93:cf:
99:2b:6c:f5:df:fa:ae:86:2a:02:98:43:6a:ae:e0:
21:f8:e6:36:cd:04:c3:ab:0a:9c:59:d0:f4:52:c8:
1e:7d:f3:d9:ae:0c:43:3e:cb:fe:5b:b8:9a:fe:a7:
d0:7c:71:6c:f4:da:79:e8:11:eb:06:0e:21:02:8a:
0b:23:22:0c:e8:49:07:a4:f1:4e:56:ae:15:3d:76:
ee:d8:26:26:2c:6f:25:15:2c:3a:dd:27:10:0a:40:
37:f9:e8:0d:ff:9e:c5:4c:25:5c:55:f6:5f:32:61:
b7:96:01:e9:f3:fb:5c:bf:56:8f:33:18:87:e3:1e:
69:26:33:b7:83:68:45:b9:4e:b0:2a:42:29:0b:d3:
c5:20:b0:cf:fa:fc:4e:e6:10:0e:f2:54:6f:51:6b:
10:53:66:f1:98:58:7a:a6:64:39:f7:e1:e2:50:17:
3b:18:6c:14:3f:a1:9b:c5:77:b6:65:69:40:ae:5c:
19:0b:c7:bd:96:6b:6b:38:24:0b:5e:28:97:8c:db:
b5:8f:a1:26:0c:35:fd:89:a1:cf:2c:31:55:33:a7:
1d:dd:ef:70:77:d6:57:a0:a1:f8:3d:bb:ea:a0:c6:
b9:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:A7:7D:76:35:4B:D9:19:D7:B9:EB:E2:E8:EB:7C:13:C7:BA:DA:D7
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/z6d9djVL2RnXuevi6Ot8E8e62tc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.187.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:e8:25:10:0f:eb:4b:1c:4a:e3:00:4c:b8:00:c8:32:a6:25:
2b:d0:90:e3:dd:16:aa:33:2b:77:0f:12:b8:6d:cd:59:aa:0c:
9f:a7:f9:d6:6a:42:4f:04:3e:77:82:14:4c:2b:9e:f6:e6:82:
a0:fe:90:7a:eb:e7:d6:08:6b:ac:c7:b0:18:07:3a:7d:c4:a7:
5a:9a:fa:2e:d5:30:44:0c:79:06:8c:e3:9d:18:76:2c:06:3f:
35:4b:ab:56:9b:00:b6:9c:0c:76:98:ca:da:03:41:42:59:5f:
dd:c6:03:17:46:ab:8c:b0:a4:14:90:3e:d7:b8:05:71:f9:a7:
89:35:08:34:a8:c5:ff:37:b2:c3:7b:31:63:0b:4c:fe:0d:af:
59:4c:a4:cb:34:12:93:e1:f3:a7:45:0b:7a:7e:84:88:3b:66:
0e:58:6a:0a:40:e4:77:63:71:12:59:73:a5:6b:fd:58:7c:b7:
a9:99:35:c9:22:57:44:4a:9a:f9:63:e3:c7:69:29:05:bf:8f:
fd:8a:9b:f4:c3:02:ae:d1:2d:69:b7:9d:bf:26:be:2c:b3:7a:
e4:d3:11:4a:26:fb:a7:8e:cb:fb:9d:de:2d:5c:02:92:88:4d:
c2:7b:6d:5a:78:66:74:6d:b5:70:aa:29:c4:c2:7b:22:5b:4f:
53:21:37:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH3o3RUjjC5tC9NL5fKuMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjUwMTAxMTM0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmE3N2Q3NjM1NGJkOTE5ZDdiOWViZTJlOGViN2MxM2M3YmFkYWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusjXITFATUGT4BtyWPIDwYzXEdg2
w//IVdrEk8+ZK2z13/quhioCmENqruAh+OY2zQTDqwqcWdD0UsgeffPZrgxDPsv+
W7ia/qfQfHFs9Np56BHrBg4hAooLIyIM6EkHpPFOVq4VPXbu2CYmLG8lFSw63ScQ
CkA3+egN/57FTCVcVfZfMmG3lgHp8/tcv1aPMxiH4x5pJjO3g2hFuU6wKkIpC9PF
ILDP+vxO5hAO8lRvUWsQU2bxmFh6pmQ59+HiUBc7GGwUP6GbxXe2ZWlArlwZC8e9
lmtrOCQLXiiXjNu1j6EmDDX9iaHPLDFVM6cd3e9wd9ZXoKH4PbvqoMa5vQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM+nfXY1S9kZ17nr4ujrfBPHutrXMB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvejZkOWRqVkwyUm5YdWV2aTZPdDhFOGU2MnRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudy7MA0G
CSqGSIb3DQEBCwUAA4IBAQCN6CUQD+tLHErjAEy4AMgypiUr0JDj3RaqMyt3DxK4
bc1Zqgyfp/nWakJPBD53ghRMK5725oKg/pB66+fWCGusx7AYBzp9xKdamvou1TBE
DHkGjOOdGHYsBj81S6tWmwC2nAx2mMraA0FCWV/dxgMXRquMsKQUkD7XuAVx+aeJ
NQg0qMX/N7LDezFjC0z+Da9ZTKTLNBKT4fOnRQt6foSIO2YOWGoKQOR3Y3ESWXOl
a/1YfLepmTXJIldESpr5Y+PHaSkFv4/9ipv0wwKu0S1pt52/Jr4ss3rk0xFKJvun
jsv7nd4tXAKSiE3Ce21aeGZ0bbVwqinEwnsiW09TITcE
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:53:20 2025 by rpki-client