Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/2dcee7-b0c5-41c8-a36c-badd1cd2dcec/1/aN-d75h_o1LIW2g4qB4JYwSJDgs.roa
File: aN-d75h_o1LIW2g4qB4JYwSJDgs.roa (raw, json)
Hash identifier: Ajg5hQliKWSXH5ZkXN/Y08Y7e9nijKj1/qjHCvOoQkI=
Subject key identifier: 68:DF:9D:EF:98:7F:A3:52:C8:5B:68:38:A8:1E:09:63:04:89:0E:0B
Certificate issuer: /CN=680121b199b291de7763d8c1caa7b3cdc3561810
Certificate serial: 0186C4C14E198BC5D03BF721C429965B1F55
Authority key identifier: 68:01:21:B1:99:B2:91:DE:77:63:D8:C1:CA:A7:B3:CD:C3:56:18:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aAEhsZmykd53Y9jByqezzcNWGBA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/2dcee7-b0c5-41c8-a36c-badd1cd2dcec/1/aN-d75h_o1LIW2g4qB4JYwSJDgs.roa
Signing time: Thu 09 Mar 2023 05:04:08 +0000
ROA not before: Thu 09 Mar 2023 05:04:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138997
IP address blocks: 185.128.226.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c4:c1:4e:19:8b:c5:d0:3b:f7:21:c4:29:96:5b:1f:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=680121b199b291de7763d8c1caa7b3cdc3561810
Validity
Not Before: Mar 9 05:04:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68df9def987fa352c85b6838a81e096304890e0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:03:4b:b3:50:56:33:46:2c:0d:d2:8f:6c:d0:
6b:cd:f0:53:09:2e:5e:b5:38:07:d8:31:ea:31:f2:
9f:55:33:d2:54:49:5b:9d:67:b3:ea:f5:3b:b9:1e:
8d:e8:64:c3:79:00:44:1c:70:4d:2b:4c:d8:8c:03:
e8:ce:f7:ed:7d:21:9e:d3:a9:88:aa:9f:55:b3:65:
29:a4:d0:e7:11:1b:49:32:19:ad:d5:66:9b:d6:d3:
69:34:38:90:35:cd:32:68:79:0f:a2:b9:31:0d:41:
cd:5b:56:48:7b:1c:98:68:2c:a7:a2:23:ff:4e:a0:
09:57:73:b4:76:ff:fe:51:b3:be:7b:24:45:f6:66:
31:92:ad:37:a1:06:65:e0:30:15:9a:fa:f3:3d:1e:
d4:71:72:bb:70:9e:b3:2c:d2:1f:53:9c:fe:6e:a5:
37:c6:65:a6:ed:55:0c:46:4b:ed:82:2e:41:4f:12:
67:8b:d6:c3:26:88:fa:d2:4a:ac:1a:7d:a4:e1:1e:
a8:05:46:93:74:bb:6e:33:84:bb:b8:e7:1a:15:e3:
c7:46:a3:21:3e:78:0b:97:38:13:bd:1e:b3:23:0f:
27:12:7e:27:69:f6:54:0a:11:49:c3:10:d5:ac:64:
88:86:f4:8e:0a:3a:09:b1:19:a7:a1:bf:22:6b:4b:
b4:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:DF:9D:EF:98:7F:A3:52:C8:5B:68:38:A8:1E:09:63:04:89:0E:0B
X509v3 Authority Key Identifier:
keyid:68:01:21:B1:99:B2:91:DE:77:63:D8:C1:CA:A7:B3:CD:C3:56:18:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAEhsZmykd53Y9jByqezzcNWGBA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/2dcee7-b0c5-41c8-a36c-badd1cd2dcec/1/aN-d75h_o1LIW2g4qB4JYwSJDgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/2dcee7-b0c5-41c8-a36c-badd1cd2dcec/1/aAEhsZmykd53Y9jByqezzcNWGBA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.226.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:7f:7b:d3:89:70:cb:0c:07:77:87:83:20:88:00:59:ce:56:
e2:da:11:92:a3:f5:3b:f9:17:05:0f:f1:2b:79:6f:39:59:3f:
6e:7b:1d:c1:e6:53:44:32:8f:f7:21:1b:29:99:47:cc:e3:11:
52:1f:e1:a8:15:5c:dc:4f:5c:2f:ec:04:3b:12:4a:99:b5:49:
02:ee:57:17:d9:20:8b:5e:f7:a2:3a:a5:73:6b:be:33:0c:c3:
97:85:99:1c:6f:06:32:fe:34:72:d5:8c:4d:27:a8:2d:24:7a:
7a:e7:48:fe:99:e3:c1:c2:fc:b0:16:89:9f:e3:e5:0d:13:c5:
35:b5:e2:d0:3e:de:1c:92:01:13:8d:03:c1:b4:e0:ad:0a:5a:
5f:81:bb:9d:a2:8a:61:4b:4e:e9:81:c0:51:9e:e0:62:09:ac:
d7:16:cf:d1:ce:cc:22:d2:24:be:c1:f7:69:08:00:ea:72:a6:
d7:32:9e:5d:49:24:c9:ac:16:e1:8b:ae:b2:4b:d2:e7:0f:de:
15:0b:21:af:c7:c5:3e:3f:36:79:ff:40:2c:b2:58:09:e4:13:
b9:2e:59:51:39:d6:c4:2d:2d:e7:d1:ef:4f:18:7c:aa:e7:e2:
89:18:5f:23:03:a7:34:c6:bd:5e:f4:32:61:39:e9:05:d5:d3:
21:27:f4:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbEwU4Zi8XQO/chxCmWWx9VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDEyMWIxOTliMjkxZGU3NzYzZDhjMWNhYTdiM2NkYzM1
NjE4MTAwHhcNMjMwMzA5MDUwNDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGRmOWRlZjk4N2ZhMzUyYzg1YjY4MzhhODFlMDk2MzA0ODkwZTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQNLs1BWM0YsDdKPbNBrzfBTCS5e
tTgH2DHqMfKfVTPSVElbnWez6vU7uR6N6GTDeQBEHHBNK0zYjAPozvftfSGe06mI
qp9Vs2UppNDnERtJMhmt1Wab1tNpNDiQNc0yaHkPorkxDUHNW1ZIexyYaCynoiP/
TqAJV3O0dv/+UbO+eyRF9mYxkq03oQZl4DAVmvrzPR7UcXK7cJ6zLNIfU5z+bqU3
xmWm7VUMRkvtgi5BTxJni9bDJoj60kqsGn2k4R6oBUaTdLtuM4S7uOcaFePHRqMh
PngLlzgTvR6zIw8nEn4nafZUChFJwxDVrGSIhvSOCjoJsRmnob8ia0u0KQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGjfne+Yf6NSyFtoOKgeCWMEiQ4LMB8GA1UdIwQY
MBaAFGgBIbGZspHed2PYwcqns83DVhgQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFFaHNabXlrZDUzWTlqQnlxZXp6Y05XR0JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8yZGNlZTctYjBjNS00MWM4LWEzNmMt
YmFkZDFjZDJkY2VjLzEvYU4tZDc1aF9vMUxJVzJnNHFCNEpZd1NKRGdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8yZGNlZTctYjBjNS00MWM4LWEzNmMtYmFkZDFjZDJkY2Vj
LzEvYUFFaHNabXlrZDUzWTlqQnlxZXp6Y05XR0JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYDiMA0G
CSqGSIb3DQEBCwUAA4IBAQAaf3vTiXDLDAd3h4MgiABZzlbi2hGSo/U7+RcFD/Er
eW85WT9uex3B5lNEMo/3IRspmUfM4xFSH+GoFVzcT1wv7AQ7EkqZtUkC7lcX2SCL
XveiOqVza74zDMOXhZkcbwYy/jRy1YxNJ6gtJHp650j+mePBwvywFomf4+UNE8U1
teLQPt4ckgETjQPBtOCtClpfgbudoophS07pgcBRnuBiCazXFs/Rzswi0iS+wfdp
CADqcqbXMp5dSSTJrBbhi66yS9LnD94VCyGvx8U+PzZ5/0AsslgJ5BO5LllROdbE
LS3n0e9PGHyq5+KJGF8jA6c0xr1e9DJhOekF1dMhJ/QB
-----END CERTIFICATE-----
Generated at Wed Mar 12 12:42:33 2025 by rpki-client