Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/fb5910-fe14-4453-8c9c-83bf70b1fd6b/1/Y8I7Cdrc3qJFqRL0cpCQD0-SJXM.roa
File: Y8I7Cdrc3qJFqRL0cpCQD0-SJXM.roa (raw, json)
Hash identifier: kJVt9rCeoDhUmKwMAQa4mtxvjszoPS2OFInBbvhBp0I=
Subject key identifier: 63:C2:3B:09:DA:DC:DE:A2:45:A9:12:F4:72:90:90:0F:4F:92:25:73
Certificate issuer: /CN=a3608d6b0e80a6430fb6af43fae168a0e8011fee
Certificate serial: 01942747AA280C8392B143248FF9A17AF50E
Authority key identifier: A3:60:8D:6B:0E:80:A6:43:0F:B6:AF:43:FA:E1:68:A0:E8:01:1F:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2CNaw6ApkMPtq9D-uFooOgBH-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/fb5910-fe14-4453-8c9c-83bf70b1fd6b/1/Y8I7Cdrc3qJFqRL0cpCQD0-SJXM.roa
Signing time: Thu 02 Jan 2025 13:49:55 +0000
ROA not before: Thu 02 Jan 2025 13:49:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 185.125.141.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:aa:28:0c:83:92:b1:43:24:8f:f9:a1:7a:f5:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3608d6b0e80a6430fb6af43fae168a0e8011fee
Validity
Not Before: Jan 2 13:49:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=63c23b09dadcdea245a912f47290900f4f922573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e9:83:68:d7:e8:d7:ab:07:9b:cd:3d:b1:d2:
9e:b1:a7:d2:8a:63:52:3c:5a:2b:d5:66:2a:36:9f:
d4:23:4f:33:fb:83:da:5b:9f:8f:27:59:da:b1:50:
f8:b7:e0:3d:9c:04:56:c6:13:86:f9:05:fd:c1:ae:
6f:60:f3:25:6e:fc:61:0c:1a:fc:77:da:8b:2b:96:
3b:20:4e:5c:32:96:1a:d1:86:17:69:1d:13:a2:a5:
c1:78:e3:b2:c6:5b:fb:da:f8:ce:76:96:1b:8c:96:
f6:74:19:2b:2c:3e:21:43:97:bd:82:12:45:1d:90:
6f:16:31:03:44:94:6c:05:a6:1c:e1:90:f1:48:8d:
19:34:2b:68:9d:56:05:52:3e:9f:7e:3c:4e:b8:fd:
b0:f6:a9:58:8b:e3:c2:2d:3b:40:98:f8:4f:70:fe:
a8:61:5c:1c:2f:89:f0:7f:f0:a8:30:84:19:a9:ff:
33:f8:b4:12:76:f9:80:f8:74:43:4a:18:95:63:cf:
be:a8:34:69:0a:e6:d9:ad:0e:0c:2a:d8:b5:47:fd:
d7:70:29:f7:19:bb:fb:00:60:cf:b0:9c:19:13:6f:
8d:3d:45:ef:94:63:24:fb:82:02:e6:44:36:cb:ff:
7e:2e:b0:67:fd:21:9e:00:45:0b:e0:ac:6e:2f:c5:
eb:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:C2:3B:09:DA:DC:DE:A2:45:A9:12:F4:72:90:90:0F:4F:92:25:73
X509v3 Authority Key Identifier:
keyid:A3:60:8D:6B:0E:80:A6:43:0F:B6:AF:43:FA:E1:68:A0:E8:01:1F:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2CNaw6ApkMPtq9D-uFooOgBH-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/fb5910-fe14-4453-8c9c-83bf70b1fd6b/1/Y8I7Cdrc3qJFqRL0cpCQD0-SJXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/fb5910-fe14-4453-8c9c-83bf70b1fd6b/1/o2CNaw6ApkMPtq9D-uFooOgBH-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.125.141.0/24
Signature Algorithm: sha256WithRSAEncryption
91:92:6c:a2:59:04:f3:3f:a4:47:8b:04:f6:98:00:21:bf:99:
89:f6:a0:61:d9:71:8b:bc:be:d7:f6:ae:86:a0:02:e5:0e:68:
07:31:db:dd:e5:7f:d5:df:7f:cf:c2:d6:13:6f:8e:30:c8:46:
73:06:4b:48:cd:48:cb:ed:df:9c:d9:e7:ec:2d:74:25:0b:f7:
89:d3:88:c8:5b:fb:d9:7b:f8:64:d8:5b:77:c4:dd:a3:67:69:
5c:e7:76:d0:cb:02:30:34:c4:56:83:dc:07:67:3c:30:ec:39:
ae:3f:d4:91:ba:84:b8:78:d8:13:fd:35:a4:dc:66:7a:53:42:
1b:0b:c8:8d:cc:3a:06:18:5e:ff:e5:f1:b7:2b:e5:be:e1:99:
c3:77:f7:55:e3:c8:d7:22:b3:6c:b6:93:95:ad:66:4a:ca:21:
c7:c5:51:a3:38:16:b5:f2:bc:4f:2b:79:89:de:e7:08:a9:ae:
50:5f:39:cd:91:49:5d:b2:03:a5:6c:1d:b3:b0:e7:6b:ac:69:
ef:a3:e7:ee:1b:b5:87:ba:00:2e:da:e5:70:e5:79:20:70:ef:
58:35:6e:3e:69:c9:b2:3a:4e:3b:84:e8:6a:1e:6a:15:cf:26:
ab:c5:75:c4:b6:78:8a:09:51:fc:52:b0:69:20:15:cb:e8:98:
50:91:92:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR6ooDIOSsUMkj/mhevUOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNjA4ZDZiMGU4MGE2NDMwZmI2YWY0M2ZhZTE2OGEwZTgw
MTFmZWUwHhcNMjUwMTAyMTM0OTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2MyM2IwOWRhZGNkZWEyNDVhOTEyZjQ3MjkwOTAwZjRmOTIyNTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuumDaNfo16sHm809sdKesafSimNS
PFor1WYqNp/UI08z+4PaW5+PJ1nasVD4t+A9nARWxhOG+QX9wa5vYPMlbvxhDBr8
d9qLK5Y7IE5cMpYa0YYXaR0ToqXBeOOyxlv72vjOdpYbjJb2dBkrLD4hQ5e9ghJF
HZBvFjEDRJRsBaYc4ZDxSI0ZNCtonVYFUj6ffjxOuP2w9qlYi+PCLTtAmPhPcP6o
YVwcL4nwf/CoMIQZqf8z+LQSdvmA+HRDShiVY8++qDRpCubZrQ4MKti1R/3XcCn3
Gbv7AGDPsJwZE2+NPUXvlGMk+4IC5kQ2y/9+LrBn/SGeAEUL4KxuL8XrZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGPCOwna3N6iRakS9HKQkA9PkiVzMB8GA1UdIwQY
MBaAFKNgjWsOgKZDD7avQ/rhaKDoAR/uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJDTmF3NkFwa01QdHE5RC11Rm9vT2dCSC00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9mYjU5MTAtZmUxNC00NDUzLThjOWMt
ODNiZjcwYjFmZDZiLzEvWThJN0NkcmMzcUpGcVJMMGNwQ1FEMC1TSlhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9mYjU5MTAtZmUxNC00NDUzLThjOWMtODNiZjcwYjFmZDZi
LzEvbzJDTmF3NkFwa01QdHE5RC11Rm9vT2dCSC00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuX2NMA0G
CSqGSIb3DQEBCwUAA4IBAQCRkmyiWQTzP6RHiwT2mAAhv5mJ9qBh2XGLvL7X9q6G
oALlDmgHMdvd5X/V33/PwtYTb44wyEZzBktIzUjL7d+c2efsLXQlC/eJ04jIW/vZ
e/hk2Ft3xN2jZ2lc53bQywIwNMRWg9wHZzww7DmuP9SRuoS4eNgT/TWk3GZ6U0Ib
C8iNzDoGGF7/5fG3K+W+4ZnDd/dV48jXIrNstpOVrWZKyiHHxVGjOBa18rxPK3mJ
3ucIqa5QXznNkUldsgOlbB2zsOdrrGnvo+fuG7WHugAu2uVw5XkgcO9YNW4+acmy
Ok47hOhqHmoVzyarxXXEtniKCVH8UrBpIBXL6JhQkZIO
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:15:41 2025 by rpki-client