Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/1jyVG685LkAasuEJLUPQjxJIjx8.roa
File: 1jyVG685LkAasuEJLUPQjxJIjx8.roa (raw, json)
Hash identifier: DWYO2Mf6OexFPHlvZ0RE64fO/e9+/+xwtyYXQHGkjEU=
Subject key identifier: D6:3C:95:1B:AF:39:2E:40:1A:B2:E1:09:2D:43:D0:8F:12:48:8F:1F
Certificate issuer: /CN=1220dd2b92da284c63cec46f6f6a41c013a9c881
Certificate serial: 019423D6B50067AA8CF2B9C95D63A846B8E2
Authority key identifier: 12:20:DD:2B:92:DA:28:4C:63:CE:C4:6F:6F:6A:41:C0:13:A9:C8:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EiDdK5LaKExjzsRvb2pBwBOpyIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/1jyVG685LkAasuEJLUPQjxJIjx8.roa
Signing time: Wed 01 Jan 2025 21:47:40 +0000
ROA not before: Wed 01 Jan 2025 21:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61414
IP address blocks: 185.243.40.0/24 maxlen: 24
185.243.41.0/24 maxlen: 24
185.243.42.0/24 maxlen: 24
193.3.191.0/24 maxlen: 24
2a0d:280::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:b5:00:67:aa:8c:f2:b9:c9:5d:63:a8:46:b8:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1220dd2b92da284c63cec46f6f6a41c013a9c881
Validity
Not Before: Jan 1 21:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d63c951baf392e401ab2e1092d43d08f12488f1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c4:21:cc:b3:fb:bd:61:e9:d9:68:f0:ee:52:
25:e2:ab:e2:23:72:70:e5:a4:41:cf:e8:ce:21:7d:
a8:77:73:58:5b:3d:25:ba:7b:0b:00:87:9d:6f:fa:
01:cd:ba:be:84:85:59:66:df:61:8a:45:d7:37:a9:
7d:a3:9a:32:04:eb:f6:05:57:ce:47:35:9c:13:e1:
0b:65:87:c3:db:95:d8:90:a3:90:ac:86:d0:05:cc:
ef:2f:24:ba:a2:f6:51:ce:71:75:aa:1d:b3:56:bb:
7e:87:c9:50:b9:80:06:b5:9a:5d:7a:bf:8b:8d:fd:
e4:53:36:de:3e:6c:27:ec:01:26:9a:40:a9:02:83:
5f:cc:06:94:ab:3d:91:05:70:20:87:cb:30:e2:f1:
21:8a:6a:82:9d:f0:00:83:01:81:43:d1:7b:3a:0c:
f6:68:98:63:68:77:59:0c:37:46:dd:bc:75:fc:ff:
a7:99:a2:6c:42:61:9a:02:6e:2d:37:a6:79:8e:7e:
d1:f5:6a:17:6d:c5:e0:ca:79:60:6c:3d:bd:f1:84:
fb:1e:71:cc:d3:1e:d2:8f:44:a1:8e:cc:ba:35:bc:
a7:37:c4:42:59:29:15:24:66:db:7e:97:ea:1d:70:
bf:eb:d6:18:e4:6c:90:67:05:24:c5:87:38:4f:f7:
c7:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:3C:95:1B:AF:39:2E:40:1A:B2:E1:09:2D:43:D0:8F:12:48:8F:1F
X509v3 Authority Key Identifier:
keyid:12:20:DD:2B:92:DA:28:4C:63:CE:C4:6F:6F:6A:41:C0:13:A9:C8:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EiDdK5LaKExjzsRvb2pBwBOpyIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/1jyVG685LkAasuEJLUPQjxJIjx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/EiDdK5LaKExjzsRvb2pBwBOpyIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.40.0-185.243.42.255
193.3.191.0/24
IPv6:
2a0d:280::/48
Signature Algorithm: sha256WithRSAEncryption
66:24:d8:51:c0:f8:c0:6a:c7:06:5b:59:10:a4:9a:5a:fc:9a:
5f:09:46:4b:d0:d0:08:4f:84:d1:f0:4e:1b:a8:e0:c8:57:57:
71:d9:d0:5f:a1:d0:c8:64:d8:17:36:b5:5c:90:1e:fd:b9:f6:
97:7b:98:d9:10:d0:01:c5:00:c0:18:ea:65:ce:81:a5:05:5b:
82:fd:d6:84:9a:61:3f:f4:dd:04:4e:63:ee:c5:ec:e5:fd:6c:
4e:80:61:cf:b9:a5:ae:1f:ba:d3:be:53:9b:2b:3f:af:30:27:
3a:b4:22:89:bd:11:db:4b:6e:80:4e:cc:3d:8c:f3:19:b1:cb:
f6:48:a0:63:91:29:14:05:fb:ee:0e:1b:08:36:b1:57:c0:63:
98:01:1c:f1:9b:c6:a8:84:b5:46:b1:c4:b9:52:e6:ce:66:d6:
42:43:53:9c:eb:eb:ff:db:f9:d6:cd:bf:35:e4:1e:77:d4:90:
5d:14:5e:13:7b:b4:98:4b:14:09:2a:d0:94:4e:6f:3d:0f:e3:
a2:6d:cb:a7:b1:db:f7:01:63:dd:63:cf:d9:b2:1c:0c:3e:5c:
bc:1d:d7:06:3f:b5:42:3f:5f:2f:f1:e4:d4:ee:85:50:e3:1e:
2f:9c:b7:e3:da:09:fe:74:00:67:5b:a9:dc:e6:bb:8b:5b:28:
3f:e9:70:72
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZQj1rUAZ6qM8rnJXWOoRrjiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMjBkZDJiOTJkYTI4NGM2M2NlYzQ2ZjZmNmE0MWMwMTNh
OWM4ODEwHhcNMjUwMTAxMjE0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjNjOTUxYmFmMzkyZTQwMWFiMmUxMDkyZDQzZDA4ZjEyNDg4ZjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcQhzLP7vWHp2Wjw7lIl4qviI3Jw
5aRBz+jOIX2od3NYWz0lunsLAIedb/oBzbq+hIVZZt9hikXXN6l9o5oyBOv2BVfO
RzWcE+ELZYfD25XYkKOQrIbQBczvLyS6ovZRznF1qh2zVrt+h8lQuYAGtZpder+L
jf3kUzbePmwn7AEmmkCpAoNfzAaUqz2RBXAgh8sw4vEhimqCnfAAgwGBQ9F7Ogz2
aJhjaHdZDDdG3bx1/P+nmaJsQmGaAm4tN6Z5jn7R9WoXbcXgynlgbD298YT7HnHM
0x7Sj0Shjsy6NbynN8RCWSkVJGbbfpfqHXC/69YY5GyQZwUkxYc4T/fHkwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFNY8lRuvOS5AGrLhCS1D0I8SSI8fMB8GA1UdIwQY
MBaAFBIg3SuS2ihMY87Eb29qQcATqciBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWlEZEs1TGFLRXhqenNSdmIycEJ3Qk9weUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8zYjhmM2ItZWJmMC00Y2I3LWE0OWIt
YTg1ODU4NDliZTE0LzEvMWp5Vkc2ODVMa0Fhc3VFSkxVUFFqeEpJang4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8zYjhmM2ItZWJmMC00Y2I3LWE0OWItYTg1ODU4NDliZTE0
LzEvRWlEZEs1TGFLRXhqenNSdmIycEJ3Qk9weUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUMAwDBAO58ygD
BAC58yoDBADBA78wDwQCAAIwCQMHACoNAoAAADANBgkqhkiG9w0BAQsFAAOCAQEA
ZiTYUcD4wGrHBltZEKSaWvyaXwlGS9DQCE+E0fBOG6jgyFdXcdnQX6HQyGTYFza1
XJAe/bn2l3uY2RDQAcUAwBjqZc6BpQVbgv3WhJphP/TdBE5j7sXs5f1sToBhz7ml
rh+6075Tmys/rzAnOrQiib0R20tugE7MPYzzGbHL9kigY5EpFAX77g4bCDaxV8Bj
mAEc8ZvGqIS1RrHEuVLmzmbWQkNTnOvr/9v51s2/NeQed9SQXRReE3u0mEsUCSrQ
lE5vPQ/jom3Lp7Hb9wFj3WPP2bIcDD5cvB3XBj+1Qj9fL/Hk1O6FUOMeL5y349oJ
/nQAZ1up3Oa7i1soP+lwcg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 23:33:00 2025 by rpki-client