Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/77d6ee-a8e1-4b01-83cb-2f6769e75f24/1/tHjmQ9NOKNWbyApXtXSEVz3gkFM.roa
File: tHjmQ9NOKNWbyApXtXSEVz3gkFM.roa (raw, json)
Hash identifier: SBZ1boxaRQZqnvXhV5a0MuSyAE629IVLf7UqxBja6yQ=
Subject key identifier: B4:78:E6:43:D3:4E:28:D5:9B:C8:0A:57:B5:74:84:57:3D:E0:90:53
Certificate issuer: /CN=d7301f772753d80a7b62c2d213d347a3b9ebe885
Certificate serial: 0194D288C64AB5AAF91DDF24A6D07D25D217
Authority key identifier: D7:30:1F:77:27:53:D8:0A:7B:62:C2:D2:13:D3:47:A3:B9:EB:E8:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1zAfdydT2Ap7YsLSE9NHo7nr6IU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/77d6ee-a8e1-4b01-83cb-2f6769e75f24/1/tHjmQ9NOKNWbyApXtXSEVz3gkFM.roa
Signing time: Tue 04 Feb 2025 19:56:06 +0000
ROA not before: Tue 04 Feb 2025 19:56:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213338
IP address blocks: 185.209.41.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d2:88:c6:4a:b5:aa:f9:1d:df:24:a6:d0:7d:25:d2:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7301f772753d80a7b62c2d213d347a3b9ebe885
Validity
Not Before: Feb 4 19:56:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b478e643d34e28d59bc80a57b57484573de09053
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:bc:68:4c:c9:d9:35:2a:87:6a:96:d2:c6:f5:
be:4e:9a:b8:4a:80:75:62:c2:cd:cc:fa:4d:60:6c:
0f:a7:27:c1:a9:c5:c5:cd:61:bc:32:72:23:7d:1e:
b5:60:3d:fa:6e:5b:f7:e5:8f:b5:db:55:72:01:00:
91:ab:8a:35:9a:62:35:35:c8:65:ab:17:4e:df:11:
c5:90:b4:0c:b2:b8:79:78:40:cb:d4:55:a3:32:44:
ab:d7:21:73:2a:70:43:00:0a:6c:d8:f1:21:d6:95:
54:3c:ec:54:07:3c:b9:37:6d:d3:ae:64:03:9c:e8:
f8:a9:e0:7e:2e:60:e1:b4:87:90:12:dd:7a:5d:ea:
ff:e5:1e:e1:0c:5e:ba:48:e8:67:f2:9c:ff:4b:a9:
5f:d1:28:63:f6:b6:24:8a:c3:f4:6c:05:e3:51:68:
e9:f6:1c:4f:c0:ed:4f:4b:60:2b:cb:c1:68:ec:a3:
e8:ba:6d:8c:5e:c6:db:2d:22:77:79:22:a6:0d:0a:
f8:3d:f3:ec:20:f6:3d:d7:47:09:43:55:76:27:92:
35:f7:fc:f0:dd:a1:09:60:2e:96:d4:6b:f4:16:a2:
dd:5c:a8:1a:87:77:c5:49:e5:04:b0:32:59:c8:5c:
51:64:0b:62:2a:6b:9b:e0:26:90:97:b3:2f:d1:51:
46:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:78:E6:43:D3:4E:28:D5:9B:C8:0A:57:B5:74:84:57:3D:E0:90:53
X509v3 Authority Key Identifier:
keyid:D7:30:1F:77:27:53:D8:0A:7B:62:C2:D2:13:D3:47:A3:B9:EB:E8:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1zAfdydT2Ap7YsLSE9NHo7nr6IU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/77d6ee-a8e1-4b01-83cb-2f6769e75f24/1/tHjmQ9NOKNWbyApXtXSEVz3gkFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/77d6ee-a8e1-4b01-83cb-2f6769e75f24/1/1zAfdydT2Ap7YsLSE9NHo7nr6IU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.41.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:b3:39:70:d4:6e:bc:ab:1c:ba:47:1d:ff:68:e0:ba:37:2f:
52:51:47:10:2d:d7:6f:13:b5:45:f3:0b:2d:fa:04:0f:82:a1:
1c:ce:04:17:e7:1b:cf:28:5a:a9:f7:9c:17:9f:98:26:74:a3:
3e:bd:b3:b6:56:43:0d:36:2d:53:0e:93:98:fc:36:38:d2:eb:
2e:5d:50:96:aa:28:7c:c7:f0:29:c8:05:7a:b7:b8:91:d2:b5:
39:af:82:41:e5:d7:14:c9:90:af:c4:36:1e:24:24:d6:d4:0a:
d0:72:4d:19:6c:be:67:c2:86:a3:e4:cb:dd:2a:0e:22:ea:4f:
6d:4f:87:d5:aa:b2:58:67:47:7b:95:49:91:fb:e5:fb:bd:91:
89:46:2f:f2:dd:18:bb:07:dc:ed:bd:3a:b3:a7:85:46:06:f9:
c5:f5:b6:b0:dd:b7:c5:65:b3:4a:e9:b7:8b:0b:8e:2f:d1:aa:
77:04:ba:13:a9:95:22:3a:51:d1:78:6b:20:d7:27:14:99:99:
a6:9c:f4:a8:2e:a4:9c:82:16:15:fd:4a:42:3c:2e:c6:10:29:
77:dc:5f:f5:43:71:2e:f2:57:8f:23:b6:10:7d:41:96:c8:cb:
e3:7e:35:c9:44:02:9b:db:0e:c1:90:8f:fe:e9:1c:4a:96:83:
84:ac:1e:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTSiMZKtar5Hd8kptB9JdIXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MzAxZjc3Mjc1M2Q4MGE3YjYyYzJkMjEzZDM0N2EzYjll
YmU4ODUwHhcNMjUwMjA0MTk1NjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDc4ZTY0M2QzNGUyOGQ1OWJjODBhNTdiNTc0ODQ1NzNkZTA5MDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLxoTMnZNSqHapbSxvW+Tpq4SoB1
YsLNzPpNYGwPpyfBqcXFzWG8MnIjfR61YD36blv35Y+121VyAQCRq4o1mmI1Nchl
qxdO3xHFkLQMsrh5eEDL1FWjMkSr1yFzKnBDAAps2PEh1pVUPOxUBzy5N23TrmQD
nOj4qeB+LmDhtIeQEt16Xer/5R7hDF66SOhn8pz/S6lf0Shj9rYkisP0bAXjUWjp
9hxPwO1PS2Ary8Fo7KPoum2MXsbbLSJ3eSKmDQr4PfPsIPY910cJQ1V2J5I19/zw
3aEJYC6W1Gv0FqLdXKgah3fFSeUEsDJZyFxRZAtiKmub4CaQl7Mv0VFGdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLR45kPTTijVm8gKV7V0hFc94JBTMB8GA1UdIwQY
MBaAFNcwH3cnU9gKe2LC0hPTR6O56+iFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXpBZmR5ZFQyQXA3WXNMU0U5TkhvN25yNklVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy83N2Q2ZWUtYThlMS00YjAxLTgzY2It
MmY2NzY5ZTc1ZjI0LzEvdEhqbVE5Tk9LTldieUFwWHRYU0VWejNna0ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy83N2Q2ZWUtYThlMS00YjAxLTgzY2ItMmY2NzY5ZTc1ZjI0
LzEvMXpBZmR5ZFQyQXA3WXNMU0U5TkhvN25yNklVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudEpMA0G
CSqGSIb3DQEBCwUAA4IBAQANszlw1G68qxy6Rx3/aOC6Ny9SUUcQLddvE7VF8wst
+gQPgqEczgQX5xvPKFqp95wXn5gmdKM+vbO2VkMNNi1TDpOY/DY40usuXVCWqih8
x/ApyAV6t7iR0rU5r4JB5dcUyZCvxDYeJCTW1ArQck0ZbL5nwoaj5MvdKg4i6k9t
T4fVqrJYZ0d7lUmR++X7vZGJRi/y3Ri7B9ztvTqzp4VGBvnF9baw3bfFZbNK6beL
C44v0ap3BLoTqZUiOlHReGsg1ycUmZmmnPSoLqScghYV/UpCPC7GECl33F/1Q3Eu
8lePI7YQfUGWyMvjfjXJRAKb2w7BkI/+6RxKloOErB7c
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:50 2025 by rpki-client