Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/58pgEzEV4itxzFdqyuzKp1koy9E.roa
File: 58pgEzEV4itxzFdqyuzKp1koy9E.roa (raw, json)
Hash identifier: tH6QFOaJ/p4keTuKKE46gn/xyoU7W70E/+/4aSveeLE=
Subject key identifier: E7:CA:60:13:31:15:E2:2B:71:CC:57:6A:CA:EC:CA:A7:59:28:CB:D1
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 019425FCE5F6409A587B0611DBD9C31F291D
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/58pgEzEV4itxzFdqyuzKp1koy9E.roa
Signing time: Thu 02 Jan 2025 07:48:38 +0000
ROA not before: Thu 02 Jan 2025 07:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 394844
IP address blocks: 185.52.136.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:e5:f6:40:9a:58:7b:06:11:db:d9:c3:1f:29:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 2 07:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e7ca60133115e22b71cc576acaeccaa75928cbd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:74:2f:98:51:31:5e:52:14:c3:55:d2:c6:f1:
19:4a:3a:23:9f:b1:08:f1:f0:b7:7c:39:a9:f5:ed:
f7:48:26:f5:cf:85:a0:a3:2b:e4:73:55:05:4a:30:
76:a1:ed:6f:9f:86:86:cf:55:c2:7e:6e:38:2b:0b:
df:86:30:e2:3b:7b:e1:0a:a0:01:32:4b:30:3b:18:
92:af:81:ff:d1:bd:02:4b:86:0a:0f:ff:43:f6:8c:
0b:95:77:36:11:46:21:f3:ff:90:e5:ee:e2:0a:a0:
c7:ed:54:74:fd:32:09:64:9a:04:ff:58:e6:68:12:
a3:60:27:7f:3d:50:d6:c8:04:d6:9e:a3:91:8d:fc:
1a:aa:67:79:dd:3e:a4:12:61:e7:0d:22:3b:24:0b:
fb:c9:81:5a:78:ca:6f:32:d7:60:80:3e:93:f3:52:
d6:84:f2:33:d0:d6:78:66:8e:e6:c3:dd:8f:6f:6a:
62:70:3f:90:ee:8b:20:f4:1d:6c:a7:f6:2e:41:10:
cd:3c:a5:8a:86:9b:d0:52:23:40:40:51:47:44:d1:
f3:94:3c:18:8b:a9:7c:10:1a:6d:8f:d1:f9:35:e0:
84:d9:7c:54:6b:e0:fb:bb:be:0e:4e:1b:d2:d5:f3:
69:ac:c4:3e:cc:5d:3c:79:fe:0d:9a:1a:90:2f:e4:
2f:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:CA:60:13:31:15:E2:2B:71:CC:57:6A:CA:EC:CA:A7:59:28:CB:D1
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/58pgEzEV4itxzFdqyuzKp1koy9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.136.0/24
Signature Algorithm: sha256WithRSAEncryption
99:e0:15:30:95:ec:12:df:72:bc:06:23:74:15:4b:e8:0e:fb:
23:1b:1c:fd:9c:0b:cb:06:55:44:59:5b:37:09:09:8b:86:7d:
35:fa:64:42:24:82:67:3d:bb:5c:ca:e9:d3:39:8d:90:a7:5e:
c0:98:19:c0:63:c4:e2:e0:bb:a2:cc:52:4e:5a:2a:72:bc:19:
22:8a:9e:25:46:74:a4:04:29:84:38:aa:68:81:f7:d7:07:1f:
23:56:7b:8f:c8:dd:90:fc:3f:b8:9a:84:a5:fd:ee:95:75:53:
de:17:86:fc:91:ff:72:85:e9:c3:6c:5a:c0:bc:45:a0:ad:d9:
63:1e:2f:16:e2:7f:07:b8:51:0f:30:d4:37:8c:72:bd:b9:2a:
ec:87:62:0b:1b:6c:bf:3e:ff:11:ea:ce:bc:e2:fe:89:3c:79:
d7:43:1c:a6:cf:51:d1:c2:0c:08:96:55:45:00:12:ff:f9:1b:
6c:fd:6a:8b:fd:a0:c6:c8:d3:84:94:f0:97:ac:9a:bf:ae:b0:
a0:31:63:5a:cd:8e:ee:d9:c6:5e:2c:f0:b1:13:26:31:5a:45:
35:65:e1:b8:78:f4:19:62:de:0b:0c:58:67:ef:1b:0a:ac:51:
0b:9a:23:1f:9b:af:2b:2f:23:48:d3:bc:c0:79:27:c6:f5:13:
9e:ee:d9:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/OX2QJpYewYR29nDHykdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUwMTAyMDc0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2NhNjAxMzMxMTVlMjJiNzFjYzU3NmFjYWVjY2FhNzU5MjhjYmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnQvmFExXlIUw1XSxvEZSjojn7EI
8fC3fDmp9e33SCb1z4Wgoyvkc1UFSjB2oe1vn4aGz1XCfm44KwvfhjDiO3vhCqAB
MkswOxiSr4H/0b0CS4YKD/9D9owLlXc2EUYh8/+Q5e7iCqDH7VR0/TIJZJoE/1jm
aBKjYCd/PVDWyATWnqORjfwaqmd53T6kEmHnDSI7JAv7yYFaeMpvMtdggD6T81LW
hPIz0NZ4Zo7mw92Pb2picD+Q7osg9B1sp/YuQRDNPKWKhpvQUiNAQFFHRNHzlDwY
i6l8EBptj9H5NeCE2XxUa+D7u74OThvS1fNprMQ+zF08ef4NmhqQL+Qv8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOfKYBMxFeIrccxXasrsyqdZKMvRMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvNThwZ0V6RVY0aXR4ekZkcXl1ektwMWtveTlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTSIMA0G
CSqGSIb3DQEBCwUAA4IBAQCZ4BUwlewS33K8BiN0FUvoDvsjGxz9nAvLBlVEWVs3
CQmLhn01+mRCJIJnPbtcyunTOY2Qp17AmBnAY8Ti4LuizFJOWipyvBkiip4lRnSk
BCmEOKpogffXBx8jVnuPyN2Q/D+4moSl/e6VdVPeF4b8kf9yhenDbFrAvEWgrdlj
Hi8W4n8HuFEPMNQ3jHK9uSrsh2ILG2y/Pv8R6s684v6JPHnXQxymz1HRwgwIllVF
ABL/+Rts/WqL/aDGyNOElPCXrJq/rrCgMWNazY7u2cZeLPCxEyYxWkU1ZeG4ePQZ
Yt4LDFhn7xsKrFELmiMfm68rLyNI07zAeSfG9ROe7tmI
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:40:57 2025 by rpki-client