Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/4806a5-6fa3-4832-b740-47a5f481e6f5/1/dJzDSPenGFs61jrjvaTekpH7lb0.roa
File: dJzDSPenGFs61jrjvaTekpH7lb0.roa (raw, json)
Hash identifier: kpJ+1xwnPbkQC6dTg5VdbKW3vchd3ul1f6drVPMIJlo=
Subject key identifier: 74:9C:C3:48:F7:A7:18:5B:3A:D6:3A:E3:BD:A4:DE:92:91:FB:95:BD
Certificate issuer: /CN=58cd563a2ae6529c9f43fe4b5c67db70e779a09b
Certificate serial: 0195B89DE38EF628E75A6E7E3D8039BE361B
Authority key identifier: 58:CD:56:3A:2A:E6:52:9C:9F:43:FE:4B:5C:67:DB:70:E7:79:A0:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WM1WOirmUpyfQ_5LXGfbcOd5oJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/4806a5-6fa3-4832-b740-47a5f481e6f5/1/dJzDSPenGFs61jrjvaTekpH7lb0.roa
Signing time: Fri 21 Mar 2025 12:11:49 +0000
ROA not before: Fri 21 Mar 2025 12:11:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 78.138.44.0/24 maxlen: 24
185.106.204.0/24 maxlen: 24
185.106.207.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b8:9d:e3:8e:f6:28:e7:5a:6e:7e:3d:80:39:be:36:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58cd563a2ae6529c9f43fe4b5c67db70e779a09b
Validity
Not Before: Mar 21 12:11:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=749cc348f7a7185b3ad63ae3bda4de9291fb95bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:46:a7:6b:ee:d7:56:bf:e6:36:c8:52:8c:0f:
ba:07:63:50:9b:0e:b8:d9:cd:f6:4e:56:51:78:f8:
e2:12:a2:ea:54:0b:30:e2:0a:26:e6:02:e5:5d:c5:
f7:7c:4b:9d:e2:43:72:b9:c0:41:fd:5d:db:90:49:
fa:a5:d9:b6:27:48:ef:3d:49:31:cf:40:8f:c8:9a:
f0:6c:32:9d:51:78:60:d2:4f:7a:a9:58:4d:ee:90:
df:c6:ad:32:10:cf:ec:61:a7:7c:fe:38:74:a3:95:
dd:7b:a2:5d:64:6c:bc:4f:88:aa:be:42:eb:2d:b1:
d9:35:ef:02:ec:a4:66:52:5f:0a:7e:2b:be:36:d8:
9e:22:ca:a3:6f:ab:a6:bb:46:b5:e5:a1:12:c5:33:
9a:89:d2:00:0c:4d:41:4e:a6:76:ab:87:be:63:21:
73:4d:e7:ea:cf:5c:df:b3:b9:cf:74:1c:13:89:6e:
34:6b:4a:01:c6:7f:3e:b5:c4:21:ee:59:12:5a:d1:
6a:83:73:0c:e7:fe:47:00:f1:fd:c9:71:d7:8a:76:
bc:e6:dc:99:17:23:8f:91:7f:e9:62:98:e9:6e:b1:
74:84:b4:f3:fd:e6:65:0a:11:e6:cc:fc:5d:68:43:
fe:60:bd:10:d9:8d:ba:e2:7c:20:67:8e:43:ea:91:
68:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:9C:C3:48:F7:A7:18:5B:3A:D6:3A:E3:BD:A4:DE:92:91:FB:95:BD
X509v3 Authority Key Identifier:
keyid:58:CD:56:3A:2A:E6:52:9C:9F:43:FE:4B:5C:67:DB:70:E7:79:A0:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WM1WOirmUpyfQ_5LXGfbcOd5oJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/4806a5-6fa3-4832-b740-47a5f481e6f5/1/dJzDSPenGFs61jrjvaTekpH7lb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/4806a5-6fa3-4832-b740-47a5f481e6f5/1/WM1WOirmUpyfQ_5LXGfbcOd5oJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.138.44.0/24
185.106.204.0/24
185.106.207.0/24
Signature Algorithm: sha256WithRSAEncryption
be:13:8c:68:93:dd:99:b0:d8:b5:50:71:15:23:a3:68:af:1b:
9d:22:e0:f9:55:02:df:c4:aa:be:cb:56:f1:7b:7a:81:cb:25:
41:77:72:fa:b7:74:7a:8f:bf:69:22:c9:1e:34:b5:0e:83:92:
9d:46:99:fd:5a:14:4d:c2:2f:79:8b:9c:39:53:2c:92:f5:a1:
24:fc:17:45:42:f2:cd:72:d5:68:db:7b:ac:ee:a9:ff:18:f3:
c5:82:10:5c:1a:75:0f:77:3e:ad:cd:80:24:6a:cb:c5:ac:a9:
a8:31:f9:84:05:26:ac:c1:bd:9c:2e:68:69:4b:19:31:83:35:
c2:d1:97:c7:30:9f:39:02:fd:aa:57:c6:97:94:70:24:30:99:
1f:56:78:f1:fd:ec:1f:04:e1:b9:0e:15:3d:d0:12:33:83:cb:
28:ad:a1:57:56:9e:77:32:be:1e:66:3c:02:b9:28:1c:37:39:
d0:b9:e2:04:4f:a3:2f:f6:0b:88:60:ac:01:af:28:1f:2d:43:
79:6b:fa:a0:60:bb:51:28:70:1c:8b:92:57:32:71:24:63:22:
c5:b5:6b:d1:7c:d5:ad:58:eb:19:61:24:f7:02:d0:bd:35:53:
3c:35:a0:22:e0:0c:bd:46:b7:68:67:d3:7d:f8:55:d2:47:3a:
91:86:3d:96
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZW4neOO9ijnWm5+PYA5vjYbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4Y2Q1NjNhMmFlNjUyOWM5ZjQzZmU0YjVjNjdkYjcwZTc3
OWEwOWIwHhcNMjUwMzIxMTIxMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDljYzM0OGY3YTcxODViM2FkNjNhZTNiZGE0ZGU5MjkxZmI5NWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0ana+7XVr/mNshSjA+6B2NQmw64
2c32TlZRePjiEqLqVAsw4gom5gLlXcX3fEud4kNyucBB/V3bkEn6pdm2J0jvPUkx
z0CPyJrwbDKdUXhg0k96qVhN7pDfxq0yEM/sYad8/jh0o5Xde6JdZGy8T4iqvkLr
LbHZNe8C7KRmUl8Kfiu+NtieIsqjb6umu0a15aESxTOaidIADE1BTqZ2q4e+YyFz
Tefqz1zfs7nPdBwTiW40a0oBxn8+tcQh7lkSWtFqg3MM5/5HAPH9yXHXina85tyZ
FyOPkX/pYpjpbrF0hLTz/eZlChHmzPxdaEP+YL0Q2Y264nwgZ45D6pFooQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHScw0j3pxhbOtY6472k3pKR+5W9MB8GA1UdIwQY
MBaAFFjNVjoq5lKcn0P+S1xn23DneaCbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV00xV09pcm1VcHlmUV81TFhHZmJjT2Q1b0pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS80ODA2YTUtNmZhMy00ODMyLWI3NDAt
NDdhNWY0ODFlNmY1LzEvZEp6RFNQZW5HRnM2MWpyanZhVGVrcEg3bGIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS80ODA2YTUtNmZhMy00ODMyLWI3NDAtNDdhNWY0ODFlNmY1
LzEvV00xV09pcm1VcHlmUV81TFhHZmJjT2Q1b0pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAToosAwQA
uWrMAwQAuWrPMA0GCSqGSIb3DQEBCwUAA4IBAQC+E4xok92ZsNi1UHEVI6Norxud
IuD5VQLfxKq+y1bxe3qByyVBd3L6t3R6j79pIskeNLUOg5KdRpn9WhRNwi95i5w5
UyyS9aEk/BdFQvLNctVo23us7qn/GPPFghBcGnUPdz6tzYAkasvFrKmoMfmEBSas
wb2cLmhpSxkxgzXC0ZfHMJ85Av2qV8aXlHAkMJkfVnjx/ewfBOG5DhU90BIzg8so
raFXVp53Mr4eZjwCuSgcNznQueIET6Mv9guIYKwBrygfLUN5a/qgYLtRKHAci5JX
MnEkYyLFtWvRfNWtWOsZYST3AtC9NVM8NaAi4Ay9RrdoZ9N9+FXSRzqRhj2W
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:21:47 2025 by rpki-client