Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/236610-2448-423b-9bca-268ced8435b5/1/RaAEl3d_JRDv1Gh70YgnmuhGt2U.roa
File: RaAEl3d_JRDv1Gh70YgnmuhGt2U.roa (raw, json)
Hash identifier: YfWCdAfvoB99C3m3pYbHWHqNvMIlHgsog7DBtbldBro=
Subject key identifier: 45:A0:04:97:77:7F:25:10:EF:D4:68:7B:D1:88:27:9A:E8:46:B7:65
Certificate issuer: /CN=ec4d0394084f7e4062609728f4d4d57b06455a56
Certificate serial: 0194266B3CE0055B54430B3BD76A3AB481F6
Authority key identifier: EC:4D:03:94:08:4F:7E:40:62:60:97:28:F4:D4:D5:7B:06:45:5A:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7E0DlAhPfkBiYJco9NTVewZFWlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/236610-2448-423b-9bca-268ced8435b5/1/RaAEl3d_JRDv1Gh70YgnmuhGt2U.roa
Signing time: Thu 02 Jan 2025 09:49:09 +0000
ROA not before: Thu 02 Jan 2025 09:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2635
IP address blocks: 185.138.28.0/22 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:3c:e0:05:5b:54:43:0b:3b:d7:6a:3a:b4:81:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec4d0394084f7e4062609728f4d4d57b06455a56
Validity
Not Before: Jan 2 09:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=45a00497777f2510efd4687bd188279ae846b765
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:61:79:40:1e:0c:82:02:dc:29:f7:8d:34:23:
e9:a8:e6:b0:b9:fc:54:05:1d:9f:c0:e5:ad:34:b6:
2b:ee:3b:35:57:76:eb:9d:24:03:b2:c5:55:57:bd:
58:f6:48:80:01:ba:80:98:88:f6:92:25:38:dc:39:
c4:11:06:c6:62:76:8d:bd:7c:49:37:16:e3:ae:fe:
8a:84:ef:27:33:3d:cd:3f:17:22:ae:c5:6d:9e:85:
b3:d6:21:df:f4:6b:2d:05:79:69:28:c4:f2:f0:4e:
13:c5:2a:0f:f7:10:da:33:18:53:98:f7:6a:36:41:
df:e5:1f:b8:8d:cf:f4:12:40:1f:17:f5:e3:8c:35:
8c:43:29:af:39:be:69:23:af:8e:9f:1e:02:a2:e8:
80:cc:65:df:17:bc:51:fb:a5:71:bf:e5:1a:6a:7b:
d0:82:2b:8f:42:27:c9:46:37:15:a0:0e:50:81:5d:
d5:b1:25:5b:0c:8b:3c:cb:d2:cf:f1:96:b9:b5:b1:
67:42:7b:ba:26:28:37:e4:d1:e2:1d:fd:db:c7:63:
53:13:c1:74:f3:07:d3:2b:68:92:7e:2c:74:18:b2:
2c:0f:a7:ef:b2:42:fd:31:ec:a0:33:44:92:dc:0b:
4b:3f:b6:cb:d7:7f:2f:9c:f3:29:c4:e4:c3:63:d2:
a6:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:A0:04:97:77:7F:25:10:EF:D4:68:7B:D1:88:27:9A:E8:46:B7:65
X509v3 Authority Key Identifier:
keyid:EC:4D:03:94:08:4F:7E:40:62:60:97:28:F4:D4:D5:7B:06:45:5A:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7E0DlAhPfkBiYJco9NTVewZFWlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/236610-2448-423b-9bca-268ced8435b5/1/RaAEl3d_JRDv1Gh70YgnmuhGt2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/236610-2448-423b-9bca-268ced8435b5/1/7E0DlAhPfkBiYJco9NTVewZFWlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.28.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:12:d3:f0:0f:1d:b6:0c:96:e2:b0:26:9b:7e:56:09:30:40:
7a:75:e7:25:f6:e2:e0:a2:88:96:b1:e3:50:59:b5:e0:b9:c7:
5e:e4:a4:77:09:70:c6:ee:1b:b9:07:3d:cb:05:94:e1:85:da:
d6:89:71:e3:5e:ac:ac:0a:c3:0c:ec:b8:12:5f:c0:d1:09:de:
0a:27:ee:bf:7d:a0:80:ef:98:5f:84:08:66:1d:1f:24:a3:e6:
51:0f:ca:3d:18:df:62:e3:f7:b1:04:ee:27:e3:e6:11:c9:e8:
bb:1a:f9:43:ec:ed:21:ca:84:2c:b4:24:3e:22:cd:0a:40:96:
cf:7b:78:5f:9b:f9:0d:bb:19:86:53:0f:39:94:4c:80:56:89:
8d:18:8e:65:4e:7e:e7:76:5b:7d:2b:0f:97:1b:4c:9c:43:0a:
b4:b6:45:76:94:cf:ae:a6:da:a8:f3:ff:c7:77:4b:f4:4d:f6:
50:d2:4f:fe:78:bc:17:15:91:cc:33:85:1c:02:19:a7:bc:02:
31:c8:34:da:15:61:17:ae:bf:3c:01:86:3f:c6:93:f6:ff:de:
a7:75:48:0d:1b:b7:c5:9e:01:67:23:45:e3:20:26:b2:65:fc:
a3:49:2b:42:96:bd:7f:be:20:0f:9d:db:68:ad:1e:89:74:0e:
e3:e1:d7:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmazzgBVtUQws712o6tIH2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNGQwMzk0MDg0ZjdlNDA2MjYwOTcyOGY0ZDRkNTdiMDY0
NTVhNTYwHhcNMjUwMTAyMDk0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWEwMDQ5Nzc3N2YyNTEwZWZkNDY4N2JkMTg4Mjc5YWU4NDZiNzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6GF5QB4MggLcKfeNNCPpqOawufxU
BR2fwOWtNLYr7js1V3brnSQDssVVV71Y9kiAAbqAmIj2kiU43DnEEQbGYnaNvXxJ
Nxbjrv6KhO8nMz3NPxcirsVtnoWz1iHf9GstBXlpKMTy8E4TxSoP9xDaMxhTmPdq
NkHf5R+4jc/0EkAfF/XjjDWMQymvOb5pI6+Onx4CouiAzGXfF7xR+6Vxv+UaanvQ
giuPQifJRjcVoA5QgV3VsSVbDIs8y9LP8Za5tbFnQnu6Jig35NHiHf3bx2NTE8F0
8wfTK2iSfix0GLIsD6fvskL9MeygM0SS3AtLP7bL138vnPMpxOTDY9KmRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEWgBJd3fyUQ79Roe9GIJ5roRrdlMB8GA1UdIwQY
MBaAFOxNA5QIT35AYmCXKPTU1XsGRVpWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0UwRGxBaFBma0JpWUpjbzlOVFZld1pGV2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8yMzY2MTAtMjQ0OC00MjNiLTliY2Et
MjY4Y2VkODQzNWI1LzEvUmFBRWwzZF9KUkR2MUdoNzBZZ25tdWhHdDJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8yMzY2MTAtMjQ0OC00MjNiLTliY2EtMjY4Y2VkODQzNWI1
LzEvN0UwRGxBaFBma0JpWUpjbzlOVFZld1pGV2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYocMA0G
CSqGSIb3DQEBCwUAA4IBAQCoEtPwDx22DJbisCabflYJMEB6decl9uLgooiWseNQ
WbXgucde5KR3CXDG7hu5Bz3LBZThhdrWiXHjXqysCsMM7LgSX8DRCd4KJ+6/faCA
75hfhAhmHR8ko+ZRD8o9GN9i4/exBO4n4+YRyei7GvlD7O0hyoQstCQ+Is0KQJbP
e3hfm/kNuxmGUw85lEyAVomNGI5lTn7ndlt9Kw+XG0ycQwq0tkV2lM+uptqo8//H
d0v0TfZQ0k/+eLwXFZHMM4UcAhmnvAIxyDTaFWEXrr88AYY/xpP2/96ndUgNG7fF
ngFnI0XjICayZfyjSStClr1/viAPndtorR6JdA7j4ddv
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:35:34 2025 by rpki-client