Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/dc0c2f-b193-4d0f-8f72-4cbdd25711ee/1/pdtMvZqQaBtPcrRVy9rMMi04XPg.roa
File: pdtMvZqQaBtPcrRVy9rMMi04XPg.roa (raw, json)
Hash identifier: X33ybAT/dDXUsU5fqt1oxHmIz5vfrEfl3OaqMLXfG9I=
Subject key identifier: A5:DB:4C:BD:9A:90:68:1B:4F:72:B4:55:CB:DA:CC:32:2D:38:5C:F8
Certificate issuer: /CN=f0342c3ad92dafd938dc35172585bc341b652015
Certificate serial: 019410A6B8CB656BA5C2A5B8E7D87F1324C5
Authority key identifier: F0:34:2C:3A:D9:2D:AF:D9:38:DC:35:17:25:85:BC:34:1B:65:20:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8DQsOtktr9k43DUXJYW8NBtlIBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/dc0c2f-b193-4d0f-8f72-4cbdd25711ee/1/pdtMvZqQaBtPcrRVy9rMMi04XPg.roa
Signing time: Sun 29 Dec 2024 04:22:29 +0000
ROA not before: Sun 29 Dec 2024 04:22:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61961
IP address blocks: 185.204.12.0/23 maxlen: 23
2001:678:5e4::/48 maxlen: 48
2a0a:f040::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:10:a6:b8:cb:65:6b:a5:c2:a5:b8:e7:d8:7f:13:24:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0342c3ad92dafd938dc35172585bc341b652015
Validity
Not Before: Dec 29 04:22:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5db4cbd9a90681b4f72b455cbdacc322d385cf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:2b:4b:59:8e:8d:fe:26:a9:e6:7a:af:58:51:
b4:1f:34:3b:8d:28:b5:8c:e3:62:d7:0b:fc:fa:8f:
37:a3:5e:36:d0:1c:88:e9:66:2a:3d:d1:aa:72:ac:
da:8f:0b:fa:26:df:ee:49:79:79:79:f7:9e:7c:fe:
fe:c0:55:77:d1:aa:54:01:02:a8:c3:fc:5a:25:ce:
2d:46:16:7d:26:80:1c:b5:10:f5:f3:a7:4a:ec:ea:
dc:86:7f:d7:4e:d1:2d:c1:2e:9f:32:43:75:77:32:
0b:ce:77:ca:71:d8:a8:02:37:5a:61:67:8b:58:f7:
f7:c8:dd:cf:64:d7:0c:4f:2a:f9:5d:f3:78:6c:51:
57:47:43:49:b1:19:98:a7:3b:04:93:75:30:f9:d5:
80:08:55:22:23:d6:5a:81:6a:cc:b2:33:8b:9d:d4:
42:df:b1:96:79:5f:bd:e6:19:17:ec:d4:2d:3e:98:
b1:8d:7d:cf:d5:69:7a:42:85:9e:19:b3:aa:a1:86:
2e:73:d2:ca:bb:65:4f:14:91:ed:3b:aa:d5:34:41:
c5:85:3e:03:0c:a9:bf:4a:16:8f:a9:50:6c:29:cd:
c4:e5:60:a5:5e:8c:65:04:5e:18:db:10:a2:c1:fb:
83:99:30:cc:f5:88:90:ed:7d:e8:55:e0:57:43:cf:
5f:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:DB:4C:BD:9A:90:68:1B:4F:72:B4:55:CB:DA:CC:32:2D:38:5C:F8
X509v3 Authority Key Identifier:
keyid:F0:34:2C:3A:D9:2D:AF:D9:38:DC:35:17:25:85:BC:34:1B:65:20:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8DQsOtktr9k43DUXJYW8NBtlIBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/dc0c2f-b193-4d0f-8f72-4cbdd25711ee/1/pdtMvZqQaBtPcrRVy9rMMi04XPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/dc0c2f-b193-4d0f-8f72-4cbdd25711ee/1/8DQsOtktr9k43DUXJYW8NBtlIBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.12.0/23
IPv6:
2001:678:5e4::/48
2a0a:f040::/29
Signature Algorithm: sha256WithRSAEncryption
67:26:58:b9:6b:53:aa:ed:79:c8:95:5b:e2:45:0d:68:09:8b:
f1:88:67:50:a7:a2:4d:b3:03:c3:88:d4:72:93:1e:5e:21:b7:
ae:d5:f0:09:f9:ec:e8:af:56:7a:32:e3:21:f2:da:82:ec:d0:
22:38:b6:1d:b4:89:45:18:85:2e:8d:38:0b:f6:15:ac:b0:f2:
c6:7b:4f:6b:27:44:3f:de:a0:35:18:ef:49:45:4f:61:33:eb:
80:b9:27:59:c5:b7:2c:70:46:4b:34:34:6c:00:1a:ad:ce:26:
1f:51:2a:c0:de:84:51:69:17:05:a3:f0:cc:1a:6b:c7:33:1c:
ac:38:e5:4e:c4:c6:7a:5f:db:6e:05:07:c0:bd:04:cd:92:df:
0d:49:74:6b:b2:1d:c1:05:35:13:93:dd:f1:96:31:50:c9:a3:
c7:c3:d6:14:94:da:d1:89:9e:ca:9a:3e:a9:67:e5:40:11:c8:
b3:63:45:36:76:d4:2e:4e:ba:3b:fa:4f:65:94:38:ed:89:d6:
59:e3:39:fe:3a:d6:a9:c9:3a:7b:99:c1:1b:bf:a2:17:25:b1:
ad:49:b8:64:f7:cb:39:8b:ec:b9:f9:41:46:f9:6a:0d:6b:c0:
d1:ae:06:6a:f7:f3:12:03:76:10:e2:87:ae:98:43:54:c6:f6:
8c:cd:66:95
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQQprjLZWulwqW459h/EyTFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMzQyYzNhZDkyZGFmZDkzOGRjMzUxNzI1ODViYzM0MWI2
NTIwMTUwHhcNMjQxMjI5MDQyMjI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWRiNGNiZDlhOTA2ODFiNGY3MmI0NTVjYmRhY2MzMjJkMzg1Y2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2itLWY6N/iap5nqvWFG0HzQ7jSi1
jONi1wv8+o83o1420ByI6WYqPdGqcqzajwv6Jt/uSXl5efeefP7+wFV30apUAQKo
w/xaJc4tRhZ9JoActRD186dK7Orchn/XTtEtwS6fMkN1dzILznfKcdioAjdaYWeL
WPf3yN3PZNcMTyr5XfN4bFFXR0NJsRmYpzsEk3Uw+dWACFUiI9ZagWrMsjOLndRC
37GWeV+95hkX7NQtPpixjX3P1Wl6QoWeGbOqoYYuc9LKu2VPFJHtO6rVNEHFhT4D
DKm/ShaPqVBsKc3E5WClXoxlBF4Y2xCiwfuDmTDM9YiQ7X3oVeBXQ89ftwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKXbTL2akGgbT3K0VcvazDItOFz4MB8GA1UdIwQY
MBaAFPA0LDrZLa/ZONw1FyWFvDQbZSAVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOERRc090a3RyOWs0M0RVWEpZVzhOQnRsSUJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9kYzBjMmYtYjE5My00ZDBmLThmNzIt
NGNiZGQyNTcxMWVlLzEvcGR0TXZacVFhQnRQY3JSVnk5ck1NaTA0WFBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9kYzBjMmYtYjE5My00ZDBmLThmNzItNGNiZGQyNTcxMWVl
LzEvOERRc090a3RyOWs0M0RVWEpZVzhOQnRsSUJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQBucwMMBYE
AgACMBADBwAgAQZ4BeQDBQMqCvBAMA0GCSqGSIb3DQEBCwUAA4IBAQBnJli5a1Oq
7XnIlVviRQ1oCYvxiGdQp6JNswPDiNRykx5eIbeu1fAJ+ezor1Z6MuMh8tqC7NAi
OLYdtIlFGIUujTgL9hWssPLGe09rJ0Q/3qA1GO9JRU9hM+uAuSdZxbcscEZLNDRs
ABqtziYfUSrA3oRRaRcFo/DMGmvHMxysOOVOxMZ6X9tuBQfAvQTNkt8NSXRrsh3B
BTUTk93xljFQyaPHw9YUlNrRiZ7Kmj6pZ+VAEcizY0U2dtQuTro7+k9llDjtidZZ
4zn+OtapyTp7mcEbv6IXJbGtSbhk98s5i+y5+UFG+WoNa8DRrgZq9/MSA3YQ4oeu
mENUxvaMzWaV
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:29:13 2025 by rpki-client