Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/dd3dd1-09b5-4aa2-aec0-9fb1ce4d720b/1/yO-xzrVzP9w-99d-1MgI3akuEEw.roa
File: yO-xzrVzP9w-99d-1MgI3akuEEw.roa (raw, json)
Hash identifier: /wfJmKbrJk5HLRMl66b8UyeroQ01b/DROieeTJUHsw8=
Subject key identifier: C8:EF:B1:CE:B5:73:3F:DC:3E:F7:D7:7E:D4:C8:08:DD:A9:2E:10:4C
Certificate issuer: /CN=54584a219f6f5066d848ed2ab964da8966d40a2a
Certificate serial: 0194266BDA35526B08381B20CFDCF37509FD
Authority key identifier: 54:58:4A:21:9F:6F:50:66:D8:48:ED:2A:B9:64:DA:89:66:D4:0A:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VFhKIZ9vUGbYSO0quWTaiWbUCio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/dd3dd1-09b5-4aa2-aec0-9fb1ce4d720b/1/yO-xzrVzP9w-99d-1MgI3akuEEw.roa
Signing time: Thu 02 Jan 2025 09:49:49 +0000
ROA not before: Thu 02 Jan 2025 09:49:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208426
IP address blocks: 185.42.187.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:da:35:52:6b:08:38:1b:20:cf:dc:f3:75:09:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54584a219f6f5066d848ed2ab964da8966d40a2a
Validity
Not Before: Jan 2 09:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c8efb1ceb5733fdc3ef7d77ed4c808dda92e104c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:05:25:1b:64:1a:b8:08:ec:4a:48:ff:e2:cf:
9e:42:c4:28:02:84:47:be:ba:82:5d:cf:32:63:a1:
66:ce:17:56:be:55:76:ed:16:26:de:a5:c8:6e:68:
04:9c:3f:3a:83:24:0e:e0:66:90:ad:53:dd:6a:2c:
45:ee:a7:41:dc:20:b8:93:4e:ee:3c:4c:47:5e:8c:
49:54:8a:56:44:6b:98:6d:e9:05:7e:78:73:0e:d4:
49:ee:12:04:7e:1b:3c:10:55:90:86:7f:78:b4:8f:
c2:f1:31:b7:a4:f8:97:32:07:2f:77:89:f8:65:a5:
7a:32:39:df:7c:c1:40:e8:86:41:5f:e0:ba:9f:17:
45:55:f0:cc:2d:da:70:61:f9:80:e1:3b:ce:00:eb:
1c:92:42:e8:27:40:77:16:3d:64:f6:b4:45:1c:9d:
8b:c4:f8:b5:e0:bc:64:be:40:59:13:d8:57:a4:e8:
f1:ac:bd:40:1d:b8:bb:f9:67:6f:c8:7e:a2:e8:52:
07:af:12:cb:46:4a:40:a4:be:8f:73:21:c6:27:62:
9d:d4:c2:5b:8e:5d:24:d1:3e:9b:fd:5d:bc:2d:09:
65:8f:f9:32:0d:92:44:38:fb:60:9d:17:4c:f6:61:
de:2e:17:af:31:c2:0e:43:3a:79:a4:d7:a3:de:dc:
70:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:EF:B1:CE:B5:73:3F:DC:3E:F7:D7:7E:D4:C8:08:DD:A9:2E:10:4C
X509v3 Authority Key Identifier:
keyid:54:58:4A:21:9F:6F:50:66:D8:48:ED:2A:B9:64:DA:89:66:D4:0A:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VFhKIZ9vUGbYSO0quWTaiWbUCio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/dd3dd1-09b5-4aa2-aec0-9fb1ce4d720b/1/yO-xzrVzP9w-99d-1MgI3akuEEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/dd3dd1-09b5-4aa2-aec0-9fb1ce4d720b/1/VFhKIZ9vUGbYSO0quWTaiWbUCio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.42.187.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:1c:5b:5a:5d:1e:4a:0d:9c:70:07:50:73:60:ca:b0:87:c5:
4b:1f:50:ff:89:64:34:44:27:e7:69:23:9e:63:a5:40:72:d1:
76:67:f1:0a:17:73:3c:b5:df:2c:39:eb:52:29:2e:54:7f:55:
dc:e5:a1:c0:a9:12:96:84:37:8d:06:85:bd:f7:0b:73:4d:5f:
15:71:40:31:95:2c:ac:a2:04:f3:d9:49:9c:a1:6a:6c:a3:ab:
6f:0b:de:38:50:f4:fe:7d:37:f2:06:da:e2:9d:ef:aa:9f:5a:
35:d2:30:14:cc:34:23:39:99:67:2c:96:89:cf:60:21:36:c9:
a9:e1:0d:10:dd:1a:5d:43:11:99:8d:07:67:42:5a:92:1a:1a:
da:24:2e:39:d5:f5:dc:8a:03:0d:0a:ce:d7:d7:28:55:9d:e8:
74:13:93:2e:34:2e:4c:8b:58:40:7d:05:35:61:6b:4d:3f:0d:
8d:bc:71:f0:9a:eb:30:c5:93:8c:d2:e7:08:c7:21:74:a3:97:
0e:80:39:d9:6a:da:0d:a2:84:35:0e:69:6d:45:8b:63:38:7a:
64:5c:da:3d:91:80:8d:65:d0:9c:74:9d:14:71:2a:8c:a6:52:
3d:37:98:44:c6:c5:96:e3:e4:e3:cc:44:d3:24:45:61:1d:94:
e9:45:62:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma9o1UmsIOBsgz9zzdQn9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NTg0YTIxOWY2ZjUwNjZkODQ4ZWQyYWI5NjRkYTg5NjZk
NDBhMmEwHhcNMjUwMTAyMDk0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGVmYjFjZWI1NzMzZmRjM2VmN2Q3N2VkNGM4MDhkZGE5MmUxMDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAUlG2QauAjsSkj/4s+eQsQoAoRH
vrqCXc8yY6FmzhdWvlV27RYm3qXIbmgEnD86gyQO4GaQrVPdaixF7qdB3CC4k07u
PExHXoxJVIpWRGuYbekFfnhzDtRJ7hIEfhs8EFWQhn94tI/C8TG3pPiXMgcvd4n4
ZaV6MjnffMFA6IZBX+C6nxdFVfDMLdpwYfmA4TvOAOsckkLoJ0B3Fj1k9rRFHJ2L
xPi14LxkvkBZE9hXpOjxrL1AHbi7+WdvyH6i6FIHrxLLRkpApL6PcyHGJ2Kd1MJb
jl0k0T6b/V28LQllj/kyDZJEOPtgnRdM9mHeLhevMcIOQzp5pNej3txwVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMjvsc61cz/cPvfXftTICN2pLhBMMB8GA1UdIwQY
MBaAFFRYSiGfb1Bm2EjtKrlk2olm1AoqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkZoS0laOXZVR2JZU08wcXVXVGFpV2JVQ2lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9kZDNkZDEtMDliNS00YWEyLWFlYzAt
OWZiMWNlNGQ3MjBiLzEveU8teHpyVnpQOXctOTlkLTFNZ0kzYWt1RUV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9kZDNkZDEtMDliNS00YWEyLWFlYzAtOWZiMWNlNGQ3MjBi
LzEvVkZoS0laOXZVR2JZU08wcXVXVGFpV2JVQ2lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSq7MA0G
CSqGSIb3DQEBCwUAA4IBAQBOHFtaXR5KDZxwB1BzYMqwh8VLH1D/iWQ0RCfnaSOe
Y6VActF2Z/EKF3M8td8sOetSKS5Uf1Xc5aHAqRKWhDeNBoW99wtzTV8VcUAxlSys
ogTz2UmcoWpso6tvC944UPT+fTfyBtrine+qn1o10jAUzDQjOZlnLJaJz2AhNsmp
4Q0Q3RpdQxGZjQdnQlqSGhraJC451fXcigMNCs7X1yhVneh0E5MuNC5Mi1hAfQU1
YWtNPw2NvHHwmuswxZOM0ucIxyF0o5cOgDnZatoNooQ1DmltRYtjOHpkXNo9kYCN
ZdCcdJ0UcSqMplI9N5hExsWW4+TjzETTJEVhHZTpRWI5
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:16:36 2025 by rpki-client