Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/111b81-aa6c-40da-bed1-bf8e5d8265a2/1/jJHHC0ke4zgy7tsBzgOSiuwx8KQ.roa
File: jJHHC0ke4zgy7tsBzgOSiuwx8KQ.roa (raw, json)
Hash identifier: y6+yWoGbJ/QqPwBhk36qsFBsa4k6khZqZ0ihGtdEnfw=
Subject key identifier: 8C:91:C7:0B:49:1E:E3:38:32:EE:DB:01:CE:03:92:8A:EC:31:F0:A4
Certificate issuer: /CN=41ef4b060a8b79b2893d3309ad50d1cccb2b9e31
Certificate serial: 019427B54D0FC64119244D547274829BE949
Authority key identifier: 41:EF:4B:06:0A:8B:79:B2:89:3D:33:09:AD:50:D1:CC:CB:2B:9E:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qe9LBgqLebKJPTMJrVDRzMsrnjE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/111b81-aa6c-40da-bed1-bf8e5d8265a2/1/jJHHC0ke4zgy7tsBzgOSiuwx8KQ.roa
Signing time: Thu 02 Jan 2025 15:49:40 +0000
ROA not before: Thu 02 Jan 2025 15:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209216
IP address blocks: 185.223.108.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:4d:0f:c6:41:19:24:4d:54:72:74:82:9b:e9:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41ef4b060a8b79b2893d3309ad50d1cccb2b9e31
Validity
Not Before: Jan 2 15:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8c91c70b491ee33832eedb01ce03928aec31f0a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d1:79:0d:77:c9:b1:ea:d5:95:f9:d0:bc:e8:
06:4d:d7:0f:78:2a:82:d1:82:d1:fe:1c:21:c5:c1:
09:dc:9c:b5:0c:fa:01:9f:42:ef:71:cf:80:62:3c:
70:ab:5c:fe:6f:18:5c:c5:16:e8:0d:fd:07:34:f5:
93:f3:54:df:d6:7a:48:37:3e:39:5c:f2:c3:38:8b:
fb:64:4b:52:f3:f7:a6:d5:47:f6:c3:bb:98:49:b4:
3f:01:a2:35:af:4e:34:dc:d4:54:fd:a9:60:bf:79:
dc:72:07:9f:48:e3:06:46:cc:22:a5:d1:ef:5f:b9:
a1:d5:99:16:93:14:4c:97:75:f4:57:e1:e4:7d:03:
e2:c0:62:17:40:cf:b6:7d:da:97:22:02:58:16:92:
06:9f:9e:e7:6f:2d:8f:f6:06:22:07:d6:20:69:77:
0d:7a:b3:a1:ee:8c:d3:06:c9:ab:30:98:57:6e:e0:
8d:54:6f:36:cc:eb:a5:9c:4e:ec:9f:18:dd:89:11:
9b:ca:15:69:4f:b0:ba:03:7e:b8:d5:e1:3f:c9:72:
27:53:c8:5d:9f:b6:a9:a2:56:c9:a8:89:e7:8c:34:
8d:be:85:a1:c3:0e:de:a5:71:0d:ff:cf:6c:b2:63:
21:84:55:0c:d6:bc:46:2b:8b:4b:66:1c:5c:1b:b5:
b4:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:91:C7:0B:49:1E:E3:38:32:EE:DB:01:CE:03:92:8A:EC:31:F0:A4
X509v3 Authority Key Identifier:
keyid:41:EF:4B:06:0A:8B:79:B2:89:3D:33:09:AD:50:D1:CC:CB:2B:9E:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qe9LBgqLebKJPTMJrVDRzMsrnjE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/111b81-aa6c-40da-bed1-bf8e5d8265a2/1/jJHHC0ke4zgy7tsBzgOSiuwx8KQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/111b81-aa6c-40da-bed1-bf8e5d8265a2/1/Qe9LBgqLebKJPTMJrVDRzMsrnjE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.223.108.0/24
Signature Algorithm: sha256WithRSAEncryption
03:ec:bd:0c:07:f8:c4:ba:14:50:44:4a:78:e1:d9:bb:9a:95:
c1:f2:69:f9:f1:88:bb:77:a6:72:dd:9f:b5:46:b6:bd:8c:85:
79:76:18:92:fd:3f:ac:f3:29:76:77:12:44:e2:be:51:64:14:
a7:be:2b:0d:7b:b2:76:94:07:df:13:9b:16:cd:3c:18:8d:9e:
3a:d4:67:a4:75:a5:d3:9f:b4:32:eb:19:25:32:0d:b3:0b:32:
b4:d3:10:0f:c3:9f:dc:aa:1e:e2:75:07:33:aa:04:ed:b4:86:
99:39:e3:cb:f4:ec:2e:c0:33:c0:10:bf:1d:85:20:a5:27:29:
00:e5:29:07:7b:cd:ca:63:80:7c:d9:5b:d4:02:86:1f:e2:38:
81:76:9a:6c:59:a1:58:71:77:72:dd:92:f7:12:41:77:ad:88:
ab:8a:3d:2e:49:c4:d0:08:62:65:c9:24:39:39:0e:8a:59:18:
1d:c9:e0:62:83:e6:35:c8:46:cd:48:45:38:48:f8:5a:6d:67:
e0:bd:c9:dd:ce:4b:57:80:f5:b7:27:1f:a3:86:59:09:a5:d3:
9a:4a:91:d1:17:b0:9f:b9:f0:ae:5b:3d:90:53:16:99:21:b2:
a7:27:de:c9:66:9b:7b:87:85:90:b0:9b:3d:3c:1b:9e:07:55:
28:1e:e5:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntU0PxkEZJE1UcnSCm+lJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZWY0YjA2MGE4Yjc5YjI4OTNkMzMwOWFkNTBkMWNjY2Iy
YjllMzEwHhcNMjUwMTAyMTU0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzkxYzcwYjQ5MWVlMzM4MzJlZWRiMDFjZTAzOTI4YWVjMzFmMGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdF5DXfJserVlfnQvOgGTdcPeCqC
0YLR/hwhxcEJ3Jy1DPoBn0Lvcc+AYjxwq1z+bxhcxRboDf0HNPWT81Tf1npINz45
XPLDOIv7ZEtS8/em1Uf2w7uYSbQ/AaI1r0403NRU/algv3nccgefSOMGRswipdHv
X7mh1ZkWkxRMl3X0V+HkfQPiwGIXQM+2fdqXIgJYFpIGn57nby2P9gYiB9YgaXcN
erOh7ozTBsmrMJhXbuCNVG82zOulnE7snxjdiRGbyhVpT7C6A3641eE/yXInU8hd
n7apolbJqInnjDSNvoWhww7epXEN/89ssmMhhFUM1rxGK4tLZhxcG7W07QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIyRxwtJHuM4Mu7bAc4DkorsMfCkMB8GA1UdIwQY
MBaAFEHvSwYKi3myiT0zCa1Q0czLK54xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWU5TEJncUxlYktKUFRNSnJWRFJ6TXNybmpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xMTFiODEtYWE2Yy00MGRhLWJlZDEt
YmY4ZTVkODI2NWEyLzEvakpISEMwa2U0emd5N3RzQnpnT1NpdXd4OEtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xMTFiODEtYWE2Yy00MGRhLWJlZDEtYmY4ZTVkODI2NWEy
LzEvUWU5TEJncUxlYktKUFRNSnJWRFJ6TXNybmpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud9sMA0G
CSqGSIb3DQEBCwUAA4IBAQAD7L0MB/jEuhRQREp44dm7mpXB8mn58Yi7d6Zy3Z+1
Rra9jIV5dhiS/T+s8yl2dxJE4r5RZBSnvisNe7J2lAffE5sWzTwYjZ461GekdaXT
n7Qy6xklMg2zCzK00xAPw5/cqh7idQczqgTttIaZOePL9OwuwDPAEL8dhSClJykA
5SkHe83KY4B82VvUAoYf4jiBdppsWaFYcXdy3ZL3EkF3rYirij0uScTQCGJlySQ5
OQ6KWRgdyeBig+Y1yEbNSEU4SPhabWfgvcndzktXgPW3Jx+jhlkJpdOaSpHRF7Cf
ufCuWz2QUxaZIbKnJ97JZpt7h4WQsJs9PBueB1UoHuUd
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:12:47 2025 by rpki-client