Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/252761-019a-4de5-957d-c320e50a3c79/1/ekdDszvqGt_eJ_hGO_xIWYzbzAA.roa
File: ekdDszvqGt_eJ_hGO_xIWYzbzAA.roa (raw, json)
Hash identifier: zqr+o3bWODGGGIrhIMHHh91Y/JEASXYkOBODwzmfRz8=
Subject key identifier: 7A:47:43:B3:3B:EA:1A:DF:DE:27:F8:46:3B:FC:48:59:8C:DB:CC:00
Certificate issuer: /CN=2af5e4866ba09820124a6e511104fc41fa541995
Certificate serial: 019428283E15AD3A2345B1EC2DD7C4EA0863
Authority key identifier: 2A:F5:E4:86:6B:A0:98:20:12:4A:6E:51:11:04:FC:41:FA:54:19:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KvXkhmugmCASSm5REQT8QfpUGZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/252761-019a-4de5-957d-c320e50a3c79/1/ekdDszvqGt_eJ_hGO_xIWYzbzAA.roa
Signing time: Thu 02 Jan 2025 17:55:13 +0000
ROA not before: Thu 02 Jan 2025 17:55:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24631
IP address blocks: 185.110.236.0/24 maxlen: 24
185.110.237.0/24 maxlen: 24
185.110.238.0/24 maxlen: 24
185.110.239.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:28:3e:15:ad:3a:23:45:b1:ec:2d:d7:c4:ea:08:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2af5e4866ba09820124a6e511104fc41fa541995
Validity
Not Before: Jan 2 17:55:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a4743b33bea1adfde27f8463bfc48598cdbcc00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:49:53:7c:6c:83:ce:47:68:7a:68:78:d8:6d:
08:be:03:f1:92:9c:fc:30:f1:83:ca:26:1c:79:c9:
7d:2f:02:ef:53:e1:e6:d4:b8:0e:d7:f5:65:74:10:
8a:70:9c:b0:0f:64:fd:3e:23:08:ac:d5:ca:a9:de:
1c:31:39:ef:d4:a6:24:f0:bc:56:cb:3b:72:9a:63:
c7:95:a4:03:e4:65:31:a3:5c:93:23:f0:68:da:ca:
37:e8:d5:1d:80:db:d4:f8:59:65:f3:45:11:9f:9d:
2b:da:bc:d0:1b:bd:79:23:a3:e1:36:c7:49:ef:1b:
c9:68:2e:22:06:3a:a2:d5:61:1d:99:ee:00:50:ed:
4c:1b:0e:2c:58:b7:22:bb:79:90:94:cc:52:83:90:
9e:df:70:f0:5a:15:27:47:d9:f5:9b:e8:9f:98:e4:
ca:e9:84:d7:79:1f:fc:f6:91:cc:ca:48:dc:f4:83:
bc:ce:d0:2e:2d:ca:aa:f2:f3:c5:f3:61:9f:ef:ee:
81:3c:72:14:de:a7:cb:76:32:fc:4a:c9:7e:bd:0c:
e5:52:1c:59:8d:86:31:8e:b0:c9:ec:b3:2e:e6:89:
fb:18:6e:3a:a2:db:57:37:db:27:56:bb:f3:66:47:
e9:3b:c5:b6:1a:fa:4f:21:cc:0e:4e:4b:38:72:3c:
da:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:47:43:B3:3B:EA:1A:DF:DE:27:F8:46:3B:FC:48:59:8C:DB:CC:00
X509v3 Authority Key Identifier:
keyid:2A:F5:E4:86:6B:A0:98:20:12:4A:6E:51:11:04:FC:41:FA:54:19:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KvXkhmugmCASSm5REQT8QfpUGZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/252761-019a-4de5-957d-c320e50a3c79/1/ekdDszvqGt_eJ_hGO_xIWYzbzAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/252761-019a-4de5-957d-c320e50a3c79/1/KvXkhmugmCASSm5REQT8QfpUGZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.236.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:42:a0:90:26:b2:3c:f8:2e:b5:c4:f2:ae:e0:19:39:32:19:
e9:a5:88:a2:cd:35:58:aa:51:2f:51:62:ac:74:c2:5f:35:6d:
da:4a:1d:f9:63:e5:2f:30:aa:6f:4a:70:00:26:8f:01:02:25:
b7:9e:e1:12:53:dd:35:4e:db:14:63:a9:90:73:f0:e4:2c:c0:
b9:61:4f:dd:02:02:64:4d:0a:47:4c:80:51:0f:65:2e:9e:db:
ef:be:8c:bb:a2:f1:fb:94:69:fe:da:00:0a:10:73:1b:de:a7:
45:58:3f:3d:70:77:e0:85:11:86:5e:23:cb:f6:03:ee:00:ed:
ba:17:cd:39:6c:2a:d3:21:ed:88:d3:f9:20:52:39:ad:b8:df:
ae:eb:9e:19:d3:5d:7e:ee:b5:a9:88:d7:2e:64:9b:a4:4c:c1:
cd:9b:92:14:76:e6:ee:dd:04:f0:14:30:f4:16:05:98:90:59:
c7:49:73:7d:53:76:da:1a:21:61:5a:4c:9b:9a:a7:91:ed:6f:
7b:0a:17:4b:25:9b:c6:66:48:f1:c6:0d:b3:77:83:16:0f:f3:
71:f9:c0:e1:ca:de:cf:55:e7:15:19:a7:15:48:6b:df:40:0d:
a8:4d:a3:f3:05:dd:fa:65:d9:49:02:a5:62:ba:91:56:cf:2a:
50:fb:f5:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoKD4VrTojRbHsLdfE6ghjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhZjVlNDg2NmJhMDk4MjAxMjRhNmU1MTExMDRmYzQxZmE1
NDE5OTUwHhcNMjUwMTAyMTc1NTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTQ3NDNiMzNiZWExYWRmZGUyN2Y4NDYzYmZjNDg1OThjZGJjYzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUlTfGyDzkdoemh42G0IvgPxkpz8
MPGDyiYcecl9LwLvU+Hm1LgO1/VldBCKcJywD2T9PiMIrNXKqd4cMTnv1KYk8LxW
yztymmPHlaQD5GUxo1yTI/Bo2so36NUdgNvU+Fll80URn50r2rzQG715I6PhNsdJ
7xvJaC4iBjqi1WEdme4AUO1MGw4sWLciu3mQlMxSg5Ce33DwWhUnR9n1m+ifmOTK
6YTXeR/89pHMykjc9IO8ztAuLcqq8vPF82Gf7+6BPHIU3qfLdjL8Ssl+vQzlUhxZ
jYYxjrDJ7LMu5on7GG46ottXN9snVrvzZkfpO8W2GvpPIcwOTks4cjzavQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHpHQ7M76hrf3if4Rjv8SFmM28wAMB8GA1UdIwQY
MBaAFCr15IZroJggEkpuUREE/EH6VBmVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3ZYa2htdWdtQ0FTU201UkVRVDhRZnBVR1pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8yNTI3NjEtMDE5YS00ZGU1LTk1N2Qt
YzMyMGU1MGEzYzc5LzEvZWtkRHN6dnFHdF9lSl9oR09feElXWXpiekFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8yNTI3NjEtMDE5YS00ZGU1LTk1N2QtYzMyMGU1MGEzYzc5
LzEvS3ZYa2htdWdtQ0FTU201UkVRVDhRZnBVR1pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuW7sMA0G
CSqGSIb3DQEBCwUAA4IBAQANQqCQJrI8+C61xPKu4Bk5MhnppYiizTVYqlEvUWKs
dMJfNW3aSh35Y+UvMKpvSnAAJo8BAiW3nuESU901TtsUY6mQc/DkLMC5YU/dAgJk
TQpHTIBRD2Uuntvvvoy7ovH7lGn+2gAKEHMb3qdFWD89cHfghRGGXiPL9gPuAO26
F805bCrTIe2I0/kgUjmtuN+u654Z011+7rWpiNcuZJukTMHNm5IUdubu3QTwFDD0
FgWYkFnHSXN9U3baGiFhWkybmqeR7W97ChdLJZvGZkjxxg2zd4MWD/Nx+cDhyt7P
VecVGacVSGvfQA2oTaPzBd36ZdlJAqViupFWzypQ+/VL
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:25:14 2025 by rpki-client