Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/09e320-a3b6-45cb-87c0-22839766960a/1/i3e8wCKSQ41m2OIaVF9MlCgeLgA.roa
File: i3e8wCKSQ41m2OIaVF9MlCgeLgA.roa (raw, json)
Hash identifier: 4qgbTrajbEXgLsjqzkg5VgJTQJvi2U7RCx9bgextP3g=
Subject key identifier: 8B:77:BC:C0:22:92:43:8D:66:D8:E2:1A:54:5F:4C:94:28:1E:2E:00
Certificate issuer: /CN=1a058029c96ce28af8018d57f8fa403126151be6
Certificate serial: 01944FE1E375714FC8112D37B1F4095D3BFB
Authority key identifier: 1A:05:80:29:C9:6C:E2:8A:F8:01:8D:57:F8:FA:40:31:26:15:1B:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GgWAKcls4or4AY1X-PpAMSYVG-Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/09e320-a3b6-45cb-87c0-22839766960a/1/i3e8wCKSQ41m2OIaVF9MlCgeLgA.roa
Signing time: Fri 10 Jan 2025 11:03:11 +0000
ROA not before: Fri 10 Jan 2025 11:03:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 185.1.30.0/24 maxlen: 24
2001:7f8:8e::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4f:e1:e3:75:71:4f:c8:11:2d:37:b1:f4:09:5d:3b:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a058029c96ce28af8018d57f8fa403126151be6
Validity
Not Before: Jan 10 11:03:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b77bcc02292438d66d8e21a545f4c94281e2e00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:88:3d:c3:a5:53:e5:9f:fe:fd:a2:4d:65:07:
94:1e:fb:6d:f5:5e:af:51:ba:3f:7a:ce:60:87:96:
9a:1f:22:40:6a:ab:8c:06:df:3d:b4:d3:50:7d:d0:
aa:32:a8:c1:c8:b4:bc:a9:12:4e:d7:ab:f2:f9:81:
43:d7:92:f6:41:77:8b:b7:1e:b7:cf:71:00:0e:0c:
51:a9:ca:0f:cd:31:6b:f1:ef:2b:2a:ac:12:d0:85:
95:4a:16:55:53:6c:3c:c4:f2:6b:55:65:33:0f:92:
87:d4:f6:93:2b:6a:0d:b9:2d:e1:89:5b:7b:d2:14:
98:ba:99:84:02:1a:c5:b8:f6:fd:b2:78:47:f8:ea:
8b:fa:52:0f:86:e3:32:04:c4:c0:f5:55:8c:af:61:
7a:2d:9a:54:26:6b:e4:16:81:ea:c7:1a:77:7f:aa:
28:a4:dd:50:6a:18:01:0d:0f:d1:b3:49:3f:d0:ef:
e4:09:ad:a6:c9:51:0e:32:ee:16:8d:68:38:e8:bf:
62:56:0d:55:ba:83:2d:4f:58:49:73:f8:41:95:d3:
05:81:fa:5e:6a:4a:3a:7b:01:e7:ba:8b:51:fc:fc:
c0:93:34:b5:6f:8d:04:d4:91:92:c9:bf:3d:5f:6f:
d5:2c:20:8d:35:69:58:47:cd:d7:41:2b:3a:cc:80:
42:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:77:BC:C0:22:92:43:8D:66:D8:E2:1A:54:5F:4C:94:28:1E:2E:00
X509v3 Authority Key Identifier:
keyid:1A:05:80:29:C9:6C:E2:8A:F8:01:8D:57:F8:FA:40:31:26:15:1B:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GgWAKcls4or4AY1X-PpAMSYVG-Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/09e320-a3b6-45cb-87c0-22839766960a/1/i3e8wCKSQ41m2OIaVF9MlCgeLgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/09e320-a3b6-45cb-87c0-22839766960a/1/GgWAKcls4or4AY1X-PpAMSYVG-Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.30.0/24
IPv6:
2001:7f8:8e::/48
Signature Algorithm: sha256WithRSAEncryption
03:ca:06:74:2e:ad:85:37:40:e7:75:a7:8c:11:97:3a:e4:98:
5b:83:01:c9:e4:17:b9:70:dc:4c:04:50:cc:34:9a:1c:09:ba:
7e:59:29:38:5c:d3:a7:a6:f8:f8:30:c6:76:b5:a6:f9:4f:1f:
dd:61:8b:cc:f0:e5:b1:9f:31:7e:8a:54:3b:cd:86:ac:d8:eb:
6f:6e:d5:2c:6f:3c:90:58:8b:20:dd:9c:b1:5f:80:84:ea:08:
fa:b4:ee:62:1c:b2:7e:46:b8:91:74:6a:71:6d:55:52:03:65:
71:89:fc:9d:09:9f:d3:bf:6d:9f:02:61:7a:14:f3:2e:1c:14:
a7:50:64:10:c3:d1:3d:4b:ad:40:d0:42:91:b6:62:7e:c1:e3:
40:c7:b8:37:f4:54:9b:a8:cb:a1:24:97:86:e6:97:8d:09:4e:
1a:c3:1b:15:63:04:87:1c:e1:c7:38:86:7d:57:6c:ee:11:83:
2d:83:8c:58:9e:1b:ac:4c:0a:a8:24:cb:fc:fe:a6:2b:77:1e:
2e:2c:63:3d:27:23:e8:54:0b:f9:2d:fe:dd:6a:c4:11:d4:6e:
8b:7f:c9:35:c7:78:93:55:54:56:29:31:d1:10:f7:ea:93:8f:
42:e2:f2:90:32:ff:a5:b9:74:1f:da:52:b5:d4:9e:d5:3e:ff:
f3:92:c0:c9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZRP4eN1cU/IES03sfQJXTv7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMDU4MDI5Yzk2Y2UyOGFmODAxOGQ1N2Y4ZmE0MDMxMjYx
NTFiZTYwHhcNMjUwMTEwMTEwMzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yjc3YmNjMDIyOTI0MzhkNjZkOGUyMWE1NDVmNGM5NDI4MWUyZTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4g9w6VT5Z/+/aJNZQeUHvtt9V6v
Ubo/es5gh5aaHyJAaquMBt89tNNQfdCqMqjByLS8qRJO16vy+YFD15L2QXeLtx63
z3EADgxRqcoPzTFr8e8rKqwS0IWVShZVU2w8xPJrVWUzD5KH1PaTK2oNuS3hiVt7
0hSYupmEAhrFuPb9snhH+OqL+lIPhuMyBMTA9VWMr2F6LZpUJmvkFoHqxxp3f6oo
pN1QahgBDQ/Rs0k/0O/kCa2myVEOMu4WjWg46L9iVg1VuoMtT1hJc/hBldMFgfpe
ako6ewHnuotR/PzAkzS1b40E1JGSyb89X2/VLCCNNWlYR83XQSs6zIBCFQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIt3vMAikkONZtjiGlRfTJQoHi4AMB8GA1UdIwQY
MBaAFBoFgCnJbOKK+AGNV/j6QDEmFRvmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2dXQUtjbHM0b3I0QVkxWC1QcEFNU1lWRy1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8wOWUzMjAtYTNiNi00NWNiLTg3YzAt
MjI4Mzk3NjY5NjBhLzEvaTNlOHdDS1NRNDFtMk9JYVZGOU1sQ2dlTGdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8wOWUzMjAtYTNiNi00NWNiLTg3YzAtMjI4Mzk3NjY5NjBh
LzEvR2dXQUtjbHM0b3I0QVkxWC1QcEFNU1lWRy1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuQEeMA8E
AgACMAkDBwAgAQf4AI4wDQYJKoZIhvcNAQELBQADggEBAAPKBnQurYU3QOd1p4wR
lzrkmFuDAcnkF7lw3EwEUMw0mhwJun5ZKThc06em+Pgwxna1pvlPH91hi8zw5bGf
MX6KVDvNhqzY629u1SxvPJBYiyDdnLFfgITqCPq07mIcsn5GuJF0anFtVVIDZXGJ
/J0Jn9O/bZ8CYXoU8y4cFKdQZBDD0T1LrUDQQpG2Yn7B40DHuDf0VJuoy6Ekl4bm
l40JThrDGxVjBIcc4cc4hn1XbO4Rgy2DjFieG6xMCqgky/z+pit3Hi4sYz0nI+hU
C/kt/t1qxBHUbot/yTXHeJNVVFYpMdEQ9+qTj0Li8pAy/6W5dB/aUrXUntU+//OS
wMk=
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:22:49 2025 by rpki-client