Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/eJTJ2xXloI9cYA2PdEb7QzgzZMI.roa
File: eJTJ2xXloI9cYA2PdEb7QzgzZMI.roa (raw, json)
Hash identifier: pJvyPt1aoxPTKu/5G35raZf6vtLPUO+Laz/ssfLJWrA=
Subject key identifier: 78:94:C9:DB:15:E5:A0:8F:5C:60:0D:8F:74:46:FB:43:38:33:64:C2
Certificate issuer: /CN=34fe6b9d0cc1e7f6e16b2a46b42ca5e01c700346
Certificate serial: 019422FBEC2A93E5D3AF2F7FEDC577280048
Authority key identifier: 34:FE:6B:9D:0C:C1:E7:F6:E1:6B:2A:46:B4:2C:A5:E0:1C:70:03:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NP5rnQzB5_bhaypGtCyl4BxwA0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/eJTJ2xXloI9cYA2PdEb7QzgzZMI.roa
Signing time: Wed 01 Jan 2025 17:48:42 +0000
ROA not before: Wed 01 Jan 2025 17:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 185.156.16.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:ec:2a:93:e5:d3:af:2f:7f:ed:c5:77:28:00:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34fe6b9d0cc1e7f6e16b2a46b42ca5e01c700346
Validity
Not Before: Jan 1 17:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7894c9db15e5a08f5c600d8f7446fb43383364c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:82:6f:1b:bc:0d:6e:66:54:be:f6:fb:c8:21:
2e:df:18:11:07:56:0e:b1:08:50:4f:03:95:f2:ca:
6b:10:ab:23:5a:81:df:1b:84:dd:06:c3:06:04:3f:
d0:29:50:ff:d5:fa:6d:42:f1:de:25:dd:c5:c9:13:
7e:11:e0:67:e5:c4:f4:d8:07:be:fa:4f:c9:29:a5:
4d:4c:ca:f4:59:32:0b:76:38:6a:e8:9b:1d:da:2a:
f1:69:f0:88:48:a3:41:eb:7d:35:5e:16:67:99:fe:
06:7e:3f:1e:38:1e:c9:15:32:60:96:a5:c1:cf:72:
c6:83:e3:3f:06:eb:fa:db:5f:90:b3:4a:39:b1:93:
3b:43:13:10:74:04:d9:f8:cf:3f:38:93:1d:bb:e0:
ee:30:1c:c4:0d:66:df:4d:31:9f:26:f3:1a:d9:aa:
96:44:db:99:09:93:49:74:fb:f0:1c:9c:d6:20:9a:
9c:3d:f6:48:09:a0:ad:17:41:02:1f:d2:3d:46:85:
56:d6:ff:b5:b5:0b:b1:d8:4e:e2:4b:34:ff:1d:4e:
6a:01:b0:2f:7b:59:0b:2e:c9:43:79:98:ce:f7:c3:
3b:6b:8e:43:09:f5:b9:4a:44:16:66:2f:c0:52:0c:
ab:2a:49:a0:30:f2:78:28:2d:f9:43:c3:98:a6:10:
8a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:94:C9:DB:15:E5:A0:8F:5C:60:0D:8F:74:46:FB:43:38:33:64:C2
X509v3 Authority Key Identifier:
keyid:34:FE:6B:9D:0C:C1:E7:F6:E1:6B:2A:46:B4:2C:A5:E0:1C:70:03:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NP5rnQzB5_bhaypGtCyl4BxwA0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/eJTJ2xXloI9cYA2PdEb7QzgzZMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/NP5rnQzB5_bhaypGtCyl4BxwA0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.16.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:b2:59:41:36:00:06:0d:8b:29:de:b4:cd:ea:95:30:66:69:
c4:d3:d9:13:c0:7a:80:80:14:e5:ce:2b:0c:7a:52:7a:4b:b7:
d9:c2:28:73:64:59:5c:5c:d1:30:c9:ee:82:e8:f8:60:cb:e6:
6e:c5:9f:56:ab:47:12:c3:13:ed:42:bb:27:4a:08:ce:de:d0:
62:38:8a:8b:03:3e:7a:43:eb:96:6f:45:67:da:75:30:26:df:
c8:7a:47:52:49:89:31:15:bc:b1:9d:4e:ea:fd:01:e7:fc:11:
9c:e8:1a:0c:13:f2:09:82:f5:44:17:79:d2:50:cd:6b:75:91:
da:be:8f:74:24:99:f2:36:1f:85:25:ff:8f:64:0c:5e:35:9e:
aa:3c:0d:58:ef:0c:f0:4a:40:74:4b:d0:b9:0d:55:53:ec:09:
45:a2:a6:96:73:7e:d1:ab:6c:8d:36:4f:7f:14:2c:63:b5:20:
59:9e:fc:02:0b:eb:54:cb:86:31:75:3a:af:bb:19:b5:eb:42:
32:7f:24:8f:32:49:d3:eb:ba:98:00:f4:46:87:25:6e:9e:9e:
b2:6c:6b:29:51:63:af:93:9d:95:2e:c8:96:63:7a:25:57:f1:
60:ca:59:4d:41:39:d7:51:16:7a:6c:04:f2:46:bd:36:d8:50:
b4:f7:b0:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi++wqk+XTry9/7cV3KABIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZmU2YjlkMGNjMWU3ZjZlMTZiMmE0NmI0MmNhNWUwMWM3
MDAzNDYwHhcNMjUwMTAxMTc0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODk0YzlkYjE1ZTVhMDhmNWM2MDBkOGY3NDQ2ZmI0MzM4MzM2NGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4JvG7wNbmZUvvb7yCEu3xgRB1YO
sQhQTwOV8sprEKsjWoHfG4TdBsMGBD/QKVD/1fptQvHeJd3FyRN+EeBn5cT02Ae+
+k/JKaVNTMr0WTILdjhq6Jsd2irxafCISKNB6301XhZnmf4Gfj8eOB7JFTJglqXB
z3LGg+M/Buv621+Qs0o5sZM7QxMQdATZ+M8/OJMdu+DuMBzEDWbfTTGfJvMa2aqW
RNuZCZNJdPvwHJzWIJqcPfZICaCtF0ECH9I9RoVW1v+1tQux2E7iSzT/HU5qAbAv
e1kLLslDeZjO98M7a45DCfW5SkQWZi/AUgyrKkmgMPJ4KC35Q8OYphCKvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHiUydsV5aCPXGANj3RG+0M4M2TCMB8GA1UdIwQY
MBaAFDT+a50Mwef24WsqRrQspeAccANGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlA1cm5RekI1X2JoYXlwR3RDeWw0Qnh3QTBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82MmRmMzYtZmQzNi00YmFmLTlkMmUt
MTE4YWZlZDdhNWFlLzEvZUpUSjJ4WGxvSTljWUEyUGRFYjdRemd6Wk1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC82MmRmMzYtZmQzNi00YmFmLTlkMmUtMTE4YWZlZDdhNWFl
LzEvTlA1cm5RekI1X2JoYXlwR3RDeWw0Qnh3QTBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuZwQMA0G
CSqGSIb3DQEBCwUAA4IBAQAfsllBNgAGDYsp3rTN6pUwZmnE09kTwHqAgBTlzisM
elJ6S7fZwihzZFlcXNEwye6C6Phgy+ZuxZ9Wq0cSwxPtQrsnSgjO3tBiOIqLAz56
Q+uWb0Vn2nUwJt/IekdSSYkxFbyxnU7q/QHn/BGc6BoME/IJgvVEF3nSUM1rdZHa
vo90JJnyNh+FJf+PZAxeNZ6qPA1Y7wzwSkB0S9C5DVVT7AlFoqaWc37Rq2yNNk9/
FCxjtSBZnvwCC+tUy4YxdTqvuxm160IyfySPMknT67qYAPRGhyVunp6ybGspUWOv
k52VLsiWY3olV/FgyllNQTnXURZ6bATyRr022FC097Ai
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:58:41 2025 by rpki-client