Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/485769-5835-47f4-a9ff-8ec68e7886e2/1/pA8DlYtcvRNA-jdEe_3R7YRB6rk.roa
File: pA8DlYtcvRNA-jdEe_3R7YRB6rk.roa (raw, json)
Hash identifier: XB3O2NdSBoC9ldQGDUty/6gqx/qt/ZpvhUOCQP6iI1c=
Subject key identifier: A4:0F:03:95:8B:5C:BD:13:40:FA:37:44:7B:FD:D1:ED:84:41:EA:B9
Certificate issuer: /CN=b48f41afdc609568fb2338fdb20b2d0c422b723b
Certificate serial: 019424457FE7BBDC44A4EFE0B589F488EE42
Authority key identifier: B4:8F:41:AF:DC:60:95:68:FB:23:38:FD:B2:0B:2D:0C:42:2B:72:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tI9Br9xglWj7Izj9sgstDEIrcjs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/485769-5835-47f4-a9ff-8ec68e7886e2/1/pA8DlYtcvRNA-jdEe_3R7YRB6rk.roa
Signing time: Wed 01 Jan 2025 23:48:42 +0000
ROA not before: Wed 01 Jan 2025 23:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8075
IP address blocks: 185.90.154.0/24 maxlen: 24
2a05:e100:1::/48 maxlen: 48
2a05:e100:a::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:7f:e7:bb:dc:44:a4:ef:e0:b5:89:f4:88:ee:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b48f41afdc609568fb2338fdb20b2d0c422b723b
Validity
Not Before: Jan 1 23:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a40f03958b5cbd1340fa37447bfdd1ed8441eab9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:77:de:13:05:79:0d:ce:64:d3:5a:b3:d6:be:
31:53:4a:f2:97:0d:a6:d1:45:10:67:fc:4a:84:17:
99:da:71:60:76:fb:2c:01:ce:70:26:78:43:19:ec:
5b:c1:1c:95:65:77:55:2b:36:43:7d:c9:65:20:66:
49:ae:a8:b8:4e:e8:3d:ec:1e:ea:41:d2:b1:2f:37:
d5:28:b0:3c:6f:2d:91:38:cb:ac:23:90:f5:f9:a3:
90:dc:eb:1c:b2:b4:52:3a:72:74:e1:c1:13:b3:e1:
11:d5:fd:18:ed:1a:a7:ef:25:46:e4:99:fa:5e:e0:
ea:8b:c6:e2:60:48:53:44:ff:62:51:d6:ef:96:b7:
59:52:ca:da:79:9d:1f:1b:2b:2b:67:f7:80:7a:00:
59:e5:e7:29:da:80:7e:9c:3a:cb:59:4b:98:73:1f:
43:40:37:0d:aa:a9:e2:1c:b0:d9:20:81:85:a0:d5:
5b:4f:40:60:6e:bc:8f:43:d9:7a:03:a0:ab:7d:2a:
93:9b:4c:bc:9c:a4:5a:47:69:ca:fb:f4:3d:47:91:
65:52:b2:be:98:42:89:64:f1:cc:4e:21:27:d9:ef:
01:4f:19:ad:9a:d8:d7:28:66:75:dc:fd:91:d9:0b:
df:98:d8:44:87:04:14:30:14:aa:58:f3:ed:db:ef:
3f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:0F:03:95:8B:5C:BD:13:40:FA:37:44:7B:FD:D1:ED:84:41:EA:B9
X509v3 Authority Key Identifier:
keyid:B4:8F:41:AF:DC:60:95:68:FB:23:38:FD:B2:0B:2D:0C:42:2B:72:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tI9Br9xglWj7Izj9sgstDEIrcjs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/485769-5835-47f4-a9ff-8ec68e7886e2/1/pA8DlYtcvRNA-jdEe_3R7YRB6rk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/485769-5835-47f4-a9ff-8ec68e7886e2/1/tI9Br9xglWj7Izj9sgstDEIrcjs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.90.154.0/24
IPv6:
2a05:e100:1::/48
2a05:e100:a::/48
Signature Algorithm: sha256WithRSAEncryption
0e:d8:2a:54:cd:0e:8b:65:d2:39:94:d7:4b:16:f4:44:ce:7a:
81:7b:f6:72:66:3e:4e:67:41:f7:cf:e1:70:d8:b1:d3:4a:5d:
e4:9c:7f:1c:41:b5:cd:33:27:dc:12:af:ac:24:5b:92:65:6d:
a2:a5:fb:32:88:e7:75:82:84:15:43:65:2c:41:35:f0:72:e7:
83:51:3c:8e:98:b0:3f:15:df:ca:1d:ac:10:57:df:5b:cf:19:
06:3b:af:c7:ef:b4:f3:24:93:94:f9:8a:9f:06:8b:ad:c5:9f:
fd:29:27:e5:48:73:4a:92:ff:54:92:9f:fe:78:2f:37:09:c7:
21:99:09:6c:7d:78:56:6a:86:6b:ef:a6:f8:1a:f8:90:5a:b4:
e2:dc:2d:a6:94:7d:0f:93:fb:ac:09:4c:b2:35:2f:0f:7f:e3:
c4:d9:11:65:c5:61:1f:de:7f:4e:b6:a6:e1:9a:94:7b:e3:df:
df:19:3c:78:bf:97:88:8d:c2:22:d8:88:18:bb:0f:bb:c2:d2:
e0:69:7d:65:fa:4f:ee:21:af:29:7e:06:26:95:76:15:ef:51:
09:94:8e:27:fb:41:55:0c:32:63:8a:08:a8:14:20:47:65:d4:
a5:e8:c6:cb:89:fd:8a:ec:95:b3:ca:b8:1d:36:eb:9b:96:ed:
56:97:dc:28
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQkRX/nu9xEpO/gtYn0iO5CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0OGY0MWFmZGM2MDk1NjhmYjIzMzhmZGIyMGIyZDBjNDIy
YjcyM2IwHhcNMjUwMTAxMjM0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDBmMDM5NThiNWNiZDEzNDBmYTM3NDQ3YmZkZDFlZDg0NDFlYWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXfeEwV5Dc5k01qz1r4xU0rylw2m
0UUQZ/xKhBeZ2nFgdvssAc5wJnhDGexbwRyVZXdVKzZDfcllIGZJrqi4Tug97B7q
QdKxLzfVKLA8by2ROMusI5D1+aOQ3OscsrRSOnJ04cETs+ER1f0Y7Rqn7yVG5Jn6
XuDqi8biYEhTRP9iUdbvlrdZUsraeZ0fGysrZ/eAegBZ5ecp2oB+nDrLWUuYcx9D
QDcNqqniHLDZIIGFoNVbT0BgbryPQ9l6A6CrfSqTm0y8nKRaR2nK+/Q9R5FlUrK+
mEKJZPHMTiEn2e8BTxmtmtjXKGZ13P2R2QvfmNhEhwQUMBSqWPPt2+8/jQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKQPA5WLXL0TQPo3RHv90e2EQeq5MB8GA1UdIwQY
MBaAFLSPQa/cYJVo+yM4/bILLQxCK3I7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEk5QnI5eGdsV2o3SXpqOXNnc3RERUlyY2pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS80ODU3NjktNTgzNS00N2Y0LWE5ZmYt
OGVjNjhlNzg4NmUyLzEvcEE4RGxZdGN2Uk5BLWpkRWVfM1I3WVJCNnJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS80ODU3NjktNTgzNS00N2Y0LWE5ZmYtOGVjNjhlNzg4NmUy
LzEvdEk5QnI5eGdsV2o3SXpqOXNnc3RERUlyY2pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAuVqaMBgE
AgACMBIDBwAqBeEAAAEDBwAqBeEAAAowDQYJKoZIhvcNAQELBQADggEBAA7YKlTN
Dotl0jmU10sW9ETOeoF79nJmPk5nQffP4XDYsdNKXeScfxxBtc0zJ9wSr6wkW5Jl
baKl+zKI53WChBVDZSxBNfBy54NRPI6YsD8V38odrBBX31vPGQY7r8fvtPMkk5T5
ip8Gi63Fn/0pJ+VIc0qS/1SSn/54LzcJxyGZCWx9eFZqhmvvpvga+JBatOLcLaaU
fQ+T+6wJTLI1Lw9/48TZEWXFYR/ef062puGalHvj398ZPHi/l4iNwiLYiBi7D7vC
0uBpfWX6T+4hryl+BiaVdhXvUQmUjif7QVUMMmOKCKgUIEdl1KXoxsuJ/YrslbPK
uB0265uW7VaX3Cg=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:36 2025 by rpki-client