Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/f7c636-0d1e-47f3-b05d-a7fd2f9e74cf/1/KAeDRZYtk4gQYh2zbQ0HADYpjok.roa
File: KAeDRZYtk4gQYh2zbQ0HADYpjok.roa (raw, json)
Hash identifier: 3b5QOxzEttRmMN1A9txJTsvRVrohslbNkzlikXbgEz8=
Subject key identifier: 28:07:83:45:96:2D:93:88:10:62:1D:B3:6D:0D:07:00:36:29:8E:89
Certificate issuer: /CN=e54d092047dbe9a968a160f315fab9bb9c8356d7
Certificate serial: 019424B376B9C319E213D5FD7425B7CE5CF8
Authority key identifier: E5:4D:09:20:47:DB:E9:A9:68:A1:60:F3:15:FA:B9:BB:9C:83:56:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5U0JIEfb6alooWDzFfq5u5yDVtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/f7c636-0d1e-47f3-b05d-a7fd2f9e74cf/1/KAeDRZYtk4gQYh2zbQ0HADYpjok.roa
Signing time: Thu 02 Jan 2025 01:48:48 +0000
ROA not before: Thu 02 Jan 2025 01:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59944
IP address blocks: 185.65.96.0/22 maxlen: 24
2a03:1ae0::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:76:b9:c3:19:e2:13:d5:fd:74:25:b7:ce:5c:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e54d092047dbe9a968a160f315fab9bb9c8356d7
Validity
Not Before: Jan 2 01:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28078345962d938810621db36d0d070036298e89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ea:fa:40:a3:b8:34:c1:8f:d6:a4:ba:cf:3b:
54:b2:e7:f3:5b:ab:02:3e:2e:3a:33:a6:2b:b7:f0:
db:3a:84:a7:03:69:77:60:4b:6b:ca:6a:d5:77:b2:
66:de:5c:5d:2e:88:77:ee:d8:69:fa:ca:ad:b9:28:
86:1e:32:6e:eb:e0:1a:a4:1d:ba:f8:fb:88:72:35:
a3:48:11:c3:68:46:5b:36:3d:48:8d:de:05:43:d4:
ac:a3:05:5c:ce:c7:48:f0:fa:3d:91:08:35:ef:c2:
4d:5c:e2:17:75:96:ca:09:9c:14:48:2a:ec:4a:ca:
aa:28:77:21:12:61:a3:c6:b8:82:ec:00:a1:7a:d2:
06:87:bb:45:24:88:15:63:2e:ed:82:4b:78:e2:83:
43:8d:8d:f9:7e:a1:24:40:2d:6b:42:a7:e1:2f:d7:
35:bd:29:ae:2c:33:90:11:6d:f6:f0:b7:c5:b8:b0:
b5:68:36:02:8c:31:81:2b:06:c7:45:9c:c0:e5:4b:
34:c1:a7:b6:16:cf:70:ef:2c:7e:e3:e4:6b:7b:6b:
0f:44:b4:cf:d5:3e:0b:0d:c8:07:6f:60:e8:10:78:
e1:17:b6:e8:f9:4e:93:99:d1:e9:cb:fb:0d:03:3a:
f2:81:79:08:b9:5a:6a:c3:18:f9:62:3b:94:ff:ef:
bf:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:07:83:45:96:2D:93:88:10:62:1D:B3:6D:0D:07:00:36:29:8E:89
X509v3 Authority Key Identifier:
keyid:E5:4D:09:20:47:DB:E9:A9:68:A1:60:F3:15:FA:B9:BB:9C:83:56:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5U0JIEfb6alooWDzFfq5u5yDVtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/f7c636-0d1e-47f3-b05d-a7fd2f9e74cf/1/KAeDRZYtk4gQYh2zbQ0HADYpjok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/f7c636-0d1e-47f3-b05d-a7fd2f9e74cf/1/5U0JIEfb6alooWDzFfq5u5yDVtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.96.0/22
IPv6:
2a03:1ae0::/32
Signature Algorithm: sha256WithRSAEncryption
d0:6f:61:fa:9b:cc:28:7e:7c:98:80:6d:9a:f7:8c:e1:61:ed:
5f:00:e4:e4:71:9a:0a:4c:3d:26:db:e2:57:61:3f:a8:77:91:
3d:32:c4:00:fa:57:df:23:e5:db:e2:79:d5:d1:69:82:71:ff:
36:1d:78:d2:bb:70:26:8e:69:52:78:39:7e:cb:c3:ed:58:fc:
61:88:bb:1f:04:11:03:51:df:a0:35:b0:d0:8b:89:87:53:3e:
f0:89:6d:98:26:2b:06:2d:1d:f0:ba:4c:ef:e1:01:78:07:5b:
f8:de:2d:45:ca:8d:33:b6:8d:75:5c:81:d0:24:65:93:96:68:
d9:65:8c:92:4d:7a:4e:07:03:ef:d3:50:5d:e6:26:7c:d9:59:
a7:57:ca:e7:62:ae:3b:12:39:10:c7:e9:a2:9d:2b:f6:f4:d1:
93:85:1b:da:fb:0f:22:7a:b6:61:74:d6:cc:02:fc:4c:7a:f1:
ba:87:48:91:33:20:b6:35:bd:33:b2:b7:33:f6:1d:28:16:3d:
2c:4b:cc:64:3f:62:fe:b9:b6:64:cf:13:02:12:31:f6:a8:1b:
d0:f8:de:3d:8e:2c:f2:96:ee:90:65:ea:5a:2f:54:03:06:ed:
81:c7:04:65:24:df:b6:be:53:df:0b:d0:11:15:51:19:10:f1:
1d:40:45:0f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQks3a5wxniE9X9dCW3zlz4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NGQwOTIwNDdkYmU5YTk2OGExNjBmMzE1ZmFiOWJiOWM4
MzU2ZDcwHhcNMjUwMTAyMDE0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODA3ODM0NTk2MmQ5Mzg4MTA2MjFkYjM2ZDBkMDcwMDM2Mjk4ZTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0er6QKO4NMGP1qS6zztUsufzW6sC
Pi46M6Yrt/DbOoSnA2l3YEtrymrVd7Jm3lxdLoh37thp+sqtuSiGHjJu6+AapB26
+PuIcjWjSBHDaEZbNj1Ijd4FQ9SsowVczsdI8Po9kQg178JNXOIXdZbKCZwUSCrs
SsqqKHchEmGjxriC7AChetIGh7tFJIgVYy7tgkt44oNDjY35fqEkQC1rQqfhL9c1
vSmuLDOQEW328LfFuLC1aDYCjDGBKwbHRZzA5Us0wae2Fs9w7yx+4+Rre2sPRLTP
1T4LDcgHb2DoEHjhF7bo+U6TmdHpy/sNAzrygXkIuVpqwxj5YjuU/++/ZQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCgHg0WWLZOIEGIds20NBwA2KY6JMB8GA1UdIwQY
MBaAFOVNCSBH2+mpaKFg8xX6ubucg1bXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVUwSklFZmI2YWxvb1dEekZmcTV1NXlEVnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9mN2M2MzYtMGQxZS00N2YzLWIwNWQt
YTdmZDJmOWU3NGNmLzEvS0FlRFJaWXRrNGdRWWgyemJRMEhBRFlwam9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9mN2M2MzYtMGQxZS00N2YzLWIwNWQtYTdmZDJmOWU3NGNm
LzEvNVUwSklFZmI2YWxvb1dEekZmcTV1NXlEVnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUFgMA0E
AgACMAcDBQAqAxrgMA0GCSqGSIb3DQEBCwUAA4IBAQDQb2H6m8wofnyYgG2a94zh
Ye1fAOTkcZoKTD0m2+JXYT+od5E9MsQA+lffI+Xb4nnV0WmCcf82HXjSu3AmjmlS
eDl+y8PtWPxhiLsfBBEDUd+gNbDQi4mHUz7wiW2YJisGLR3wukzv4QF4B1v43i1F
yo0zto11XIHQJGWTlmjZZYySTXpOBwPv01Bd5iZ82VmnV8rnYq47EjkQx+minSv2
9NGThRva+w8ierZhdNbMAvxMevG6h0iRMyC2Nb0zsrcz9h0oFj0sS8xkP2L+ubZk
zxMCEjH2qBvQ+N49jizylu6QZepaL1QDBu2BxwRlJN+2vlPfC9ARFVEZEPEdQEUP
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:15:48 2025 by rpki-client