Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/296qqy7kvfAkbbvvyNWRYZEL0WE.roa
File: 296qqy7kvfAkbbvvyNWRYZEL0WE.roa (raw, json)
Hash identifier: flEq8pydCRK29TEAw8P6HsMLJ//zJVIgEvoq5jA1vEs=
Subject key identifier: DB:DE:AA:AB:2E:E4:BD:F0:24:6D:BB:EF:C8:D5:91:61:91:0B:D1:61
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0195659C0CD416F23C09FA3C7CEE65E9CC00
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/296qqy7kvfAkbbvvyNWRYZEL0WE.roa
Signing time: Wed 05 Mar 2025 09:21:20 +0000
ROA not before: Wed 05 Mar 2025 09:21:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2005
IP address blocks: 185.250.26.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:65:9c:0c:d4:16:f2:3c:09:fa:3c:7c:ee:65:e9:cc:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Mar 5 09:21:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dbdeaaab2ee4bdf0246dbbefc8d59161910bd161
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:f8:44:ee:dc:21:3c:ba:8f:e8:2d:35:b7:d7:
6f:43:c5:d1:a1:38:73:c4:3d:b9:1f:07:49:9c:32:
14:d5:4d:1a:75:56:33:8b:91:98:21:b1:7f:60:17:
c8:13:fa:4c:cc:b7:11:af:87:11:99:44:a2:c1:07:
27:57:b3:a6:55:5d:31:38:96:8d:72:ad:d2:18:bf:
76:cb:42:3d:25:eb:77:d4:e6:52:7d:4a:92:84:24:
da:3e:4e:3d:13:5e:b7:a9:d9:83:72:9b:68:99:4c:
2c:a0:72:20:4f:fa:a0:a1:11:77:39:72:36:b5:fd:
f9:7e:6e:8b:e8:c6:50:c9:2c:71:c3:3a:12:6c:9c:
41:95:d6:f1:08:4b:8f:7b:6c:9f:48:b1:f6:10:ab:
4a:8c:35:90:15:e3:cd:37:13:5e:34:7a:39:c7:7e:
53:38:e8:9b:e5:c3:cd:e9:94:a0:a0:36:0e:6b:05:
1a:db:ab:fc:b2:89:e5:3b:d0:fb:17:cc:d8:95:b2:
60:c1:8c:2d:d2:86:06:85:1f:ed:fc:45:ae:d4:b2:
a0:8e:af:4c:74:74:f2:58:56:19:8e:bb:12:52:81:
e7:fc:01:37:63:8f:3a:f4:d0:1d:9d:1e:0a:e0:6d:
77:eb:b1:7f:73:43:bf:48:bf:44:2e:87:03:9a:8b:
2e:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:DE:AA:AB:2E:E4:BD:F0:24:6D:BB:EF:C8:D5:91:61:91:0B:D1:61
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/296qqy7kvfAkbbvvyNWRYZEL0WE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.26.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:97:02:42:50:6b:ef:1f:7c:d2:04:2c:1d:9f:88:65:91:c6:
b9:65:ee:05:0e:8f:70:9f:02:8d:44:40:aa:ff:f5:44:bd:81:
ad:bb:16:e8:dc:21:7e:12:7b:3b:ed:64:6b:73:eb:42:bf:6e:
e7:e2:61:95:76:1d:fb:d6:88:19:a3:98:a2:1f:f6:37:1d:3b:
72:a5:67:5b:50:5f:49:2d:15:5a:05:bc:cc:23:e7:26:37:da:
9c:9e:32:f9:f4:63:a6:d6:4b:2f:05:c7:04:c6:91:f8:df:c7:
3e:13:a9:0b:f3:05:fc:51:c9:3b:2b:2b:88:38:e0:9e:5a:b4:
cc:62:9a:2c:94:83:70:98:05:d2:fe:b3:f1:41:8e:29:15:d1:
23:75:e7:35:8f:c4:ed:39:5b:48:46:af:fe:e8:8a:a4:cc:80:
c5:15:73:5a:11:c7:6c:0b:7d:22:83:27:83:30:3c:2c:83:fa:
a3:01:d2:40:a3:58:e2:66:e1:ad:90:62:dc:10:74:90:2c:ed:
f6:21:45:45:bb:91:6c:65:d7:70:ac:f7:b6:ae:a2:24:1a:89:
45:30:08:ef:7e:bb:b4:82:e7:d8:fb:5d:7d:32:94:b4:38:be:
a0:11:c1:bd:90:c7:4a:e2:54:55:25:1c:c6:4d:6f:74:ad:c9:
f2:29:fc:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVlnAzUFvI8Cfo8fO5l6cwAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjUwMzA1MDkyMTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmRlYWFhYjJlZTRiZGYwMjQ2ZGJiZWZjOGQ1OTE2MTkxMGJkMTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4fhE7twhPLqP6C01t9dvQ8XRoThz
xD25HwdJnDIU1U0adVYzi5GYIbF/YBfIE/pMzLcRr4cRmUSiwQcnV7OmVV0xOJaN
cq3SGL92y0I9Jet31OZSfUqShCTaPk49E163qdmDcptomUwsoHIgT/qgoRF3OXI2
tf35fm6L6MZQySxxwzoSbJxBldbxCEuPe2yfSLH2EKtKjDWQFePNNxNeNHo5x35T
OOib5cPN6ZSgoDYOawUa26v8sonlO9D7F8zYlbJgwYwt0oYGhR/t/EWu1LKgjq9M
dHTyWFYZjrsSUoHn/AE3Y4869NAdnR4K4G1367F/c0O/SL9ELocDmosuhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNveqqsu5L3wJG2778jVkWGRC9FhMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvMjk2cXF5N2t2ZkFrYmJ2dnlOV1JZWkVMMFdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufoaMA0G
CSqGSIb3DQEBCwUAA4IBAQC4lwJCUGvvH3zSBCwdn4hlkca5Ze4FDo9wnwKNRECq
//VEvYGtuxbo3CF+Ens77WRrc+tCv27n4mGVdh371ogZo5iiH/Y3HTtypWdbUF9J
LRVaBbzMI+cmN9qcnjL59GOm1ksvBccExpH438c+E6kL8wX8Uck7KyuIOOCeWrTM
YposlINwmAXS/rPxQY4pFdEjdec1j8TtOVtIRq/+6IqkzIDFFXNaEcdsC30igyeD
MDwsg/qjAdJAo1jiZuGtkGLcEHSQLO32IUVFu5FsZddwrPe2rqIkGolFMAjvfru0
gufY+119MpS0OL6gEcG9kMdK4lRVJRzGTW90rcnyKfx8
-----END CERTIFICATE-----
Generated at Tue Apr 8 13:23:23 2025 by rpki-client