Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/6nplidodvvdJRrZ44SMyLhaamX0.roa
File: 6nplidodvvdJRrZ44SMyLhaamX0.roa (raw, json)
Hash identifier: bb3clRezZgRvbFwSH5yYmwTFkEsm5/sgUQxknwFQYpU=
Subject key identifier: EA:7A:65:89:DA:1D:BE:F7:49:46:B6:78:E1:23:32:2E:16:9A:99:7D
Certificate issuer: /CN=852ece9c9a324d45c35f9559f329d8869dab53ba
Certificate serial: 019398354C8335224E614EB47D67777F646D
Authority key identifier: 85:2E:CE:9C:9A:32:4D:45:C3:5F:95:59:F3:29:D8:86:9D:AB:53:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hS7OnJoyTUXDX5VZ8ynYhp2rU7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/6nplidodvvdJRrZ44SMyLhaamX0.roa
Signing time: Thu 05 Dec 2024 19:04:09 +0000
ROA not before: Thu 05 Dec 2024 19:04:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47256
IP address blocks: 185.138.202.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:98:35:4c:83:35:22:4e:61:4e:b4:7d:67:77:7f:64:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=852ece9c9a324d45c35f9559f329d8869dab53ba
Validity
Not Before: Dec 5 19:04:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea7a6589da1dbef74946b678e123322e169a997d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:27:3c:ce:5d:78:c2:61:28:0a:ce:a2:7d:f4:
c2:74:36:3c:32:fd:2b:3d:ef:9f:81:91:fc:42:0f:
e3:e2:88:39:66:4e:70:72:2c:7e:ee:0c:64:51:7a:
88:e1:c3:c4:fa:b2:58:58:de:6c:4e:36:43:40:ea:
9e:a4:2c:8c:5d:4d:c7:a4:cd:0c:11:15:84:be:cd:
5c:05:ba:ec:d1:29:08:2c:92:6c:d0:6d:12:45:83:
14:c8:ee:ad:23:d8:90:86:bc:b5:bd:ff:94:0f:7e:
30:aa:c1:dd:99:77:2f:c3:6a:07:8a:8d:70:2d:e0:
bb:5e:13:58:e7:01:ea:b9:9b:d5:d0:fd:fe:c3:51:
15:d8:ca:8d:c4:9f:25:f1:bc:11:ee:15:16:13:b5:
91:44:9d:f8:51:53:90:93:7f:e3:c1:55:0c:25:8c:
a0:16:6a:0c:1e:cb:ed:a7:e8:d8:11:be:7a:bc:d9:
e1:e6:6d:a4:e9:36:de:8c:22:11:e8:cb:a7:a7:fb:
37:a5:1d:20:43:11:3c:9f:a3:cc:a4:39:a7:9d:4d:
df:f0:98:9c:67:92:f1:8b:28:5a:ec:04:96:ad:5f:
49:82:38:19:40:05:23:aa:b5:f3:cb:d2:02:70:34:
fb:00:e8:39:2f:02:21:21:bc:55:4b:34:77:3d:d5:
61:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:7A:65:89:DA:1D:BE:F7:49:46:B6:78:E1:23:32:2E:16:9A:99:7D
X509v3 Authority Key Identifier:
keyid:85:2E:CE:9C:9A:32:4D:45:C3:5F:95:59:F3:29:D8:86:9D:AB:53:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hS7OnJoyTUXDX5VZ8ynYhp2rU7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/6nplidodvvdJRrZ44SMyLhaamX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/hS7OnJoyTUXDX5VZ8ynYhp2rU7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.202.0/23
Signature Algorithm: sha256WithRSAEncryption
65:a2:97:45:a3:78:a1:8b:64:ee:67:5d:bc:ff:2a:28:34:bd:
8a:86:45:ba:15:dc:48:38:df:fd:1f:c6:2d:ac:2a:b1:e6:56:
9a:22:98:a0:92:aa:9a:12:5e:f6:19:21:4c:41:cd:e7:f6:ec:
61:05:20:ba:c8:03:48:15:dc:fd:ce:5f:97:f1:e4:de:38:d7:
43:d5:3b:6f:5b:45:d2:0e:98:40:c7:17:ba:af:03:86:2d:8b:
ca:62:5e:34:09:f1:58:1d:e7:7d:09:3f:10:63:23:13:0b:67:
ac:59:b3:be:f7:e9:8c:3b:9e:ac:ee:40:22:4b:4b:4c:6e:eb:
86:9e:34:35:18:f1:c7:e8:f1:08:bf:16:00:d2:a9:9c:75:72:
3f:95:f7:74:8f:9e:4c:61:ca:3e:b3:36:f0:2e:9b:ad:f4:57:
aa:88:1c:62:95:b7:24:83:b3:93:0a:64:dc:e6:14:5e:a8:e0:
32:a0:9e:d8:7b:f3:35:e4:1d:01:8a:e9:7d:d2:c1:cc:66:b6:
40:84:58:1f:2d:e7:14:00:88:ce:95:0f:a5:e0:13:fd:2f:2e:
56:2f:43:bd:12:5b:3f:15:9c:b0:10:fc:2a:b7:d0:48:3f:bc:
ae:9b:04:83:1f:cc:cc:1d:0b:77:04:9d:9f:58:2f:fa:5a:bf:
11:93:80:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOYNUyDNSJOYU60fWd3f2RtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MmVjZTljOWEzMjRkNDVjMzVmOTU1OWYzMjlkODg2OWRh
YjUzYmEwHhcNMjQxMjA1MTkwNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTdhNjU4OWRhMWRiZWY3NDk0NmI2NzhlMTIzMzIyZTE2OWE5OTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyc8zl14wmEoCs6iffTCdDY8Mv0r
Pe+fgZH8Qg/j4og5Zk5wcix+7gxkUXqI4cPE+rJYWN5sTjZDQOqepCyMXU3HpM0M
ERWEvs1cBbrs0SkILJJs0G0SRYMUyO6tI9iQhry1vf+UD34wqsHdmXcvw2oHio1w
LeC7XhNY5wHquZvV0P3+w1EV2MqNxJ8l8bwR7hUWE7WRRJ34UVOQk3/jwVUMJYyg
FmoMHsvtp+jYEb56vNnh5m2k6TbejCIR6Munp/s3pR0gQxE8n6PMpDmnnU3f8Jic
Z5Lxiyha7ASWrV9JgjgZQAUjqrXzy9ICcDT7AOg5LwIhIbxVSzR3PdVhLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOp6ZYnaHb73SUa2eOEjMi4Wmpl9MB8GA1UdIwQY
MBaAFIUuzpyaMk1Fw1+VWfMp2Iadq1O6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFM3T25Kb3lUVVhEWDVWWjh5bllocDJyVTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9kM2NjZTYtYjQ3Yi00ZDA2LWEzMGYt
ZWIyNDExZDIxMmFiLzEvNm5wbGlkb2R2dmRKUnJaNDRTTXlMaGFhbVgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9kM2NjZTYtYjQ3Yi00ZDA2LWEzMGYtZWIyNDExZDIxMmFi
LzEvaFM3T25Kb3lUVVhEWDVWWjh5bllocDJyVTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuYrKMA0G
CSqGSIb3DQEBCwUAA4IBAQBlopdFo3ihi2TuZ128/yooNL2KhkW6FdxION/9H8Yt
rCqx5laaIpigkqqaEl72GSFMQc3n9uxhBSC6yANIFdz9zl+X8eTeONdD1TtvW0XS
DphAxxe6rwOGLYvKYl40CfFYHed9CT8QYyMTC2esWbO+9+mMO56s7kAiS0tMbuuG
njQ1GPHH6PEIvxYA0qmcdXI/lfd0j55MYco+szbwLput9FeqiBxilbckg7OTCmTc
5hReqOAyoJ7Ye/M15B0Biul90sHMZrZAhFgfLecUAIjOlQ+l4BP9Ly5WL0O9Els/
FZywEPwqt9BIP7yumwSDH8zMHQt3BJ2fWC/6Wr8Rk4Cp
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:48:00 2025 by rpki-client