Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7979b2-c3d9-4f33-a09f-49591afe17f0/1/JXdwz8Kh5s8D4fZUiI7MP0vHa-g.roa
File: JXdwz8Kh5s8D4fZUiI7MP0vHa-g.roa (raw, json)
Hash identifier: aGy7W4wvxfuA3DMrWGQip2XzAfgBaKwU1Q707mDCSqY=
Subject key identifier: 25:77:70:CF:C2:A1:E6:CF:03:E1:F6:54:88:8E:CC:3F:4B:C7:6B:E8
Certificate issuer: /CN=8eee7a3ad152bb8725a7db9bb7520804b6f1155f
Certificate serial: 019424456AFB81FCFD021628A44AC761F286
Authority key identifier: 8E:EE:7A:3A:D1:52:BB:87:25:A7:DB:9B:B7:52:08:04:B6:F1:15:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ju56OtFSu4clp9ubt1IIBLbxFV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7979b2-c3d9-4f33-a09f-49591afe17f0/1/JXdwz8Kh5s8D4fZUiI7MP0vHa-g.roa
Signing time: Wed 01 Jan 2025 23:48:36 +0000
ROA not before: Wed 01 Jan 2025 23:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42473
IP address blocks: 185.228.243.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:6a:fb:81:fc:fd:02:16:28:a4:4a:c7:61:f2:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8eee7a3ad152bb8725a7db9bb7520804b6f1155f
Validity
Not Before: Jan 1 23:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=257770cfc2a1e6cf03e1f654888ecc3f4bc76be8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:aa:ee:f3:ec:63:28:70:92:aa:7d:71:65:e6:
9a:e5:99:51:c8:c4:0b:f7:c8:3f:21:7e:24:fe:45:
47:5e:07:44:a9:5c:d7:b8:36:76:ac:21:d9:0c:16:
ee:b4:b8:f8:c1:33:9a:0d:ed:d1:5a:e6:47:78:c5:
ef:16:ea:2a:48:32:5f:c8:88:3e:a8:db:51:92:2c:
91:d0:9e:a9:56:65:ba:b2:95:b1:76:d8:17:ca:66:
87:f8:c2:73:16:3b:92:f1:3d:3f:2b:3b:93:a4:71:
a5:0d:a7:03:36:2a:e7:1d:5a:02:18:a5:02:c7:a5:
07:00:dc:ef:0a:89:2e:b1:be:ed:e7:ce:5a:f3:b6:
e8:5b:67:b4:f0:c2:7f:64:be:f9:46:f6:21:b9:ed:
72:7d:64:71:e7:4c:26:c5:c3:72:44:41:ac:89:78:
1c:9e:ba:6b:60:a1:b8:72:8b:d9:ce:df:be:db:5b:
6d:bd:84:7d:96:be:bb:a2:58:2c:23:39:64:1c:37:
c7:d1:bc:8c:65:f7:b3:f2:cd:92:74:11:cc:c0:c6:
e2:25:1f:71:e0:5e:5d:b5:48:cd:1f:49:ae:fe:53:
a8:15:9b:da:28:0d:8a:10:56:7d:d0:f8:e3:5c:5d:
91:2a:f2:06:f9:64:e4:86:0f:5b:fc:b8:82:4e:56:
7b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:77:70:CF:C2:A1:E6:CF:03:E1:F6:54:88:8E:CC:3F:4B:C7:6B:E8
X509v3 Authority Key Identifier:
keyid:8E:EE:7A:3A:D1:52:BB:87:25:A7:DB:9B:B7:52:08:04:B6:F1:15:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ju56OtFSu4clp9ubt1IIBLbxFV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7979b2-c3d9-4f33-a09f-49591afe17f0/1/JXdwz8Kh5s8D4fZUiI7MP0vHa-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7979b2-c3d9-4f33-a09f-49591afe17f0/1/ju56OtFSu4clp9ubt1IIBLbxFV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.243.0/24
Signature Algorithm: sha256WithRSAEncryption
25:24:76:f7:f1:c0:6a:cd:85:d6:a3:d9:c3:98:e4:16:69:ef:
ba:aa:1d:34:2b:bd:50:df:da:7e:77:33:81:7b:f7:9f:c4:d0:
43:a1:24:d7:11:cb:4a:a6:0f:05:4c:18:f5:79:f7:e9:09:c7:
a8:00:9b:ca:b6:4b:3a:59:38:6c:b9:72:82:b1:9c:a0:68:67:
b7:78:98:35:f1:df:41:08:a3:8f:26:1d:31:19:54:8a:d2:e8:
e0:cd:1b:8a:f3:a0:25:0f:77:87:1d:c4:12:33:bd:e8:4b:fd:
0d:4a:4a:68:74:20:53:78:3b:e4:9c:0e:e9:d9:14:49:31:3c:
37:c2:4a:d3:c4:c8:9d:73:69:fc:8b:4c:ec:34:1b:6e:09:df:
60:c0:34:88:3e:93:26:30:18:df:51:1f:ea:d1:94:f2:35:04:
bd:18:73:d0:ea:5f:f8:6c:1d:b4:c7:5d:3f:0e:ba:9a:f9:49:
fb:62:e4:df:2d:51:f2:f6:19:04:ce:db:f9:0b:b2:73:b6:9c:
b1:81:f6:88:86:30:8c:a6:8e:66:22:db:b3:3b:f6:8b:e4:5c:
5a:e7:e3:95:91:ba:22:85:98:19:b5:cc:24:18:1f:5d:ad:33:
85:85:b7:88:46:84:c3:f0:e0:85:13:a6:b0:92:f4:e6:dc:03:
6c:60:98:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRWr7gfz9AhYopErHYfKGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlZWU3YTNhZDE1MmJiODcyNWE3ZGI5YmI3NTIwODA0YjZm
MTE1NWYwHhcNMjUwMTAxMjM0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTc3NzBjZmMyYTFlNmNmMDNlMWY2NTQ4ODhlY2MzZjRiYzc2YmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6ru8+xjKHCSqn1xZeaa5ZlRyMQL
98g/IX4k/kVHXgdEqVzXuDZ2rCHZDBbutLj4wTOaDe3RWuZHeMXvFuoqSDJfyIg+
qNtRkiyR0J6pVmW6spWxdtgXymaH+MJzFjuS8T0/KzuTpHGlDacDNirnHVoCGKUC
x6UHANzvCokusb7t585a87boW2e08MJ/ZL75RvYhue1yfWRx50wmxcNyREGsiXgc
nrprYKG4covZzt++21ttvYR9lr67olgsIzlkHDfH0byMZfez8s2SdBHMwMbiJR9x
4F5dtUjNH0mu/lOoFZvaKA2KEFZ90PjjXF2RKvIG+WTkhg9b/LiCTlZ7tQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCV3cM/CoebPA+H2VIiOzD9Lx2voMB8GA1UdIwQY
MBaAFI7uejrRUruHJafbm7dSCAS28RVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanU1Nk90RlN1NGNscDl1YnQxSUlCTGJ4RlY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83OTc5YjItYzNkOS00ZjMzLWEwOWYt
NDk1OTFhZmUxN2YwLzEvSlhkd3o4S2g1czhENGZaVWlJN01QMHZIYS1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83OTc5YjItYzNkOS00ZjMzLWEwOWYtNDk1OTFhZmUxN2Yw
LzEvanU1Nk90RlN1NGNscDl1YnQxSUlCTGJ4RlY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueTzMA0G
CSqGSIb3DQEBCwUAA4IBAQAlJHb38cBqzYXWo9nDmOQWae+6qh00K71Q39p+dzOB
e/efxNBDoSTXEctKpg8FTBj1effpCceoAJvKtks6WThsuXKCsZygaGe3eJg18d9B
CKOPJh0xGVSK0ujgzRuK86AlD3eHHcQSM73oS/0NSkpodCBTeDvknA7p2RRJMTw3
wkrTxMidc2n8i0zsNBtuCd9gwDSIPpMmMBjfUR/q0ZTyNQS9GHPQ6l/4bB20x10/
Drqa+Un7YuTfLVHy9hkEztv5C7JztpyxgfaIhjCMpo5mItuzO/aL5Fxa5+OVkboi
hZgZtcwkGB9drTOFhbeIRoTD8OCFE6awkvTm3ANsYJgS
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:11:34 2025 by rpki-client