Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/a13c40-dc67-423c-979e-2fad9a2fc3ef/1/h_35_yhdMp9dNCYf0SjcLXRPTig.roa
File: h_35_yhdMp9dNCYf0SjcLXRPTig.roa (raw, json)
Hash identifier: kW6AcJ/G3W24rL29RscjonmBKfg73InvPlxCHTzHjPY=
Subject key identifier: 87:FD:F9:FF:28:5D:32:9F:5D:34:26:1F:D1:28:DC:2D:74:4F:4E:28
Certificate issuer: /CN=6b7d1f1e877c12798274e01334554f899f38eac1
Certificate serial: 0193C1944F9C8600B8F4EAC27852F48D69C8
Authority key identifier: 6B:7D:1F:1E:87:7C:12:79:82:74:E0:13:34:55:4F:89:9F:38:EA:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a30fHod8EnmCdOATNFVPiZ846sE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/a13c40-dc67-423c-979e-2fad9a2fc3ef/1/h_35_yhdMp9dNCYf0SjcLXRPTig.roa
Signing time: Fri 13 Dec 2024 19:52:22 +0000
ROA not before: Fri 13 Dec 2024 19:52:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 185.21.128.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c1:94:4f:9c:86:00:b8:f4:ea:c2:78:52:f4:8d:69:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b7d1f1e877c12798274e01334554f899f38eac1
Validity
Not Before: Dec 13 19:52:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87fdf9ff285d329f5d34261fd128dc2d744f4e28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:8f:cf:29:c4:f9:de:d9:07:cd:16:a1:76:76:
16:5a:b1:93:59:59:08:f5:93:71:9e:9a:68:65:e7:
f9:92:dc:1e:70:75:0b:2e:07:60:1e:a3:4a:82:32:
98:60:2e:20:ec:0e:38:c9:22:77:fc:bd:14:4e:01:
0e:59:ec:85:0f:51:2d:18:96:27:d9:2f:dc:55:e2:
46:26:3b:7d:4d:09:52:59:96:6a:e7:3f:ea:e9:45:
65:0a:87:f6:ba:12:98:6d:c5:4d:ad:74:e5:77:65:
c8:47:78:ce:d7:0e:33:49:9c:31:c0:7a:36:d2:89:
5a:d9:1e:38:33:c5:9b:66:d4:67:a6:f1:78:68:5f:
ed:35:00:fa:35:14:f4:7a:e4:e6:fa:70:3f:a4:a2:
7a:e0:b3:f1:72:b4:cd:49:76:b7:09:57:38:a4:e8:
ae:76:fa:3e:a9:7a:23:f6:5c:1e:a6:3a:90:f4:f4:
ac:4b:07:5d:c0:c0:1d:5a:c5:3d:63:88:07:fa:c8:
89:71:01:d5:e5:e3:3a:37:89:26:ad:c7:49:fa:1f:
e6:75:17:3c:64:59:66:d0:e2:fc:4e:e2:1d:31:47:
7a:2a:40:27:01:42:ab:ff:ff:bd:bd:ab:8d:8c:a4:
fd:05:ec:c5:8f:15:d2:8e:e4:89:ce:d3:84:c8:2c:
53:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:FD:F9:FF:28:5D:32:9F:5D:34:26:1F:D1:28:DC:2D:74:4F:4E:28
X509v3 Authority Key Identifier:
keyid:6B:7D:1F:1E:87:7C:12:79:82:74:E0:13:34:55:4F:89:9F:38:EA:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a30fHod8EnmCdOATNFVPiZ846sE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/a13c40-dc67-423c-979e-2fad9a2fc3ef/1/h_35_yhdMp9dNCYf0SjcLXRPTig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/a13c40-dc67-423c-979e-2fad9a2fc3ef/1/a30fHod8EnmCdOATNFVPiZ846sE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.128.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:55:dc:58:f8:c8:0d:c5:58:e3:28:37:7c:04:bd:85:e1:ae:
53:ae:dd:1b:54:fb:9e:40:eb:c8:61:52:33:f4:f6:f0:2d:4e:
06:7d:d7:b4:d0:ca:a1:04:d7:77:65:29:15:be:88:6e:4c:60:
bc:61:1d:79:d3:3a:b7:1b:de:8e:5f:84:8c:0b:55:b3:4b:58:
b3:1c:7e:8a:e0:ce:13:16:3b:df:0c:9c:1f:f0:cf:14:b6:69:
f1:6e:5e:61:01:39:62:71:a2:75:e8:06:90:51:e9:b9:03:cc:
90:d9:28:89:0b:05:a5:68:4d:cd:84:34:64:12:e4:56:e9:dc:
b5:06:ad:5f:7e:43:bc:c8:bc:d9:7e:81:ce:36:18:14:5a:04:
d1:9a:bb:07:73:2f:76:26:1f:e4:75:d3:51:0f:87:c1:55:5a:
58:13:45:7d:ea:44:4f:b0:6f:9c:51:2f:58:e8:2e:64:1a:42:
1d:59:cc:43:07:54:a6:9e:f2:3f:3a:0f:08:1d:ba:5f:34:ce:
5c:47:fb:9b:f1:f0:08:57:2a:2e:72:95:8f:17:38:2b:75:9d:
e2:50:32:d7:7a:62:35:43:83:ce:0c:a9:81:1c:eb:7d:ad:5b:
55:82:a8:3e:ba:96:e5:9f:fa:e6:8d:dc:35:4b:d2:7d:42:0d:
a1:39:33:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPBlE+chgC49OrCeFL0jWnIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiN2QxZjFlODc3YzEyNzk4Mjc0ZTAxMzM0NTU0Zjg5OWYz
OGVhYzEwHhcNMjQxMjEzMTk1MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2ZkZjlmZjI4NWQzMjlmNWQzNDI2MWZkMTI4ZGMyZDc0NGY0ZTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwo/PKcT53tkHzRahdnYWWrGTWVkI
9ZNxnppoZef5ktwecHULLgdgHqNKgjKYYC4g7A44ySJ3/L0UTgEOWeyFD1EtGJYn
2S/cVeJGJjt9TQlSWZZq5z/q6UVlCof2uhKYbcVNrXTld2XIR3jO1w4zSZwxwHo2
0ola2R44M8WbZtRnpvF4aF/tNQD6NRT0euTm+nA/pKJ64LPxcrTNSXa3CVc4pOiu
dvo+qXoj9lwepjqQ9PSsSwddwMAdWsU9Y4gH+siJcQHV5eM6N4kmrcdJ+h/mdRc8
ZFlm0OL8TuIdMUd6KkAnAUKr//+9vauNjKT9BezFjxXSjuSJztOEyCxTdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIf9+f8oXTKfXTQmH9Eo3C10T04oMB8GA1UdIwQY
MBaAFGt9Hx6HfBJ5gnTgEzRVT4mfOOrBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTMwZkhvZDhFbm1DZE9BVE5GVlBpWjg0NnNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9hMTNjNDAtZGM2Ny00MjNjLTk3OWUt
MmZhZDlhMmZjM2VmLzEvaF8zNV95aGRNcDlkTkNZZjBTamNMWFJQVGlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9hMTNjNDAtZGM2Ny00MjNjLTk3OWUtMmZhZDlhMmZjM2Vm
LzEvYTMwZkhvZDhFbm1DZE9BVE5GVlBpWjg0NnNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRWAMA0G
CSqGSIb3DQEBCwUAA4IBAQDPVdxY+MgNxVjjKDd8BL2F4a5Trt0bVPueQOvIYVIz
9PbwLU4Gfde00MqhBNd3ZSkVvohuTGC8YR150zq3G96OX4SMC1WzS1izHH6K4M4T
FjvfDJwf8M8Utmnxbl5hATlicaJ16AaQUem5A8yQ2SiJCwWlaE3NhDRkEuRW6dy1
Bq1ffkO8yLzZfoHONhgUWgTRmrsHcy92Jh/kddNRD4fBVVpYE0V96kRPsG+cUS9Y
6C5kGkIdWcxDB1SmnvI/Og8IHbpfNM5cR/ub8fAIVyoucpWPFzgrdZ3iUDLXemI1
Q4PODKmBHOt9rVtVgqg+upbln/rmjdw1S9J9Qg2hOTMj
-----END CERTIFICATE-----
Generated at Wed Apr 9 11:48:54 2025 by rpki-client