Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/a3OhTk5g6QRoPs_CCUBX0uChhBo.roa
File: a3OhTk5g6QRoPs_CCUBX0uChhBo.roa (raw, json)
Hash identifier: lG8T1hAW8NZfF6ZlPoDh/CDMn5Tu6TOfp3k+eTFPhPI=
Subject key identifier: 6B:73:A1:4E:4E:60:E9:04:68:3E:CF:C2:09:40:57:D2:E0:A1:84:1A
Certificate issuer: /CN=60fcd55b9130858d8ea583c0987dad00f614db39
Certificate serial: 019425FD4F31BE928545A4F2C8DFE9D0FE09
Authority key identifier: 60:FC:D5:5B:91:30:85:8D:8E:A5:83:C0:98:7D:AD:00:F6:14:DB:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YPzVW5EwhY2OpYPAmH2tAPYU2zk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/a3OhTk5g6QRoPs_CCUBX0uChhBo.roa
Signing time: Thu 02 Jan 2025 07:49:05 +0000
ROA not before: Thu 02 Jan 2025 07:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 22427
IP address blocks: 185.128.226.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:4f:31:be:92:85:45:a4:f2:c8:df:e9:d0:fe:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60fcd55b9130858d8ea583c0987dad00f614db39
Validity
Not Before: Jan 2 07:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b73a14e4e60e904683ecfc2094057d2e0a1841a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:d2:57:c8:b2:f3:ec:02:71:f6:64:c5:14:7b:
7c:08:05:88:49:90:cc:e1:87:79:12:ce:b7:36:46:
72:2d:ec:53:fd:1b:8a:2d:c1:a7:dc:2f:9c:a1:dd:
8a:1e:02:90:f2:6a:78:9a:27:1b:00:f2:b6:63:2c:
b1:c3:9d:32:38:7a:47:86:e1:e4:49:5c:da:4e:0a:
ec:51:c8:18:a1:ae:e8:e2:db:e9:3d:c8:d3:df:93:
5a:51:5f:05:37:14:d1:93:98:59:48:55:d1:28:94:
f9:95:25:e4:7e:d1:ed:77:69:bc:b0:42:fd:1b:10:
33:f3:35:e2:19:a5:51:73:6e:f4:94:9f:3a:07:cf:
dd:68:b5:68:5a:ab:16:c9:5d:97:3b:41:93:f1:5b:
d0:dc:f8:25:23:28:fd:cb:b6:d8:d5:ec:6c:f3:6e:
31:4a:1e:70:38:ff:a5:33:ff:26:91:bd:79:c8:07:
28:11:a8:ea:c4:83:30:fb:5f:bb:2b:be:4e:1e:7f:
29:06:a6:e4:15:99:04:a4:ae:67:72:5f:57:ed:8f:
63:dd:f6:22:37:43:6f:26:a7:38:51:a2:73:89:dd:
2c:40:4a:84:d0:4f:02:00:21:dd:33:71:16:d8:3a:
9e:40:99:27:05:05:03:71:73:e0:12:c8:12:a9:9f:
e4:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:73:A1:4E:4E:60:E9:04:68:3E:CF:C2:09:40:57:D2:E0:A1:84:1A
X509v3 Authority Key Identifier:
keyid:60:FC:D5:5B:91:30:85:8D:8E:A5:83:C0:98:7D:AD:00:F6:14:DB:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YPzVW5EwhY2OpYPAmH2tAPYU2zk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/a3OhTk5g6QRoPs_CCUBX0uChhBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/YPzVW5EwhY2OpYPAmH2tAPYU2zk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.226.0/24
Signature Algorithm: sha256WithRSAEncryption
47:ba:ae:72:43:4f:a0:fe:52:1b:30:b9:cd:fd:64:86:bb:81:
8b:ec:32:05:6f:f0:dc:fc:22:30:65:68:74:06:90:b8:89:ac:
98:46:33:e8:fc:c0:64:59:4a:f5:04:88:40:c1:c5:1d:39:58:
ed:f1:aa:b4:ab:23:b7:22:02:12:8f:c9:38:6f:ca:e4:2f:b9:
f2:73:72:90:77:67:c5:75:17:84:6a:11:7b:b9:17:ad:02:87:
ab:b8:61:8d:b9:73:30:9e:12:a0:ae:2b:cf:bd:ef:45:57:dc:
4f:a5:f0:a8:a1:a3:a0:39:a2:9a:65:40:56:79:42:19:bf:43:
89:9b:35:fa:52:84:d9:4a:24:44:54:e7:3d:c7:eb:63:15:77:
db:89:d7:69:07:84:1d:99:f0:e5:cc:fa:70:65:b1:52:a1:69:
c7:43:6e:3d:08:52:a6:48:1f:90:a3:0e:3a:91:e0:43:71:99:
cd:a6:a0:77:56:35:e0:0a:d8:db:23:87:f0:9b:73:b4:56:bd:
dd:61:be:db:0e:dd:2d:3c:5e:62:35:7d:40:a4:90:f4:15:25:
2a:a5:21:ad:4f:79:9c:8c:18:c9:c2:99:1f:17:49:cc:a7:c1:
f9:2c:a0:0b:97:1b:17:48:76:cd:c0:e0:90:b1:9c:f9:30:ff:
a2:6e:bf:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/U8xvpKFRaTyyN/p0P4JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZmNkNTViOTEzMDg1OGQ4ZWE1ODNjMDk4N2RhZDAwZjYx
NGRiMzkwHhcNMjUwMTAyMDc0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjczYTE0ZTRlNjBlOTA0NjgzZWNmYzIwOTQwNTdkMmUwYTE4NDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19JXyLLz7AJx9mTFFHt8CAWISZDM
4Yd5Es63NkZyLexT/RuKLcGn3C+cod2KHgKQ8mp4micbAPK2Yyyxw50yOHpHhuHk
SVzaTgrsUcgYoa7o4tvpPcjT35NaUV8FNxTRk5hZSFXRKJT5lSXkftHtd2m8sEL9
GxAz8zXiGaVRc270lJ86B8/daLVoWqsWyV2XO0GT8VvQ3PglIyj9y7bY1exs824x
Sh5wOP+lM/8mkb15yAcoEajqxIMw+1+7K75OHn8pBqbkFZkEpK5ncl9X7Y9j3fYi
N0NvJqc4UaJzid0sQEqE0E8CACHdM3EW2DqeQJknBQUDcXPgEsgSqZ/kTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGtzoU5OYOkEaD7PwglAV9LgoYQaMB8GA1UdIwQY
MBaAFGD81VuRMIWNjqWDwJh9rQD2FNs5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVB6Vlc1RXdoWTJPcFlQQW1IMnRBUFlVMnprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84MjIzM2QtZWMwNy00MmZiLTg3OTkt
ZWQzMGI5YmIxMmQ1LzEvYTNPaFRrNWc2UVJvUHNfQ0NVQlgwdUNoaEJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84MjIzM2QtZWMwNy00MmZiLTg3OTktZWQzMGI5YmIxMmQ1
LzEvWVB6Vlc1RXdoWTJPcFlQQW1IMnRBUFlVMnprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYDiMA0G
CSqGSIb3DQEBCwUAA4IBAQBHuq5yQ0+g/lIbMLnN/WSGu4GL7DIFb/Dc/CIwZWh0
BpC4iayYRjPo/MBkWUr1BIhAwcUdOVjt8aq0qyO3IgISj8k4b8rkL7nyc3KQd2fF
dReEahF7uRetAoeruGGNuXMwnhKgrivPve9FV9xPpfCooaOgOaKaZUBWeUIZv0OJ
mzX6UoTZSiREVOc9x+tjFXfbiddpB4QdmfDlzPpwZbFSoWnHQ249CFKmSB+Qow46
keBDcZnNpqB3VjXgCtjbI4fwm3O0Vr3dYb7bDt0tPF5iNX1ApJD0FSUqpSGtT3mc
jBjJwpkfF0nMp8H5LKALlxsXSHbNwOCQsZz5MP+ibr9W
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:00:10 2025 by rpki-client