Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/bfec08-8cbe-4c45-8db1-4d46c6a7010a/1/yXpvc9uWZKZFHCmkmSmpej0f37c.roa
File: yXpvc9uWZKZFHCmkmSmpej0f37c.roa (raw, json)
Hash identifier: 3v8/4eMJO7NotNddn4SD4NaC1CnMnbkwXQwSszwWBcA=
Subject key identifier: C9:7A:6F:73:DB:96:64:A6:45:1C:29:A4:99:29:A9:7A:3D:1F:DF:B7
Certificate issuer: /CN=25475f5ad9eccff69c35a630dcff2c5a663fd7cf
Certificate serial: 019420682F781014319E9C4F6976EF3A5EEE
Authority key identifier: 25:47:5F:5A:D9:EC:CF:F6:9C:35:A6:30:DC:FF:2C:5A:66:3F:D7:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JUdfWtnsz_acNaYw3P8sWmY_188.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/bfec08-8cbe-4c45-8db1-4d46c6a7010a/1/yXpvc9uWZKZFHCmkmSmpej0f37c.roa
Signing time: Wed 01 Jan 2025 05:48:06 +0000
ROA not before: Wed 01 Jan 2025 05:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61067
IP address blocks: 185.20.39.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:2f:78:10:14:31:9e:9c:4f:69:76:ef:3a:5e:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25475f5ad9eccff69c35a630dcff2c5a663fd7cf
Validity
Not Before: Jan 1 05:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c97a6f73db9664a6451c29a49929a97a3d1fdfb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:1a:12:96:41:bb:ae:98:ce:fa:7e:a1:27:71:
16:38:6c:3b:3c:4a:63:c3:d0:b5:d8:4e:68:31:b7:
07:68:95:2a:8d:7e:5c:a6:cd:4b:3b:70:f1:94:29:
92:77:c2:dc:be:3b:7b:df:1e:d7:a1:b8:45:07:85:
ab:0b:90:8f:1d:eb:a5:ca:7f:98:84:22:5b:63:97:
bb:97:8d:b7:59:b9:6a:96:2b:9a:99:44:f2:3c:e6:
e6:8b:f7:f7:3e:73:11:cb:f9:5f:04:13:cb:db:b8:
97:dd:39:32:09:32:ff:76:ec:d6:a7:3d:e2:79:0a:
50:9d:a1:b9:57:6b:d3:1d:c9:2f:cc:8a:3e:40:0c:
3f:8f:4c:1e:04:75:c1:b8:f3:14:0d:3c:61:86:13:
8d:99:d4:f9:63:68:ab:63:3a:6a:6f:d0:a3:d6:82:
46:c0:79:db:93:18:56:ec:40:0b:b1:fb:e8:b1:45:
06:93:79:5b:b1:84:ca:db:42:8b:f9:d3:36:0b:e6:
39:2d:71:49:0d:e7:ca:ab:25:ac:b2:93:87:2e:3f:
95:10:4e:df:5d:80:bd:01:e6:85:b7:64:12:5e:d3:
76:a6:92:e1:a3:8e:77:2f:2c:e1:a5:11:c1:51:45:
ee:74:a0:10:61:dc:28:7b:9c:84:0a:0e:23:6d:2b:
75:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:7A:6F:73:DB:96:64:A6:45:1C:29:A4:99:29:A9:7A:3D:1F:DF:B7
X509v3 Authority Key Identifier:
keyid:25:47:5F:5A:D9:EC:CF:F6:9C:35:A6:30:DC:FF:2C:5A:66:3F:D7:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JUdfWtnsz_acNaYw3P8sWmY_188.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bfec08-8cbe-4c45-8db1-4d46c6a7010a/1/yXpvc9uWZKZFHCmkmSmpej0f37c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bfec08-8cbe-4c45-8db1-4d46c6a7010a/1/JUdfWtnsz_acNaYw3P8sWmY_188.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.20.39.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:e6:39:da:44:68:f3:3f:be:18:31:65:47:c9:6e:46:63:b5:
49:65:24:e3:59:12:c3:c7:46:94:1d:12:78:de:26:19:1f:4f:
3a:1f:0e:39:53:c9:b3:80:28:16:b6:02:40:98:45:a3:f7:45:
82:71:b6:39:2f:77:d8:96:a6:71:27:8e:a8:f0:e3:bf:62:ec:
65:60:9b:d3:3a:38:a8:74:cd:67:b4:55:40:b1:ce:71:79:d6:
74:7d:7c:bd:a0:36:52:20:14:bd:96:d8:69:b8:19:ca:c9:09:
f2:8d:1a:5b:03:ff:70:19:40:0e:2b:79:e1:40:65:81:df:e2:
5f:0a:0d:55:31:ba:b8:eb:77:cd:15:81:43:d4:cc:19:fa:9c:
13:56:a5:74:34:f9:4e:f1:d2:50:4f:03:52:01:db:91:16:91:
b7:6b:fd:1d:2c:1a:cb:60:b3:66:ef:bc:e9:27:ce:ea:eb:cc:
95:09:b3:7e:7e:79:fc:f2:6d:35:2b:e5:69:f8:96:21:2e:cd:
8e:e4:08:8a:b4:ec:60:4c:54:8c:a0:4d:4f:de:ba:03:2d:e9:
63:cc:a0:e2:4b:b6:e2:f4:bf:df:be:2d:20:82:87:97:a7:d7:
61:95:3c:88:a2:4d:fd:8b:45:78:45:f0:90:01:2e:94:c6:cf:
9f:56:fa:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaC94EBQxnpxPaXbvOl7uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1NDc1ZjVhZDllY2NmZjY5YzM1YTYzMGRjZmYyYzVhNjYz
ZmQ3Y2YwHhcNMjUwMTAxMDU0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTdhNmY3M2RiOTY2NGE2NDUxYzI5YTQ5OTI5YTk3YTNkMWZkZmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0RoSlkG7rpjO+n6hJ3EWOGw7PEpj
w9C12E5oMbcHaJUqjX5cps1LO3DxlCmSd8Lcvjt73x7XobhFB4WrC5CPHeulyn+Y
hCJbY5e7l423WblqliuamUTyPObmi/f3PnMRy/lfBBPL27iX3TkyCTL/duzWpz3i
eQpQnaG5V2vTHckvzIo+QAw/j0weBHXBuPMUDTxhhhONmdT5Y2irYzpqb9Cj1oJG
wHnbkxhW7EALsfvosUUGk3lbsYTK20KL+dM2C+Y5LXFJDefKqyWsspOHLj+VEE7f
XYC9AeaFt2QSXtN2ppLho453LyzhpRHBUUXudKAQYdwoe5yECg4jbSt1rwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMl6b3PblmSmRRwppJkpqXo9H9+3MB8GA1UdIwQY
MBaAFCVHX1rZ7M/2nDWmMNz/LFpmP9fPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlVkZld0bnN6X2FjTmFZdzNQOHNXbVlfMTg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iZmVjMDgtOGNiZS00YzQ1LThkYjEt
NGQ0NmM2YTcwMTBhLzEveVhwdmM5dVdaS1pGSENta21TbXBlajBmMzdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iZmVjMDgtOGNiZS00YzQ1LThkYjEtNGQ0NmM2YTcwMTBh
LzEvSlVkZld0bnN6X2FjTmFZdzNQOHNXbVlfMTg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRQnMA0G
CSqGSIb3DQEBCwUAA4IBAQAO5jnaRGjzP74YMWVHyW5GY7VJZSTjWRLDx0aUHRJ4
3iYZH086Hw45U8mzgCgWtgJAmEWj90WCcbY5L3fYlqZxJ46o8OO/YuxlYJvTOjio
dM1ntFVAsc5xedZ0fXy9oDZSIBS9lthpuBnKyQnyjRpbA/9wGUAOK3nhQGWB3+Jf
Cg1VMbq463fNFYFD1MwZ+pwTVqV0NPlO8dJQTwNSAduRFpG3a/0dLBrLYLNm77zp
J87q68yVCbN+fnn88m01K+Vp+JYhLs2O5AiKtOxgTFSMoE1P3roDLeljzKDiS7bi
9L/fvi0ggoeXp9dhlTyIok39i0V4RfCQAS6Uxs+fVvrr
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:13:42 2025 by rpki-client