Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/56d490-0196-45ac-83eb-c3297129e4d3/1/uhoFt9UL3_6UT-K7hdXHNLEPe6w.roa
File: uhoFt9UL3_6UT-K7hdXHNLEPe6w.roa (raw, json)
Hash identifier: ABkAtvRZwRy7ibQa3d8iTzWCloU1O/vDLYDZwO5edyc=
Subject key identifier: BA:1A:05:B7:D5:0B:DF:FE:94:4F:E2:BB:85:D5:C7:34:B1:0F:7B:AC
Certificate issuer: /CN=29085fc534c13e0882e260a895f3cf0c5543ef08
Certificate serial: 0194206808120003DAECFD0D0BCCA4593BDB
Authority key identifier: 29:08:5F:C5:34:C1:3E:08:82:E2:60:A8:95:F3:CF:0C:55:43:EF:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQhfxTTBPgiC4mColfPPDFVD7wg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/56d490-0196-45ac-83eb-c3297129e4d3/1/uhoFt9UL3_6UT-K7hdXHNLEPe6w.roa
Signing time: Wed 01 Jan 2025 05:47:56 +0000
ROA not before: Wed 01 Jan 2025 05:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 185.187.60.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:08:12:00:03:da:ec:fd:0d:0b:cc:a4:59:3b:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29085fc534c13e0882e260a895f3cf0c5543ef08
Validity
Not Before: Jan 1 05:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba1a05b7d50bdffe944fe2bb85d5c734b10f7bac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:35:ca:2a:b8:f5:f2:4d:bc:47:50:f6:65:bd:
38:f6:3e:d2:67:9c:64:ec:42:bd:06:f2:7c:fc:c9:
d5:45:33:59:58:60:23:50:ef:9c:2d:8b:02:ed:7a:
d5:76:e9:e1:60:e1:da:26:61:50:af:54:a6:2b:9a:
74:9b:f7:e0:65:a3:1c:1d:5f:3e:82:c6:24:66:27:
7c:ca:e8:f6:74:c3:d5:ba:eb:55:98:0f:e0:2a:a4:
a9:ed:52:a8:bf:cb:58:b1:3f:f6:32:5c:c1:64:f8:
b0:09:14:cb:aa:08:8e:f1:0b:31:75:e5:b1:b4:dd:
e3:b1:8b:b3:a0:5b:05:fd:95:5f:8e:b3:2f:cc:dc:
7b:b1:8f:0d:a3:4b:94:27:73:77:32:46:cc:21:46:
8d:a9:62:df:30:1c:e8:64:71:59:c0:60:00:0c:82:
8d:71:a2:61:38:99:f7:10:76:cc:ea:a7:41:ca:0e:
75:77:d7:91:5f:69:f7:0b:22:13:2a:f1:92:67:d4:
8d:29:33:df:41:09:c4:66:28:6d:4a:26:c9:92:4a:
b4:31:71:48:88:97:d5:6a:3f:27:0c:15:b8:0b:87:
5c:59:46:2c:07:16:ff:e8:15:42:7d:82:62:6c:ca:
f6:00:cb:bf:68:ad:27:b9:4e:08:fd:b8:89:87:63:
a0:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:1A:05:B7:D5:0B:DF:FE:94:4F:E2:BB:85:D5:C7:34:B1:0F:7B:AC
X509v3 Authority Key Identifier:
keyid:29:08:5F:C5:34:C1:3E:08:82:E2:60:A8:95:F3:CF:0C:55:43:EF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQhfxTTBPgiC4mColfPPDFVD7wg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/56d490-0196-45ac-83eb-c3297129e4d3/1/uhoFt9UL3_6UT-K7hdXHNLEPe6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/56d490-0196-45ac-83eb-c3297129e4d3/1/KQhfxTTBPgiC4mColfPPDFVD7wg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.60.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:98:9d:09:b4:c7:40:cc:dd:4e:ba:71:be:2f:40:14:77:54:
00:be:97:38:d6:c6:a7:cf:e6:f9:da:98:86:d5:b8:f4:b5:18:
49:92:29:ca:3c:1e:4d:0b:15:bd:bc:0d:6b:5e:e7:fd:08:e0:
19:f9:51:f5:60:ba:ef:45:58:44:4a:6f:ac:b5:a2:d3:8e:4e:
a7:09:70:cc:4b:ba:97:40:77:f7:44:d8:56:2d:10:7e:1a:e8:
be:da:16:c0:c5:28:9b:9a:f7:15:1a:b5:a7:6f:61:49:84:65:
fb:6c:2a:f7:98:0f:26:ce:ce:1a:ed:ab:26:d9:a3:ff:c4:47:
da:5c:48:38:6e:e1:80:3e:fa:f4:3b:e0:56:ab:ca:d6:72:9f:
fa:33:5c:fa:a5:57:cc:cd:83:71:9e:56:c1:c8:92:e8:eb:2c:
92:a7:47:86:cf:c0:c4:9a:e3:c5:95:fa:7a:b7:df:9b:02:92:
51:24:d7:ee:ce:05:87:fa:a2:5f:2b:56:2b:73:46:15:4d:11:
c8:b1:a8:4f:cb:b5:ac:83:30:11:3a:0a:41:83:7b:6f:77:7f:
d2:35:81:72:85:9f:fd:5d:ea:27:cb:40:19:af:ac:91:e4:39:
0e:6a:72:54:7c:6f:42:53:31:e0:0f:76:70:12:67:43:ad:f4:
10:60:2e:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaAgSAAPa7P0NC8ykWTvbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDg1ZmM1MzRjMTNlMDg4MmUyNjBhODk1ZjNjZjBjNTU0
M2VmMDgwHhcNMjUwMTAxMDU0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTFhMDViN2Q1MGJkZmZlOTQ0ZmUyYmI4NWQ1YzczNGIxMGY3YmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTXKKrj18k28R1D2Zb049j7SZ5xk
7EK9BvJ8/MnVRTNZWGAjUO+cLYsC7XrVdunhYOHaJmFQr1SmK5p0m/fgZaMcHV8+
gsYkZid8yuj2dMPVuutVmA/gKqSp7VKov8tYsT/2MlzBZPiwCRTLqgiO8QsxdeWx
tN3jsYuzoFsF/ZVfjrMvzNx7sY8No0uUJ3N3MkbMIUaNqWLfMBzoZHFZwGAADIKN
caJhOJn3EHbM6qdByg51d9eRX2n3CyITKvGSZ9SNKTPfQQnEZihtSibJkkq0MXFI
iJfVaj8nDBW4C4dcWUYsBxb/6BVCfYJibMr2AMu/aK0nuU4I/biJh2OgrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLoaBbfVC9/+lE/iu4XVxzSxD3usMB8GA1UdIwQY
MBaAFCkIX8U0wT4IguJgqJXzzwxVQ+8IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FoZnhUVEJQZ2lDNG1Db2xmUFBERlZEN3dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS81NmQ0OTAtMDE5Ni00NWFjLTgzZWIt
YzMyOTcxMjllNGQzLzEvdWhvRnQ5VUwzXzZVVC1LN2hkWEhOTEVQZTZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS81NmQ0OTAtMDE5Ni00NWFjLTgzZWItYzMyOTcxMjllNGQz
LzEvS1FoZnhUVEJQZ2lDNG1Db2xmUFBERlZEN3dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubs8MA0G
CSqGSIb3DQEBCwUAA4IBAQA8mJ0JtMdAzN1OunG+L0AUd1QAvpc41sanz+b52piG
1bj0tRhJkinKPB5NCxW9vA1rXuf9COAZ+VH1YLrvRVhESm+staLTjk6nCXDMS7qX
QHf3RNhWLRB+Gui+2hbAxSibmvcVGrWnb2FJhGX7bCr3mA8mzs4a7asm2aP/xEfa
XEg4buGAPvr0O+BWq8rWcp/6M1z6pVfMzYNxnlbByJLo6yySp0eGz8DEmuPFlfp6
t9+bApJRJNfuzgWH+qJfK1Yrc0YVTRHIsahPy7WsgzAROgpBg3tvd3/SNYFyhZ/9
Xeony0AZr6yR5DkOanJUfG9CUzHgD3ZwEmdDrfQQYC7I
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:58:40 2025 by rpki-client