Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f00ccc-ec3f-40df-a9fc-7cc79917300a/1/k7qFEm5kHWmp_1OkZQDDPeiAcj8.roa
File: k7qFEm5kHWmp_1OkZQDDPeiAcj8.roa (raw, json)
Hash identifier: pgYIATSAFcigSwt5VrNilgNnNXeZU4RFSisJNFfoRp4=
Subject key identifier: 93:BA:85:12:6E:64:1D:69:A9:FF:53:A4:65:00:C3:3D:E8:80:72:3F
Certificate issuer: /CN=2dbdb89fb4118ffa55fafdbf45e19282be0e7acf
Certificate serial: 0194221F725CC4ED06243C04F3728E91FF90
Authority key identifier: 2D:BD:B8:9F:B4:11:8F:FA:55:FA:FD:BF:45:E1:92:82:BE:0E:7A:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lb24n7QRj_pV-v2_ReGSgr4Oes8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/f00ccc-ec3f-40df-a9fc-7cc79917300a/1/k7qFEm5kHWmp_1OkZQDDPeiAcj8.roa
Signing time: Wed 01 Jan 2025 13:47:53 +0000
ROA not before: Wed 01 Jan 2025 13:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13030
IP address blocks: 185.240.172.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:72:5c:c4:ed:06:24:3c:04:f3:72:8e:91:ff:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dbdb89fb4118ffa55fafdbf45e19282be0e7acf
Validity
Not Before: Jan 1 13:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=93ba85126e641d69a9ff53a46500c33de880723f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:db:2a:44:1c:d2:71:2d:1e:cc:e7:63:2a:21:
69:f5:b5:c5:fb:f3:e6:05:7e:c5:cc:3d:3b:97:1f:
ca:4a:49:81:1e:7e:e3:52:a2:59:c0:34:3d:13:53:
4a:29:f2:14:01:9c:6b:f4:d6:8b:fa:b6:f2:36:00:
31:63:00:f3:03:de:ac:67:4c:57:7f:2b:cb:61:6a:
68:63:e5:0f:2b:61:6f:f8:95:c9:4c:04:da:7f:46:
34:8a:57:b0:fe:06:7a:d8:76:62:ee:2e:fc:6b:cd:
92:21:28:62:4a:78:59:5b:ce:b9:13:9b:62:23:11:
d4:2a:3c:66:ee:c5:b6:2d:29:aa:1d:62:8b:10:72:
bc:f6:2a:a7:45:23:61:0e:85:bb:ee:d2:5d:e6:e3:
48:f7:8e:9c:f4:0f:ee:be:90:21:e0:b0:0a:10:af:
96:32:94:0e:76:08:3a:8b:a7:87:42:59:b8:bc:ea:
3c:3e:d5:23:55:98:df:3d:45:31:a4:45:db:9b:8f:
75:76:39:45:09:4e:36:2f:6a:a9:8e:c6:e5:56:9b:
5b:28:8d:52:17:40:0e:99:e9:b0:77:06:3d:ef:42:
5e:64:05:2f:ed:0e:aa:a6:8a:50:95:b2:45:80:e0:
65:6b:36:02:c0:a8:c1:a7:ac:37:4b:f2:d6:c3:d5:
c7:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:BA:85:12:6E:64:1D:69:A9:FF:53:A4:65:00:C3:3D:E8:80:72:3F
X509v3 Authority Key Identifier:
keyid:2D:BD:B8:9F:B4:11:8F:FA:55:FA:FD:BF:45:E1:92:82:BE:0E:7A:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lb24n7QRj_pV-v2_ReGSgr4Oes8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f00ccc-ec3f-40df-a9fc-7cc79917300a/1/k7qFEm5kHWmp_1OkZQDDPeiAcj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f00ccc-ec3f-40df-a9fc-7cc79917300a/1/Lb24n7QRj_pV-v2_ReGSgr4Oes8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.172.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:76:c5:0c:a5:e7:15:65:60:cb:6f:30:71:1d:28:1c:2d:80:
1b:b3:3f:27:ee:57:28:e2:b1:2f:b4:b3:dd:8a:65:5f:82:df:
ce:cb:1c:91:f3:29:da:9f:02:c4:89:a1:53:8e:47:9b:49:ee:
57:0f:2f:e7:d7:bc:b9:12:2e:4f:93:50:09:80:b5:85:dc:32:
ae:ef:68:a9:a6:51:f5:d7:64:49:d3:28:8d:c4:f9:4d:ad:38:
70:b6:a5:8d:e8:86:9b:e4:45:af:87:82:ef:06:49:b3:f7:08:
d7:36:9d:3c:23:d9:07:2e:eb:3a:09:68:8d:07:d4:5c:de:69:
c5:09:a9:86:08:6b:47:3b:48:a0:6b:28:95:a9:d1:69:81:91:
57:60:01:55:55:74:3c:87:5b:73:0f:af:60:be:27:b7:a2:23:
72:13:8e:60:47:a4:d1:11:b4:b5:db:ac:c4:20:fc:72:ae:df:
52:5e:d1:4a:2b:f3:ae:52:4d:a4:6c:2d:38:9a:3e:da:6d:de:
3d:64:79:4e:98:ff:90:63:ae:bd:12:89:ae:9f:8d:da:07:04:
1f:fd:ce:fa:f5:e8:44:e5:06:ef:c0:eb:ea:b0:ea:86:d0:f0:
91:46:94:60:47:fb:a7:60:51:0f:e6:ad:1c:7b:97:be:91:08:
2d:47:38:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH3JcxO0GJDwE83KOkf+QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkYmRiODlmYjQxMThmZmE1NWZhZmRiZjQ1ZTE5MjgyYmUw
ZTdhY2YwHhcNMjUwMTAxMTM0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2JhODUxMjZlNjQxZDY5YTlmZjUzYTQ2NTAwYzMzZGU4ODA3MjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtsqRBzScS0ezOdjKiFp9bXF+/Pm
BX7FzD07lx/KSkmBHn7jUqJZwDQ9E1NKKfIUAZxr9NaL+rbyNgAxYwDzA96sZ0xX
fyvLYWpoY+UPK2Fv+JXJTATaf0Y0ilew/gZ62HZi7i78a82SIShiSnhZW865E5ti
IxHUKjxm7sW2LSmqHWKLEHK89iqnRSNhDoW77tJd5uNI946c9A/uvpAh4LAKEK+W
MpQOdgg6i6eHQlm4vOo8PtUjVZjfPUUxpEXbm491djlFCU42L2qpjsblVptbKI1S
F0AOmemwdwY970JeZAUv7Q6qpopQlbJFgOBlazYCwKjBp6w3S/LWw9XHowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJO6hRJuZB1pqf9TpGUAwz3ogHI/MB8GA1UdIwQY
MBaAFC29uJ+0EY/6Vfr9v0XhkoK+DnrPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGIyNG43UVJqX3BWLXYyX1JlR1NncjRPZXM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mMDBjY2MtZWMzZi00MGRmLWE5ZmMt
N2NjNzk5MTczMDBhLzEvazdxRkVtNWtIV21wXzFPa1pRRERQZWlBY2o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9mMDBjY2MtZWMzZi00MGRmLWE5ZmMtN2NjNzk5MTczMDBh
LzEvTGIyNG43UVJqX3BWLXYyX1JlR1NncjRPZXM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufCsMA0G
CSqGSIb3DQEBCwUAA4IBAQBudsUMpecVZWDLbzBxHSgcLYAbsz8n7lco4rEvtLPd
imVfgt/OyxyR8ynanwLEiaFTjkebSe5XDy/n17y5Ei5Pk1AJgLWF3DKu72ipplH1
12RJ0yiNxPlNrThwtqWN6Iab5EWvh4LvBkmz9wjXNp08I9kHLus6CWiNB9Rc3mnF
CamGCGtHO0igayiVqdFpgZFXYAFVVXQ8h1tzD69gvie3oiNyE45gR6TREbS126zE
IPxyrt9SXtFKK/OuUk2kbC04mj7abd49ZHlOmP+QY669Eomun43aBwQf/c769ehE
5QbvwOvqsOqG0PCRRpRgR/unYFEP5q0ce5e+kQgtRzh7
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:34:14 2025 by rpki-client