Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/8b1bc2-5926-4ace-b16f-197fe8365643/1/eaEk-4j5PrJQWB1ynGSuwR96qYE.roa
File: eaEk-4j5PrJQWB1ynGSuwR96qYE.roa (raw, json)
Hash identifier: cKnW7tUA+y/LjIR8x0MQBeinXC+rpLOrHc/MhvgB6Fk=
Subject key identifier: 79:A1:24:FB:88:F9:3E:B2:50:58:1D:72:9C:64:AE:C1:1F:7A:A9:81
Certificate issuer: /CN=c2d2ac1d7c9eccf5658b88f16f613d7b3e8e8c72
Certificate serial: 01955E06C305F9FB00B2408782A393C6EFD1
Authority key identifier: C2:D2:AC:1D:7C:9E:CC:F5:65:8B:88:F1:6F:61:3D:7B:3E:8E:8C:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtKsHXyezPVli4jxb2E9ez6OjHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/8b1bc2-5926-4ace-b16f-197fe8365643/1/eaEk-4j5PrJQWB1ynGSuwR96qYE.roa
Signing time: Mon 03 Mar 2025 22:00:56 +0000
ROA not before: Mon 03 Mar 2025 22:00:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48678
IP address blocks: 185.250.240.0/24 maxlen: 24
185.250.241.0/24 maxlen: 24
185.250.242.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5e:06:c3:05:f9:fb:00:b2:40:87:82:a3:93:c6:ef:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d2ac1d7c9eccf5658b88f16f613d7b3e8e8c72
Validity
Not Before: Mar 3 22:00:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=79a124fb88f93eb250581d729c64aec11f7aa981
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:aa:3d:ef:e1:f8:a7:10:57:95:29:99:be:ad:
cb:ca:5c:04:81:88:65:5b:41:5b:ca:c2:96:ed:73:
35:6f:65:d5:a2:2b:0f:c9:46:82:c1:17:5d:f6:10:
d6:5f:16:cd:8c:a1:19:27:0c:3b:a8:97:26:d1:2a:
ab:ba:b9:61:d8:10:a7:b4:75:59:2d:c7:7f:e3:bf:
a5:cc:b0:63:31:0c:3f:34:c1:06:3f:86:12:39:29:
55:e7:65:da:9c:43:23:d2:04:53:12:a7:7b:b9:f4:
88:71:a7:3b:7e:37:e9:04:4c:48:d8:b7:5b:30:8a:
18:a3:86:b6:8d:77:ee:cb:c7:dc:1a:35:53:5d:c1:
00:37:8a:bf:f5:6f:33:83:73:e0:ea:9c:89:d1:5f:
e8:7d:b4:a7:f2:cb:70:62:7c:c4:0a:07:f4:6d:50:
0c:b2:20:92:e2:5d:23:1e:96:c8:4a:e3:df:02:2a:
3c:2e:78:52:ec:b4:57:fe:5a:03:a8:09:cc:c8:34:
22:7d:d2:45:7d:54:74:f5:32:35:24:5d:e3:2b:a1:
c6:77:7b:5a:63:35:9f:f2:a1:db:c8:93:a2:25:c6:
4a:05:a3:37:75:00:9f:5b:1a:7c:96:b2:85:09:39:
3e:5a:5d:ab:30:8f:90:34:8f:ee:60:cb:1d:11:c7:
0b:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:A1:24:FB:88:F9:3E:B2:50:58:1D:72:9C:64:AE:C1:1F:7A:A9:81
X509v3 Authority Key Identifier:
keyid:C2:D2:AC:1D:7C:9E:CC:F5:65:8B:88:F1:6F:61:3D:7B:3E:8E:8C:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtKsHXyezPVli4jxb2E9ez6OjHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8b1bc2-5926-4ace-b16f-197fe8365643/1/eaEk-4j5PrJQWB1ynGSuwR96qYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8b1bc2-5926-4ace-b16f-197fe8365643/1/wtKsHXyezPVli4jxb2E9ez6OjHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.240.0-185.250.242.255
Signature Algorithm: sha256WithRSAEncryption
58:be:ac:ec:e3:ca:65:d3:af:ae:b7:27:00:fe:60:96:7c:77:
5e:7f:e5:ee:5f:f3:a2:f7:07:02:5c:01:fa:fa:eb:c8:5c:24:
26:82:84:9b:75:80:5e:27:6a:5e:57:d9:66:6d:58:70:d2:5d:
aa:a6:fb:c2:82:3f:df:57:52:d6:56:0d:c2:a3:8f:9c:89:c1:
06:28:33:d0:c7:e9:e1:cb:a7:97:27:d6:d7:ae:29:e4:fc:67:
89:9c:f5:32:27:0c:08:a7:b2:a0:51:de:a0:b3:78:93:a3:b7:
95:f1:d1:e7:70:4a:df:a1:d0:7a:f3:0d:29:9a:7f:c4:36:0d:
3d:eb:32:e3:bd:9e:66:d0:eb:1a:b7:a3:46:ef:4d:f9:fe:91:
2e:8a:82:cf:a8:fd:dd:2f:bd:fa:b2:7f:11:75:68:69:7b:39:
96:16:d9:f6:78:c8:33:70:48:7e:33:3e:88:c4:98:44:2b:f6:
80:46:34:fe:f4:1f:55:bb:a4:b6:fd:0c:38:ff:27:4b:5a:e8:
5d:4c:90:1b:3f:7e:f4:a4:b5:4c:55:a7:40:c2:f9:cb:15:13:
70:ec:7c:be:81:5c:52:f7:6f:3b:99:de:85:fb:9c:d0:0f:3c:
25:7b:fc:ef:e7:eb:53:21:76:87:8f:c6:a7:3f:9b:42:2a:d1:
b4:c4:b6:c0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZVeBsMF+fsAskCHgqOTxu/RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDJhYzFkN2M5ZWNjZjU2NThiODhmMTZmNjEzZDdiM2U4
ZThjNzIwHhcNMjUwMzAzMjIwMDU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWExMjRmYjg4ZjkzZWIyNTA1ODFkNzI5YzY0YWVjMTFmN2FhOTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlao97+H4pxBXlSmZvq3LylwEgYhl
W0FbysKW7XM1b2XVoisPyUaCwRdd9hDWXxbNjKEZJww7qJcm0Sqrurlh2BCntHVZ
Lcd/47+lzLBjMQw/NMEGP4YSOSlV52XanEMj0gRTEqd7ufSIcac7fjfpBExI2Ldb
MIoYo4a2jXfuy8fcGjVTXcEAN4q/9W8zg3Pg6pyJ0V/ofbSn8stwYnzECgf0bVAM
siCS4l0jHpbISuPfAio8LnhS7LRX/loDqAnMyDQifdJFfVR09TI1JF3jK6HGd3ta
YzWf8qHbyJOiJcZKBaM3dQCfWxp8lrKFCTk+Wl2rMI+QNI/uYMsdEccLhQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHmhJPuI+T6yUFgdcpxkrsEfeqmBMB8GA1UdIwQY
MBaAFMLSrB18nsz1ZYuI8W9hPXs+joxyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RLc0hYeWV6UFZsaTRqeGIyRTllejZPakhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC84YjFiYzItNTkyNi00YWNlLWIxNmYt
MTk3ZmU4MzY1NjQzLzEvZWFFay00ajVQckpRV0IxeW5HU3V3Ujk2cVlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC84YjFiYzItNTkyNi00YWNlLWIxNmYtMTk3ZmU4MzY1NjQz
LzEvd3RLc0hYeWV6UFZsaTRqeGIyRTllejZPakhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAS5+vAD
BAC5+vIwDQYJKoZIhvcNAQELBQADggEBAFi+rOzjymXTr663JwD+YJZ8d15/5e5f
86L3BwJcAfr668hcJCaChJt1gF4nal5X2WZtWHDSXaqm+8KCP99XUtZWDcKjj5yJ
wQYoM9DH6eHLp5cn1teuKeT8Z4mc9TInDAinsqBR3qCzeJOjt5Xx0edwSt+h0Hrz
DSmaf8Q2DT3rMuO9nmbQ6xq3o0bvTfn+kS6Kgs+o/d0vvfqyfxF1aGl7OZYW2fZ4
yDNwSH4zPojEmEQr9oBGNP70H1W7pLb9DDj/J0ta6F1MkBs/fvSktUxVp0DC+csV
E3DsfL6BXFL3bzuZ3oX7nNAPPCV7/O/n61MhdoePxqc/m0Iq0bTEtsA=
-----END CERTIFICATE-----
Generated at Mon Apr 7 12:08:55 2025 by rpki-client