Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/f19d06-c7fa-40e5-b813-7fe3951a735b/1/Z31e2uZ4ZUo0ifh9SmP5d6rs9YA.roa
File: Z31e2uZ4ZUo0ifh9SmP5d6rs9YA.roa (raw, json)
Hash identifier: 99LlYSdIOpp68PEiIS1MO6ONGzvLDbJLydlaJmSyBos=
Subject key identifier: 67:7D:5E:DA:E6:78:65:4A:34:89:F8:7D:4A:63:F9:77:AA:EC:F5:80
Certificate issuer: /CN=0e0b0dcb6ad0ca816d2bd204e13f1eaf1104274c
Certificate serial: 01942521A485E98EB7DD93BBDC842545C879
Authority key identifier: 0E:0B:0D:CB:6A:D0:CA:81:6D:2B:D2:04:E1:3F:1E:AF:11:04:27:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DgsNy2rQyoFtK9IE4T8erxEEJ0w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/f19d06-c7fa-40e5-b813-7fe3951a735b/1/Z31e2uZ4ZUo0ifh9SmP5d6rs9YA.roa
Signing time: Thu 02 Jan 2025 03:49:09 +0000
ROA not before: Thu 02 Jan 2025 03:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25291
IP address blocks: 185.245.101.0/24 maxlen: 24
185.245.102.0/23 maxlen: 23
185.245.102.0/24 maxlen: 24
185.245.103.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:a4:85:e9:8e:b7:dd:93:bb:dc:84:25:45:c8:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e0b0dcb6ad0ca816d2bd204e13f1eaf1104274c
Validity
Not Before: Jan 2 03:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=677d5edae678654a3489f87d4a63f977aaecf580
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:eb:0e:2f:57:77:bb:82:1b:b3:de:08:45:9d:
ed:8a:68:5b:f9:08:cc:35:c9:42:28:40:43:0f:57:
09:b2:fa:5a:03:7b:e4:22:f1:29:bb:51:ab:55:13:
95:20:9c:7b:9d:57:80:55:c8:65:19:84:1b:c6:74:
6a:4d:27:f5:5f:e2:e2:23:a1:6b:56:a9:ac:f5:58:
45:aa:51:53:05:d4:80:21:95:98:98:94:13:1d:9e:
54:d2:80:2f:ac:3c:45:0d:c6:49:48:3f:00:05:c0:
5b:57:08:3b:e8:fc:10:51:39:e0:97:3a:8d:38:f7:
f3:ef:ff:ab:63:57:75:c4:7d:3c:fd:2f:6e:98:ab:
4a:c0:8c:d3:a7:c9:cf:5f:95:c6:20:45:2c:10:e7:
d6:3a:13:a2:e9:61:b4:a7:fa:51:d8:ab:63:e5:ac:
a7:11:b2:0b:c8:3a:4c:bc:18:d5:b6:78:6b:15:e9:
95:a9:05:23:cd:4c:cd:bd:56:ab:73:f0:63:34:67:
01:66:3d:f0:5e:bc:03:e5:a7:c2:62:45:f4:44:28:
45:52:cc:4e:40:6d:12:51:1a:c2:ad:dd:00:79:c9:
84:a4:09:31:a0:45:02:a3:77:cf:50:8e:63:c0:3d:
48:6a:7b:41:43:6d:43:d2:40:e6:e5:7a:25:9e:7d:
1a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:7D:5E:DA:E6:78:65:4A:34:89:F8:7D:4A:63:F9:77:AA:EC:F5:80
X509v3 Authority Key Identifier:
keyid:0E:0B:0D:CB:6A:D0:CA:81:6D:2B:D2:04:E1:3F:1E:AF:11:04:27:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DgsNy2rQyoFtK9IE4T8erxEEJ0w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f19d06-c7fa-40e5-b813-7fe3951a735b/1/Z31e2uZ4ZUo0ifh9SmP5d6rs9YA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f19d06-c7fa-40e5-b813-7fe3951a735b/1/DgsNy2rQyoFtK9IE4T8erxEEJ0w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.101.0-185.245.103.255
Signature Algorithm: sha256WithRSAEncryption
34:cc:1f:13:6f:18:a4:d8:e2:73:47:66:32:5f:02:61:55:37:
ef:33:e2:b9:5c:e9:54:70:49:a6:d9:81:6d:72:60:8d:68:0e:
62:17:e4:d6:1b:82:61:c8:d6:8d:7f:c1:f0:12:40:f5:80:3a:
78:24:87:23:15:1c:0a:60:6f:75:b8:40:1b:ad:44:0f:76:ee:
00:ea:a3:e7:7b:31:a8:66:01:7d:13:9c:87:aa:a0:e3:8f:d2:
db:13:f2:0d:67:c8:c8:11:fc:7b:a4:59:ea:a6:7a:00:17:c1:
9c:1a:c1:11:ba:dc:fe:98:b0:d2:78:64:86:74:a2:2a:73:c1:
92:38:71:54:d7:27:4f:56:2e:56:32:78:8c:33:5a:00:7b:2e:
d4:fd:d3:eb:35:44:be:e9:f5:40:6b:38:e3:0f:d3:c7:2c:0c:
9b:ab:6e:b2:d3:57:5f:de:4b:93:a6:22:41:1e:8e:21:fc:28:
f6:32:f6:65:c8:e8:e1:75:e7:b2:7e:0c:dd:91:22:1e:95:60:
b0:ab:bd:da:9a:61:7d:4b:60:c8:4c:c9:ee:38:63:ea:15:b0:
fd:a3:17:db:51:66:a5:ba:66:6c:9e:87:bd:1e:77:a4:9c:64:
19:0a:89:34:86:13:c9:51:01:5e:9c:12:ec:8b:18:cf:fd:78:
a5:65:96:74
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQlIaSF6Y633ZO73IQlRch5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMGIwZGNiNmFkMGNhODE2ZDJiZDIwNGUxM2YxZWFmMTEw
NDI3NGMwHhcNMjUwMTAyMDM0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzdkNWVkYWU2Nzg2NTRhMzQ4OWY4N2Q0YTYzZjk3N2FhZWNmNTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3usOL1d3u4Ibs94IRZ3timhb+QjM
NclCKEBDD1cJsvpaA3vkIvEpu1GrVROVIJx7nVeAVchlGYQbxnRqTSf1X+LiI6Fr
Vqms9VhFqlFTBdSAIZWYmJQTHZ5U0oAvrDxFDcZJSD8ABcBbVwg76PwQUTnglzqN
OPfz7/+rY1d1xH08/S9umKtKwIzTp8nPX5XGIEUsEOfWOhOi6WG0p/pR2Ktj5ayn
EbILyDpMvBjVtnhrFemVqQUjzUzNvVarc/BjNGcBZj3wXrwD5afCYkX0RChFUsxO
QG0SURrCrd0AecmEpAkxoEUCo3fPUI5jwD1IantBQ21D0kDm5Xolnn0aIQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGd9XtrmeGVKNIn4fUpj+Xeq7PWAMB8GA1UdIwQY
MBaAFA4LDctq0MqBbSvSBOE/Hq8RBCdMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGdzTnkyclF5b0Z0SzlJRTRUOGVyeEVFSjB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9mMTlkMDYtYzdmYS00MGU1LWI4MTMt
N2ZlMzk1MWE3MzViLzEvWjMxZTJ1WjRaVW8waWZoOVNtUDVkNnJzOVlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9mMTlkMDYtYzdmYS00MGU1LWI4MTMtN2ZlMzk1MWE3MzVi
LzEvRGdzTnkyclF5b0Z0SzlJRTRUOGVyeEVFSjB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC59WUD
BAO59WAwDQYJKoZIhvcNAQELBQADggEBADTMHxNvGKTY4nNHZjJfAmFVN+8z4rlc
6VRwSabZgW1yYI1oDmIX5NYbgmHI1o1/wfASQPWAOngkhyMVHApgb3W4QButRA92
7gDqo+d7MahmAX0TnIeqoOOP0tsT8g1nyMgR/HukWeqmegAXwZwawRG63P6YsNJ4
ZIZ0oipzwZI4cVTXJ09WLlYyeIwzWgB7LtT90+s1RL7p9UBrOOMP08csDJurbrLT
V1/eS5OmIkEejiH8KPYy9mXI6OF157J+DN2RIh6VYLCrvdqaYX1LYMhMye44Y+oV
sP2jF9tRZqW6Zmyeh70ed6ScZBkKiTSGE8lRAV6cEuyLGM/9eKVllnQ=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:09 2025 by rpki-client