Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/b3f993-d03b-4b13-81af-aa6229698461/1/e5DeESZZoV9ugwD2DDetvmmqaNQ.roa
File: e5DeESZZoV9ugwD2DDetvmmqaNQ.roa (raw, json)
Hash identifier: oBItgFG7VmwghbXnqb4YDSc7wHHSkFpawBFKEQ4ggoU=
Subject key identifier: 7B:90:DE:11:26:59:A1:5F:6E:83:00:F6:0C:37:AD:BE:69:AA:68:D4
Certificate issuer: /CN=95571d88b53965a7d081f3b1d8289cbc28775b88
Certificate serial: 01942522375B7F72274AB73100E07ECC8166
Authority key identifier: 95:57:1D:88:B5:39:65:A7:D0:81:F3:B1:D8:28:9C:BC:28:77:5B:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lVcdiLU5ZafQgfOx2CicvCh3W4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/b3f993-d03b-4b13-81af-aa6229698461/1/e5DeESZZoV9ugwD2DDetvmmqaNQ.roa
Signing time: Thu 02 Jan 2025 03:49:46 +0000
ROA not before: Thu 02 Jan 2025 03:49:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202077
IP address blocks: 185.68.136.0/22 maxlen: 24
2a03:2b20::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:37:5b:7f:72:27:4a:b7:31:00:e0:7e:cc:81:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95571d88b53965a7d081f3b1d8289cbc28775b88
Validity
Not Before: Jan 2 03:49:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7b90de112659a15f6e8300f60c37adbe69aa68d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:91:40:f2:a0:fa:1f:be:4a:b9:09:69:46:8f:
93:4e:ef:7a:ed:64:d6:d2:27:c0:bd:6f:eb:fb:89:
07:29:b2:6f:18:08:c1:d2:89:73:23:cb:b7:19:19:
ed:b6:6b:f1:f8:a2:4f:2f:92:b3:3b:e5:4d:7a:aa:
d8:00:ec:87:36:87:f1:23:d2:19:7e:02:d4:a8:f8:
a6:c3:35:31:4c:7e:90:e0:08:85:b2:c1:da:5f:e2:
64:45:31:f8:29:b0:c4:ff:b6:a8:c1:80:d7:13:ae:
2c:c2:e4:10:02:5a:f0:09:ac:12:27:d1:31:8f:ac:
fc:c3:23:bd:8d:cd:b6:de:85:dd:bd:cb:86:db:f2:
ce:45:88:6d:e1:8d:92:75:39:2b:3e:07:b7:0d:1a:
b7:5c:5e:e6:18:97:e6:7a:68:c0:80:92:bd:df:b2:
33:57:bf:77:e1:ed:d9:9f:6a:7f:a5:d2:41:11:df:
69:ab:c0:53:e2:ff:7e:05:38:b3:74:25:58:9d:40:
78:da:79:3b:94:d5:ec:49:7d:19:5b:aa:7e:ab:31:
8e:a2:b2:5d:f5:e6:d0:7c:00:f0:ae:7a:58:71:15:
40:08:21:0a:08:26:b3:f0:8f:1c:a5:7f:16:cb:41:
32:ab:7a:72:24:9d:a4:2e:d4:e8:8c:ab:29:13:7b:
d6:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:90:DE:11:26:59:A1:5F:6E:83:00:F6:0C:37:AD:BE:69:AA:68:D4
X509v3 Authority Key Identifier:
keyid:95:57:1D:88:B5:39:65:A7:D0:81:F3:B1:D8:28:9C:BC:28:77:5B:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lVcdiLU5ZafQgfOx2CicvCh3W4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/b3f993-d03b-4b13-81af-aa6229698461/1/e5DeESZZoV9ugwD2DDetvmmqaNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/b3f993-d03b-4b13-81af-aa6229698461/1/lVcdiLU5ZafQgfOx2CicvCh3W4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.136.0/22
IPv6:
2a03:2b20::/32
Signature Algorithm: sha256WithRSAEncryption
48:15:e9:3e:64:4a:65:76:7a:96:79:13:94:b7:b8:db:b1:0b:
4f:4e:d7:5e:9a:f7:01:88:cd:f4:16:eb:64:58:b0:20:1c:13:
ab:ce:cb:42:8b:9d:be:b1:36:2b:5b:7d:5f:e9:85:16:94:14:
1e:f5:0c:64:3b:40:ab:0b:69:fc:1c:cb:44:37:7e:c5:b2:dc:
5f:1f:45:e1:6f:03:58:d2:7f:1e:6a:89:09:75:ed:7a:ed:99:
91:4e:a8:03:37:ee:39:1b:9f:60:1f:1f:d1:6a:6d:eb:0c:a3:
98:8a:72:96:11:43:a0:05:50:8e:f5:84:86:cb:05:ea:d1:a7:
7b:9b:58:fc:d0:4d:05:4e:8d:02:37:cb:da:6f:94:c4:fd:4f:
2c:d6:93:d8:fa:b3:37:c2:ff:6d:96:7c:40:73:12:4f:7c:83:
f0:18:3c:8c:21:56:f4:8d:2e:27:83:b0:73:f2:82:f7:45:11:
ed:f0:ca:dc:36:19:e9:9f:aa:83:9d:9b:3b:38:14:58:cc:b0:
be:8e:65:cf:5b:f7:c7:04:93:ca:5f:2f:95:98:74:53:a3:e9:
8f:f5:c1:33:33:7c:79:76:af:56:80:fb:08:d0:1d:f8:d3:1c:
bb:74:52:6b:34:3e:2d:fa:7e:3a:0f:97:fa:7f:a9:91:cf:b3:
8d:39:6c:dc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlIjdbf3InSrcxAOB+zIFmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NTcxZDg4YjUzOTY1YTdkMDgxZjNiMWQ4Mjg5Y2JjMjg3
NzViODgwHhcNMjUwMTAyMDM0OTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjkwZGUxMTI2NTlhMTVmNmU4MzAwZjYwYzM3YWRiZTY5YWE2OGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15FA8qD6H75KuQlpRo+TTu967WTW
0ifAvW/r+4kHKbJvGAjB0olzI8u3GRnttmvx+KJPL5KzO+VNeqrYAOyHNofxI9IZ
fgLUqPimwzUxTH6Q4AiFssHaX+JkRTH4KbDE/7aowYDXE64swuQQAlrwCawSJ9Ex
j6z8wyO9jc223oXdvcuG2/LORYht4Y2SdTkrPge3DRq3XF7mGJfmemjAgJK937Iz
V7934e3Zn2p/pdJBEd9pq8BT4v9+BTizdCVYnUB42nk7lNXsSX0ZW6p+qzGOorJd
9ebQfADwrnpYcRVACCEKCCaz8I8cpX8Wy0Eyq3pyJJ2kLtTojKspE3vWuwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHuQ3hEmWaFfboMA9gw3rb5pqmjUMB8GA1UdIwQY
MBaAFJVXHYi1OWWn0IHzsdgonLwod1uIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFZjZGlMVTVaYWZRZ2ZPeDJDaWN2Q2gzVzRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9iM2Y5OTMtZDAzYi00YjEzLTgxYWYt
YWE2MjI5Njk4NDYxLzEvZTVEZUVTWlpvVjl1Z3dEMkREZXR2bW1xYU5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9iM2Y5OTMtZDAzYi00YjEzLTgxYWYtYWE2MjI5Njk4NDYx
LzEvbFZjZGlMVTVaYWZRZ2ZPeDJDaWN2Q2gzVzRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUSIMA0E
AgACMAcDBQAqAysgMA0GCSqGSIb3DQEBCwUAA4IBAQBIFek+ZEpldnqWeROUt7jb
sQtPTtdemvcBiM30FutkWLAgHBOrzstCi52+sTYrW31f6YUWlBQe9QxkO0CrC2n8
HMtEN37FstxfH0XhbwNY0n8eaokJde167ZmRTqgDN+45G59gHx/Ram3rDKOYinKW
EUOgBVCO9YSGywXq0ad7m1j80E0FTo0CN8vab5TE/U8s1pPY+rM3wv9tlnxAcxJP
fIPwGDyMIVb0jS4ng7Bz8oL3RRHt8MrcNhnpn6qDnZs7OBRYzLC+jmXPW/fHBJPK
Xy+VmHRTo+mP9cEzM3x5dq9WgPsI0B340xy7dFJrND4t+n46D5f6f6mRz7ONOWzc
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:50 2025 by rpki-client