Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/ca6c80-03a1-4a4c-91cf-068b77e903a0/1/pUM6ACWqLcQahA0lg8mmij4I6d4.roa
File: pUM6ACWqLcQahA0lg8mmij4I6d4.roa (raw, json)
Hash identifier: UbfUIFFNnl9kUqI4HdZKMmMa2NoguiRD4aW6tenaTi4=
Subject key identifier: A5:43:3A:00:25:AA:2D:C4:1A:84:0D:25:83:C9:A6:8A:3E:08:E9:DE
Certificate issuer: /CN=013c74132597162cdb2dd63760abd9971e30bf63
Certificate serial: 01942747935066B80CC176024D33B7D1991C
Authority key identifier: 01:3C:74:13:25:97:16:2C:DB:2D:D6:37:60:AB:D9:97:1E:30:BF:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ATx0EyWXFizbLdY3YKvZlx4wv2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/ca6c80-03a1-4a4c-91cf-068b77e903a0/1/pUM6ACWqLcQahA0lg8mmij4I6d4.roa
Signing time: Thu 02 Jan 2025 13:49:49 +0000
ROA not before: Thu 02 Jan 2025 13:49:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212805
IP address blocks: 185.19.203.0/24 maxlen: 24
2a12:4740::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:93:50:66:b8:0c:c1:76:02:4d:33:b7:d1:99:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=013c74132597162cdb2dd63760abd9971e30bf63
Validity
Not Before: Jan 2 13:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5433a0025aa2dc41a840d2583c9a68a3e08e9de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f3:43:a8:58:02:ef:e8:f9:67:89:f1:b7:9b:
e6:73:b0:b2:2a:52:31:c9:15:f6:cd:63:61:c3:67:
43:a0:41:d4:b7:fc:b2:49:6c:2d:61:ae:07:ec:75:
e4:8c:2a:75:e6:81:c0:3a:53:e4:30:ae:fe:04:72:
eb:ac:c4:d3:eb:62:b7:a4:f5:4e:f8:3b:86:38:7d:
fa:5b:91:cf:8a:e6:ce:c4:b7:c4:65:b6:34:74:2a:
9c:e6:84:2f:50:a3:42:1f:7e:96:3d:3d:81:e3:f5:
a2:9c:20:be:9b:67:3b:45:0d:55:00:92:3a:3e:a3:
3c:ac:72:70:80:18:3f:c8:76:81:b4:c7:64:3c:a7:
58:23:ae:0d:c9:9a:24:b2:27:29:2a:cd:c3:d3:07:
0b:f7:0e:69:6a:c9:b5:dd:52:1d:0a:15:61:5c:f5:
60:16:04:c1:3a:11:c1:ca:e0:3d:66:27:ce:16:41:
4f:a8:b8:d3:37:29:97:ae:82:3e:d7:0d:2b:c1:d5:
e2:5c:46:a3:64:be:1a:7e:76:8a:8b:5e:fc:d3:c2:
fe:27:d7:1c:49:2a:ae:34:f5:d0:72:8d:f9:34:20:
67:fc:10:ba:a0:4f:87:45:bb:36:5e:4c:ee:74:cb:
70:bb:49:3f:28:fb:9e:a3:84:45:a5:ff:59:60:57:
e7:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:43:3A:00:25:AA:2D:C4:1A:84:0D:25:83:C9:A6:8A:3E:08:E9:DE
X509v3 Authority Key Identifier:
keyid:01:3C:74:13:25:97:16:2C:DB:2D:D6:37:60:AB:D9:97:1E:30:BF:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ATx0EyWXFizbLdY3YKvZlx4wv2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/ca6c80-03a1-4a4c-91cf-068b77e903a0/1/pUM6ACWqLcQahA0lg8mmij4I6d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/ca6c80-03a1-4a4c-91cf-068b77e903a0/1/ATx0EyWXFizbLdY3YKvZlx4wv2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.19.203.0/24
IPv6:
2a12:4740::/29
Signature Algorithm: sha256WithRSAEncryption
68:9b:5c:78:ca:97:12:84:0d:b0:a0:63:88:5d:a6:ec:eb:73:
f6:4c:9f:f0:d1:31:de:3f:6a:13:fa:5b:39:2f:47:89:58:13:
14:6f:c3:32:48:bd:b9:52:36:5e:e2:5b:f2:98:72:f0:6b:d0:
e6:fa:dd:75:71:a9:f8:86:56:4a:7d:cb:6e:c6:da:ec:38:aa:
19:c9:56:ee:17:21:5a:a0:30:38:dd:60:89:e0:55:2b:c5:88:
e3:32:e3:50:08:b5:ce:b0:4d:99:57:8c:84:bf:cd:9b:15:97:
ba:75:ee:29:4f:fd:f1:6c:64:ad:ce:f6:d3:7e:0d:43:f0:f1:
3f:7d:c5:6d:4a:ef:38:65:c5:77:b6:ce:a2:4d:e5:62:ae:85:
14:a5:9c:ce:6a:3d:c7:ce:3b:fb:e7:ec:1e:3e:66:3d:51:15:
e1:1f:88:d2:44:a2:27:75:cd:4b:f2:d2:37:07:fe:6c:b4:52:
05:24:8b:f0:31:02:ca:d3:68:32:9e:06:fb:7a:1a:69:21:2b:
33:91:0d:90:aa:42:30:ea:cb:62:fe:3e:17:7c:10:5d:51:e7:
84:7c:a5:4b:57:90:61:f8:0b:db:aa:ba:c4:1c:10:6c:58:78:
5c:94:7e:44:a4:bf:a2:a1:da:ad:48:82:e1:66:80:8c:fd:1d:
70:a8:55:c4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnR5NQZrgMwXYCTTO30ZkcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxM2M3NDEzMjU5NzE2MmNkYjJkZDYzNzYwYWJkOTk3MWUz
MGJmNjMwHhcNMjUwMTAyMTM0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTQzM2EwMDI1YWEyZGM0MWE4NDBkMjU4M2M5YTY4YTNlMDhlOWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/NDqFgC7+j5Z4nxt5vmc7CyKlIx
yRX2zWNhw2dDoEHUt/yySWwtYa4H7HXkjCp15oHAOlPkMK7+BHLrrMTT62K3pPVO
+DuGOH36W5HPiubOxLfEZbY0dCqc5oQvUKNCH36WPT2B4/WinCC+m2c7RQ1VAJI6
PqM8rHJwgBg/yHaBtMdkPKdYI64NyZoksicpKs3D0wcL9w5pasm13VIdChVhXPVg
FgTBOhHByuA9ZifOFkFPqLjTNymXroI+1w0rwdXiXEajZL4afnaKi17808L+J9cc
SSquNPXQco35NCBn/BC6oE+HRbs2XkzudMtwu0k/KPueo4RFpf9ZYFfnoQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKVDOgAlqi3EGoQNJYPJpoo+COneMB8GA1UdIwQY
MBaAFAE8dBMllxYs2y3WN2Cr2ZceML9jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVR4MEV5V1hGaXpiTGRZM1lLdlpseDR3djJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9jYTZjODAtMDNhMS00YTRjLTkxY2Yt
MDY4Yjc3ZTkwM2EwLzEvcFVNNkFDV3FMY1FhaEEwbGc4bW1pajRJNmQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9jYTZjODAtMDNhMS00YTRjLTkxY2YtMDY4Yjc3ZTkwM2Ew
LzEvQVR4MEV5V1hGaXpiTGRZM1lLdlpseDR3djJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuRPLMA0E
AgACMAcDBQMqEkdAMA0GCSqGSIb3DQEBCwUAA4IBAQBom1x4ypcShA2woGOIXabs
63P2TJ/w0THeP2oT+ls5L0eJWBMUb8MySL25UjZe4lvymHLwa9Dm+t11can4hlZK
fctuxtrsOKoZyVbuFyFaoDA43WCJ4FUrxYjjMuNQCLXOsE2ZV4yEv82bFZe6de4p
T/3xbGStzvbTfg1D8PE/fcVtSu84ZcV3ts6iTeViroUUpZzOaj3Hzjv75+wePmY9
URXhH4jSRKIndc1L8tI3B/5stFIFJIvwMQLK02gyngb7ehppISszkQ2QqkIw6sti
/j4XfBBdUeeEfKVLV5Bh+AvbqrrEHBBsWHhclH5EpL+iodqtSILhZoCM/R1wqFXE
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:17:39 2025 by rpki-client