Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/724c97-f149-446f-bbf1-2544683aa125/1/E4Z3vbTECoIeWAX-nTU7dyjahu0.roa
File: E4Z3vbTECoIeWAX-nTU7dyjahu0.roa (raw, json)
Hash identifier: GRl1qEVfqwDbxNSFnBtUIIbDFbsrhFOvP3cHyBgF290=
Subject key identifier: 13:86:77:BD:B4:C4:0A:82:1E:58:05:FE:9D:35:3B:77:28:DA:86:ED
Certificate issuer: /CN=6c3250a5c1bdab74b1bd23c01c54a8d70b6def20
Certificate serial: 0194D506E84D4BA0C6382CC7601E57560BB5
Authority key identifier: 6C:32:50:A5:C1:BD:AB:74:B1:BD:23:C0:1C:54:A8:D7:0B:6D:EF:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bDJQpcG9q3SxvSPAHFSo1wtt7yA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/724c97-f149-446f-bbf1-2544683aa125/1/E4Z3vbTECoIeWAX-nTU7dyjahu0.roa
Signing time: Wed 05 Feb 2025 07:33:07 +0000
ROA not before: Wed 05 Feb 2025 07:33:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204769
IP address blocks: 185.211.101.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d5:06:e8:4d:4b:a0:c6:38:2c:c7:60:1e:57:56:0b:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c3250a5c1bdab74b1bd23c01c54a8d70b6def20
Validity
Not Before: Feb 5 07:33:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=138677bdb4c40a821e5805fe9d353b7728da86ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:3f:4e:dc:23:cd:91:66:06:be:49:e0:64:8f:
8d:9f:e1:12:2c:95:d0:ca:7b:6c:e7:c6:cb:49:2e:
5d:ba:c9:70:52:04:48:6e:64:c2:c6:17:dc:1e:f6:
24:60:77:21:12:b9:52:ce:78:fa:0c:91:62:26:1b:
5d:6e:c8:1d:3d:c7:52:90:30:e4:b5:04:61:b8:03:
ee:81:09:5e:64:0b:32:a1:16:70:e4:01:e9:4a:46:
56:af:77:69:e8:33:b3:7c:36:f1:bf:74:78:50:bd:
c2:9b:d0:24:bb:d1:c6:5f:aa:c9:6c:f7:7d:52:44:
89:1e:75:8c:3c:a7:56:36:e4:85:a2:17:87:15:e8:
5d:ce:4a:82:df:e7:ce:6e:50:7a:7f:50:96:2d:a0:
9b:79:8c:0c:e8:13:98:e7:25:aa:e6:9f:d8:5d:85:
0c:04:6c:f9:71:44:89:80:5e:f1:08:08:e3:f1:21:
26:12:c9:43:e6:33:2a:dc:b5:68:cd:36:46:06:a9:
06:bc:b2:4c:32:69:03:d4:68:6b:3d:0a:06:ec:dc:
23:bb:c9:3f:b5:53:f9:c0:87:7a:21:7e:11:ba:5f:
85:9a:a8:f1:3a:3f:1b:ae:b8:7f:5a:dd:b7:9d:ec:
1a:7c:23:67:eb:1b:f4:71:f7:68:c2:03:41:07:45:
54:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:86:77:BD:B4:C4:0A:82:1E:58:05:FE:9D:35:3B:77:28:DA:86:ED
X509v3 Authority Key Identifier:
keyid:6C:32:50:A5:C1:BD:AB:74:B1:BD:23:C0:1C:54:A8:D7:0B:6D:EF:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bDJQpcG9q3SxvSPAHFSo1wtt7yA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/724c97-f149-446f-bbf1-2544683aa125/1/E4Z3vbTECoIeWAX-nTU7dyjahu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/724c97-f149-446f-bbf1-2544683aa125/1/bDJQpcG9q3SxvSPAHFSo1wtt7yA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.101.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:16:5d:48:4f:4a:73:e5:34:81:e7:91:88:d6:72:5d:4a:97:
c9:1e:4a:52:e0:d5:94:c7:f2:64:ef:3a:0f:7c:57:c8:28:dc:
23:fc:0e:8d:80:d5:ce:68:68:55:34:fd:29:39:29:60:4e:33:
22:73:ef:86:ff:e0:66:65:7c:c5:f8:d4:91:7c:e0:ba:ed:e3:
d4:ee:cd:1f:d5:66:b6:34:51:37:b9:c9:bc:b5:68:54:4d:dc:
e8:b3:d3:49:88:27:2a:ec:65:63:e9:b1:d1:e3:f6:0d:54:61:
f1:60:12:c3:d9:78:1a:13:ee:1a:ab:04:dd:91:3a:8d:aa:e4:
95:bc:91:b4:1a:5d:5e:42:16:43:8a:7e:f7:ec:31:02:70:54:
2e:44:17:e4:82:1f:fe:70:97:63:22:57:79:b8:3c:81:8a:e9:
46:7d:f9:11:9d:b2:5e:e6:6d:46:83:91:92:c7:1d:61:48:59:
aa:aa:41:4c:8b:ad:a4:bb:25:3c:47:98:d2:5e:20:61:f0:77:
a5:f5:d6:e9:7a:01:28:f7:08:22:b4:30:8f:06:dd:f2:01:dd:
bb:a1:d2:88:87:a2:a8:02:b3:78:1a:7a:ff:41:21:31:35:63:
0c:70:e7:be:ca:48:c4:b8:1c:4b:5f:9c:eb:d1:fc:98:11:28:
c8:b5:30:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTVBuhNS6DGOCzHYB5XVgu1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMzI1MGE1YzFiZGFiNzRiMWJkMjNjMDFjNTRhOGQ3MGI2
ZGVmMjAwHhcNMjUwMjA1MDczMzA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzg2NzdiZGI0YzQwYTgyMWU1ODA1ZmU5ZDM1M2I3NzI4ZGE4NmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0D9O3CPNkWYGvkngZI+Nn+ESLJXQ
ynts58bLSS5duslwUgRIbmTCxhfcHvYkYHchErlSznj6DJFiJhtdbsgdPcdSkDDk
tQRhuAPugQleZAsyoRZw5AHpSkZWr3dp6DOzfDbxv3R4UL3Cm9Aku9HGX6rJbPd9
UkSJHnWMPKdWNuSFoheHFehdzkqC3+fOblB6f1CWLaCbeYwM6BOY5yWq5p/YXYUM
BGz5cUSJgF7xCAjj8SEmEslD5jMq3LVozTZGBqkGvLJMMmkD1GhrPQoG7Nwju8k/
tVP5wId6IX4Rul+FmqjxOj8brrh/Wt23newafCNn6xv0cfdowgNBB0VUiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBOGd720xAqCHlgF/p01O3co2obtMB8GA1UdIwQY
MBaAFGwyUKXBvat0sb0jwBxUqNcLbe8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkRKUXBjRzlxM1N4dlNQQUhGU28xd3R0N3lBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS83MjRjOTctZjE0OS00NDZmLWJiZjEt
MjU0NDY4M2FhMTI1LzEvRTRaM3ZiVEVDb0llV0FYLW5UVTdkeWphaHUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS83MjRjOTctZjE0OS00NDZmLWJiZjEtMjU0NDY4M2FhMTI1
LzEvYkRKUXBjRzlxM1N4dlNQQUhGU28xd3R0N3lBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudNlMA0G
CSqGSIb3DQEBCwUAA4IBAQAvFl1IT0pz5TSB55GI1nJdSpfJHkpS4NWUx/Jk7zoP
fFfIKNwj/A6NgNXOaGhVNP0pOSlgTjMic++G/+BmZXzF+NSRfOC67ePU7s0f1Wa2
NFE3ucm8tWhUTdzos9NJiCcq7GVj6bHR4/YNVGHxYBLD2XgaE+4aqwTdkTqNquSV
vJG0Gl1eQhZDin737DECcFQuRBfkgh/+cJdjIld5uDyBiulGffkRnbJe5m1Gg5GS
xx1hSFmqqkFMi62kuyU8R5jSXiBh8Hel9dbpegEo9wgitDCPBt3yAd27odKIh6Ko
ArN4Gnr/QSExNWMMcOe+ykjEuBxLX5zr0fyYESjItTCt
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:23:43 2025 by rpki-client