Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/0zjITd9ttqwDd2J4abRmAkBpjQ4.roa
File: 0zjITd9ttqwDd2J4abRmAkBpjQ4.roa (raw, json)
Hash identifier: efkqt9epMDMJGUmpoMM6mMqaOMps0CzmBT72tutuF7I=
Subject key identifier: D3:38:C8:4D:DF:6D:B6:AC:03:77:62:78:69:B4:66:02:40:69:8D:0E
Certificate issuer: /CN=cb645bc0fdb8626bce2c0425c4087b54e150d386
Certificate serial: 01942747ECF460B233ADAF48CE68E8BF248E
Authority key identifier: CB:64:5B:C0:FD:B8:62:6B:CE:2C:04:25:C4:08:7B:54:E1:50:D3:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y2RbwP24YmvOLAQlxAh7VOFQ04Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/0zjITd9ttqwDd2J4abRmAkBpjQ4.roa
Signing time: Thu 02 Jan 2025 13:50:12 +0000
ROA not before: Thu 02 Jan 2025 13:50:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2856
IP address blocks: 185.210.157.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:ec:f4:60:b2:33:ad:af:48:ce:68:e8:bf:24:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb645bc0fdb8626bce2c0425c4087b54e150d386
Validity
Not Before: Jan 2 13:50:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d338c84ddf6db6ac0377627869b4660240698d0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:31:21:62:a4:a0:01:9c:b4:b4:d3:57:d2:a5:
71:90:0d:7a:34:c0:6c:05:93:7c:0b:5f:3f:1a:64:
be:70:53:bb:9f:ea:9d:2e:92:99:9e:27:9a:87:40:
68:c9:51:d9:5f:52:f9:d2:bd:a1:50:03:44:68:00:
95:31:56:ab:3f:3a:13:1a:77:da:b6:17:ab:d3:14:
ab:6d:b9:ed:13:a4:59:c1:96:8a:d1:d7:17:dd:8c:
e6:2d:4e:f7:b2:20:01:b4:ef:a1:03:21:4d:a0:db:
4e:db:9c:65:75:78:30:89:33:32:1f:d5:a9:73:2c:
1c:82:b6:01:db:80:7c:3b:f7:47:4e:f9:d4:2b:7a:
a7:aa:a4:16:a1:07:28:24:c9:86:21:46:96:04:ac:
f4:8d:16:6b:e5:c7:56:03:02:b6:5d:49:e0:3f:cf:
3f:92:2a:1f:5c:7d:1d:69:df:26:ee:15:92:f1:ac:
08:e5:c4:22:07:9e:7e:6f:bd:4f:a6:3d:92:ec:9e:
dc:4c:bd:ee:35:ee:c4:1e:c5:df:59:31:35:61:83:
d6:8a:f2:d9:22:68:0d:a5:44:62:23:49:f5:18:e6:
03:d3:97:a9:e8:e1:45:25:28:5d:fc:8a:7e:24:a4:
ff:85:d5:d7:c7:4d:c3:f2:71:18:2f:fe:a3:5b:d3:
da:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:38:C8:4D:DF:6D:B6:AC:03:77:62:78:69:B4:66:02:40:69:8D:0E
X509v3 Authority Key Identifier:
keyid:CB:64:5B:C0:FD:B8:62:6B:CE:2C:04:25:C4:08:7B:54:E1:50:D3:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y2RbwP24YmvOLAQlxAh7VOFQ04Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/0zjITd9ttqwDd2J4abRmAkBpjQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/y2RbwP24YmvOLAQlxAh7VOFQ04Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.157.0/24
Signature Algorithm: sha256WithRSAEncryption
72:17:bd:25:22:a9:c7:8f:45:8b:97:b1:30:ad:72:a8:e2:e2:
16:71:d3:ce:51:5c:a0:9c:44:25:90:0b:70:e6:fe:2f:ec:0b:
cb:c3:c5:0a:42:81:a1:3b:90:53:7e:91:84:b3:20:55:67:96:
16:a8:c6:d3:55:ef:61:fd:af:ea:3e:7b:c1:af:84:a3:ae:21:
7f:72:78:d1:df:dd:64:15:20:1d:3e:78:93:13:69:f3:b6:c0:
db:bf:c8:43:c9:b6:1a:8f:a0:fd:d7:40:44:c7:87:cf:91:8d:
71:b9:10:2b:6d:0e:bd:19:8a:a9:2e:c7:a2:8a:cd:fe:3a:bc:
6e:ce:e2:c6:51:79:95:ca:eb:76:e9:bc:1c:bf:80:31:4d:62:
01:ae:7a:45:18:0c:6d:83:3f:98:ff:a8:dd:48:0f:c7:a8:1a:
ca:7c:08:da:4b:94:19:fc:1a:5e:d0:33:c0:7e:69:ba:17:0e:
67:3d:cf:d0:df:1d:e7:7b:08:d8:7b:f2:31:de:8a:5d:87:a2:
06:eb:97:f7:66:12:ba:f7:93:aa:3b:46:af:44:f3:05:3e:86:
94:f1:71:a6:77:a3:ec:e0:6d:aa:14:f2:db:8a:91:e5:93:00:
73:e6:58:fb:05:4d:d8:95:5c:d4:18:0f:25:d1:24:5d:54:a2:
08:c9:a5:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR+z0YLIzra9IzmjovySOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNjQ1YmMwZmRiODYyNmJjZTJjMDQyNWM0MDg3YjU0ZTE1
MGQzODYwHhcNMjUwMTAyMTM1MDEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzM4Yzg0ZGRmNmRiNmFjMDM3NzYyNzg2OWI0NjYwMjQwNjk4ZDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTEhYqSgAZy0tNNX0qVxkA16NMBs
BZN8C18/GmS+cFO7n+qdLpKZnieah0BoyVHZX1L50r2hUANEaACVMVarPzoTGnfa
ther0xSrbbntE6RZwZaK0dcX3YzmLU73siABtO+hAyFNoNtO25xldXgwiTMyH9Wp
cywcgrYB24B8O/dHTvnUK3qnqqQWoQcoJMmGIUaWBKz0jRZr5cdWAwK2XUngP88/
kiofXH0dad8m7hWS8awI5cQiB55+b71Ppj2S7J7cTL3uNe7EHsXfWTE1YYPWivLZ
ImgNpURiI0n1GOYD05ep6OFFJShd/Ip+JKT/hdXXx03D8nEYL/6jW9PazQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNM4yE3fbbasA3dieGm0ZgJAaY0OMB8GA1UdIwQY
MBaAFMtkW8D9uGJrziwEJcQIe1ThUNOGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTJSYndQMjRZbXZPTEFRbHhBaDdWT0ZRMDRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81N2JmODktZmUzYi00YzIxLThmZmIt
ZTg3NTRkMDA1ZWJlLzEvMHpqSVRkOXR0cXdEZDJKNGFiUm1Ba0JwalE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81N2JmODktZmUzYi00YzIxLThmZmItZTg3NTRkMDA1ZWJl
LzEveTJSYndQMjRZbXZPTEFRbHhBaDdWT0ZRMDRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudKdMA0G
CSqGSIb3DQEBCwUAA4IBAQByF70lIqnHj0WLl7EwrXKo4uIWcdPOUVygnEQlkAtw
5v4v7AvLw8UKQoGhO5BTfpGEsyBVZ5YWqMbTVe9h/a/qPnvBr4SjriF/cnjR391k
FSAdPniTE2nztsDbv8hDybYaj6D910BEx4fPkY1xuRArbQ69GYqpLseiis3+Orxu
zuLGUXmVyut26bwcv4AxTWIBrnpFGAxtgz+Y/6jdSA/HqBrKfAjaS5QZ/Bpe0DPA
fmm6Fw5nPc/Q3x3newjYe/Ix3opdh6IG65f3ZhK695OqO0avRPMFPoaU8XGmd6Ps
4G2qFPLbipHlkwBz5lj7BU3YlVzUGA8l0SRdVKIIyaVB
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:01:14 2025 by rpki-client