Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/ead277-84c9-4b8e-879e-5f73267102a6/1/dwkbDumHfM-fJPhQnf3bRCy2PjY.roa
File: dwkbDumHfM-fJPhQnf3bRCy2PjY.roa (raw, json)
Hash identifier: aIk07HBkaBzs1F02NTAQLrtiIZZaDl8SPQXuogtqsw0=
Subject key identifier: 77:09:1B:0E:E9:87:7C:CF:9F:24:F8:50:9D:FD:DB:44:2C:B6:3E:36
Certificate issuer: /CN=d48551e26169b3b3e124f6964e2702e95768253e
Certificate serial: 0194252224739BC69119742E512A1CE28A7C
Authority key identifier: D4:85:51:E2:61:69:B3:B3:E1:24:F6:96:4E:27:02:E9:57:68:25:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1IVR4mFps7PhJPaWTicC6VdoJT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/ead277-84c9-4b8e-879e-5f73267102a6/1/dwkbDumHfM-fJPhQnf3bRCy2PjY.roa
Signing time: Thu 02 Jan 2025 03:49:41 +0000
ROA not before: Thu 02 Jan 2025 03:49:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203640
IP address blocks: 185.29.108.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:24:73:9b:c6:91:19:74:2e:51:2a:1c:e2:8a:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48551e26169b3b3e124f6964e2702e95768253e
Validity
Not Before: Jan 2 03:49:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77091b0ee9877ccf9f24f8509dfddb442cb63e36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0d:f2:29:fe:cb:7d:36:72:cb:e7:08:e5:25:
00:2c:90:67:82:84:f2:2d:44:d1:43:be:b3:c1:3a:
8d:bd:bd:71:c6:4e:ce:c5:90:0c:0e:dc:8b:f2:b4:
b8:14:8e:e4:38:2d:78:6c:ce:46:f7:dd:4e:68:fc:
f5:ac:39:61:61:76:a3:e0:52:69:ee:49:df:ca:22:
2e:e6:3a:57:dd:39:22:07:c8:06:85:8e:60:48:09:
ee:20:29:ee:a0:3f:b8:dc:6e:8c:ee:6e:1e:ca:a0:
68:53:2b:f7:44:a5:17:b4:8b:80:e5:a1:03:a5:2a:
0d:9e:6e:55:14:78:02:95:1d:77:1c:ae:d4:f1:05:
3d:80:98:1a:9a:3d:da:ba:ef:7e:56:35:b7:1d:8d:
25:4a:88:ad:30:ae:22:b4:71:f0:fa:4b:32:ef:3d:
8a:6b:fb:39:c2:3c:cc:23:66:46:22:3e:4f:b7:4e:
bc:6c:a7:86:36:19:5e:e7:ed:54:21:2f:8b:a6:ab:
32:1e:14:cc:73:72:6c:ff:43:54:9e:b5:c3:e0:1c:
52:e1:61:58:d0:3d:a2:19:fb:88:df:88:8e:d5:b0:
d4:c5:9e:6c:be:50:80:10:d9:e9:cf:08:b2:16:5b:
cd:58:77:5d:3d:75:ea:42:15:6f:b6:c4:a0:76:b3:
f9:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:09:1B:0E:E9:87:7C:CF:9F:24:F8:50:9D:FD:DB:44:2C:B6:3E:36
X509v3 Authority Key Identifier:
keyid:D4:85:51:E2:61:69:B3:B3:E1:24:F6:96:4E:27:02:E9:57:68:25:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1IVR4mFps7PhJPaWTicC6VdoJT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/ead277-84c9-4b8e-879e-5f73267102a6/1/dwkbDumHfM-fJPhQnf3bRCy2PjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/ead277-84c9-4b8e-879e-5f73267102a6/1/1IVR4mFps7PhJPaWTicC6VdoJT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.29.108.0/22
Signature Algorithm: sha256WithRSAEncryption
31:57:e2:6c:1b:52:81:03:9d:65:d3:98:c2:68:8f:5d:98:f4:
45:27:82:cc:ae:2e:b1:e1:6c:67:44:85:32:a8:82:0e:59:18:
37:7d:ae:46:bc:d9:a2:fe:c5:88:f0:6f:09:d5:e2:0c:88:c4:
31:26:32:11:58:d7:5b:f1:20:b6:ad:8b:96:1e:a6:28:ca:d9:
67:27:4a:b2:ad:9e:20:2e:7f:14:be:c0:12:3e:d0:ff:b3:41:
5f:ec:51:e6:47:1f:9d:70:26:46:7a:dd:3a:d0:8f:82:f7:b3:
15:7e:8e:fa:19:b6:cc:93:96:bf:15:04:80:0a:1e:20:0b:e0:
9d:6a:d2:36:c9:2e:e6:71:42:b6:be:6f:cb:15:a0:53:a5:5f:
b6:44:90:1f:1e:ae:20:7c:79:57:57:39:13:92:dd:49:ce:51:
14:9e:88:66:62:86:59:00:75:8a:85:8f:a5:26:cc:bf:85:ee:
6b:33:17:23:6a:7e:71:0b:dd:e6:5a:cd:f0:5a:28:e0:6c:dc:
0d:a0:59:45:ed:eb:3d:db:2a:3d:f2:3f:e1:ea:66:19:41:ec:
c7:91:30:3b:1a:3c:6f:84:be:ef:37:e5:1a:11:b3:40:ff:51:
50:05:d6:b0:d6:02:83:2d:21:ec:cb:c1:62:de:b2:91:62:d0:
7c:fe:e0:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIiRzm8aRGXQuUSoc4op8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ODU1MWUyNjE2OWIzYjNlMTI0ZjY5NjRlMjcwMmU5NTc2
ODI1M2UwHhcNMjUwMTAyMDM0OTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzA5MWIwZWU5ODc3Y2NmOWYyNGY4NTA5ZGZkZGI0NDJjYjYzZTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtw3yKf7LfTZyy+cI5SUALJBngoTy
LUTRQ76zwTqNvb1xxk7OxZAMDtyL8rS4FI7kOC14bM5G991OaPz1rDlhYXaj4FJp
7knfyiIu5jpX3TkiB8gGhY5gSAnuICnuoD+43G6M7m4eyqBoUyv3RKUXtIuA5aED
pSoNnm5VFHgClR13HK7U8QU9gJgamj3auu9+VjW3HY0lSoitMK4itHHw+ksy7z2K
a/s5wjzMI2ZGIj5Pt068bKeGNhle5+1UIS+LpqsyHhTMc3Js/0NUnrXD4BxS4WFY
0D2iGfuI34iO1bDUxZ5svlCAENnpzwiyFlvNWHddPXXqQhVvtsSgdrP5sQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHcJGw7ph3zPnyT4UJ3920Qstj42MB8GA1UdIwQY
MBaAFNSFUeJhabOz4ST2lk4nAulXaCU+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlWUjRtRnBzN1BoSlBhV1RpY0M2VmRvSlQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9lYWQyNzctODRjOS00YjhlLTg3OWUt
NWY3MzI2NzEwMmE2LzEvZHdrYkR1bUhmTS1mSlBoUW5mM2JSQ3kyUGpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9lYWQyNzctODRjOS00YjhlLTg3OWUtNWY3MzI2NzEwMmE2
LzEvMUlWUjRtRnBzN1BoSlBhV1RpY0M2VmRvSlQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuR1sMA0G
CSqGSIb3DQEBCwUAA4IBAQAxV+JsG1KBA51l05jCaI9dmPRFJ4LMri6x4WxnRIUy
qIIOWRg3fa5GvNmi/sWI8G8J1eIMiMQxJjIRWNdb8SC2rYuWHqYoytlnJ0qyrZ4g
Ln8UvsASPtD/s0Ff7FHmRx+dcCZGet060I+C97MVfo76GbbMk5a/FQSACh4gC+Cd
atI2yS7mcUK2vm/LFaBTpV+2RJAfHq4gfHlXVzkTkt1JzlEUnohmYoZZAHWKhY+l
Jsy/he5rMxcjan5xC93mWs3wWijgbNwNoFlF7es92yo98j/h6mYZQezHkTA7Gjxv
hL7vN+UaEbNA/1FQBdaw1gKDLSHsy8Fi3rKRYtB8/uBU
-----END CERTIFICATE-----
Generated at Tue Apr 8 01:17:41 2025 by rpki-client