Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/ekkDxJqu-ZlE3YVqxLbl94UD6sQ.roa
File: ekkDxJqu-ZlE3YVqxLbl94UD6sQ.roa (raw, json)
Hash identifier: +gZe1v06dqZXZbhN48Df/j5IB56FQCKk5ahi88pFN9Q=
Subject key identifier: 7A:49:03:C4:9A:AE:F9:99:44:DD:85:6A:C4:B6:E5:F7:85:03:EA:C4
Certificate issuer: /CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Certificate serial: 019427B3EFEE7D26E5BD545FB354BF6DC1E2
Authority key identifier: AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/ekkDxJqu-ZlE3YVqxLbl94UD6sQ.roa
Signing time: Thu 02 Jan 2025 15:48:11 +0000
ROA not before: Thu 02 Jan 2025 15:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20818
IP address blocks: 185.111.212.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:ef:ee:7d:26:e5:bd:54:5f:b3:54:bf:6d:c1:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Validity
Not Before: Jan 2 15:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a4903c49aaef99944dd856ac4b6e5f78503eac4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7d:31:83:c4:ad:4e:d2:d4:37:fd:a2:7c:30:
4f:70:c7:51:d9:62:a2:9d:cd:b8:bc:c4:19:9d:8e:
ad:9c:56:41:60:51:1f:6d:78:78:b0:0b:e5:2c:e2:
e8:e3:c8:28:86:60:49:24:13:b6:9c:81:21:02:90:
a5:b5:59:78:28:ed:83:d0:d1:ff:79:9f:37:a1:a1:
76:4e:65:2b:99:e8:c7:cb:9b:95:af:76:6a:77:b2:
96:82:7e:49:20:1a:47:d3:8c:65:04:34:dd:82:30:
8b:66:57:58:de:11:9d:0d:e4:7d:7a:e4:ed:4d:30:
91:3e:60:45:d2:d0:7a:16:a7:45:90:ee:c5:45:79:
db:f7:fb:66:52:fc:57:5b:f5:21:3f:00:b1:92:23:
c5:22:fa:9f:52:f2:4a:b8:33:dc:7c:78:4a:03:51:
de:82:dc:71:33:07:00:fc:ee:90:81:51:ee:1e:60:
5d:03:dc:3b:04:93:1e:b8:65:75:4b:d0:46:d4:00:
a6:38:31:b0:fd:f5:52:c4:aa:08:36:9a:95:fa:b8:
db:d9:ae:57:64:25:16:cf:bf:3f:82:58:fd:18:e4:
f5:82:fe:74:45:72:a3:61:38:20:d6:d5:ef:97:8b:
fe:3b:e8:9a:c7:2e:fd:9e:97:6a:81:5f:10:89:09:
df:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:49:03:C4:9A:AE:F9:99:44:DD:85:6A:C4:B6:E5:F7:85:03:EA:C4
X509v3 Authority Key Identifier:
keyid:AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/ekkDxJqu-ZlE3YVqxLbl94UD6sQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.212.0/22
Signature Algorithm: sha256WithRSAEncryption
88:3a:b7:6c:28:db:7b:13:fe:c1:c4:c3:2b:44:73:6f:3f:6b:
ae:aa:cf:99:54:45:1a:f0:27:ee:49:13:e4:ed:0a:3e:9a:97:
8c:eb:e3:2b:14:42:df:53:09:b7:cb:bb:ee:ed:53:46:31:16:
3e:52:79:6b:97:19:40:0d:db:cc:98:04:5d:c3:0e:0e:55:08:
66:33:0b:19:45:00:1e:e8:6b:90:57:a2:7a:32:8f:93:fa:80:
8c:84:76:41:d6:06:ec:6e:17:78:46:25:5f:5e:d8:17:41:01:
27:f8:e4:ae:17:fa:3f:ed:8a:ec:62:e3:d8:4d:04:79:b2:25:
55:fa:e8:62:b7:bd:77:fe:70:f0:a3:5f:77:88:db:99:d7:b1:
e5:ef:06:a1:9f:82:6b:91:2e:c3:97:81:b8:2e:e4:48:da:4e:
f5:08:bb:0f:10:6d:fb:33:62:57:fd:ba:be:8c:cc:b1:f3:05:
0d:75:13:79:f9:93:cd:0a:2c:fc:0f:cc:ff:9f:7e:c6:bf:27:
7c:71:29:6c:d7:73:44:fd:c0:a6:9b:3e:2b:04:dc:9a:41:23:
89:a1:7b:03:5b:ac:eb:21:b5:27:16:c2:60:19:32:77:bb:a6:
43:cb:03:f7:c2:c2:ab:b5:5d:ba:b0:5e:98:cf:83:d4:6d:37:
42:ce:cd:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQns+/ufSblvVRfs1S/bcHiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMWY3MjFiN2I3ZTZkMDQ5ZmJmZTUyMGUxY2E4OWMxY2Ey
NTY4MTMwHhcNMjUwMTAyMTU0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTQ5MDNjNDlhYWVmOTk5NDRkZDg1NmFjNGI2ZTVmNzg1MDNlYWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuX0xg8StTtLUN/2ifDBPcMdR2WKi
nc24vMQZnY6tnFZBYFEfbXh4sAvlLOLo48gohmBJJBO2nIEhApCltVl4KO2D0NH/
eZ83oaF2TmUrmejHy5uVr3Zqd7KWgn5JIBpH04xlBDTdgjCLZldY3hGdDeR9euTt
TTCRPmBF0tB6FqdFkO7FRXnb9/tmUvxXW/UhPwCxkiPFIvqfUvJKuDPcfHhKA1He
gtxxMwcA/O6QgVHuHmBdA9w7BJMeuGV1S9BG1ACmODGw/fVSxKoINpqV+rjb2a5X
ZCUWz78/glj9GOT1gv50RXKjYTgg1tXvl4v+O+iaxy79npdqgV8QiQnfEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHpJA8SarvmZRN2FasS25feFA+rEMB8GA1UdIwQY
MBaAFKwfcht7fm0En7/lIOHKicHKJWgTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjIt
NjRkMjljODZiZjNlLzEvZWtrRHhKcXUtWmxFM1lWcXhMYmw5NFVENnNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjItNjRkMjljODZiZjNl
LzEvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuW/UMA0G
CSqGSIb3DQEBCwUAA4IBAQCIOrdsKNt7E/7BxMMrRHNvP2uuqs+ZVEUa8CfuSRPk
7Qo+mpeM6+MrFELfUwm3y7vu7VNGMRY+UnlrlxlADdvMmARdww4OVQhmMwsZRQAe
6GuQV6J6Mo+T+oCMhHZB1gbsbhd4RiVfXtgXQQEn+OSuF/o/7YrsYuPYTQR5siVV
+uhit713/nDwo193iNuZ17Hl7wahn4JrkS7Dl4G4LuRI2k71CLsPEG37M2JX/bq+
jMyx8wUNdRN5+ZPNCiz8D8z/n37Gvyd8cSls13NE/cCmmz4rBNyaQSOJoXsDW6zr
IbUnFsJgGTJ3u6ZDywP3wsKrtV26sF6Yz4PUbTdCzs0X
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:25 2025 by rpki-client