Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/a5ce7e-7d1d-48ef-8f36-0b740a36a8ee/1/spZ3gq52Rs1Brqgro5g4rfptHLc.roa
File: spZ3gq52Rs1Brqgro5g4rfptHLc.roa (raw, json)
Hash identifier: JmluqSt/yaPZfKeNSsXMXym5ysVFHQT+kOW0mDU1DxQ=
Subject key identifier: B2:96:77:82:AE:76:46:CD:41:AE:A8:2B:A3:98:38:AD:FA:6D:1C:B7
Certificate issuer: /CN=72c6460b4fb1ef46bc7457ff0cf463bdc4e03fa9
Certificate serial: 019427B4174214D2BD322C1988DB7F100201
Authority key identifier: 72:C6:46:0B:4F:B1:EF:46:BC:74:57:FF:0C:F4:63:BD:C4:E0:3F:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/csZGC0-x70a8dFf_DPRjvcTgP6k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/a5ce7e-7d1d-48ef-8f36-0b740a36a8ee/1/spZ3gq52Rs1Brqgro5g4rfptHLc.roa
Signing time: Thu 02 Jan 2025 15:48:21 +0000
ROA not before: Thu 02 Jan 2025 15:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396982
IP address blocks: 185.81.120.0/24 maxlen: 24
185.81.121.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:17:42:14:d2:bd:32:2c:19:88:db:7f:10:02:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72c6460b4fb1ef46bc7457ff0cf463bdc4e03fa9
Validity
Not Before: Jan 2 15:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2967782ae7646cd41aea82ba39838adfa6d1cb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:37:3a:14:e8:fb:1d:40:c1:ba:75:5c:9f:1a:
86:2e:18:23:4f:ac:9d:99:9e:87:c6:f6:be:57:6a:
c2:34:da:6b:b9:83:c5:b6:3e:72:f7:b5:1c:f0:0a:
7e:04:9b:ab:51:da:9c:1e:6f:e0:3c:29:b1:0b:f2:
f9:88:40:3e:65:ff:d9:9f:a8:93:ec:b0:80:da:7c:
2a:5e:13:15:20:86:a5:41:0b:d4:17:b8:f6:04:a3:
94:af:a4:d2:bc:2e:ad:58:f4:25:30:fd:82:4b:b1:
ae:05:b4:a2:a2:48:b9:59:0e:35:15:b9:7b:5a:87:
e1:e9:1c:e2:59:6f:63:1f:da:10:cc:9e:32:02:35:
f0:72:3e:fb:fa:47:d9:66:96:18:47:46:e9:35:33:
ea:53:3e:18:7d:87:3b:31:87:0b:2b:86:e8:1a:59:
36:24:ec:45:eb:7e:4d:89:22:a8:ee:49:25:94:cf:
a2:94:2c:15:58:b3:68:de:9f:8e:7d:9c:32:0e:dd:
c4:2d:a9:8f:29:cd:fc:7d:2b:b2:40:0b:b9:45:66:
b5:91:9c:e2:ec:49:23:6d:89:24:ac:f5:42:52:4b:
8e:fd:f2:ff:b6:e7:9a:51:a6:97:3d:d9:8d:32:8c:
a9:e3:4a:24:7b:1d:7f:b8:c3:94:3f:de:26:d5:87:
7a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:96:77:82:AE:76:46:CD:41:AE:A8:2B:A3:98:38:AD:FA:6D:1C:B7
X509v3 Authority Key Identifier:
keyid:72:C6:46:0B:4F:B1:EF:46:BC:74:57:FF:0C:F4:63:BD:C4:E0:3F:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/csZGC0-x70a8dFf_DPRjvcTgP6k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/a5ce7e-7d1d-48ef-8f36-0b740a36a8ee/1/spZ3gq52Rs1Brqgro5g4rfptHLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/a5ce7e-7d1d-48ef-8f36-0b740a36a8ee/1/csZGC0-x70a8dFf_DPRjvcTgP6k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.120.0/23
Signature Algorithm: sha256WithRSAEncryption
75:d6:5f:39:cf:b2:c9:61:f2:c7:f1:85:8e:dd:9f:42:26:31:
2f:36:85:c4:e7:60:c9:d1:7d:f8:bc:c1:84:55:7d:28:f7:40:
e5:2f:e1:55:eb:ac:dd:05:d4:7d:b3:4e:5e:d7:d0:4c:10:d6:
cd:0a:70:59:84:54:29:f4:8c:37:56:36:e8:53:63:de:8a:67:
4b:2f:40:4c:25:5d:96:31:ad:01:09:db:2f:94:0f:8f:d9:81:
52:94:2c:f8:ae:c3:ac:b5:19:5e:7b:57:ff:5b:3a:d0:6b:22:
0d:61:74:37:6e:c6:df:5f:75:f9:10:34:09:87:55:7c:70:8d:
dc:62:7f:79:24:cf:41:2b:78:6d:88:98:d5:f8:50:cb:2e:98:
2e:dc:3b:ec:e0:d7:ec:fe:97:b3:a5:bc:d4:b1:d8:8b:36:04:
60:55:07:ea:34:21:db:24:29:60:23:d9:20:61:0e:68:85:65:
44:e8:6c:6c:3b:e3:3d:4c:85:8f:d0:c0:af:99:d9:bc:28:57:
69:dc:07:14:ee:fd:1d:a7:0d:f1:0e:92:3e:ab:76:d8:b8:34:
80:76:79:4d:80:fb:30:de:a5:5b:63:13:dd:66:87:f1:16:9d:
11:f1:41:77:34:f8:c1:38:e8:38:72:e6:d8:b3:ea:ef:0d:74:
d9:aa:04:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntBdCFNK9MiwZiNt/EAIBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYzY0NjBiNGZiMWVmNDZiYzc0NTdmZjBjZjQ2M2JkYzRl
MDNmYTkwHhcNMjUwMTAyMTU0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjk2Nzc4MmFlNzY0NmNkNDFhZWE4MmJhMzk4MzhhZGZhNmQxY2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTc6FOj7HUDBunVcnxqGLhgjT6yd
mZ6Hxva+V2rCNNpruYPFtj5y97Uc8Ap+BJurUdqcHm/gPCmxC/L5iEA+Zf/Zn6iT
7LCA2nwqXhMVIIalQQvUF7j2BKOUr6TSvC6tWPQlMP2CS7GuBbSioki5WQ41Fbl7
Wofh6RziWW9jH9oQzJ4yAjXwcj77+kfZZpYYR0bpNTPqUz4YfYc7MYcLK4boGlk2
JOxF635NiSKo7kkllM+ilCwVWLNo3p+OfZwyDt3ELamPKc38fSuyQAu5RWa1kZzi
7EkjbYkkrPVCUkuO/fL/tueaUaaXPdmNMoyp40okex1/uMOUP94m1Yd6RwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLKWd4KudkbNQa6oK6OYOK36bRy3MB8GA1UdIwQY
MBaAFHLGRgtPse9GvHRX/wz0Y73E4D+pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3NaR0MwLXg3MGE4ZEZmX0RQUmp2Y1RnUDZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9hNWNlN2UtN2QxZC00OGVmLThmMzYt
MGI3NDBhMzZhOGVlLzEvc3BaM2dxNTJSczFCcnFncm81ZzRyZnB0SExjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9hNWNlN2UtN2QxZC00OGVmLThmMzYtMGI3NDBhMzZhOGVl
LzEvY3NaR0MwLXg3MGE4ZEZmX0RQUmp2Y1RnUDZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuVF4MA0G
CSqGSIb3DQEBCwUAA4IBAQB11l85z7LJYfLH8YWO3Z9CJjEvNoXE52DJ0X34vMGE
VX0o90DlL+FV66zdBdR9s05e19BMENbNCnBZhFQp9Iw3VjboU2PeimdLL0BMJV2W
Ma0BCdsvlA+P2YFSlCz4rsOstRlee1f/WzrQayINYXQ3bsbfX3X5EDQJh1V8cI3c
Yn95JM9BK3htiJjV+FDLLpgu3Dvs4Nfs/pezpbzUsdiLNgRgVQfqNCHbJClgI9kg
YQ5ohWVE6GxsO+M9TIWP0MCvmdm8KFdp3AcU7v0dpw3xDpI+q3bYuDSAdnlNgPsw
3qVbYxPdZofxFp0R8UF3NPjBOOg4cubYs+rvDXTZqgS2
-----END CERTIFICATE-----
Generated at Thu Apr 10 14:54:21 2025 by rpki-client