Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/76602c-c1ac-46a3-81bc-deeff3b2ae8a/1/DtU2ZbrDbb2VHfJtEdt21siVGns.roa
File: DtU2ZbrDbb2VHfJtEdt21siVGns.roa (raw, json)
Hash identifier: ynTQB6VjtTG3tdDy49IaqW0PKJ5yGE20hxTuSWXMlw8=
Subject key identifier: 0E:D5:36:65:BA:C3:6D:BD:95:1D:F2:6D:11:DB:76:D6:C8:95:1A:7B
Certificate issuer: /CN=d860f6f2c318559e65959cd5f28d159a0842d72a
Certificate serial: 01856D5413F33F91410B254C4178D96EC6FA
Authority key identifier: D8:60:F6:F2:C3:18:55:9E:65:95:9C:D5:F2:8D:15:9A:08:42:D7:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2GD28sMYVZ5llZzV8o0VmghC1yo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/76602c-c1ac-46a3-81bc-deeff3b2ae8a/1/DtU2ZbrDbb2VHfJtEdt21siVGns.roa
Signing time: Sun 01 Jan 2023 12:35:04 +0000
ROA not before: Sun 01 Jan 2023 12:35:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22773
IP address blocks: 185.234.12.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:54:13:f3:3f:91:41:0b:25:4c:41:78:d9:6e:c6:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d860f6f2c318559e65959cd5f28d159a0842d72a
Validity
Not Before: Jan 1 12:35:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ed53665bac36dbd951df26d11db76d6c8951a7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:50:b4:36:9b:1e:d6:1d:4f:82:bf:fb:e8:84:
d8:71:71:64:c9:55:ab:64:bf:15:bd:c3:03:a7:0b:
ab:ff:2b:dc:00:ad:2f:ce:c4:20:e8:c8:a3:40:83:
80:ab:45:f2:fb:3a:35:5d:21:d3:fa:bf:81:7b:ba:
a7:e2:db:c0:35:ac:fc:3d:51:4f:20:a1:52:81:7a:
2b:31:16:19:aa:84:66:1a:fa:a9:1e:75:a6:34:a9:
75:12:92:77:6a:88:9b:c0:6d:96:62:1d:cd:03:24:
74:89:e4:5e:81:24:9a:80:2e:6c:c4:c7:e2:ce:65:
8b:b8:68:67:5b:c4:bf:ab:ca:ad:ef:96:3a:bb:bd:
24:1d:37:bb:79:5f:c3:50:18:0e:d4:86:19:6c:f8:
32:b1:bf:5e:e6:50:2c:91:d0:15:6c:9a:e5:4f:de:
6d:ca:80:cb:83:42:8d:a9:e5:87:ff:98:e3:0d:84:
09:e5:aa:75:bf:f5:8a:6b:aa:9e:74:54:e1:b8:af:
1f:ce:65:b3:f3:d9:0c:13:e7:b2:a3:80:8d:31:5d:
f5:c0:33:0e:75:59:3b:4e:20:26:05:83:d9:87:9c:
56:d2:12:0e:94:0c:15:b0:4a:c0:c0:8a:30:07:60:
06:08:a8:67:1f:93:e8:28:be:c7:b5:b5:38:35:f2:
4f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:D5:36:65:BA:C3:6D:BD:95:1D:F2:6D:11:DB:76:D6:C8:95:1A:7B
X509v3 Authority Key Identifier:
keyid:D8:60:F6:F2:C3:18:55:9E:65:95:9C:D5:F2:8D:15:9A:08:42:D7:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2GD28sMYVZ5llZzV8o0VmghC1yo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/76602c-c1ac-46a3-81bc-deeff3b2ae8a/1/DtU2ZbrDbb2VHfJtEdt21siVGns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/76602c-c1ac-46a3-81bc-deeff3b2ae8a/1/2GD28sMYVZ5llZzV8o0VmghC1yo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.12.0/24
Signature Algorithm: sha256WithRSAEncryption
01:b4:8e:2a:db:6a:d8:a9:ef:ac:2a:ef:b2:06:67:f0:d8:bd:
a2:e2:fd:17:d1:d5:f7:6b:fc:80:7c:3e:2f:57:56:b6:7f:ee:
20:5c:f3:42:ca:84:8f:3c:36:50:42:2b:2f:0f:59:8b:7d:ad:
9b:32:14:b5:ea:de:fa:cd:b7:87:06:df:86:2e:bb:b4:4b:20:
8c:a5:c1:bc:6c:b1:88:d2:2c:e3:11:ee:3f:b4:90:84:1e:8b:
15:40:ed:43:1c:9c:d1:dc:8c:48:89:e5:8a:88:f4:57:53:f5:
8c:20:43:14:1f:3c:fa:83:bd:44:77:e5:a4:07:56:9f:bb:87:
89:6d:c3:f8:74:95:a5:17:f2:09:28:fd:a8:b5:d8:c9:48:d1:
41:e6:3d:11:6e:bd:22:b7:c2:1f:b2:e7:ea:6b:1c:2a:5a:91:
18:3f:a8:d1:bc:ab:e2:6a:39:ed:dd:a6:d1:91:94:ce:7e:1e:
ab:52:c3:f2:af:e3:60:75:72:f1:72:6c:18:3e:c1:85:a4:34:
2f:9e:3b:07:da:d4:6b:86:13:89:99:d8:a4:e7:03:03:7e:b8:
92:ac:c4:4e:0e:5b:45:3c:be:2d:25:00:02:d6:80:f7:81:cb:
8e:a8:4a:ed:0c:a0:b2:e9:02:fa:bf:ee:10:b8:c5:29:fc:6c:
cd:63:99:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtVBPzP5FBCyVMQXjZbsb6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NjBmNmYyYzMxODU1OWU2NTk1OWNkNWYyOGQxNTlhMDg0
MmQ3MmEwHhcNMjMwMTAxMTIzNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWQ1MzY2NWJhYzM2ZGJkOTUxZGYyNmQxMWRiNzZkNmM4OTUxYTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11C0Npse1h1Pgr/76ITYcXFkyVWr
ZL8VvcMDpwur/yvcAK0vzsQg6MijQIOAq0Xy+zo1XSHT+r+Be7qn4tvANaz8PVFP
IKFSgXorMRYZqoRmGvqpHnWmNKl1EpJ3aoibwG2WYh3NAyR0ieRegSSagC5sxMfi
zmWLuGhnW8S/q8qt75Y6u70kHTe7eV/DUBgO1IYZbPgysb9e5lAskdAVbJrlT95t
yoDLg0KNqeWH/5jjDYQJ5ap1v/WKa6qedFThuK8fzmWz89kME+eyo4CNMV31wDMO
dVk7TiAmBYPZh5xW0hIOlAwVsErAwIowB2AGCKhnH5PoKL7HtbU4NfJPNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA7VNmW6w229lR3ybRHbdtbIlRp7MB8GA1UdIwQY
MBaAFNhg9vLDGFWeZZWc1fKNFZoIQtcqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkdEMjhzTVlWWjVsbFp6VjhvMFZtZ2hDMXlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83NjYwMmMtYzFhYy00NmEzLTgxYmMt
ZGVlZmYzYjJhZThhLzEvRHRVMlpickRiYjJWSGZKdEVkdDIxc2lWR25zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83NjYwMmMtYzFhYy00NmEzLTgxYmMtZGVlZmYzYjJhZThh
LzEvMkdEMjhzTVlWWjVsbFp6VjhvMFZtZ2hDMXlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueoMMA0G
CSqGSIb3DQEBCwUAA4IBAQABtI4q22rYqe+sKu+yBmfw2L2i4v0X0dX3a/yAfD4v
V1a2f+4gXPNCyoSPPDZQQisvD1mLfa2bMhS16t76zbeHBt+GLru0SyCMpcG8bLGI
0izjEe4/tJCEHosVQO1DHJzR3IxIieWKiPRXU/WMIEMUHzz6g71Ed+WkB1afu4eJ
bcP4dJWlF/IJKP2otdjJSNFB5j0Rbr0it8IfsufqaxwqWpEYP6jRvKviajnt3abR
kZTOfh6rUsPyr+NgdXLxcmwYPsGFpDQvnjsH2tRrhhOJmdik5wMDfriSrMRODltF
PL4tJQAC1oD3gcuOqErtDKCy6QL6v+4QuMUp/GzNY5nI
-----END CERTIFICATE-----
Generated at Sun Jun 8 10:42:37 2025 by rpki-client