Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/817c14-b800-4c15-a89e-704f263389e2/1/JN_wI5WUBHJd5ainOqfE_dFkzKI.roa
File: JN_wI5WUBHJd5ainOqfE_dFkzKI.roa (raw, json)
Hash identifier: Qg99ezuBzQl9b8N0K6IHfY7xyiyA9XJB6h6HAFx4kIY=
Subject key identifier: 24:DF:F0:23:95:94:04:72:5D:E5:A8:A7:3A:A7:C4:FD:D1:64:CC:A2
Certificate issuer: /CN=e73cf9433eb80fe9027084529a25412ddfe5bd01
Certificate serial: 0194274738D9D3DD52277FC3C5E6B0F08A6C
Authority key identifier: E7:3C:F9:43:3E:B8:0F:E9:02:70:84:52:9A:25:41:2D:DF:E5:BD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5zz5Qz64D-kCcIRSmiVBLd_lvQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/817c14-b800-4c15-a89e-704f263389e2/1/JN_wI5WUBHJd5ainOqfE_dFkzKI.roa
Signing time: Thu 02 Jan 2025 13:49:26 +0000
ROA not before: Thu 02 Jan 2025 13:49:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207160
IP address blocks: 185.65.243.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:38:d9:d3:dd:52:27:7f:c3:c5:e6:b0:f0:8a:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e73cf9433eb80fe9027084529a25412ddfe5bd01
Validity
Not Before: Jan 2 13:49:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=24dff023959404725de5a8a73aa7c4fdd164cca2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f5:ec:3a:84:f9:b3:45:67:73:42:fc:00:27:
db:53:80:d1:09:e9:99:d1:71:5f:e8:bd:1c:b3:74:
c4:3f:f1:cc:ff:30:13:e0:b2:a7:dc:9e:5c:e6:d3:
cb:bb:1d:c8:17:77:36:2e:e4:08:79:f8:2a:a7:62:
d9:3c:3d:13:5c:50:99:6b:6c:39:a8:bc:bc:eb:df:
86:53:94:ae:39:e2:42:49:0a:07:d3:71:93:02:9e:
d8:22:3c:b2:89:5c:74:c9:3b:56:2c:54:15:50:c6:
7a:77:b5:36:92:3b:3c:7b:c8:23:71:7f:94:82:01:
48:bb:e6:e1:4c:95:68:0e:8b:51:88:eb:49:35:a7:
55:0a:56:bd:a3:18:c8:58:39:41:52:d0:78:b9:ee:
75:b4:16:0f:95:7e:83:6e:03:98:cc:96:2c:8a:ee:
82:a2:00:a5:77:97:9d:ee:9d:a8:3c:1a:7b:fd:93:
de:08:98:a6:6b:c2:a3:b9:93:5c:ea:5e:94:f0:2d:
d1:bb:2e:c6:a5:bd:7c:94:78:e2:26:97:2d:18:53:
a7:6c:b7:9f:3f:ce:a2:30:c5:0b:68:90:37:b8:99:
fd:70:f8:65:0d:6c:25:31:5a:8d:76:82:21:c3:24:
bd:c5:bf:7d:dc:6f:c4:8a:1f:6d:02:d8:fa:dd:28:
b2:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:DF:F0:23:95:94:04:72:5D:E5:A8:A7:3A:A7:C4:FD:D1:64:CC:A2
X509v3 Authority Key Identifier:
keyid:E7:3C:F9:43:3E:B8:0F:E9:02:70:84:52:9A:25:41:2D:DF:E5:BD:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5zz5Qz64D-kCcIRSmiVBLd_lvQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/817c14-b800-4c15-a89e-704f263389e2/1/JN_wI5WUBHJd5ainOqfE_dFkzKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/817c14-b800-4c15-a89e-704f263389e2/1/5zz5Qz64D-kCcIRSmiVBLd_lvQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.243.0/24
Signature Algorithm: sha256WithRSAEncryption
95:f9:01:fd:1d:0b:6e:a6:03:5c:4a:c9:e0:e2:3b:32:6c:cc:
70:49:3e:0b:55:15:ed:9c:37:59:0c:c6:2a:78:cb:fb:45:4c:
46:de:d1:30:e5:94:fd:10:d6:a5:61:56:fd:a7:fe:0f:cb:9d:
51:87:70:a2:87:b9:2e:2a:67:87:48:b4:ee:10:48:43:59:f7:
11:33:27:52:6a:a3:13:57:90:80:6a:e0:4f:b8:6c:a6:8c:ef:
46:4b:0f:ca:ff:19:ee:b4:ea:b7:15:4e:6a:c2:a1:a0:5d:4c:
24:69:d4:52:bd:50:9e:59:bf:34:07:d8:39:20:18:c2:11:b7:
28:9a:d7:2d:80:7a:89:ab:c4:e2:4b:09:c8:83:ed:6e:22:07:
b9:c8:89:39:99:a1:fa:a6:f1:fc:a9:c1:09:86:81:ad:a2:96:
df:a2:32:6a:26:75:7f:77:c7:69:9b:62:57:be:e8:37:53:5c:
cc:8d:de:13:88:7f:fd:bc:d7:1c:30:10:4e:3b:3c:38:66:95:
35:de:5e:af:b7:7a:1b:cf:02:e4:76:7d:7c:d6:08:7d:00:35:
7f:6d:f0:38:b5:0c:09:de:9d:7c:52:3b:fe:f7:bb:9d:81:5b:
22:e5:39:c3:f3:38:89:b4:18:42:8d:b0:16:c1:2c:4c:a3:9a:
3a:ba:dc:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnRzjZ091SJ3/Dxeaw8IpsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3M2NmOTQzM2ViODBmZTkwMjcwODQ1MjlhMjU0MTJkZGZl
NWJkMDEwHhcNMjUwMTAyMTM0OTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGRmZjAyMzk1OTQwNDcyNWRlNWE4YTczYWE3YzRmZGQxNjRjY2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfXsOoT5s0Vnc0L8ACfbU4DRCemZ
0XFf6L0cs3TEP/HM/zAT4LKn3J5c5tPLux3IF3c2LuQIefgqp2LZPD0TXFCZa2w5
qLy869+GU5SuOeJCSQoH03GTAp7YIjyyiVx0yTtWLFQVUMZ6d7U2kjs8e8gjcX+U
ggFIu+bhTJVoDotRiOtJNadVCla9oxjIWDlBUtB4ue51tBYPlX6DbgOYzJYsiu6C
ogCld5ed7p2oPBp7/ZPeCJima8KjuZNc6l6U8C3Ruy7Gpb18lHjiJpctGFOnbLef
P86iMMULaJA3uJn9cPhlDWwlMVqNdoIhwyS9xb993G/Eih9tAtj63SiyYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCTf8COVlARyXeWopzqnxP3RZMyiMB8GA1UdIwQY
MBaAFOc8+UM+uA/pAnCEUpolQS3f5b0BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXp6NVF6NjRELWtDY0lSU21pVkJMZF9sdlFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni84MTdjMTQtYjgwMC00YzE1LWE4OWUt
NzA0ZjI2MzM4OWUyLzEvSk5fd0k1V1VCSEpkNWFpbk9xZkVfZEZrektJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni84MTdjMTQtYjgwMC00YzE1LWE4OWUtNzA0ZjI2MzM4OWUy
LzEvNXp6NVF6NjRELWtDY0lSU21pVkJMZF9sdlFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUHzMA0G
CSqGSIb3DQEBCwUAA4IBAQCV+QH9HQtupgNcSsng4jsybMxwST4LVRXtnDdZDMYq
eMv7RUxG3tEw5ZT9ENalYVb9p/4Py51Rh3Cih7kuKmeHSLTuEEhDWfcRMydSaqMT
V5CAauBPuGymjO9GSw/K/xnutOq3FU5qwqGgXUwkadRSvVCeWb80B9g5IBjCEbco
mtctgHqJq8TiSwnIg+1uIge5yIk5maH6pvH8qcEJhoGtopbfojJqJnV/d8dpm2JX
vug3U1zMjd4TiH/9vNccMBBOOzw4ZpU13l6vt3obzwLkdn181gh9ADV/bfA4tQwJ
3p18Ujv+97udgVsi5TnD8ziJtBhCjbAWwSxMo5o6utxA
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:54:16 2025 by rpki-client