Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/EmNqWHZHvcbARh8MqUG6nxXKDnk.roa
File: EmNqWHZHvcbARh8MqUG6nxXKDnk.roa (raw, json)
Hash identifier: qFrAZp7TQYaT2zIiJ3kN/K/RUigkO6TizDHq1yApShI=
Subject key identifier: 12:63:6A:58:76:47:BD:C6:C0:46:1F:0C:A9:41:BA:9F:15:CA:0E:79
Certificate issuer: /CN=3e24c7ecfa37d2487152fb9bbbab50be79de2619
Certificate serial: 019420684F3E91EA311ACCF1B59A343AA363
Authority key identifier: 3E:24:C7:EC:FA:37:D2:48:71:52:FB:9B:BB:AB:50:BE:79:DE:26:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/EmNqWHZHvcbARh8MqUG6nxXKDnk.roa
Signing time: Wed 01 Jan 2025 05:48:14 +0000
ROA not before: Wed 01 Jan 2025 05:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 185.71.228.0/24 maxlen: 24
185.71.229.0/24 maxlen: 24
185.125.84.0/24 maxlen: 24
193.0.181.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:4f:3e:91:ea:31:1a:cc:f1:b5:9a:34:3a:a3:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e24c7ecfa37d2487152fb9bbbab50be79de2619
Validity
Not Before: Jan 1 05:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=12636a587647bdc6c0461f0ca941ba9f15ca0e79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:52:40:d8:b4:ec:f4:4b:d3:a2:10:0d:8d:47:
41:6f:28:59:ee:15:65:4c:a1:1d:d2:2a:74:09:e9:
c0:64:d0:a0:14:c7:6c:79:6b:59:b5:6d:42:17:4a:
56:47:d7:0b:2e:1c:de:7d:f6:a3:93:45:94:fe:8d:
5d:f0:fe:67:bd:5b:13:bb:fd:4f:e3:af:88:24:b7:
9d:4c:bd:c4:e0:4b:3a:f2:f5:18:09:53:a7:87:f2:
5f:0b:e0:72:fb:42:db:49:59:7e:4a:38:5c:30:a1:
d2:27:63:9f:a3:98:17:ec:7c:cd:9b:2c:8a:e7:18:
98:61:0e:ae:3b:14:2f:ed:81:26:f9:b5:24:b8:97:
8e:29:69:f0:8e:68:b0:d9:c6:d9:99:07:21:e2:73:
da:4b:06:03:5f:96:06:84:0d:81:05:af:44:e1:b9:
ab:42:dd:5f:79:48:88:39:ba:1c:b7:68:27:22:b7:
e4:76:f0:26:c7:21:5e:2b:06:3c:3e:61:3b:61:0c:
52:cf:ea:de:12:54:18:e2:f3:44:20:95:0d:ae:ed:
82:1e:b6:0b:0d:1c:cf:09:d3:49:08:46:9f:0a:a8:
63:c2:cd:8e:72:eb:f6:eb:62:4a:a4:8a:72:1b:95:
73:03:0b:da:31:76:01:8c:a1:be:43:0f:62:95:ec:
eb:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:63:6A:58:76:47:BD:C6:C0:46:1F:0C:A9:41:BA:9F:15:CA:0E:79
X509v3 Authority Key Identifier:
keyid:3E:24:C7:EC:FA:37:D2:48:71:52:FB:9B:BB:AB:50:BE:79:DE:26:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/EmNqWHZHvcbARh8MqUG6nxXKDnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/PiTH7Po30khxUvubu6tQvnneJhk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.228.0/23
185.125.84.0/24
193.0.181.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:1e:1a:51:a8:0d:77:02:92:84:6a:9e:34:be:f1:d9:0c:9e:
87:c3:8b:1a:25:6d:c6:c7:81:eb:cc:76:90:f4:b8:fb:4b:ad:
42:ba:df:77:e6:d0:a3:84:7a:11:b6:30:c4:18:b5:1a:35:a4:
64:63:e1:d2:05:f9:40:b1:66:14:93:ac:16:7b:b6:d5:e4:50:
16:c3:ca:89:fc:46:bb:98:2c:c8:52:fe:71:d9:35:50:fa:95:
3f:ed:17:94:d4:32:f9:5a:8b:bc:6f:35:d2:90:74:ad:07:72:
fc:93:da:fa:d0:5a:a5:12:d8:42:7d:f2:23:46:02:91:f3:78:
1b:69:6c:77:58:95:ca:98:ff:10:32:e7:63:d1:f4:83:4c:00:
e7:03:b9:82:94:0a:2d:61:08:b6:65:51:18:49:76:83:ac:cf:
82:c1:ff:0e:93:97:a7:fe:62:12:b6:84:43:cb:a9:eb:86:3f:
5f:3d:11:94:5d:0e:d7:c8:68:a2:73:27:c5:d5:68:b3:7c:ab:
f7:13:26:92:9b:dc:c8:cb:7b:d6:6b:ea:3d:87:35:72:1c:44:
a8:2d:8d:62:12:89:09:f2:08:03:24:86:fb:43:17:ff:0c:00:
30:6e:50:b5:27:a9:c5:15:4f:7f:59:ec:1e:d0:87:60:39:69:
3c:ba:31:2b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQgaE8+keoxGszxtZo0OqNjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjRjN2VjZmEzN2QyNDg3MTUyZmI5YmJiYWI1MGJlNzlk
ZTI2MTkwHhcNMjUwMTAxMDU0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjYzNmE1ODc2NDdiZGM2YzA0NjFmMGNhOTQxYmE5ZjE1Y2EwZTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1lJA2LTs9EvTohANjUdBbyhZ7hVl
TKEd0ip0CenAZNCgFMdseWtZtW1CF0pWR9cLLhzeffajk0WU/o1d8P5nvVsTu/1P
46+IJLedTL3E4Es68vUYCVOnh/JfC+By+0LbSVl+SjhcMKHSJ2Ofo5gX7HzNmyyK
5xiYYQ6uOxQv7YEm+bUkuJeOKWnwjmiw2cbZmQch4nPaSwYDX5YGhA2BBa9E4bmr
Qt1feUiIOboct2gnIrfkdvAmxyFeKwY8PmE7YQxSz+reElQY4vNEIJUNru2CHrYL
DRzPCdNJCEafCqhjws2Ocuv262JKpIpyG5VzAwvaMXYBjKG+Qw9ilezrKwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBJjalh2R73GwEYfDKlBup8Vyg55MB8GA1UdIwQY
MBaAFD4kx+z6N9JIcVL7m7urUL553iYZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlUSDdQbzMwa2h4VXZ1YnU2dFF2bm5lSmhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zOWE1ZmMtZDI2ZS00ZDUzLTkxZTMt
NDkzZDc3NGFhMWZmLzEvRW1OcVdIWkh2Y2JBUmg4TXFVRzZueFhLRG5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8zOWE1ZmMtZDI2ZS00ZDUzLTkxZTMtNDkzZDc3NGFhMWZm
LzEvUGlUSDdQbzMwa2h4VXZ1YnU2dFF2bm5lSmhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBuUfkAwQA
uX1UAwQAwQC1MA0GCSqGSIb3DQEBCwUAA4IBAQAKHhpRqA13ApKEap40vvHZDJ6H
w4saJW3Gx4HrzHaQ9Lj7S61Cut935tCjhHoRtjDEGLUaNaRkY+HSBflAsWYUk6wW
e7bV5FAWw8qJ/Ea7mCzIUv5x2TVQ+pU/7ReU1DL5Wou8bzXSkHStB3L8k9r60Fql
EthCffIjRgKR83gbaWx3WJXKmP8QMudj0fSDTADnA7mClAotYQi2ZVEYSXaDrM+C
wf8Ok5en/mIStoRDy6nrhj9fPRGUXQ7XyGiicyfF1WizfKv3EyaSm9zIy3vWa+o9
hzVyHESoLY1iEokJ8ggDJIb7Qxf/DAAwblC1J6nFFU9/Wewe0IdgOWk8ujEr
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:43:09 2025 by rpki-client