Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/cdhvQ3G9D22hzZ35uWHLO4DK-b8.roa
File: cdhvQ3G9D22hzZ35uWHLO4DK-b8.roa (raw, json)
Hash identifier: 9/hDVeqHVKKGEQirCvU77EziyJeBYbpOSUraYbA1sQI=
Subject key identifier: 71:D8:6F:43:71:BD:0F:6D:A1:CD:9D:F9:B9:61:CB:3B:80:CA:F9:BF
Certificate issuer: /CN=dc94bb69453f139a60029e22db0fb3424a906cee
Certificate serial: 01943B7916A7559D15FD77502D3EFC882ACC
Authority key identifier: DC:94:BB:69:45:3F:13:9A:60:02:9E:22:DB:0F:B3:42:4A:90:6C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/cdhvQ3G9D22hzZ35uWHLO4DK-b8.roa
Signing time: Mon 06 Jan 2025 11:56:18 +0000
ROA not before: Mon 06 Jan 2025 11:56:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49824
IP address blocks: 185.5.252.0/24 maxlen: 24
185.5.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3b:79:16:a7:55:9d:15:fd:77:50:2d:3e:fc:88:2a:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc94bb69453f139a60029e22db0fb3424a906cee
Validity
Not Before: Jan 6 11:56:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=71d86f4371bd0f6da1cd9df9b961cb3b80caf9bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:86:a8:4c:e1:1a:b8:0c:18:99:a1:76:94:60:
57:32:42:14:cd:62:8d:a4:2a:c3:22:59:00:4f:ae:
f6:a5:a9:17:37:26:ed:72:58:85:a7:a5:cb:bc:64:
66:93:51:2f:93:a9:00:4e:33:79:ad:de:0e:ca:df:
8d:f7:8a:1d:81:a7:54:45:6b:c7:6f:04:40:97:61:
84:ad:7e:d1:63:42:c4:da:b2:c6:f6:a6:07:6c:7a:
bb:74:6f:48:e3:79:a9:32:fd:87:71:20:f3:d6:89:
72:7e:5a:54:fe:cb:a2:c3:7e:4e:87:09:cf:1f:f8:
8c:3f:aa:5a:ac:be:1d:75:ba:58:c3:3d:66:51:23:
b2:16:d7:30:03:bb:90:44:5d:ab:fa:9b:64:35:82:
90:d3:ca:c7:9e:7f:b7:bf:f6:f3:ec:4a:50:f9:82:
ce:9d:75:47:6f:20:29:3e:c2:6f:33:4e:b4:27:74:
75:fd:67:1d:6d:a4:fc:a6:ac:ea:8d:ad:b8:8d:9e:
2b:4f:df:e8:db:1e:dd:d6:7a:e5:6e:0d:72:12:aa:
8a:e3:7c:8b:74:b4:ce:41:55:ba:78:13:d9:5e:77:
9b:56:5f:76:c0:24:6f:4c:69:5b:cb:83:5a:98:a0:
de:4d:0f:9a:23:2b:d8:77:bf:f3:2a:be:76:56:1d:
bf:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:D8:6F:43:71:BD:0F:6D:A1:CD:9D:F9:B9:61:CB:3B:80:CA:F9:BF
X509v3 Authority Key Identifier:
keyid:DC:94:BB:69:45:3F:13:9A:60:02:9E:22:DB:0F:B3:42:4A:90:6C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/cdhvQ3G9D22hzZ35uWHLO4DK-b8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.5.252.0/23
Signature Algorithm: sha256WithRSAEncryption
49:51:40:cb:ae:81:d5:35:9d:72:a5:55:d8:c7:80:9e:83:be:
c3:c1:f7:f2:c5:a4:72:86:1c:88:53:da:22:8b:f7:23:7c:0e:
20:b8:8f:e3:50:0e:bc:45:a7:d3:5c:c5:3b:7b:10:8e:8c:2f:
26:99:12:52:b4:3e:c5:bb:b5:60:3e:35:be:4a:ac:43:4f:85:
e1:fd:f8:8e:35:8d:f5:05:d6:97:78:bd:b1:51:91:ed:7b:99:
49:52:7b:00:2b:23:b8:04:da:7c:e5:43:d8:34:d0:a6:3e:e1:
f2:65:4d:c8:2c:21:ae:f6:5b:34:47:30:23:d1:d9:37:ce:21:
b0:44:ac:9f:4a:ec:86:4c:1a:89:3a:92:81:09:cc:2e:6f:26:
12:d3:15:cc:e6:1d:aa:8d:e1:4a:02:7a:7b:1e:5e:d8:b6:f3:
ac:c4:ee:f7:82:cb:03:16:e6:f7:f6:62:13:8f:68:60:ae:8f:
af:ae:f8:dc:4d:c7:c7:95:d5:a7:cb:c1:44:db:76:ba:fa:ac:
a1:8e:40:ea:bb:f7:af:86:76:b1:18:f3:8f:cf:75:95:b5:ea:
88:b3:f7:15:5d:6e:0d:10:b1:b0:56:13:06:c1:06:a2:fd:7f:
54:5b:b4:24:de:dd:f8:81:a9:b9:a9:36:7a:ca:9b:47:53:3d:
85:cd:42:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQ7eRanVZ0V/XdQLT78iCrMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjOTRiYjY5NDUzZjEzOWE2MDAyOWUyMmRiMGZiMzQyNGE5
MDZjZWUwHhcNMjUwMTA2MTE1NjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWQ4NmY0MzcxYmQwZjZkYTFjZDlkZjliOTYxY2IzYjgwY2FmOWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7YaoTOEauAwYmaF2lGBXMkIUzWKN
pCrDIlkAT672pakXNybtcliFp6XLvGRmk1Evk6kATjN5rd4Oyt+N94odgadURWvH
bwRAl2GErX7RY0LE2rLG9qYHbHq7dG9I43mpMv2HcSDz1olyflpU/suiw35OhwnP
H/iMP6parL4ddbpYwz1mUSOyFtcwA7uQRF2r+ptkNYKQ08rHnn+3v/bz7EpQ+YLO
nXVHbyApPsJvM060J3R1/WcdbaT8pqzqja24jZ4rT9/o2x7d1nrlbg1yEqqK43yL
dLTOQVW6eBPZXnebVl92wCRvTGlby4NamKDeTQ+aIyvYd7/zKr52Vh2/PQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHHYb0NxvQ9toc2d+blhyzuAyvm/MB8GA1UdIwQY
MBaAFNyUu2lFPxOaYAKeItsPs0JKkGzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0pTN2FVVV9FNXBnQXA0aTJ3LXpRa3FRYk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9kMDQ1Y2EtYzFmNy00ZWQ5LWFmZGIt
MDkwYzQ2ZTlmMmVkLzEvY2RodlEzRzlEMjJoelozNXVXSExPNERLLWI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9kMDQ1Y2EtYzFmNy00ZWQ5LWFmZGItMDkwYzQ2ZTlmMmVk
LzEvM0pTN2FVVV9FNXBnQXA0aTJ3LXpRa3FRYk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuQX8MA0G
CSqGSIb3DQEBCwUAA4IBAQBJUUDLroHVNZ1ypVXYx4Ceg77DwffyxaRyhhyIU9oi
i/cjfA4guI/jUA68RafTXMU7exCOjC8mmRJStD7Fu7VgPjW+SqxDT4Xh/fiONY31
BdaXeL2xUZHte5lJUnsAKyO4BNp85UPYNNCmPuHyZU3ILCGu9ls0RzAj0dk3ziGw
RKyfSuyGTBqJOpKBCcwubyYS0xXM5h2qjeFKAnp7Hl7YtvOsxO73gssDFub39mIT
j2hgro+vrvjcTcfHldWny8FE23a6+qyhjkDqu/evhnaxGPOPz3WVteqIs/cVXW4N
ELGwVhMGwQai/X9UW7Qk3t34gam5qTZ6yptHUz2FzUIU
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:43 2025 by rpki-client