Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/698f5e-58c2-4a43-9c6a-155c72c1a723/1/hE5Vx04ypRjBetJsGeP2H1NfsLc.roa
File: hE5Vx04ypRjBetJsGeP2H1NfsLc.roa (raw, json)
Hash identifier: GCUedakhqV7Sk3R3T361SASCw+iAcTwUpGzb2TyM4h8=
Subject key identifier: 84:4E:55:C7:4E:32:A5:18:C1:7A:D2:6C:19:E3:F6:1F:53:5F:B0:B7
Certificate issuer: /CN=527ad19786dd54b35a4b96ad3fbc5793278e4474
Certificate serial: 018F2870B663CD4BBC74099E818978654966
Authority key identifier: 52:7A:D1:97:86:DD:54:B3:5A:4B:96:AD:3F:BC:57:93:27:8E:44:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UnrRl4bdVLNaS5atP7xXkyeORHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/698f5e-58c2-4a43-9c6a-155c72c1a723/1/hE5Vx04ypRjBetJsGeP2H1NfsLc.roa
Signing time: Mon 29 Apr 2024 06:00:26 +0000
ROA not before: Mon 29 Apr 2024 06:00:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215071
IP address blocks: 185.241.39.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:28:70:b6:63:cd:4b:bc:74:09:9e:81:89:78:65:49:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=527ad19786dd54b35a4b96ad3fbc5793278e4474
Validity
Not Before: Apr 29 06:00:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=844e55c74e32a518c17ad26c19e3f61f535fb0b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:36:2d:cd:3a:df:ad:78:59:39:cd:d2:c9:34:
f3:9d:88:0a:3b:36:db:4c:8e:ef:19:f0:7c:e6:24:
c1:af:cf:12:ad:30:ee:a3:6d:2e:49:96:39:62:7d:
f0:43:fa:54:bf:cf:61:4c:34:de:1e:36:41:5c:a4:
fd:a8:d5:2f:4b:12:8e:c1:a1:6a:c9:07:be:0e:9c:
0f:a0:b9:62:8e:38:a4:b9:2e:aa:b6:fe:d7:c8:a4:
65:62:98:55:cb:d1:38:67:ec:c2:fa:f6:e7:7a:61:
fa:a2:bf:9f:07:78:52:55:89:46:0e:f9:0d:d5:3d:
35:af:dd:a5:d0:2f:4c:ff:59:5e:aa:ce:80:16:85:
e0:23:11:e0:6d:f4:1f:c6:11:f7:6a:10:12:cb:c5:
32:2b:81:ee:27:8f:d3:67:2d:2c:1e:1f:25:19:3a:
cf:ec:58:ed:72:64:70:66:14:1e:80:23:ed:1a:3b:
24:3a:11:90:a5:25:a3:d1:3f:3c:28:76:dc:77:42:
7f:ba:51:ea:33:33:4c:ec:a0:e3:56:f3:6e:5d:7e:
c9:ac:d8:a5:16:d7:e3:dc:6d:fc:15:b7:e2:90:b0:
bb:fc:e4:5c:ec:48:d6:97:2b:ef:98:75:54:20:44:
42:71:b5:e2:9a:ad:78:d6:8e:a7:f3:91:b9:06:5c:
06:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:4E:55:C7:4E:32:A5:18:C1:7A:D2:6C:19:E3:F6:1F:53:5F:B0:B7
X509v3 Authority Key Identifier:
keyid:52:7A:D1:97:86:DD:54:B3:5A:4B:96:AD:3F:BC:57:93:27:8E:44:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UnrRl4bdVLNaS5atP7xXkyeORHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/698f5e-58c2-4a43-9c6a-155c72c1a723/1/hE5Vx04ypRjBetJsGeP2H1NfsLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/698f5e-58c2-4a43-9c6a-155c72c1a723/1/UnrRl4bdVLNaS5atP7xXkyeORHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.39.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:f8:c0:96:23:59:ae:cf:55:d4:cc:56:13:25:db:2f:49:c9:
1a:25:3b:44:41:96:16:13:a0:25:68:82:1b:ec:c2:21:4f:4d:
73:e0:c9:63:fc:68:4e:58:1c:73:83:5b:eb:b9:12:8e:b1:13:
fc:83:9d:1b:5b:df:d9:95:b8:e5:61:c0:45:37:ad:db:22:95:
fa:88:89:d2:3e:e7:0e:60:5c:38:17:4b:9f:85:b2:18:0e:aa:
d0:d9:74:91:65:cb:47:3f:53:c7:c5:df:a9:6d:d4:2b:75:86:
81:6f:f6:7b:bc:a3:03:f5:eb:2f:26:95:e8:f2:44:e2:1f:b4:
ac:58:83:68:d8:aa:73:24:cd:5c:8f:93:bb:80:a5:26:3c:7f:
3b:f5:82:db:58:ea:6a:dd:e8:9e:97:03:71:d8:c1:93:b7:71:
b3:4b:19:cc:d1:44:f1:cb:91:0d:a4:0e:65:8d:63:f3:97:33:
ba:fe:23:2c:8e:5b:6d:9e:d1:1b:9f:dc:e1:fd:5e:00:ea:f7:
61:b0:e5:8f:c5:4b:a6:c5:01:0d:be:3a:3c:eb:c3:5b:1d:7e:
6b:ed:76:f9:24:0e:91:b0:25:b7:82:de:4b:3f:e8:8e:ea:00:
8e:c2:55:c7:2c:36:25:17:e1:2b:44:eb:53:a1:6b:5e:09:dc:
70:9b:e0:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8ocLZjzUu8dAmegYl4ZUlmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyN2FkMTk3ODZkZDU0YjM1YTRiOTZhZDNmYmM1NzkzMjc4
ZTQ0NzQwHhcNMjQwNDI5MDYwMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDRlNTVjNzRlMzJhNTE4YzE3YWQyNmMxOWUzZjYxZjUzNWZiMGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzYtzTrfrXhZOc3SyTTznYgKOzbb
TI7vGfB85iTBr88SrTDuo20uSZY5Yn3wQ/pUv89hTDTeHjZBXKT9qNUvSxKOwaFq
yQe+DpwPoLlijjikuS6qtv7XyKRlYphVy9E4Z+zC+vbnemH6or+fB3hSVYlGDvkN
1T01r92l0C9M/1leqs6AFoXgIxHgbfQfxhH3ahASy8UyK4HuJ4/TZy0sHh8lGTrP
7FjtcmRwZhQegCPtGjskOhGQpSWj0T88KHbcd0J/ulHqMzNM7KDjVvNuXX7JrNil
Ftfj3G38FbfikLC7/ORc7EjWlyvvmHVUIERCcbXimq141o6n85G5BlwGhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIROVcdOMqUYwXrSbBnj9h9TX7C3MB8GA1UdIwQY
MBaAFFJ60ZeG3VSzWkuWrT+8V5MnjkR0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW5yUmw0YmRWTE5hUzVhdFA3eFhreWVPUkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC82OThmNWUtNThjMi00YTQzLTljNmEt
MTU1YzcyYzFhNzIzLzEvaEU1VngwNHlwUmpCZXRKc0dlUDJIMU5mc0xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC82OThmNWUtNThjMi00YTQzLTljNmEtMTU1YzcyYzFhNzIz
LzEvVW5yUmw0YmRWTE5hUzVhdFA3eFhreWVPUkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufEnMA0G
CSqGSIb3DQEBCwUAA4IBAQA8+MCWI1muz1XUzFYTJdsvSckaJTtEQZYWE6AlaIIb
7MIhT01z4Mlj/GhOWBxzg1vruRKOsRP8g50bW9/ZlbjlYcBFN63bIpX6iInSPucO
YFw4F0ufhbIYDqrQ2XSRZctHP1PHxd+pbdQrdYaBb/Z7vKMD9esvJpXo8kTiH7Ss
WINo2KpzJM1cj5O7gKUmPH879YLbWOpq3eielwNx2MGTt3GzSxnM0UTxy5ENpA5l
jWPzlzO6/iMsjlttntEbn9zh/V4A6vdhsOWPxUumxQENvjo868NbHX5r7Xb5JA6R
sCW3gt5LP+iO6gCOwlXHLDYlF+ErROtToWteCdxwm+CV
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:39:14 2025 by rpki-client