Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/289E-Jj1-_NHnfIspmJ6dDyJHMo.roa
File: 289E-Jj1-_NHnfIspmJ6dDyJHMo.roa (raw, json)
Hash identifier: WdW5apU9mzQj50OlelJWc6bz8hGD+pm8qBunEBj3yw4=
Subject key identifier: DB:CF:44:F8:98:F5:FB:F3:47:9D:F2:2C:A6:62:7A:74:3C:89:1C:CA
Certificate issuer: /CN=d1fd3436d7a19a7343fa800d87a01af183da318b
Certificate serial: 0194206809172A0099BB9E214308C744C012
Authority key identifier: D1:FD:34:36:D7:A1:9A:73:43:FA:80:0D:87:A0:1A:F1:83:DA:31:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0f00NtehmnND-oANh6Aa8YPaMYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/289E-Jj1-_NHnfIspmJ6dDyJHMo.roa
Signing time: Wed 01 Jan 2025 05:47:56 +0000
ROA not before: Wed 01 Jan 2025 05:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1299
IP address blocks: 185.13.208.0/22 maxlen: 24
2a03:a540::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:09:17:2a:00:99:bb:9e:21:43:08:c7:44:c0:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1fd3436d7a19a7343fa800d87a01af183da318b
Validity
Not Before: Jan 1 05:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dbcf44f898f5fbf3479df22ca6627a743c891cca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:6d:56:eb:5b:49:75:87:92:2c:fd:42:9b:2e:
ee:d3:34:50:5d:e5:15:37:62:ac:8d:f8:c9:27:98:
c3:17:c4:b0:c9:83:2c:ed:8f:23:46:94:6d:78:f2:
c1:cf:cd:e0:38:fa:ee:76:a0:fc:db:ac:1a:55:e4:
d4:3e:3e:f0:9c:01:9e:d1:b9:09:a5:d3:7e:c3:3e:
8a:20:d0:17:dd:42:3a:58:01:3b:4e:84:a8:66:94:
b9:c0:82:d1:df:10:bc:b0:ec:3e:88:47:39:5c:62:
8a:49:e7:0d:fd:8a:58:a2:ef:f7:1c:fe:ba:58:14:
16:9e:5f:16:00:8f:43:c6:9d:97:c3:08:eb:f2:d8:
6f:9e:e2:d1:75:9b:f4:cf:71:e0:aa:c3:ff:e7:b7:
ab:ac:f2:f1:2e:58:6a:b7:61:02:d7:ff:97:85:11:
50:f0:b0:9f:68:78:85:09:90:64:8b:09:66:77:21:
c1:c1:25:97:d1:2b:10:8f:99:8c:56:9a:f6:a4:85:
ab:35:bf:aa:db:b7:8f:86:d0:97:81:2d:92:f6:3e:
b1:ec:fd:82:36:b9:51:67:97:a9:87:9f:0c:be:b2:
4b:45:23:ab:8a:21:00:a6:90:04:90:6f:02:94:ed:
5e:5e:6d:cf:51:3b:3a:a0:e2:bd:a1:c0:10:35:b8:
93:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:CF:44:F8:98:F5:FB:F3:47:9D:F2:2C:A6:62:7A:74:3C:89:1C:CA
X509v3 Authority Key Identifier:
keyid:D1:FD:34:36:D7:A1:9A:73:43:FA:80:0D:87:A0:1A:F1:83:DA:31:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f00NtehmnND-oANh6Aa8YPaMYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/289E-Jj1-_NHnfIspmJ6dDyJHMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/0f00NtehmnND-oANh6Aa8YPaMYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.13.208.0/22
IPv6:
2a03:a540::/32
Signature Algorithm: sha256WithRSAEncryption
19:70:8e:37:d0:ce:5f:84:a2:6d:26:2f:91:7e:97:f7:7e:6d:
cf:ab:a1:4c:55:b7:1c:f6:ba:cd:5b:c6:ee:57:25:51:12:6f:
ee:6a:f1:62:24:db:7e:75:db:54:10:93:af:82:cb:1b:9e:06:
d3:f7:5e:9b:49:f6:bc:ae:13:e6:49:6e:dc:42:69:da:dc:ff:
9a:7b:87:41:b6:58:39:55:5c:6a:4e:5e:9c:61:f2:8a:ab:0f:
cb:6a:74:fc:2d:e7:56:3a:d9:3b:74:9b:6b:e7:43:76:17:2b:
89:62:6a:35:5e:6e:38:30:05:5d:46:c6:9c:05:32:e0:e1:19:
41:38:b6:ed:17:99:b6:d8:af:5e:af:97:08:fd:0f:4d:b3:d2:
ef:2a:c6:05:2e:36:da:aa:a8:1b:f7:20:04:8a:4e:51:d1:ad:
b1:31:cd:98:e5:83:62:5c:1b:cf:32:75:4a:b9:4f:78:f2:df:
a6:c5:fe:07:71:d1:24:ad:41:1f:92:3f:fe:27:f7:54:fb:02:
c3:9d:d0:60:2c:e9:32:b3:ed:64:20:48:70:36:ff:34:74:33:
8a:d4:79:2d:e1:ba:8f:4b:d8:95:30:10:5e:fe:db:40:72:bc:
b3:92:87:e1:21:90:25:19:1e:9a:2f:31:92:28:96:e4:5f:4a:
f8:cd:61:4d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQgaAkXKgCZu54hQwjHRMASMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZmQzNDM2ZDdhMTlhNzM0M2ZhODAwZDg3YTAxYWYxODNk
YTMxOGIwHhcNMjUwMTAxMDU0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmNmNDRmODk4ZjVmYmYzNDc5ZGYyMmNhNjYyN2E3NDNjODkxY2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhG1W61tJdYeSLP1Cmy7u0zRQXeUV
N2KsjfjJJ5jDF8SwyYMs7Y8jRpRtePLBz83gOPrudqD826waVeTUPj7wnAGe0bkJ
pdN+wz6KINAX3UI6WAE7ToSoZpS5wILR3xC8sOw+iEc5XGKKSecN/YpYou/3HP66
WBQWnl8WAI9Dxp2Xwwjr8thvnuLRdZv0z3HgqsP/57errPLxLlhqt2EC1/+XhRFQ
8LCfaHiFCZBkiwlmdyHBwSWX0SsQj5mMVpr2pIWrNb+q27ePhtCXgS2S9j6x7P2C
NrlRZ5eph58MvrJLRSOriiEAppAEkG8ClO1eXm3PUTs6oOK9ocAQNbiTEwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNvPRPiY9fvzR53yLKZienQ8iRzKMB8GA1UdIwQY
MBaAFNH9NDbXoZpzQ/qADYegGvGD2jGLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGYwME50ZWhtbk5ELW9BTmg2QWE4WVBhTVlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9iY2Q1ZTgtNWQxZi00NmIxLTk2YmMt
MzlhNjZjYmUxZTRkLzEvMjg5RS1KajEtX05IbmZJc3BtSjZkRHlKSE1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9iY2Q1ZTgtNWQxZi00NmIxLTk2YmMtMzlhNjZjYmUxZTRk
LzEvMGYwME50ZWhtbk5ELW9BTmg2QWE4WVBhTVlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQ3QMA0E
AgACMAcDBQAqA6VAMA0GCSqGSIb3DQEBCwUAA4IBAQAZcI430M5fhKJtJi+Rfpf3
fm3Pq6FMVbcc9rrNW8buVyVREm/uavFiJNt+ddtUEJOvgssbngbT916bSfa8rhPm
SW7cQmna3P+ae4dBtlg5VVxqTl6cYfKKqw/LanT8LedWOtk7dJtr50N2FyuJYmo1
Xm44MAVdRsacBTLg4RlBOLbtF5m22K9er5cI/Q9Ns9LvKsYFLjbaqqgb9yAEik5R
0a2xMc2Y5YNiXBvPMnVKuU948t+mxf4HcdEkrUEfkj/+J/dU+wLDndBgLOkys+1k
IEhwNv80dDOK1Hkt4bqPS9iVMBBe/ttAcryzkofhIZAlGR6aLzGSKJbkX0r4zWFN
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:34:22 2025 by rpki-client