Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/6ce0c0-937c-4a43-9e84-18e5c537d51d/1/Jo8Y435n3Pd_3zXxNtedYgjItDk.roa
File: Jo8Y435n3Pd_3zXxNtedYgjItDk.roa (raw, json)
Hash identifier: s59FKEp30KDhXVkiZy91uysMmddt+n0/jacR5LsK5DU=
Subject key identifier: 26:8F:18:E3:7E:67:DC:F7:7F:DF:35:F1:36:D7:9D:62:08:C8:B4:39
Certificate issuer: /CN=70de707d6c01006b2aca687eaab29cb4736b7668
Certificate serial: 01941FFAB9DD9B9CB1AE2348D00FAEB3A83C
Authority key identifier: 70:DE:70:7D:6C:01:00:6B:2A:CA:68:7E:AA:B2:9C:B4:73:6B:76:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cN5wfWwBAGsqymh-qrKctHNrdmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/6ce0c0-937c-4a43-9e84-18e5c537d51d/1/Jo8Y435n3Pd_3zXxNtedYgjItDk.roa
Signing time: Wed 01 Jan 2025 03:48:32 +0000
ROA not before: Wed 01 Jan 2025 03:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199906
IP address blocks: 185.54.136.0/23 maxlen: 23
2a01:6160:1996::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:b9:dd:9b:9c:b1:ae:23:48:d0:0f:ae:b3:a8:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70de707d6c01006b2aca687eaab29cb4736b7668
Validity
Not Before: Jan 1 03:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=268f18e37e67dcf77fdf35f136d79d6208c8b439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:0c:bd:60:1d:4e:e9:5a:30:04:d9:9e:22:5a:
55:32:ef:5e:70:89:96:f5:d3:e8:4c:06:18:4e:b0:
7b:65:36:7e:02:b1:c9:97:ec:df:7f:0c:e8:8f:7d:
58:71:b7:95:87:43:94:02:a9:12:57:bd:e3:b8:bd:
32:10:87:8e:49:ae:30:a3:c3:47:ec:be:9e:86:03:
23:65:1d:6d:9e:b3:06:87:0c:84:1c:0e:9a:40:4e:
18:58:7c:51:c7:12:22:7a:4a:13:39:04:1f:d5:b5:
09:a2:df:c2:fa:53:ee:fa:b3:63:98:ea:4c:ab:cd:
21:fc:4a:c7:c3:db:2b:11:54:33:59:d6:6a:35:0e:
d1:18:af:0b:88:01:42:8a:d9:c6:2a:9a:b3:9a:e1:
5a:9b:eb:71:3c:1b:90:05:09:a7:22:24:7f:b4:d3:
de:cf:7a:df:f6:22:6e:70:9a:91:fe:26:a6:19:40:
0c:21:a5:b6:54:95:a7:65:77:ef:18:51:86:89:b2:
94:1b:f9:7c:0a:d8:a8:0d:6d:f1:ea:e1:55:00:0c:
c0:93:60:73:35:d4:4d:24:d1:58:24:e1:9b:ac:69:
42:f9:f0:c3:4a:df:5e:06:c6:de:9f:e0:69:b5:5f:
fe:27:69:71:89:42:34:53:8b:56:78:9c:c1:9c:35:
d3:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:8F:18:E3:7E:67:DC:F7:7F:DF:35:F1:36:D7:9D:62:08:C8:B4:39
X509v3 Authority Key Identifier:
keyid:70:DE:70:7D:6C:01:00:6B:2A:CA:68:7E:AA:B2:9C:B4:73:6B:76:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cN5wfWwBAGsqymh-qrKctHNrdmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/6ce0c0-937c-4a43-9e84-18e5c537d51d/1/Jo8Y435n3Pd_3zXxNtedYgjItDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/6ce0c0-937c-4a43-9e84-18e5c537d51d/1/cN5wfWwBAGsqymh-qrKctHNrdmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.136.0/23
IPv6:
2a01:6160:1996::/48
Signature Algorithm: sha256WithRSAEncryption
1e:a1:40:ea:75:61:c0:a7:2c:15:93:d5:3d:7a:d8:f3:9b:ff:
f6:90:07:77:5f:46:3b:7a:c4:73:e5:a2:52:8a:31:a5:8f:f6:
96:bb:0a:2c:ee:68:ec:f8:c2:83:89:64:1c:89:eb:0d:71:b2:
32:34:58:ad:4e:b2:17:8a:cb:7b:c6:c0:98:d8:fe:74:7d:fc:
98:83:dc:f0:67:f5:87:f2:1d:ea:c7:72:b0:30:8c:ef:2c:53:
80:80:f4:36:37:4a:c4:b0:ba:fe:07:b0:a9:35:7e:f8:b1:69:
39:d4:e1:e4:82:a9:09:6e:33:fd:08:33:61:e7:03:82:0d:2c:
83:de:5d:a9:6f:d2:57:c1:ac:e5:3b:d2:3a:9f:ea:6a:37:a1:
a9:f8:c1:65:e4:95:51:98:54:e7:c4:f3:2f:96:48:56:55:13:
c3:4e:b2:21:66:8f:00:ed:d7:87:6e:93:1f:e7:b3:61:5b:6a:
cd:8c:33:3b:ca:03:17:74:3f:91:e0:5f:80:76:cb:e7:ce:0e:
c0:98:8c:40:b8:10:1b:17:e5:59:00:78:18:d6:e9:78:5d:af:
78:c5:30:ff:8f:fb:84:7b:ba:d6:55:ec:19:c2:9d:c9:aa:f3:
0f:20:b0:c4:cd:b3:66:72:81:26:d0:a2:af:7a:b1:84:11:a6:
3a:30:a1:cd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQf+rndm5yxriNI0A+us6g8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZGU3MDdkNmMwMTAwNmIyYWNhNjg3ZWFhYjI5Y2I0NzM2
Yjc2NjgwHhcNMjUwMTAxMDM0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjhmMThlMzdlNjdkY2Y3N2ZkZjM1ZjEzNmQ3OWQ2MjA4YzhiNDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wy9YB1O6VowBNmeIlpVMu9ecImW
9dPoTAYYTrB7ZTZ+ArHJl+zffwzoj31YcbeVh0OUAqkSV73juL0yEIeOSa4wo8NH
7L6ehgMjZR1tnrMGhwyEHA6aQE4YWHxRxxIiekoTOQQf1bUJot/C+lPu+rNjmOpM
q80h/ErHw9srEVQzWdZqNQ7RGK8LiAFCitnGKpqzmuFam+txPBuQBQmnIiR/tNPe
z3rf9iJucJqR/iamGUAMIaW2VJWnZXfvGFGGibKUG/l8CtioDW3x6uFVAAzAk2Bz
NdRNJNFYJOGbrGlC+fDDSt9eBsben+BptV/+J2lxiUI0U4tWeJzBnDXTjQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCaPGON+Z9z3f9818TbXnWIIyLQ5MB8GA1UdIwQY
MBaAFHDecH1sAQBrKspofqqynLRza3ZoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY041d2ZXd0JBR3NxeW1oLXFyS2N0SE5yZG1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My82Y2UwYzAtOTM3Yy00YTQzLTllODQt
MThlNWM1MzdkNTFkLzEvSm84WTQzNW4zUGRfM3pYeE50ZWRZZ2pJdERrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My82Y2UwYzAtOTM3Yy00YTQzLTllODQtMThlNWM1MzdkNTFk
LzEvY041d2ZXd0JBR3NxeW1oLXFyS2N0SE5yZG1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuTaIMA8E
AgACMAkDBwAqAWFgGZYwDQYJKoZIhvcNAQELBQADggEBAB6hQOp1YcCnLBWT1T16
2POb//aQB3dfRjt6xHPlolKKMaWP9pa7CizuaOz4woOJZByJ6w1xsjI0WK1OsheK
y3vGwJjY/nR9/JiD3PBn9YfyHerHcrAwjO8sU4CA9DY3SsSwuv4HsKk1fvixaTnU
4eSCqQluM/0IM2HnA4INLIPeXalv0lfBrOU70jqf6mo3oan4wWXklVGYVOfE8y+W
SFZVE8NOsiFmjwDt14dukx/ns2Fbas2MMzvKAxd0P5HgX4B2y+fODsCYjEC4EBsX
5VkAeBjW6Xhdr3jFMP+P+4R7utZV7BnCncmq8w8gsMTNs2ZygSbQoq96sYQRpjow
oc0=
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:03:34 2025 by rpki-client