Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/2a1b4e-d754-443c-a360-afb566cdfac6/1/C1pdtFvgr0xoHUm63plkKuj-C_Y.roa
File: C1pdtFvgr0xoHUm63plkKuj-C_Y.roa (raw, json)
Hash identifier: b/y/wC9aBMLG4uCve6DdHlmgdXRsPrspZQT4HGYlIp0=
Subject key identifier: 0B:5A:5D:B4:5B:E0:AF:4C:68:1D:49:BA:DE:99:64:2A:E8:FE:0B:F6
Certificate issuer: /CN=0cbbd0114d97196750d48c5e1256ed055a5e9e2c
Certificate serial: 0194258FC05F8E5D3D05312E2CB4B57EEC24
Authority key identifier: 0C:BB:D0:11:4D:97:19:67:50:D4:8C:5E:12:56:ED:05:5A:5E:9E:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DLvQEU2XGWdQ1IxeElbtBVpeniw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/2a1b4e-d754-443c-a360-afb566cdfac6/1/C1pdtFvgr0xoHUm63plkKuj-C_Y.roa
Signing time: Thu 02 Jan 2025 05:49:25 +0000
ROA not before: Thu 02 Jan 2025 05:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60671
IP address blocks: 185.27.40.0/23 maxlen: 23
185.27.40.0/24 maxlen: 24
185.27.41.0/24 maxlen: 24
2a04:33c0::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:c0:5f:8e:5d:3d:05:31:2e:2c:b4:b5:7e:ec:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cbbd0114d97196750d48c5e1256ed055a5e9e2c
Validity
Not Before: Jan 2 05:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b5a5db45be0af4c681d49bade99642ae8fe0bf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:25:0a:6a:8a:e4:3e:ca:fd:b9:15:54:89:b6:
0c:0e:df:23:74:dc:66:49:61:b7:96:a9:e6:3d:d8:
2d:3f:85:c6:1b:13:d8:0f:12:85:94:10:14:92:e4:
51:aa:24:c6:d8:49:f3:45:67:c6:20:de:07:a5:f2:
a2:d4:72:8f:a4:7e:1e:9d:5d:6e:e7:7d:bc:3c:16:
e9:23:6b:96:c1:a0:6e:c9:d5:09:7a:f6:95:7b:cf:
85:aa:79:61:50:4c:58:9f:58:52:4d:f4:1c:82:ce:
b0:69:a1:64:aa:01:2c:f5:fd:c1:13:46:7a:ab:0e:
a8:21:62:73:c8:97:01:01:2b:ee:46:0f:54:26:06:
1b:5d:35:18:72:28:70:c1:19:63:12:98:19:57:6f:
fc:2c:df:c9:3f:8e:9f:82:16:68:e2:de:fd:51:96:
05:6b:5f:6d:cd:4d:81:7b:ef:7d:18:fe:d3:10:a5:
f7:ba:fa:49:34:42:4c:54:d7:bd:88:fb:13:37:04:
66:5c:23:3f:18:02:61:82:08:7a:77:61:66:ac:5b:
1f:fd:28:bd:b2:fb:ea:95:2a:97:fc:8e:ca:5f:f6:
df:cf:4c:de:9f:3d:9e:98:1c:a3:98:6d:ae:95:c7:
4f:bd:1e:b7:02:a9:7c:d1:a9:f3:45:e8:95:f5:c3:
45:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:5A:5D:B4:5B:E0:AF:4C:68:1D:49:BA:DE:99:64:2A:E8:FE:0B:F6
X509v3 Authority Key Identifier:
keyid:0C:BB:D0:11:4D:97:19:67:50:D4:8C:5E:12:56:ED:05:5A:5E:9E:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DLvQEU2XGWdQ1IxeElbtBVpeniw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/2a1b4e-d754-443c-a360-afb566cdfac6/1/C1pdtFvgr0xoHUm63plkKuj-C_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/2a1b4e-d754-443c-a360-afb566cdfac6/1/DLvQEU2XGWdQ1IxeElbtBVpeniw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.27.40.0/23
IPv6:
2a04:33c0::/40
Signature Algorithm: sha256WithRSAEncryption
58:1f:95:71:b8:64:e4:a5:6d:73:9c:89:05:a8:09:1f:44:8d:
50:58:8d:34:19:30:59:65:4a:b2:f5:8c:f7:84:4e:66:06:f2:
b7:85:d6:07:87:2b:c2:23:31:26:3d:e0:92:d0:4e:0f:b3:dd:
ed:3c:af:f3:6e:7f:7a:6f:61:55:94:29:11:c9:5d:18:57:9b:
e6:5b:27:fd:7a:54:6d:a4:ce:08:68:ef:27:c0:d4:bb:a4:fa:
e4:c2:f8:80:e3:b2:4a:c9:49:15:46:a7:67:75:39:9f:d4:56:
e3:24:9d:d4:51:a5:99:5c:72:40:de:e6:41:71:ba:b7:bd:8c:
03:1d:71:09:d5:46:6b:85:61:00:e1:6a:e5:f6:cb:7d:7e:c3:
13:d3:e0:32:78:72:27:1e:f3:ad:1e:12:50:7b:87:2f:2e:44:
6c:c1:2b:fb:a4:b6:72:5c:16:da:eb:5c:6d:20:38:03:61:a2:
7a:04:91:d4:00:6f:b6:e4:7f:9b:1c:5d:db:7b:9a:22:c7:a9:
a5:6c:78:db:a9:79:95:59:9c:50:e6:34:aa:58:36:2d:f4:a7:
57:07:39:c0:88:9d:aa:3b:f4:04:b2:01:bb:41:fc:91:b9:36:
99:5d:97:b2:90:20:8f:50:e3:76:c8:3d:bf:37:61:91:7d:3b:
1d:5d:e1:27
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQlj8Bfjl09BTEuLLS1fuwkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjYmJkMDExNGQ5NzE5Njc1MGQ0OGM1ZTEyNTZlZDA1NWE1
ZTllMmMwHhcNMjUwMTAyMDU0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjVhNWRiNDViZTBhZjRjNjgxZDQ5YmFkZTk5NjQyYWU4ZmUwYmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSUKaorkPsr9uRVUibYMDt8jdNxm
SWG3lqnmPdgtP4XGGxPYDxKFlBAUkuRRqiTG2EnzRWfGIN4HpfKi1HKPpH4enV1u
5328PBbpI2uWwaBuydUJevaVe8+FqnlhUExYn1hSTfQcgs6waaFkqgEs9f3BE0Z6
qw6oIWJzyJcBASvuRg9UJgYbXTUYcihwwRljEpgZV2/8LN/JP46fghZo4t79UZYF
a19tzU2Be+99GP7TEKX3uvpJNEJMVNe9iPsTNwRmXCM/GAJhggh6d2FmrFsf/Si9
svvqlSqX/I7KX/bfz0zenz2emByjmG2ulcdPvR63Aql80anzReiV9cNFmwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFAtaXbRb4K9MaB1Jut6ZZCro/gv2MB8GA1UdIwQY
MBaAFAy70BFNlxlnUNSMXhJW7QVaXp4sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREx2UUVVMlhHV2RRMUl4ZUVsYnRCVnBlbml3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8yYTFiNGUtZDc1NC00NDNjLWEzNjAt
YWZiNTY2Y2RmYWM2LzEvQzFwZHRGdmdyMHhvSFVtNjNwbGtLdWotQ19ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8yYTFiNGUtZDc1NC00NDNjLWEzNjAtYWZiNTY2Y2RmYWM2
LzEvREx2UUVVMlhHV2RRMUl4ZUVsYnRCVnBlbml3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBuRsoMA4E
AgACMAgDBgAqBDPAADANBgkqhkiG9w0BAQsFAAOCAQEAWB+Vcbhk5KVtc5yJBagJ
H0SNUFiNNBkwWWVKsvWM94ROZgbyt4XWB4crwiMxJj3gktBOD7Pd7Tyv825/em9h
VZQpEcldGFeb5lsn/XpUbaTOCGjvJ8DUu6T65ML4gOOySslJFUanZ3U5n9RW4ySd
1FGlmVxyQN7mQXG6t72MAx1xCdVGa4VhAOFq5fbLfX7DE9PgMnhyJx7zrR4SUHuH
Ly5EbMEr+6S2clwW2utcbSA4A2GiegSR1ABvtuR/mxxd23uaIseppWx426l5lVmc
UOY0qlg2LfSnVwc5wIidqjv0BLIBu0H8kbk2mV2XspAgj1Djdsg9vzdhkX07HV3h
Jw==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:37 2025 by rpki-client