Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/20JZoPz-t_mgvCADeYADS1I1_kA.roa
File: 20JZoPz-t_mgvCADeYADS1I1_kA.roa (raw, json)
Hash identifier: RK32qURGpdFetMp2/p5tqjPHVuZOydtV4ypb7Fv2oMw=
Subject key identifier: DB:42:59:A0:FC:FE:B7:F9:A0:BC:20:03:79:80:03:4B:52:35:FE:40
Certificate issuer: /CN=fa2e72abf7b1728fda6aa0b0413d8854812ea361
Certificate serial: 019421B1F93FFF5E1F45D8902A6E98E2AE96
Authority key identifier: FA:2E:72:AB:F7:B1:72:8F:DA:6A:A0:B0:41:3D:88:54:81:2E:A3:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-i5yq_exco_aaqCwQT2IVIEuo2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/20JZoPz-t_mgvCADeYADS1I1_kA.roa
Signing time: Wed 01 Jan 2025 11:48:19 +0000
ROA not before: Wed 01 Jan 2025 11:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42106
IP address blocks: 185.231.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:f9:3f:ff:5e:1f:45:d8:90:2a:6e:98:e2:ae:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa2e72abf7b1728fda6aa0b0413d8854812ea361
Validity
Not Before: Jan 1 11:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db4259a0fcfeb7f9a0bc20037980034b5235fe40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:3b:96:fd:db:56:d7:e6:f8:10:22:e4:9d:9f:
ea:e5:53:d6:d4:e9:24:6f:a8:aa:a5:f2:96:00:c8:
dc:49:9d:6e:4d:91:ac:a9:7d:b6:46:62:9a:3d:2a:
b4:2b:5f:92:3f:74:e7:2c:9c:60:38:49:66:f0:b9:
13:69:9f:64:88:b9:32:02:a1:56:ba:d0:5b:bd:3a:
e9:f3:0f:4e:59:d8:2f:38:6f:ea:a2:36:a1:aa:d7:
75:21:54:b9:59:95:1a:c6:c4:83:0e:eb:3d:f3:b0:
31:5e:f5:1b:f3:d8:03:35:01:38:bb:80:57:25:59:
bb:49:5a:39:30:96:e3:7b:84:be:76:0e:b1:e3:99:
00:54:87:19:14:92:0c:ae:e8:a5:74:2c:7c:3b:59:
ab:dd:e7:e2:73:e0:3d:b1:7b:a6:4d:df:5f:a2:33:
43:55:71:b8:65:65:88:0e:90:a7:72:e3:71:de:3d:
a8:73:90:ef:42:69:de:25:cc:5f:0a:3a:e9:33:2e:
86:0f:e4:cf:90:f1:54:1f:f5:6f:d9:53:c3:16:cb:
5c:c5:ad:72:1d:6c:df:7d:b7:7a:6d:80:0b:ba:fd:
f1:4d:8b:ab:30:f3:02:f4:4b:55:b2:c2:39:16:3d:
11:60:61:4a:7a:ad:56:d6:30:96:d5:4e:e9:c0:39:
f8:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:42:59:A0:FC:FE:B7:F9:A0:BC:20:03:79:80:03:4B:52:35:FE:40
X509v3 Authority Key Identifier:
keyid:FA:2E:72:AB:F7:B1:72:8F:DA:6A:A0:B0:41:3D:88:54:81:2E:A3:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-i5yq_exco_aaqCwQT2IVIEuo2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/20JZoPz-t_mgvCADeYADS1I1_kA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/1-i5yq_exco_aaqCwQT2IVIEuo2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.223.0/24
Signature Algorithm: sha256WithRSAEncryption
71:3d:81:a0:94:e8:1a:33:ea:75:1f:a7:6d:4a:aa:98:3b:06:
92:3a:25:12:70:64:21:e9:ac:04:67:9f:ca:da:36:e7:7c:35:
c2:dc:69:e4:7a:28:e9:15:5c:71:02:f6:d9:2b:a2:c2:c5:a2:
3d:56:bb:9e:ed:85:3b:57:f9:74:07:53:21:77:71:f5:4b:57:
ef:36:4a:8a:89:f5:ad:0c:ce:25:1b:4b:e4:66:f7:77:95:d7:
5b:af:10:c5:6a:89:62:3a:58:a7:09:cb:be:16:b7:98:86:b8:
c7:c0:32:e8:6e:da:98:34:59:fd:9f:7d:33:7a:d3:87:4d:ec:
6f:2d:14:91:82:a8:b0:f8:61:f2:fb:ff:e2:91:8f:16:48:cc:
a2:e7:22:8d:c6:99:2a:0b:b9:62:e2:5a:5c:b7:85:f8:03:64:
08:bc:83:a8:6a:2d:85:95:d8:d8:b5:d5:ec:16:84:9e:a2:4b:
ea:6a:b3:82:a6:22:0f:fb:c3:fc:50:f2:19:f5:e4:61:a3:38:
67:60:27:b5:af:15:b2:1e:7f:07:6f:3d:5e:58:83:b7:f6:e3:
46:14:a5:fe:4f:c2:0b:b3:ef:6f:22:03:38:29:a7:0f:a0:27:
d5:f5:d4:bf:f6:58:af:c7:02:2d:2b:8a:5e:1f:e4:9d:34:65:
02:eb:f3:35
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQhsfk//14fRdiQKm6Y4q6WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhMmU3MmFiZjdiMTcyOGZkYTZhYTBiMDQxM2Q4ODU0ODEy
ZWEzNjEwHhcNMjUwMTAxMTE0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjQyNTlhMGZjZmViN2Y5YTBiYzIwMDM3OTgwMDM0YjUyMzVmZTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDuW/dtW1+b4ECLknZ/q5VPW1Okk
b6iqpfKWAMjcSZ1uTZGsqX22RmKaPSq0K1+SP3TnLJxgOElm8LkTaZ9kiLkyAqFW
utBbvTrp8w9OWdgvOG/qojahqtd1IVS5WZUaxsSDDus987AxXvUb89gDNQE4u4BX
JVm7SVo5MJbje4S+dg6x45kAVIcZFJIMruildCx8O1mr3efic+A9sXumTd9fojND
VXG4ZWWIDpCncuNx3j2oc5DvQmneJcxfCjrpMy6GD+TPkPFUH/Vv2VPDFstcxa1y
HWzffbd6bYALuv3xTYurMPMC9EtVssI5Fj0RYGFKeq1W1jCW1U7pwDn4eQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNtCWaD8/rf5oLwgA3mAA0tSNf5AMB8GA1UdIwQY
MBaAFPoucqv3sXKP2mqgsEE9iFSBLqNhMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1pNXlxX2V4Y29fYWFxQ3dRVDJJVklFdW8yRS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMvZjYxNTkxLTdjYTgtNGE5YS04OTlm
LWEzNjZkYTI1MWE4My8xLzIwSlpvUHotdF9tZ3ZDQURlWUFEUzFJMV9rQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWMvZjYxNTkxLTdjYTgtNGE5YS04OTlmLWEzNjZkYTI1MWE4
My8xLzEtaTV5cV9leGNvX2FhcUN3UVQySVZJRXVvMkUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC5598w
DQYJKoZIhvcNAQELBQADggEBAHE9gaCU6Boz6nUfp21Kqpg7BpI6JRJwZCHprARn
n8raNud8NcLcaeR6KOkVXHEC9tkrosLFoj1Wu57thTtX+XQHUyF3cfVLV+82SoqJ
9a0MziUbS+Rm93eV11uvEMVqiWI6WKcJy74Wt5iGuMfAMuhu2pg0Wf2ffTN604dN
7G8tFJGCqLD4YfL7/+KRjxZIzKLnIo3GmSoLuWLiWly3hfgDZAi8g6hqLYWV2Ni1
1ewWhJ6iS+pqs4KmIg/7w/xQ8hn15GGjOGdgJ7WvFbIefwdvPV5Yg7f240YUpf5P
wguz728iAzgppw+gJ9X11L/2WK/HAi0ril4f5J00ZQLr8zU=
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:25:31 2025 by rpki-client