Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/cfdbmoaWdxVHIDhjILaSo4OtkDc.roa
File: cfdbmoaWdxVHIDhjILaSo4OtkDc.roa (raw, json)
Hash identifier: uQyWoeGxbLL+4u04+Lk0DJknoS3PSDcycZWpGGdkjbU=
Subject key identifier: 71:F7:5B:9A:86:96:77:15:47:20:38:63:20:B6:92:A3:83:AD:90:37
Certificate issuer: /CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Certificate serial: 0194266BC457513022CE383A7D3881701E03
Authority key identifier: A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/cfdbmoaWdxVHIDhjILaSo4OtkDc.roa
Signing time: Thu 02 Jan 2025 09:49:44 +0000
ROA not before: Thu 02 Jan 2025 09:49:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13260
IP address blocks: 185.11.25.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:c4:57:51:30:22:ce:38:3a:7d:38:81:70:1e:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Validity
Not Before: Jan 2 09:49:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=71f75b9a869677154720386320b692a383ad9037
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ba:f3:15:18:7a:52:f3:71:f6:9c:27:f1:84:
4b:21:8b:7f:cf:5a:1d:3d:2c:bc:f6:29:9c:29:ca:
24:dd:25:31:87:90:07:32:23:d3:d0:40:a4:2a:d0:
83:5f:c5:ac:76:c4:ff:24:6b:cb:6e:58:1d:ad:0c:
c3:84:aa:9c:41:5e:ad:d6:32:06:51:4e:ec:3f:df:
ac:39:ad:14:12:24:3b:0d:81:a8:03:d4:71:51:b2:
ba:6e:c8:af:d2:9c:56:54:68:28:4e:ed:32:d4:e3:
c7:3f:66:c7:c9:f9:2c:53:f0:74:81:e2:36:56:88:
83:36:b3:87:37:bd:1a:7b:76:61:92:1f:3a:59:6a:
51:16:bd:41:59:91:79:01:9e:a7:7b:a7:e9:bb:a1:
17:b1:91:87:ac:97:a7:6f:aa:9f:54:98:e1:fe:d1:
55:cd:bc:e7:54:78:3c:c3:ef:ce:a3:25:4d:72:f9:
4e:5a:60:7f:02:bf:06:ad:8e:1a:2a:ad:6c:5a:a5:
03:bc:80:7c:6f:e7:3a:ab:82:de:36:ed:91:4b:82:
72:bb:b3:94:8e:96:b3:7c:e6:24:7b:cb:75:46:e6:
5f:80:9b:4a:e3:3d:9b:ff:44:71:88:f0:df:10:3b:
9f:01:90:91:a6:72:cd:a2:49:9e:94:45:ee:06:25:
17:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:F7:5B:9A:86:96:77:15:47:20:38:63:20:B6:92:A3:83:AD:90:37
X509v3 Authority Key Identifier:
keyid:A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/cfdbmoaWdxVHIDhjILaSo4OtkDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/olSp86JmUT3caTXYvgIuflIw6hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.25.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:44:3e:a5:47:64:bf:7d:b4:09:01:58:78:b6:af:8d:1a:83:
83:55:99:b6:29:a4:01:76:f1:b3:6e:82:93:3f:31:5f:7c:4b:
f5:a8:ec:38:d4:cf:9f:b6:2e:8b:c3:be:02:88:9c:6a:01:cc:
cd:91:93:50:b5:22:c6:d0:77:64:4e:f4:53:e0:06:a0:52:c6:
d6:20:af:fe:1c:d9:62:0f:dd:97:13:08:34:cd:cf:ea:54:34:
db:56:f5:22:ff:29:5b:6d:38:1a:13:22:14:e5:bb:a2:7a:ce:
3a:74:08:1c:aa:f5:f3:2d:6f:03:20:cd:86:bf:85:8e:20:e1:
b4:1c:51:4f:fa:b4:32:0d:d6:66:98:ff:c4:b6:38:2e:95:b3:
6a:81:ad:0e:63:b2:22:95:a1:17:72:32:1b:32:51:3f:ae:cb:
f8:0e:b2:3c:b1:26:63:11:26:c0:3b:36:7c:9b:57:cb:5d:61:
f8:c3:37:0f:c2:5c:ac:e1:a9:7b:eb:ec:27:0f:21:3d:b3:33:
74:b0:fc:42:91:f5:21:88:7c:5a:17:5b:bd:45:bc:d6:06:86:
d9:43:99:80:fa:6e:71:b0:91:97:c1:c0:0b:ff:3d:25:a9:ba:
cf:48:b7:fc:dd:a4:e1:bb:6a:f3:a1:36:f3:e3:1b:40:f9:e8:
46:e7:2d:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma8RXUTAizjg6fTiBcB4DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNTRhOWYzYTI2NjUxM2RkYzY5MzVkOGJlMDIyZTdlNTIz
MGVhMTAwHhcNMjUwMTAyMDk0OTQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWY3NWI5YTg2OTY3NzE1NDcyMDM4NjMyMGI2OTJhMzgzYWQ5MDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7rzFRh6UvNx9pwn8YRLIYt/z1od
PSy89imcKcok3SUxh5AHMiPT0ECkKtCDX8WsdsT/JGvLblgdrQzDhKqcQV6t1jIG
UU7sP9+sOa0UEiQ7DYGoA9RxUbK6bsiv0pxWVGgoTu0y1OPHP2bHyfksU/B0geI2
VoiDNrOHN70ae3Zhkh86WWpRFr1BWZF5AZ6ne6fpu6EXsZGHrJenb6qfVJjh/tFV
zbznVHg8w+/OoyVNcvlOWmB/Ar8GrY4aKq1sWqUDvIB8b+c6q4LeNu2RS4Jyu7OU
jpazfOYke8t1RuZfgJtK4z2b/0RxiPDfEDufAZCRpnLNokmelEXuBiUXowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHH3W5qGlncVRyA4YyC2kqODrZA3MB8GA1UdIwQY
MBaAFKJUqfOiZlE93Gk12L4CLn5SMOoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTkt
YWRkZjBlMTg0OWViLzEvY2ZkYm1vYVdkeFZISURoaklMYVNvNE90a0RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTktYWRkZjBlMTg0OWVi
LzEvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQsZMA0G
CSqGSIb3DQEBCwUAA4IBAQANRD6lR2S/fbQJAVh4tq+NGoODVZm2KaQBdvGzboKT
PzFffEv1qOw41M+fti6Lw74CiJxqAczNkZNQtSLG0HdkTvRT4AagUsbWIK/+HNli
D92XEwg0zc/qVDTbVvUi/ylbbTgaEyIU5buies46dAgcqvXzLW8DIM2Gv4WOIOG0
HFFP+rQyDdZmmP/EtjgulbNqga0OY7IilaEXcjIbMlE/rsv4DrI8sSZjESbAOzZ8
m1fLXWH4wzcPwlys4al76+wnDyE9szN0sPxCkfUhiHxaF1u9RbzWBobZQ5mA+m5x
sJGXwcAL/z0lqbrPSLf83aThu2rzoTbz4xtA+ehG5y1O
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:26:37 2025 by rpki-client