Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/e72a9d-9ea5-47db-a67e-6d2e11fe08cd/1/7KyvX2ge4BVj5LFVdOXXXemAkCg.roa
File: 7KyvX2ge4BVj5LFVdOXXXemAkCg.roa (raw, json)
Hash identifier: Hc/1xIYUTBtB+16ukbbri4uoGukybMhi3rtoBVu7s8I=
Subject key identifier: EC:AC:AF:5F:68:1E:E0:15:63:E4:B1:55:74:E5:D7:5D:E9:80:90:28
Certificate issuer: /CN=641c78fc1748bdcc6a6c88c67d283e1d02d9dcc8
Certificate serial: 01956F44E20003AE00B4B759795D283C4892
Authority key identifier: 64:1C:78:FC:17:48:BD:CC:6A:6C:88:C6:7D:28:3E:1D:02:D9:DC:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBx4_BdIvcxqbIjGfSg-HQLZ3Mg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/e72a9d-9ea5-47db-a67e-6d2e11fe08cd/1/7KyvX2ge4BVj5LFVdOXXXemAkCg.roa
Signing time: Fri 07 Mar 2025 06:22:20 +0000
ROA not before: Fri 07 Mar 2025 06:22:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35197
IP address blocks: 185.61.50.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6f:44:e2:00:03:ae:00:b4:b7:59:79:5d:28:3c:48:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641c78fc1748bdcc6a6c88c67d283e1d02d9dcc8
Validity
Not Before: Mar 7 06:22:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ecacaf5f681ee01563e4b15574e5d75de9809028
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c3:e0:aa:07:91:21:71:99:a7:f4:70:b5:66:
33:0b:7e:4f:31:84:c8:df:84:22:6a:a0:fb:8f:c3:
0d:ae:7c:b2:ef:ab:7d:30:8a:b5:10:89:89:14:f8:
d3:99:0f:24:c3:7f:e9:a8:30:90:20:ae:a0:b3:1e:
b9:23:04:a4:74:1c:df:ca:1f:fb:33:65:70:b0:f6:
37:41:1f:e9:da:51:70:2d:69:e7:01:6e:cd:6d:95:
a4:6c:e1:f3:6b:0f:47:9f:df:4c:b0:d6:4a:ff:03:
37:ce:e8:3b:c6:4a:84:c8:19:6d:26:74:30:d4:24:
5b:33:b3:61:3c:da:94:8f:44:ab:bb:25:47:4a:a8:
0d:0c:df:26:dd:ce:f4:69:9f:1b:00:0a:fc:b1:db:
71:31:9b:e8:1e:05:90:7f:c6:23:d2:2e:1f:a0:59:
3b:0b:e7:af:30:2e:f8:bc:ad:0b:86:cd:f3:e7:86:
6d:4c:48:3d:3d:20:25:5b:64:fc:44:5e:ee:9d:66:
3d:70:a2:ea:00:db:11:68:92:ea:ef:b7:fd:19:17:
ce:1a:91:16:8d:b8:99:7b:c4:b4:57:e4:e1:01:a7:
86:29:18:a2:9a:2a:af:14:99:bd:01:ca:36:11:1c:
f6:23:2c:23:52:67:73:ae:2c:b3:c3:ec:4f:cc:ba:
0c:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:AC:AF:5F:68:1E:E0:15:63:E4:B1:55:74:E5:D7:5D:E9:80:90:28
X509v3 Authority Key Identifier:
keyid:64:1C:78:FC:17:48:BD:CC:6A:6C:88:C6:7D:28:3E:1D:02:D9:DC:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBx4_BdIvcxqbIjGfSg-HQLZ3Mg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/e72a9d-9ea5-47db-a67e-6d2e11fe08cd/1/7KyvX2ge4BVj5LFVdOXXXemAkCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/e72a9d-9ea5-47db-a67e-6d2e11fe08cd/1/ZBx4_BdIvcxqbIjGfSg-HQLZ3Mg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.61.50.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:0f:9a:e5:bb:fd:7d:fa:1b:a1:ca:eb:dc:b0:89:61:3e:5d:
bf:2f:6c:13:b3:b3:92:1f:5b:3f:21:35:30:25:e1:ff:84:1b:
3c:02:c5:2d:47:e3:3c:41:bd:e9:bb:a9:5a:c8:26:32:43:89:
65:7c:6c:c6:7a:fb:49:40:34:5b:0b:30:bf:89:4e:e1:df:5f:
4c:de:e9:a8:90:2f:01:48:63:44:3b:d9:f8:4a:ef:44:04:ef:
c0:38:63:54:eb:38:36:17:3a:e1:4f:b2:57:be:c5:21:59:60:
b8:d7:c4:47:d7:d4:c6:2b:25:d0:2d:23:c3:97:4b:29:59:2c:
cc:e9:81:f4:40:2d:90:ad:da:f3:f5:93:71:54:93:b5:52:b6:
3f:16:da:ee:52:bf:89:87:34:cb:f1:09:53:62:1c:55:25:6f:
25:6b:2a:97:d9:61:d6:65:d6:82:a9:49:ef:b3:32:50:d3:35:
18:69:bc:09:8e:a8:40:30:ff:71:92:1c:6a:1e:ac:c8:40:fe:
54:c4:8b:ba:3d:92:53:e5:f5:f4:71:e6:26:dd:e3:1d:a8:a1:
d4:b9:de:61:49:c5:b2:1b:91:ac:08:32:08:ce:b3:af:5a:e5:
f8:e1:5c:d8:c2:00:4d:9b:57:a0:dd:c1:02:d8:e9:10:64:a4:
2f:7b:1a:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVvROIAA64AtLdZeV0oPEiSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MWM3OGZjMTc0OGJkY2M2YTZjODhjNjdkMjgzZTFkMDJk
OWRjYzgwHhcNMjUwMzA3MDYyMjIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2FjYWY1ZjY4MWVlMDE1NjNlNGIxNTU3NGU1ZDc1ZGU5ODA5MDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsPgqgeRIXGZp/RwtWYzC35PMYTI
34QiaqD7j8MNrnyy76t9MIq1EImJFPjTmQ8kw3/pqDCQIK6gsx65IwSkdBzfyh/7
M2VwsPY3QR/p2lFwLWnnAW7NbZWkbOHzaw9Hn99MsNZK/wM3zug7xkqEyBltJnQw
1CRbM7NhPNqUj0SruyVHSqgNDN8m3c70aZ8bAAr8sdtxMZvoHgWQf8Yj0i4foFk7
C+evMC74vK0Lhs3z54ZtTEg9PSAlW2T8RF7unWY9cKLqANsRaJLq77f9GRfOGpEW
jbiZe8S0V+ThAaeGKRiimiqvFJm9Aco2ERz2IywjUmdzriyzw+xPzLoMgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOysr19oHuAVY+SxVXTl113pgJAoMB8GA1UdIwQY
MBaAFGQcePwXSL3MamyIxn0oPh0C2dzIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJ4NF9CZEl2Y3hxYklqR2ZTZy1IUUxaM01nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lNzJhOWQtOWVhNS00N2RiLWE2N2Ut
NmQyZTExZmUwOGNkLzEvN0t5dlgyZ2U0QlZqNUxGVmRPWFhYZW1Ba0NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9lNzJhOWQtOWVhNS00N2RiLWE2N2UtNmQyZTExZmUwOGNk
LzEvWkJ4NF9CZEl2Y3hxYklqR2ZTZy1IUUxaM01nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuT0yMA0G
CSqGSIb3DQEBCwUAA4IBAQB8D5rlu/19+huhyuvcsIlhPl2/L2wTs7OSH1s/ITUw
JeH/hBs8AsUtR+M8Qb3pu6layCYyQ4llfGzGevtJQDRbCzC/iU7h319M3umokC8B
SGNEO9n4Su9EBO/AOGNU6zg2FzrhT7JXvsUhWWC418RH19TGKyXQLSPDl0spWSzM
6YH0QC2Qrdrz9ZNxVJO1UrY/FtruUr+JhzTL8QlTYhxVJW8layqX2WHWZdaCqUnv
szJQ0zUYabwJjqhAMP9xkhxqHqzIQP5UxIu6PZJT5fX0ceYm3eMdqKHUud5hScWy
G5GsCDIIzrOvWuX44VzYwgBNm1eg3cEC2OkQZKQvexp+
-----END CERTIFICATE-----
Generated at Mon Apr 7 07:00:00 2025 by rpki-client