Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/sDz3guWfuM0rdpolnOle5WQRp4E.roa
File: sDz3guWfuM0rdpolnOle5WQRp4E.roa (raw, json)
Hash identifier: BWIgJ2HrXjB3SFcXF0yW+DJQTPi773qluQKzGjCQcvY=
Subject key identifier: B0:3C:F7:82:E5:9F:B8:CD:2B:76:9A:25:9C:E9:5E:E5:64:11:A7:81
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019423D6B76B84838CEDAA3EE2341EFFD7C4
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/sDz3guWfuM0rdpolnOle5WQRp4E.roa
Signing time: Wed 01 Jan 2025 21:47:41 +0000
ROA not before: Wed 01 Jan 2025 21:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 185.101.104.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:b7:6b:84:83:8c:ed:aa:3e:e2:34:1e:ff:d7:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 21:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b03cf782e59fb8cd2b769a259ce95ee56411a781
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:59:d2:7c:f3:f1:5d:d8:01:ec:ea:98:98:9e:
44:db:ba:2d:ff:f4:af:a4:9f:61:99:bc:ee:3a:19:
2a:b2:a0:26:62:f7:3f:c6:01:59:29:8c:8f:57:b1:
3b:67:b9:f6:cf:fd:d1:33:46:3d:d3:e7:be:89:16:
6e:df:6c:47:dc:23:b0:79:19:59:e2:ea:b9:28:b3:
fe:a4:5f:b0:be:9e:67:08:6a:a6:78:52:1b:d3:78:
f1:22:53:c1:de:2e:21:c8:a9:69:86:45:6a:92:5d:
77:3a:66:2e:02:0b:63:5a:5c:60:cf:68:c3:7b:98:
30:bb:19:05:c6:2e:bb:30:90:59:f1:8d:e0:11:81:
14:9d:48:98:bd:2f:d9:47:19:60:b0:9f:42:18:88:
7f:d3:5a:94:b6:80:c6:c3:43:df:7f:72:53:9d:17:
3c:70:36:4f:fa:2c:f1:50:70:ff:e9:78:26:a5:c2:
68:68:88:ec:09:40:09:c8:19:bc:e4:5b:45:9d:8e:
48:a9:67:c3:da:a3:ca:d5:35:01:a9:40:4f:ab:fb:
53:a6:cf:00:cf:7a:40:32:82:0b:63:df:ef:2b:27:
84:d2:2c:49:7a:df:e2:69:f3:a1:33:f5:8d:64:20:
42:c3:28:4e:23:04:5f:9c:d8:04:b9:7c:44:c7:dd:
90:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:3C:F7:82:E5:9F:B8:CD:2B:76:9A:25:9C:E9:5E:E5:64:11:A7:81
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/sDz3guWfuM0rdpolnOle5WQRp4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.104.0/24
Signature Algorithm: sha256WithRSAEncryption
29:9a:16:18:8e:b3:e0:67:87:f4:15:6a:2a:1e:65:a4:70:b5:
68:2a:b0:1d:f7:63:d2:5e:1e:ba:cb:ba:3f:c0:06:91:2c:0e:
30:4c:88:1f:52:eb:de:aa:37:5f:68:6f:2b:65:d8:63:8e:96:
6b:8d:cf:04:78:c0:ab:43:ef:0a:cf:c3:1d:e8:dd:71:9c:a8:
36:79:a5:70:b9:ba:1a:6c:e1:2b:ce:8f:ec:3e:5c:89:48:0f:
6d:c5:ad:ba:06:e5:9f:ea:e7:d1:70:c2:88:b9:da:7d:7c:4a:
c7:13:7e:7f:8d:15:8b:ba:37:25:22:a3:e0:9d:4b:c8:4f:e8:
6f:25:99:eb:ee:7e:5f:1f:54:69:53:b6:c5:74:4a:5e:60:3a:
5f:d2:2a:9f:1c:16:91:98:55:f4:26:ee:fc:f8:af:66:74:a0:
56:71:1f:50:68:ac:9b:41:8f:9e:21:92:87:37:39:e1:92:cf:
4b:86:d3:62:95:27:53:8e:31:17:1a:73:12:76:36:bf:a3:50:
2d:ba:f0:9b:ed:29:7b:e5:0e:da:86:7b:ea:dd:b9:4a:4c:b0:
59:4c:93:82:43:ec:3c:a4:cb:5f:45:6e:b2:d5:fa:bd:01:c9:
e6:22:2c:0a:54:14:87:8e:cb:98:a5:75:6a:16:54:a0:30:c3:
35:3d:a0:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1rdrhIOM7ao+4jQe/9fEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwMTAxMjE0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDNjZjc4MmU1OWZiOGNkMmI3NjlhMjU5Y2U5NWVlNTY0MTFhNzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFnSfPPxXdgB7OqYmJ5E27ot//Sv
pJ9hmbzuOhkqsqAmYvc/xgFZKYyPV7E7Z7n2z/3RM0Y90+e+iRZu32xH3COweRlZ
4uq5KLP+pF+wvp5nCGqmeFIb03jxIlPB3i4hyKlphkVqkl13OmYuAgtjWlxgz2jD
e5gwuxkFxi67MJBZ8Y3gEYEUnUiYvS/ZRxlgsJ9CGIh/01qUtoDGw0Pff3JTnRc8
cDZP+izxUHD/6XgmpcJoaIjsCUAJyBm85FtFnY5IqWfD2qPK1TUBqUBPq/tTps8A
z3pAMoILY9/vKyeE0ixJet/iafOhM/WNZCBCwyhOIwRfnNgEuXxEx92QqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLA894Lln7jNK3aaJZzpXuVkEaeBMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvc0R6M2d1V2Z1TTByZHBvbG5PbGU1V1FScDRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWVoMA0G
CSqGSIb3DQEBCwUAA4IBAQApmhYYjrPgZ4f0FWoqHmWkcLVoKrAd92PSXh66y7o/
wAaRLA4wTIgfUuveqjdfaG8rZdhjjpZrjc8EeMCrQ+8Kz8Md6N1xnKg2eaVwuboa
bOErzo/sPlyJSA9txa26BuWf6ufRcMKIudp9fErHE35/jRWLujclIqPgnUvIT+hv
JZnr7n5fH1RpU7bFdEpeYDpf0iqfHBaRmFX0Ju78+K9mdKBWcR9QaKybQY+eIZKH
Nznhks9LhtNilSdTjjEXGnMSdja/o1AtuvCb7Sl75Q7ahnvq3blKTLBZTJOCQ+w8
pMtfRW6y1fq9AcnmIiwKVBSHjsuYpXVqFlSgMMM1PaCN
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:29:34 2025 by rpki-client