Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/fb5910-fe14-4453-8c9c-83bf70b1fd6b/1/2jdvbPuVX3DvnSLzJ7PbPhY084M.roa
File: 2jdvbPuVX3DvnSLzJ7PbPhY084M.roa (raw, json)
Hash identifier: TmyuM6Y9MB09UaiU4ubKUXZL1rxE4bCb1tGRI62YtN0=
Subject key identifier: DA:37:6F:6C:FB:95:5F:70:EF:9D:22:F3:27:B3:DB:3E:16:34:F3:83
Certificate issuer: /CN=a3608d6b0e80a6430fb6af43fae168a0e8011fee
Certificate serial: 01942747AA83403754DF3C60F0A68246BEEC
Authority key identifier: A3:60:8D:6B:0E:80:A6:43:0F:B6:AF:43:FA:E1:68:A0:E8:01:1F:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2CNaw6ApkMPtq9D-uFooOgBH-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/fb5910-fe14-4453-8c9c-83bf70b1fd6b/1/2jdvbPuVX3DvnSLzJ7PbPhY084M.roa
Signing time: Thu 02 Jan 2025 13:49:55 +0000
ROA not before: Thu 02 Jan 2025 13:49:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203678
IP address blocks: 185.125.140.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:aa:83:40:37:54:df:3c:60:f0:a6:82:46:be:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3608d6b0e80a6430fb6af43fae168a0e8011fee
Validity
Not Before: Jan 2 13:49:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da376f6cfb955f70ef9d22f327b3db3e1634f383
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3a:4f:95:3c:44:92:74:4c:c4:5c:dc:74:76:
58:82:b8:5e:fa:39:85:c6:85:fc:76:2d:8e:0f:a1:
1b:6f:eb:97:11:02:15:29:e6:4c:98:03:1c:22:af:
42:58:ad:11:23:e7:e1:98:60:d7:c6:ab:49:2f:28:
9c:df:3c:32:e6:bc:32:84:3d:fb:df:10:f8:e0:57:
79:1d:b2:35:ba:61:ef:c9:34:9e:49:c9:d5:29:87:
5d:c4:f3:16:8b:ff:d3:38:f9:b8:65:4f:72:d2:2a:
cd:a4:5a:cf:25:65:4e:11:37:e1:eb:11:61:f7:8c:
d5:6b:12:c2:7b:64:20:61:c5:e0:9d:c4:23:a7:6c:
0f:b5:d8:98:7f:46:7b:a7:e8:72:54:c6:8b:c4:f4:
23:d5:79:86:b3:fe:02:15:13:0b:18:0e:4a:00:50:
9f:c0:cd:49:57:86:36:22:68:42:7a:43:96:b2:a0:
56:0c:b5:b9:ad:19:9f:2b:9e:11:a5:c8:c9:fc:39:
41:b9:3a:9d:6b:97:7c:e5:60:4d:da:85:4f:3c:24:
d5:83:27:9a:ff:9d:db:2f:3c:51:5e:d5:e7:68:6b:
f6:8d:d9:f3:ad:f4:51:46:b0:e5:bc:7a:9f:a8:a6:
77:5e:6d:c2:97:1d:e2:13:9f:5a:48:9b:19:26:24:
68:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:37:6F:6C:FB:95:5F:70:EF:9D:22:F3:27:B3:DB:3E:16:34:F3:83
X509v3 Authority Key Identifier:
keyid:A3:60:8D:6B:0E:80:A6:43:0F:B6:AF:43:FA:E1:68:A0:E8:01:1F:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2CNaw6ApkMPtq9D-uFooOgBH-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/fb5910-fe14-4453-8c9c-83bf70b1fd6b/1/2jdvbPuVX3DvnSLzJ7PbPhY084M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/fb5910-fe14-4453-8c9c-83bf70b1fd6b/1/o2CNaw6ApkMPtq9D-uFooOgBH-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.125.140.0/22
Signature Algorithm: sha256WithRSAEncryption
c1:7e:2a:0b:93:55:3e:cf:0f:92:c9:23:54:9f:7a:85:ca:4d:
a5:d2:93:09:d0:cc:16:ab:01:cd:ee:12:ed:41:9d:5d:74:19:
4c:10:b4:91:80:92:5a:d3:77:d5:f0:46:e9:f3:df:95:2e:be:
2a:c8:92:61:51:76:8d:9a:fd:e7:04:8b:65:69:aa:72:f7:24:
84:33:ae:0e:98:e5:9b:e4:b4:82:a9:e2:18:74:d1:4b:2a:7e:
dc:76:14:c0:68:6d:d5:7b:58:b1:19:c4:60:5b:b8:bd:87:c0:
2b:bf:bd:eb:ba:29:57:8b:a9:2a:12:be:41:b6:93:63:87:7d:
e1:dc:e8:ca:d1:d8:23:0d:71:a9:dd:0c:50:d4:21:5c:25:6e:
f9:c7:e8:1b:89:2d:78:46:4a:61:25:77:a7:9d:a5:b7:eb:31:
a1:50:7c:38:60:be:0a:27:d3:47:bf:d8:04:28:e6:8b:72:09:
a6:ca:f6:11:9a:4d:cb:a3:72:b6:97:2a:9b:bb:5b:a6:0a:55:
1a:46:6d:4b:3b:d8:28:f6:57:a4:0c:42:17:1e:0d:0b:5b:e8:
2e:66:49:cf:ce:c2:f3:c3:d2:ee:fd:bc:7d:32:e5:27:38:fe:
5d:03:48:f5:47:15:87:1b:6d:d8:d7:cd:51:76:45:87:f6:5e:
11:af:18:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR6qDQDdU3zxg8KaCRr7sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNjA4ZDZiMGU4MGE2NDMwZmI2YWY0M2ZhZTE2OGEwZTgw
MTFmZWUwHhcNMjUwMTAyMTM0OTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTM3NmY2Y2ZiOTU1ZjcwZWY5ZDIyZjMyN2IzZGIzZTE2MzRmMzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTpPlTxEknRMxFzcdHZYgrhe+jmF
xoX8di2OD6Ebb+uXEQIVKeZMmAMcIq9CWK0RI+fhmGDXxqtJLyic3zwy5rwyhD37
3xD44Fd5HbI1umHvyTSeScnVKYddxPMWi//TOPm4ZU9y0irNpFrPJWVOETfh6xFh
94zVaxLCe2QgYcXgncQjp2wPtdiYf0Z7p+hyVMaLxPQj1XmGs/4CFRMLGA5KAFCf
wM1JV4Y2ImhCekOWsqBWDLW5rRmfK54RpcjJ/DlBuTqda5d85WBN2oVPPCTVgyea
/53bLzxRXtXnaGv2jdnzrfRRRrDlvHqfqKZ3Xm3Clx3iE59aSJsZJiRo7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNo3b2z7lV9w750i8yez2z4WNPODMB8GA1UdIwQY
MBaAFKNgjWsOgKZDD7avQ/rhaKDoAR/uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJDTmF3NkFwa01QdHE5RC11Rm9vT2dCSC00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9mYjU5MTAtZmUxNC00NDUzLThjOWMt
ODNiZjcwYjFmZDZiLzEvMmpkdmJQdVZYM0R2blNMeko3UGJQaFkwODRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9mYjU5MTAtZmUxNC00NDUzLThjOWMtODNiZjcwYjFmZDZi
LzEvbzJDTmF3NkFwa01QdHE5RC11Rm9vT2dCSC00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuX2MMA0G
CSqGSIb3DQEBCwUAA4IBAQDBfioLk1U+zw+SySNUn3qFyk2l0pMJ0MwWqwHN7hLt
QZ1ddBlMELSRgJJa03fV8Ebp89+VLr4qyJJhUXaNmv3nBItlaapy9ySEM64OmOWb
5LSCqeIYdNFLKn7cdhTAaG3Ve1ixGcRgW7i9h8Arv73ruilXi6kqEr5BtpNjh33h
3OjK0dgjDXGp3QxQ1CFcJW75x+gbiS14RkphJXennaW36zGhUHw4YL4KJ9NHv9gE
KOaLcgmmyvYRmk3Lo3K2lyqbu1umClUaRm1LO9go9lekDEIXHg0LW+guZknPzsLz
w9Lu/bx9MuUnOP5dA0j1RxWHG23Y181RdkWH9l4RrxgT
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:39:40 2025 by rpki-client