Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/17a3c0-e97a-4306-bce4-7ff32b6ffd1e/1/jOfgwbHFHsIIF0LL75vu6P_Fe8s.roa
File: jOfgwbHFHsIIF0LL75vu6P_Fe8s.roa (raw, json)
Hash identifier: dWpwGB2a9oIdE7pk2wUUzH1wz99i3EaKumQo1e/dHRo=
Subject key identifier: 8C:E7:E0:C1:B1:C5:1E:C2:08:17:42:CB:EF:9B:EE:E8:FF:C5:7B:CB
Certificate issuer: /CN=11e512976b91a2967ebce10ed4052ece12b14155
Certificate serial: 01942368CD2D1FC61C699C3698C24A9665DE
Authority key identifier: 11:E5:12:97:6B:91:A2:96:7E:BC:E1:0E:D4:05:2E:CE:12:B1:41:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EeUSl2uRopZ-vOEO1AUuzhKxQVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/17a3c0-e97a-4306-bce4-7ff32b6ffd1e/1/jOfgwbHFHsIIF0LL75vu6P_Fe8s.roa
Signing time: Wed 01 Jan 2025 19:47:38 +0000
ROA not before: Wed 01 Jan 2025 19:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6730
IP address blocks: 185.76.180.0/24 maxlen: 24
2a03:5120::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:cd:2d:1f:c6:1c:69:9c:36:98:c2:4a:96:65:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11e512976b91a2967ebce10ed4052ece12b14155
Validity
Not Before: Jan 1 19:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ce7e0c1b1c51ec2081742cbef9beee8ffc57bcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:fc:02:46:7e:7c:c6:98:78:8b:cb:2c:03:6f:
1a:05:60:bd:8e:d1:44:73:4c:73:af:cf:e2:b6:fd:
eb:40:b5:7e:af:12:d7:4e:cd:ed:2d:fb:55:ab:30:
b7:1e:48:33:1a:79:48:cb:8e:f9:7e:75:a8:60:8d:
b5:bb:32:68:b0:7d:d4:8b:ea:cb:b0:9f:8c:a3:06:
86:40:5f:80:d4:16:28:f1:05:ba:6f:6e:9c:53:00:
a8:22:60:bb:f2:9c:d1:9a:c2:99:f4:fa:73:dd:a5:
bf:44:b1:4c:17:d3:99:8a:ec:64:59:f9:f3:4d:13:
18:71:7f:22:76:6f:6a:38:06:c0:41:17:86:d5:5b:
69:b8:15:31:47:4c:7f:7f:f3:63:0c:8e:01:73:b4:
60:d9:fe:ff:4c:0a:91:55:c8:a1:9b:cf:4a:80:a5:
e2:37:73:87:88:2b:e3:31:3e:8f:8c:4c:7c:75:4f:
cd:24:a9:e7:fc:84:d8:e7:81:8b:ad:cb:fa:2b:5e:
2c:94:df:e8:de:27:75:bd:cb:8e:e2:50:4d:29:54:
1c:37:60:25:00:9b:09:5e:0f:75:4c:bc:4c:6f:3d:
03:33:0c:c6:3d:d6:27:f4:fc:d6:9b:1c:87:c8:5b:
7c:22:7e:0d:5b:b7:66:70:fe:fa:57:42:1d:d8:cc:
69:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:E7:E0:C1:B1:C5:1E:C2:08:17:42:CB:EF:9B:EE:E8:FF:C5:7B:CB
X509v3 Authority Key Identifier:
keyid:11:E5:12:97:6B:91:A2:96:7E:BC:E1:0E:D4:05:2E:CE:12:B1:41:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EeUSl2uRopZ-vOEO1AUuzhKxQVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/17a3c0-e97a-4306-bce4-7ff32b6ffd1e/1/jOfgwbHFHsIIF0LL75vu6P_Fe8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/17a3c0-e97a-4306-bce4-7ff32b6ffd1e/1/EeUSl2uRopZ-vOEO1AUuzhKxQVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.76.180.0/24
IPv6:
2a03:5120::/40
Signature Algorithm: sha256WithRSAEncryption
b7:6c:5d:e9:88:9f:cf:a5:d5:40:fc:7a:f7:3c:41:85:05:a9:
b8:00:07:61:f5:18:66:5f:17:fd:46:42:f7:ab:cb:c9:b6:5d:
21:02:95:64:80:53:25:f8:c2:b2:1e:b2:c6:e6:e4:84:9d:8f:
c6:71:d6:a6:82:53:0c:61:60:15:2a:5b:76:f0:f9:a7:37:63:
cf:0c:70:a7:9c:8d:f8:61:06:e1:62:d6:34:b8:49:08:04:d9:
23:25:7d:51:b3:57:fd:86:51:fb:e9:d3:cc:7b:1c:80:b9:ec:
b6:40:0b:49:72:76:99:fb:64:9a:72:b3:f2:4a:3c:c5:1c:7b:
47:8b:f8:22:d6:3d:1b:2f:5b:68:0a:ce:26:ec:7b:41:23:61:
5c:4f:e8:4a:fa:db:08:b1:d6:e0:74:70:fe:c3:4d:e3:5d:a6:
50:ef:f1:a8:e1:6f:f3:0e:0d:16:4a:d5:38:50:8c:db:c6:37:
1f:40:5b:d3:f5:2f:2a:99:58:0d:82:2c:cd:fb:21:02:77:15:
54:32:6e:5b:d1:e7:be:ed:9a:b0:9b:49:79:50:93:2c:44:49:
6b:0a:8a:e2:9b:ec:0f:ad:a1:92:5e:18:48:66:bc:ba:58:77:
6e:06:92:d6:5a:d9:ea:62:cd:ae:a7:e6:0a:ab:1a:82:fe:86:
a6:89:90:41
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQjaM0tH8YcaZw2mMJKlmXeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZTUxMjk3NmI5MWEyOTY3ZWJjZTEwZWQ0MDUyZWNlMTJi
MTQxNTUwHhcNMjUwMTAxMTk0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2U3ZTBjMWIxYzUxZWMyMDgxNzQyY2JlZjliZWVlOGZmYzU3YmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPwCRn58xph4i8ssA28aBWC9jtFE
c0xzr8/itv3rQLV+rxLXTs3tLftVqzC3HkgzGnlIy475fnWoYI21uzJosH3Ui+rL
sJ+MowaGQF+A1BYo8QW6b26cUwCoImC78pzRmsKZ9Ppz3aW/RLFMF9OZiuxkWfnz
TRMYcX8idm9qOAbAQReG1VtpuBUxR0x/f/NjDI4Bc7Rg2f7/TAqRVcihm89KgKXi
N3OHiCvjMT6PjEx8dU/NJKnn/ITY54GLrcv6K14slN/o3id1vcuO4lBNKVQcN2Al
AJsJXg91TLxMbz0DMwzGPdYn9PzWmxyHyFt8In4NW7dmcP76V0Id2MxpCwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFIzn4MGxxR7CCBdCy++b7uj/xXvLMB8GA1UdIwQY
MBaAFBHlEpdrkaKWfrzhDtQFLs4SsUFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWVVU2wydVJvcFotdk9FTzFBVXV6aEt4UVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xN2EzYzAtZTk3YS00MzA2LWJjZTQt
N2ZmMzJiNmZmZDFlLzEvak9mZ3diSEZIc0lJRjBMTDc1dnU2UF9GZThzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8xN2EzYzAtZTk3YS00MzA2LWJjZTQtN2ZmMzJiNmZmZDFl
LzEvRWVVU2wydVJvcFotdk9FTzFBVXV6aEt4UVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAuUy0MA4E
AgACMAgDBgAqA1EgADANBgkqhkiG9w0BAQsFAAOCAQEAt2xd6Yifz6XVQPx69zxB
hQWpuAAHYfUYZl8X/UZC96vLybZdIQKVZIBTJfjCsh6yxubkhJ2PxnHWpoJTDGFg
FSpbdvD5pzdjzwxwp5yN+GEG4WLWNLhJCATZIyV9UbNX/YZR++nTzHscgLnstkAL
SXJ2mftkmnKz8ko8xRx7R4v4ItY9Gy9baArOJux7QSNhXE/oSvrbCLHW4HRw/sNN
412mUO/xqOFv8w4NFkrVOFCM28Y3H0Bb0/UvKplYDYIszfshAncVVDJuW9Hnvu2a
sJtJeVCTLERJawqK4pvsD62hkl4YSGa8ulh3bgaS1lrZ6mLNrqfmCqsagv6GpomQ
QQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:23:57 2025 by rpki-client