Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/383be6-7c31-4dca-b3c1-dba6d7594c19/1/EwMUoWYW4dc0tRkkx15ciptmQak.roa
File: EwMUoWYW4dc0tRkkx15ciptmQak.roa (raw, json)
Hash identifier: IxyoruIJ2PWmvP6nW1K1qsmgYgo96Vwp6Gm5YCkQlWE=
Subject key identifier: 13:03:14:A1:66:16:E1:D7:34:B5:19:24:C7:5E:5C:8A:9B:66:41:A9
Certificate issuer: /CN=61041121ccc6e65d933961fd572d59e261f21a31
Certificate serial: 01941FFA8E206CD9BE02B7EE6026202786E8
Authority key identifier: 61:04:11:21:CC:C6:E6:5D:93:39:61:FD:57:2D:59:E2:61:F2:1A:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YQQRIczG5l2TOWH9Vy1Z4mHyGjE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/383be6-7c31-4dca-b3c1-dba6d7594c19/1/EwMUoWYW4dc0tRkkx15ciptmQak.roa
Signing time: Wed 01 Jan 2025 03:48:21 +0000
ROA not before: Wed 01 Jan 2025 03:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41960
IP address blocks: 185.160.4.0/22 maxlen: 24
2a02:d880::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:8e:20:6c:d9:be:02:b7:ee:60:26:20:27:86:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61041121ccc6e65d933961fd572d59e261f21a31
Validity
Not Before: Jan 1 03:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=130314a16616e1d734b51924c75e5c8a9b6641a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:65:85:96:5a:b8:7e:98:6e:3b:e7:94:9e:9a:
8c:6f:10:96:12:6f:01:7f:29:66:92:ab:49:3b:f2:
ed:be:c0:d8:9b:04:47:cc:28:30:ed:c8:75:1f:d5:
9b:2a:c1:e3:ae:53:f9:b2:f4:c3:85:9f:bb:b9:ab:
2e:76:3a:23:98:1a:22:f8:5e:0e:01:f4:28:a6:9c:
b5:36:fc:f6:3e:6d:01:a9:2d:57:64:ca:a1:1f:07:
34:4c:4c:e2:1e:1d:5a:00:d8:60:e4:bd:0e:c9:1e:
52:52:24:bb:de:93:42:b7:ba:c9:43:c2:a4:7d:f5:
64:43:58:43:b4:ec:60:13:bb:51:a8:0a:8d:0c:63:
a1:c1:61:06:8a:dc:2f:cc:99:5f:5f:2e:ce:95:1f:
6d:aa:4a:0b:73:10:2a:5d:cb:08:8d:9d:22:25:5d:
d0:b8:6f:6a:23:ca:29:f5:f6:79:5d:83:c3:0d:a7:
32:ba:71:4e:fd:46:80:da:e9:2d:fb:26:09:7c:c0:
33:c2:69:3a:7e:c1:52:8f:86:8c:eb:9f:e4:bd:a1:
d0:19:4d:27:f0:5d:1b:aa:30:70:fa:70:ed:72:86:
fa:14:14:17:71:52:d5:d2:8a:0e:6c:d5:ef:2d:60:
fe:06:a9:46:7b:d2:35:0a:0a:8c:36:d3:e7:d9:6f:
72:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:03:14:A1:66:16:E1:D7:34:B5:19:24:C7:5E:5C:8A:9B:66:41:A9
X509v3 Authority Key Identifier:
keyid:61:04:11:21:CC:C6:E6:5D:93:39:61:FD:57:2D:59:E2:61:F2:1A:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YQQRIczG5l2TOWH9Vy1Z4mHyGjE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/383be6-7c31-4dca-b3c1-dba6d7594c19/1/EwMUoWYW4dc0tRkkx15ciptmQak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/383be6-7c31-4dca-b3c1-dba6d7594c19/1/YQQRIczG5l2TOWH9Vy1Z4mHyGjE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.4.0/22
IPv6:
2a02:d880::/32
Signature Algorithm: sha256WithRSAEncryption
cc:43:1d:d9:6a:bf:8c:e2:63:6d:cc:d9:e9:b4:f8:75:68:57:
b1:d1:72:1d:37:0a:f7:49:c7:d6:a0:2c:97:56:6b:b9:c9:08:
43:6c:b7:61:e7:45:cf:08:6b:0f:b5:72:99:9f:71:47:9e:ad:
ac:05:be:8c:21:00:3f:67:df:32:95:bc:65:64:9d:ac:46:48:
58:e4:97:c3:f0:43:7f:f0:4b:52:c0:1b:87:af:51:e6:6f:4b:
d0:db:b2:f3:e3:b0:fc:dd:ad:0f:c6:06:a1:30:f2:26:9a:d9:
1a:bc:33:9a:d0:2b:9a:b1:b0:8f:92:9a:62:b8:40:5d:90:c9:
e9:fe:84:11:f7:a2:80:c5:00:e0:3c:c5:3b:6d:25:fc:2f:74:
6f:c7:0b:4e:b5:78:59:aa:21:ef:a8:88:b7:38:40:a9:01:63:
15:4b:70:ad:c5:0d:9a:ab:7b:95:86:f1:68:00:73:56:a4:c2:
fc:2d:81:1b:59:9a:6b:c7:70:7a:7e:28:09:7c:af:44:e8:78:
9f:00:9c:c8:fe:4c:7d:11:11:60:ec:d9:8f:db:2b:21:d2:5d:
d6:35:46:a1:7a:32:09:ca:33:8c:39:a9:13:d7:e8:c2:cd:2e:
5f:26:6d:4c:a9:68:45:c0:e6:1b:d3:25:6d:f3:40:66:51:ca:
c4:07:e7:63
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQf+o4gbNm+ArfuYCYgJ4boMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMDQxMTIxY2NjNmU2NWQ5MzM5NjFmZDU3MmQ1OWUyNjFm
MjFhMzEwHhcNMjUwMTAxMDM0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzAzMTRhMTY2MTZlMWQ3MzRiNTE5MjRjNzVlNWM4YTliNjY0MWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGWFllq4fphuO+eUnpqMbxCWEm8B
fylmkqtJO/LtvsDYmwRHzCgw7ch1H9WbKsHjrlP5svTDhZ+7uasudjojmBoi+F4O
AfQoppy1Nvz2Pm0BqS1XZMqhHwc0TEziHh1aANhg5L0OyR5SUiS73pNCt7rJQ8Kk
ffVkQ1hDtOxgE7tRqAqNDGOhwWEGitwvzJlfXy7OlR9tqkoLcxAqXcsIjZ0iJV3Q
uG9qI8op9fZ5XYPDDacyunFO/UaA2ukt+yYJfMAzwmk6fsFSj4aM65/kvaHQGU0n
8F0bqjBw+nDtcob6FBQXcVLV0ooObNXvLWD+BqlGe9I1CgqMNtPn2W9ykQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBMDFKFmFuHXNLUZJMdeXIqbZkGpMB8GA1UdIwQY
MBaAFGEEESHMxuZdkzlh/VctWeJh8hoxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVFRUkljekc1bDJUT1dIOVZ5MVo0bUh5R2pFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zODNiZTYtN2MzMS00ZGNhLWIzYzEt
ZGJhNmQ3NTk0YzE5LzEvRXdNVW9XWVc0ZGMwdFJra3gxNWNpcHRtUWFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zODNiZTYtN2MzMS00ZGNhLWIzYzEtZGJhNmQ3NTk0YzE5
LzEvWVFRUkljekc1bDJUT1dIOVZ5MVo0bUh5R2pFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaAEMA0E
AgACMAcDBQAqAtiAMA0GCSqGSIb3DQEBCwUAA4IBAQDMQx3Zar+M4mNtzNnptPh1
aFex0XIdNwr3ScfWoCyXVmu5yQhDbLdh50XPCGsPtXKZn3FHnq2sBb6MIQA/Z98y
lbxlZJ2sRkhY5JfD8EN/8EtSwBuHr1Hmb0vQ27Lz47D83a0PxgahMPImmtkavDOa
0CuasbCPkppiuEBdkMnp/oQR96KAxQDgPMU7bSX8L3RvxwtOtXhZqiHvqIi3OECp
AWMVS3CtxQ2aq3uVhvFoAHNWpML8LYEbWZprx3B6figJfK9E6HifAJzI/kx9ERFg
7NmP2ysh0l3WNUahejIJyjOMOakT1+jCzS5fJm1MqWhFwOYb0yVt80BmUcrEB+dj
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:12:38 2025 by rpki-client