Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/blGi3GYyv_U9inYqiK-N0m923Z0.roa
File: blGi3GYyv_U9inYqiK-N0m923Z0.roa (raw, json)
Hash identifier: Z89HHYOxFhBtIBu3aG0Up37f1r6W0/XcvKOpTLGjbD0=
Subject key identifier: 6E:51:A2:DC:66:32:BF:F5:3D:8A:76:2A:88:AF:8D:D2:6F:76:DD:9D
Certificate issuer: /CN=5659b0ba8407be11cfc911bd31ed140cd1c6046c
Certificate serial: 019427482917A72BCEE13C71A32E64643577
Authority key identifier: 56:59:B0:BA:84:07:BE:11:CF:C9:11:BD:31:ED:14:0C:D1:C6:04:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VlmwuoQHvhHPyRG9Me0UDNHGBGw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/blGi3GYyv_U9inYqiK-N0m923Z0.roa
Signing time: Thu 02 Jan 2025 13:50:28 +0000
ROA not before: Thu 02 Jan 2025 13:50:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 185.0.0.0/24 maxlen: 24
2001:7f8:133::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:29:17:a7:2b:ce:e1:3c:71:a3:2e:64:64:35:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5659b0ba8407be11cfc911bd31ed140cd1c6046c
Validity
Not Before: Jan 2 13:50:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e51a2dc6632bff53d8a762a88af8dd26f76dd9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:dc:cc:67:37:cf:23:db:9e:91:ad:89:43:e3:
ea:d4:df:51:91:a1:b2:88:5d:cf:f7:ff:a0:2a:00:
c6:f1:87:a5:66:67:1e:1f:46:64:11:c6:0f:89:f8:
06:e3:1c:ff:9e:cd:d2:98:7d:03:dc:8a:a8:c6:0b:
54:8f:6c:86:8e:c1:7d:25:1d:9b:5c:6a:5d:4a:8b:
5d:fd:96:d6:99:e8:0c:87:7f:66:d4:e4:1b:fd:cf:
61:15:22:fe:69:24:90:f6:d2:5c:bf:86:3f:a4:27:
09:fa:2d:a6:ca:70:03:2c:ee:3e:e9:d4:10:91:e9:
43:e7:a2:25:88:6d:1e:d3:68:2d:98:65:06:90:c6:
48:cd:70:17:14:88:b9:14:08:a2:b9:c6:f9:6e:53:
00:3f:41:fc:94:b1:99:e9:87:cb:df:78:de:6b:61:
89:f7:be:3f:cc:98:78:18:a1:74:1b:13:1f:ae:bf:
77:44:be:00:5b:21:36:f9:35:a2:12:51:0b:bf:d8:
92:0e:95:cd:32:43:a3:d9:8b:d3:be:47:7c:90:1b:
54:40:94:1c:ca:04:12:76:c3:c0:1d:8d:39:33:70:
8a:6b:68:2d:aa:8d:da:c2:c8:a3:c7:c2:34:b3:78:
f1:21:56:40:4a:59:3b:3d:d0:65:cb:93:b5:8b:ad:
fd:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:51:A2:DC:66:32:BF:F5:3D:8A:76:2A:88:AF:8D:D2:6F:76:DD:9D
X509v3 Authority Key Identifier:
keyid:56:59:B0:BA:84:07:BE:11:CF:C9:11:BD:31:ED:14:0C:D1:C6:04:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VlmwuoQHvhHPyRG9Me0UDNHGBGw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/blGi3GYyv_U9inYqiK-N0m923Z0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/VlmwuoQHvhHPyRG9Me0UDNHGBGw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.0.0.0/24
IPv6:
2001:7f8:133::/48
Signature Algorithm: sha256WithRSAEncryption
29:e8:2a:ba:97:16:af:91:16:9c:b1:c6:d8:13:b1:95:2c:12:
be:b6:25:59:ba:ae:f1:50:c7:3b:53:71:d6:42:9f:b2:a9:6e:
b5:cb:c2:bb:34:96:4c:c2:06:6a:1c:5b:76:10:56:71:8e:72:
a2:d0:0f:1c:81:4d:b8:46:dd:5c:b5:eb:fe:00:87:db:de:2b:
0f:47:02:9b:51:6f:1f:26:2a:36:56:a6:75:69:96:b6:f6:af:
7c:fc:a4:ba:c4:33:57:33:a5:f9:25:83:14:b2:3e:d1:24:f9:
a5:05:a4:f1:52:99:5c:30:8d:e7:6c:0a:24:1f:3e:6d:5a:c0:
f7:64:38:21:99:68:d7:35:9f:66:85:75:2c:64:40:c0:87:89:
d1:5f:06:0b:51:81:0d:3e:5c:3a:d4:55:ef:f7:fd:2f:e9:01:
b2:f9:77:77:59:80:d2:49:63:59:9a:d6:09:22:0f:a8:2b:c1:
0e:97:69:1c:ec:bc:fe:42:2f:f7:12:88:64:32:32:c6:fc:12:
13:df:29:2f:92:bb:78:1e:a4:cf:63:34:0c:81:88:8a:87:d9:
84:d4:c8:15:e5:13:14:2a:ba:01:37:07:1f:e1:f4:88:fd:2b:
f5:5b:e3:86:d3:73:f6:e8:ff:2f:ac:57:75:74:be:c5:8f:d1:
ed:fb:2d:b9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQnSCkXpyvO4Txxoy5kZDV3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NTliMGJhODQwN2JlMTFjZmM5MTFiZDMxZWQxNDBjZDFj
NjA0NmMwHhcNMjUwMTAyMTM1MDI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTUxYTJkYzY2MzJiZmY1M2Q4YTc2MmE4OGFmOGRkMjZmNzZkZDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29zMZzfPI9ueka2JQ+Pq1N9RkaGy
iF3P9/+gKgDG8YelZmceH0ZkEcYPifgG4xz/ns3SmH0D3IqoxgtUj2yGjsF9JR2b
XGpdSotd/ZbWmegMh39m1OQb/c9hFSL+aSSQ9tJcv4Y/pCcJ+i2mynADLO4+6dQQ
kelD56IliG0e02gtmGUGkMZIzXAXFIi5FAiiucb5blMAP0H8lLGZ6YfL33jea2GJ
974/zJh4GKF0GxMfrr93RL4AWyE2+TWiElELv9iSDpXNMkOj2YvTvkd8kBtUQJQc
ygQSdsPAHY05M3CKa2gtqo3awsijx8I0s3jxIVZASlk7PdBly5O1i639ZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG5RotxmMr/1PYp2KoivjdJvdt2dMB8GA1UdIwQY
MBaAFFZZsLqEB74Rz8kRvTHtFAzRxgRsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmxtd3VvUUh2aEhQeVJHOU1lMFVETkhHQkd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9kZDhlMzEtMDBiNS00MjEyLTllMDEt
MjM5NGM2NjAwMDIyLzEvYmxHaTNHWXl2X1U5aW5ZcWlLLU4wbTkyM1owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9kZDhlMzEtMDBiNS00MjEyLTllMDEtMjM5NGM2NjAwMDIy
LzEvVmxtd3VvUUh2aEhQeVJHOU1lMFVETkhHQkd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuQAAMA8E
AgACMAkDBwAgAQf4ATMwDQYJKoZIhvcNAQELBQADggEBACnoKrqXFq+RFpyxxtgT
sZUsEr62JVm6rvFQxztTcdZCn7KpbrXLwrs0lkzCBmocW3YQVnGOcqLQDxyBTbhG
3Vy16/4Ah9veKw9HAptRbx8mKjZWpnVplrb2r3z8pLrEM1czpfklgxSyPtEk+aUF
pPFSmVwwjedsCiQfPm1awPdkOCGZaNc1n2aFdSxkQMCHidFfBgtRgQ0+XDrUVe/3
/S/pAbL5d3dZgNJJY1ma1gkiD6grwQ6XaRzsvP5CL/cSiGQyMsb8EhPfKS+Su3ge
pM9jNAyBiIqH2YTUyBXlExQqugE3Bx/h9Ij9K/Vb44bTc/bo/y+sV3V0vsWP0e37
Lbk=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:12:25 2025 by rpki-client