Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/dg3XCky1GhlAwT0DhmXP96ttZ34.roa
File: dg3XCky1GhlAwT0DhmXP96ttZ34.roa (raw, json)
Hash identifier: a9Seb5Jb6LuED/51Kf7eyRYto8HmaUlJ0jQ8ibNi+G0=
Subject key identifier: 76:0D:D7:0A:4C:B5:1A:19:40:C1:3D:03:86:65:CF:F7:AB:6D:67:7E
Certificate issuer: /CN=a71a2a2db4d7418e9bf4f93c8c046a0161663c62
Certificate serial: 018D307B1F0E8B68DED2CB2BFF7D289FA693
Authority key identifier: A7:1A:2A:2D:B4:D7:41:8E:9B:F4:F9:3C:8C:04:6A:01:61:66:3C:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pxoqLbTXQY6b9Pk8jARqAWFmPGI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/dg3XCky1GhlAwT0DhmXP96ttZ34.roa
Signing time: Mon 22 Jan 2024 09:23:11 +0000
ROA not before: Mon 22 Jan 2024 09:23:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207709
IP address blocks: 185.157.50.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:30:7b:1f:0e:8b:68:de:d2:cb:2b:ff:7d:28:9f:a6:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a71a2a2db4d7418e9bf4f93c8c046a0161663c62
Validity
Not Before: Jan 22 09:23:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=760dd70a4cb51a1940c13d038665cff7ab6d677e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:2e:61:99:a9:31:85:06:82:5e:c6:d6:b5:f2:
04:f4:d4:c8:c5:e7:af:8a:e7:b9:01:1c:67:83:60:
a5:2a:89:ca:de:71:b9:95:64:59:ff:9c:9e:bc:dd:
f8:68:49:4c:a8:e9:1b:8d:76:cf:46:3e:0e:df:c5:
95:c1:3e:80:66:d1:0a:0c:bb:a8:dc:29:a1:07:ab:
85:62:97:5c:8e:6f:73:a9:53:fc:ce:86:16:11:5e:
f7:bb:93:e2:50:cb:65:b2:be:27:a8:c2:22:66:1c:
bf:ee:84:c0:29:5c:a0:35:02:6c:3e:f0:68:cf:d4:
5e:0d:e2:55:10:a0:a0:14:ff:30:73:9d:79:f5:53:
25:c1:0f:29:a1:e2:de:c3:bf:2e:d3:e4:9d:3f:fe:
85:6f:4e:e6:4d:8a:39:c9:b3:96:a5:fa:9f:7e:55:
b7:12:86:96:28:1f:33:c1:c0:7f:9c:d1:3c:5c:90:
f7:ce:32:6f:0a:e2:fa:71:23:94:22:da:1e:09:cb:
2e:b6:3e:5a:b7:17:51:84:ea:8b:ba:8d:6e:af:dd:
43:fd:c5:bd:de:50:9d:3a:2e:bc:c4:63:a3:31:3d:
8d:a3:0a:2d:9c:62:db:64:ee:31:31:d4:20:ee:7d:
07:27:f3:ce:1f:26:05:7f:b4:7d:00:b7:72:49:97:
a4:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:0D:D7:0A:4C:B5:1A:19:40:C1:3D:03:86:65:CF:F7:AB:6D:67:7E
X509v3 Authority Key Identifier:
keyid:A7:1A:2A:2D:B4:D7:41:8E:9B:F4:F9:3C:8C:04:6A:01:61:66:3C:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxoqLbTXQY6b9Pk8jARqAWFmPGI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/dg3XCky1GhlAwT0DhmXP96ttZ34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/pxoqLbTXQY6b9Pk8jARqAWFmPGI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.50.0/24
Signature Algorithm: sha256WithRSAEncryption
97:54:38:35:1b:ae:5a:76:25:7e:92:ea:8b:f1:e0:de:38:bf:
b2:94:6e:4e:e5:f9:aa:04:21:c9:2d:3b:92:85:63:39:ad:eb:
cd:86:86:b8:71:43:24:18:b7:f1:c2:70:7f:f1:52:5c:82:e3:
2e:99:aa:97:19:9c:16:50:91:fa:34:5d:c4:97:08:a6:7f:6e:
e5:27:4c:54:84:2e:58:b5:83:04:15:20:8c:79:de:d4:7c:8e:
04:9b:c0:77:4b:9d:2a:b2:89:a6:98:52:d5:55:6b:45:e9:2c:
61:fc:cc:08:a4:c0:fe:ed:d4:99:fc:b5:7f:e4:0d:61:ed:ca:
b1:7e:ab:30:ac:0f:5f:16:e7:fa:39:e9:36:db:40:bd:28:92:
87:fd:70:1a:b4:1e:1f:aa:06:cc:90:fd:24:28:3d:0a:af:d6:
5a:5d:ca:1d:eb:87:a1:da:bc:4a:e4:48:2f:6b:19:1d:db:83:
a0:29:b1:bf:44:3e:e2:20:5b:24:6c:25:a8:60:7c:c8:9b:31:
c4:4f:df:73:14:da:6d:e1:9a:25:72:d8:3b:6b:28:c3:78:02:
30:dd:f1:68:a2:bc:3f:b3:b8:0e:4a:7a:79:7f:0e:5a:81:a6:
00:27:b9:57:59:ab:57:cc:9e:26:e0:8b:a3:47:05:d2:9c:88:
32:87:e7:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0wex8Oi2je0ssr/30on6aTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MWEyYTJkYjRkNzQxOGU5YmY0ZjkzYzhjMDQ2YTAxNjE2
NjNjNjIwHhcNMjQwMTIyMDkyMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjBkZDcwYTRjYjUxYTE5NDBjMTNkMDM4NjY1Y2ZmN2FiNmQ2NzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAky5hmakxhQaCXsbWtfIE9NTIxeev
iue5ARxng2ClKonK3nG5lWRZ/5yevN34aElMqOkbjXbPRj4O38WVwT6AZtEKDLuo
3CmhB6uFYpdcjm9zqVP8zoYWEV73u5PiUMtlsr4nqMIiZhy/7oTAKVygNQJsPvBo
z9ReDeJVEKCgFP8wc5159VMlwQ8poeLew78u0+SdP/6Fb07mTYo5ybOWpfqfflW3
EoaWKB8zwcB/nNE8XJD3zjJvCuL6cSOUItoeCcsutj5atxdRhOqLuo1ur91D/cW9
3lCdOi68xGOjMT2NowotnGLbZO4xMdQg7n0HJ/POHyYFf7R9ALdySZekLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHYN1wpMtRoZQME9A4Zlz/erbWd+MB8GA1UdIwQY
MBaAFKcaKi2010GOm/T5PIwEagFhZjxiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHhvcUxiVFhRWTZiOVBrOGpBUnFBV0ZtUEdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9iN2FiZGYtM2JlMS00NjQyLTlmM2Ut
ZjFmMGI5NTk4ZjMyLzEvZGczWENreTFHaGxBd1QwRGhtWFA5NnR0WjM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9iN2FiZGYtM2JlMS00NjQyLTlmM2UtZjFmMGI5NTk4ZjMy
LzEvcHhvcUxiVFhRWTZiOVBrOGpBUnFBV0ZtUEdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZ0yMA0G
CSqGSIb3DQEBCwUAA4IBAQCXVDg1G65adiV+kuqL8eDeOL+ylG5O5fmqBCHJLTuS
hWM5revNhoa4cUMkGLfxwnB/8VJcguMumaqXGZwWUJH6NF3Elwimf27lJ0xUhC5Y
tYMEFSCMed7UfI4Em8B3S50qsommmFLVVWtF6Sxh/MwIpMD+7dSZ/LV/5A1h7cqx
fqswrA9fFuf6Oek220C9KJKH/XAatB4fqgbMkP0kKD0Kr9ZaXcod64eh2rxK5Egv
axkd24OgKbG/RD7iIFskbCWoYHzImzHET99zFNpt4Zolctg7ayjDeAIw3fFoorw/
s7gOSnp5fw5agaYAJ7lXWatXzJ4m4IujRwXSnIgyh+d1
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:12:00 2025 by rpki-client