Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/u8s9HEkKaDRnfwCA4Fp1WEQGANU.roa
File: u8s9HEkKaDRnfwCA4Fp1WEQGANU.roa (raw, json)
Hash identifier: D38pH0rgh3xNzyToMjwZsTzhvLlwYeEp9O/fE2rpcks=
Subject key identifier: BB:CB:3D:1C:49:0A:68:34:67:7F:00:80:E0:5A:75:58:44:06:00:D5
Certificate issuer: /CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Certificate serial: 019422FB17079261148535C2FB1B2AC289CD
Authority key identifier: 65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/u8s9HEkKaDRnfwCA4Fp1WEQGANU.roa
Signing time: Wed 01 Jan 2025 17:47:48 +0000
ROA not before: Wed 01 Jan 2025 17:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202060
IP address blocks: 185.41.243.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:17:07:92:61:14:85:35:c2:fb:1b:2a:c2:89:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Validity
Not Before: Jan 1 17:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bbcb3d1c490a6834677f0080e05a7558440600d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c8:88:5a:0d:9b:53:08:e8:f4:45:35:1f:58:
05:2e:d9:05:fd:b4:e3:fe:a3:a2:60:b7:96:18:aa:
b3:6f:b8:0d:ed:1f:aa:2b:e0:93:fc:b9:53:57:45:
ce:aa:fc:f5:e1:14:c3:7d:0e:39:27:de:e0:c5:c0:
1f:d1:51:59:ec:be:16:95:1e:53:89:be:4b:81:51:
68:7a:31:24:e1:26:5f:d9:65:76:9e:a7:22:05:d9:
08:9d:13:af:71:fd:73:84:c7:78:ee:cf:41:52:44:
ac:84:af:1c:d1:76:62:ab:0b:ab:ea:0b:b5:67:45:
bd:58:1c:02:e0:a7:ff:16:b1:70:9a:4e:f4:47:da:
45:aa:16:33:0a:3e:a1:16:a9:80:11:46:fa:4a:64:
fb:76:97:23:34:f7:89:6c:4a:68:4b:7f:94:f6:90:
c2:12:6e:2c:92:94:69:8d:b3:0d:2a:35:9c:f0:07:
19:e8:8c:5b:d5:1d:dc:aa:56:d9:90:5b:8d:8e:1c:
46:e0:31:29:7b:b9:1b:91:18:6b:c1:ec:fb:0d:3a:
ae:18:1f:80:61:2e:c9:c6:56:cb:d9:f9:10:47:ec:
54:8b:7c:67:75:19:65:85:b7:df:cb:a1:d5:5c:1d:
86:d9:2d:06:2f:73:49:b0:08:1c:a5:78:60:d0:ae:
b5:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:CB:3D:1C:49:0A:68:34:67:7F:00:80:E0:5A:75:58:44:06:00:D5
X509v3 Authority Key Identifier:
keyid:65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/u8s9HEkKaDRnfwCA4Fp1WEQGANU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/Zb3P93vwYNXaEt5F4gcuHP9FYKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.41.243.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:91:ea:7e:74:98:cc:88:26:88:45:38:f3:31:e3:c5:4e:69:
b5:ed:e9:e7:b3:59:86:a1:c0:f8:a4:75:ad:3b:b8:c1:ba:fb:
bd:4e:39:92:6a:d0:c5:91:3d:42:28:0d:36:22:2d:dc:fe:cb:
80:35:2a:60:b1:b6:6f:6e:51:17:2c:10:3d:17:39:6b:14:e8:
24:88:8e:6e:fd:2d:9c:18:b9:70:44:ee:32:b1:a4:35:9c:2e:
55:ff:b5:89:bb:91:dc:8d:ee:bd:07:76:9e:cc:2a:02:11:6a:
95:96:fe:f2:9b:e6:09:42:f6:c9:21:07:0a:c6:35:e7:95:3e:
87:7b:cf:26:77:c7:b2:76:d6:86:ca:da:94:8d:83:3b:b7:ca:
2c:2f:aa:78:3d:f8:c7:51:0f:56:0f:cb:d7:0e:36:43:ec:c4:
2a:e5:62:2f:5d:14:4e:83:96:3b:8d:bc:51:20:00:27:36:bd:
31:9c:84:5f:d7:05:f0:53:87:d2:7f:e1:97:4f:43:1b:77:dd:
eb:49:72:90:fa:d9:ce:2b:af:e2:81:23:ae:43:d0:71:ca:96:
fc:3b:eb:36:45:eb:60:92:e4:d4:4b:c6:60:e6:5e:99:7a:71:
ff:62:7c:71:d8:14:de:05:d0:fb:49:a4:3b:f7:b3:69:82:5a:
b4:f3:ca:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+xcHkmEUhTXC+xsqwonNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YmRjZmY3N2JmMDYwZDVkYTEyZGU0NWUyMDcyZTFjZmY0
NTYwYTcwHhcNMjUwMTAxMTc0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmNiM2QxYzQ5MGE2ODM0Njc3ZjAwODBlMDVhNzU1ODQ0MDYwMGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8iIWg2bUwjo9EU1H1gFLtkF/bTj
/qOiYLeWGKqzb7gN7R+qK+CT/LlTV0XOqvz14RTDfQ45J97gxcAf0VFZ7L4WlR5T
ib5LgVFoejEk4SZf2WV2nqciBdkInROvcf1zhMd47s9BUkSshK8c0XZiqwur6gu1
Z0W9WBwC4Kf/FrFwmk70R9pFqhYzCj6hFqmAEUb6SmT7dpcjNPeJbEpoS3+U9pDC
Em4skpRpjbMNKjWc8AcZ6Ixb1R3cqlbZkFuNjhxG4DEpe7kbkRhrwez7DTquGB+A
YS7JxlbL2fkQR+xUi3xndRllhbffy6HVXB2G2S0GL3NJsAgcpXhg0K61ZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLvLPRxJCmg0Z38AgOBadVhEBgDVMB8GA1UdIwQY
MBaAFGW9z/d78GDV2hLeReIHLhz/RWCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYt
ZDcwY2Q5N2Y0ODU3LzEvdThzOUhFa0thRFJuZndDQTRGcDFXRVFHQU5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYtZDcwY2Q5N2Y0ODU3
LzEvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSnzMA0G
CSqGSIb3DQEBCwUAA4IBAQBOkep+dJjMiCaIRTjzMePFTmm17enns1mGocD4pHWt
O7jBuvu9TjmSatDFkT1CKA02Ii3c/suANSpgsbZvblEXLBA9FzlrFOgkiI5u/S2c
GLlwRO4ysaQ1nC5V/7WJu5Hcje69B3aezCoCEWqVlv7ym+YJQvbJIQcKxjXnlT6H
e88md8eydtaGytqUjYM7t8osL6p4PfjHUQ9WD8vXDjZD7MQq5WIvXRROg5Y7jbxR
IAAnNr0xnIRf1wXwU4fSf+GXT0Mbd93rSXKQ+tnOK6/igSOuQ9Bxypb8O+s2Retg
kuTUS8Zg5l6ZenH/Ynxx2BTeBdD7SaQ797Npglq088rq
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:01 2025 by rpki-client