Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/Ebj6lh9sP_u02E4TBV-mhdT6m3s.roa
File: Ebj6lh9sP_u02E4TBV-mhdT6m3s.roa (raw, json)
Hash identifier: 8f3RjaJyLL/RlNIaXuouzYRAdOsKF2n1DYOxwJc6aAg=
Subject key identifier: 11:B8:FA:96:1F:6C:3F:FB:B4:D8:4E:13:05:5F:A6:85:D4:FA:9B:7B
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 019425FDC089C72BDBE214F771F66D736819
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/Ebj6lh9sP_u02E4TBV-mhdT6m3s.roa
Signing time: Thu 02 Jan 2025 07:49:34 +0000
ROA not before: Thu 02 Jan 2025 07:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62003
IP address blocks: 185.52.4.0/22 maxlen: 24
2a04:9a00:1010::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:c0:89:c7:2b:db:e2:14:f7:71:f6:6d:73:68:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Jan 2 07:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=11b8fa961f6c3ffbb4d84e13055fa685d4fa9b7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:19:86:6e:38:fd:01:73:33:c0:a5:b3:84:ad:
67:bc:d0:48:80:a9:23:16:6f:01:4d:89:da:0d:e9:
1b:0b:45:a2:57:0e:85:85:7e:14:b6:f9:13:d9:47:
ff:b1:6a:bc:07:0f:5e:b2:03:5e:e3:24:4c:d4:19:
e9:34:10:c7:1f:a6:17:84:71:a0:43:96:56:bf:12:
68:87:b3:65:57:6d:c4:3e:5e:95:d8:16:64:09:bc:
d1:5d:04:d4:63:12:37:63:45:49:1b:83:79:05:70:
5d:62:fe:4d:38:3f:ab:dd:29:19:d6:4d:18:cb:9c:
d6:4a:a8:5c:54:fa:02:e8:41:7b:87:b3:24:9f:d0:
55:6b:5d:f4:2f:01:63:c0:8c:b7:dd:89:16:c8:9a:
dc:31:de:1d:45:83:4c:0a:1c:13:74:45:1c:8d:86:
0d:1d:33:f4:c8:e6:4e:33:8d:9d:7d:d9:df:73:d8:
e3:da:e7:97:8e:30:ce:9d:37:5c:27:ac:f9:f0:5d:
7e:f3:c8:7c:d4:ab:15:0e:7f:3f:77:c1:76:52:2a:
d6:b2:73:da:40:a6:be:e2:30:a4:2b:a1:fc:73:a8:
87:71:a1:ce:18:96:d3:a8:e3:0e:54:11:03:56:85:
12:1f:22:40:e1:6c:34:c5:22:24:7d:40:4f:cf:34:
2b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:B8:FA:96:1F:6C:3F:FB:B4:D8:4E:13:05:5F:A6:85:D4:FA:9B:7B
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/Ebj6lh9sP_u02E4TBV-mhdT6m3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.4.0/22
IPv6:
2a04:9a00:1010::/44
Signature Algorithm: sha256WithRSAEncryption
05:a9:23:36:45:6e:66:f8:f7:94:48:e2:c8:cb:c9:52:a1:05:
62:12:7b:fa:94:d4:52:8c:30:a9:cf:27:64:0b:b4:50:f7:54:
d4:bc:80:0b:47:fb:76:ca:03:2c:a0:03:ab:d6:60:d8:ca:6b:
3a:c0:fc:71:0f:f2:bf:1d:aa:1e:d1:c6:b8:30:5f:85:1f:9f:
ba:47:b9:68:39:00:22:12:47:eb:e5:b2:71:e5:7e:00:97:ff:
e0:fd:52:5e:05:6b:ea:e4:1f:48:a9:b7:b1:8a:1c:fb:58:62:
43:f0:cd:07:50:a6:fb:1b:7a:b7:31:5f:c2:f0:5c:99:1b:b3:
da:41:b2:63:c9:67:66:bf:42:d0:80:f6:de:a5:4d:94:40:45:
d9:b2:9d:29:31:eb:47:99:71:2e:2d:99:de:f3:44:c1:88:89:
69:06:bd:95:74:1e:09:12:8c:08:a7:d2:49:19:39:32:44:61:
c5:4a:eb:c2:71:36:b8:3f:77:b8:b8:0d:bf:3e:37:de:f1:c5:
ee:51:33:14:59:10:3a:a1:25:4a:5f:0b:9a:87:f4:c5:a4:2c:
36:f3:c3:ac:8e:a4:a9:bf:f7:bc:cf:e8:81:be:70:ec:e8:1d:
8c:cc:b3:34:98:21:ea:d9:b2:a7:73:2c:38:fb:77:df:8a:ca:
09:86:d1:1a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQl/cCJxyvb4hT3cfZtc2gZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjUwMTAyMDc0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWI4ZmE5NjFmNmMzZmZiYjRkODRlMTMwNTVmYTY4NWQ0ZmE5YjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBmGbjj9AXMzwKWzhK1nvNBIgKkj
Fm8BTYnaDekbC0WiVw6FhX4UtvkT2Uf/sWq8Bw9esgNe4yRM1BnpNBDHH6YXhHGg
Q5ZWvxJoh7NlV23EPl6V2BZkCbzRXQTUYxI3Y0VJG4N5BXBdYv5NOD+r3SkZ1k0Y
y5zWSqhcVPoC6EF7h7Mkn9BVa130LwFjwIy33YkWyJrcMd4dRYNMChwTdEUcjYYN
HTP0yOZOM42dfdnfc9jj2ueXjjDOnTdcJ6z58F1+88h81KsVDn8/d8F2UirWsnPa
QKa+4jCkK6H8c6iHcaHOGJbTqOMOVBEDVoUSHyJA4Ww0xSIkfUBPzzQrvwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBG4+pYfbD/7tNhOEwVfpoXU+pt7MB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvRWJqNmxoOXNQX3UwMkU0VEJWLW1oZFQ2bTNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuTQEMA8E
AgACMAkDBwQqBJoAEBAwDQYJKoZIhvcNAQELBQADggEBAAWpIzZFbmb495RI4sjL
yVKhBWISe/qU1FKMMKnPJ2QLtFD3VNS8gAtH+3bKAyygA6vWYNjKazrA/HEP8r8d
qh7RxrgwX4Ufn7pHuWg5ACISR+vlsnHlfgCX/+D9Ul4Fa+rkH0ipt7GKHPtYYkPw
zQdQpvsbercxX8LwXJkbs9pBsmPJZ2a/QtCA9t6lTZRARdmynSkx60eZcS4tmd7z
RMGIiWkGvZV0HgkSjAin0kkZOTJEYcVK68JxNrg/d7i4Db8+N97xxe5RMxRZEDqh
JUpfC5qH9MWkLDbzw6yOpKm/97zP6IG+cOzoHYzMszSYIerZsqdzLDj7d9+KygmG
0Ro=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:45 2025 by rpki-client