Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/0vFjVDYAA-6QI2qHPCdosu1GYFw.roa
File: 0vFjVDYAA-6QI2qHPCdosu1GYFw.roa (raw, json)
Hash identifier: IQ3S8+qzPktEg1qP0FjMswDmKCTlK9fgpP4sOBqgbxM=
Subject key identifier: D2:F1:63:54:36:00:03:EE:90:23:6A:87:3C:27:68:B2:ED:46:60:5C
Certificate issuer: /CN=44af4b76312680e9d40a23b3ca2f19abf2f6c73b
Certificate serial: 019428284B046CDF078563DD42435A1F8A73
Authority key identifier: 44:AF:4B:76:31:26:80:E9:D4:0A:23:B3:CA:2F:19:AB:F2:F6:C7:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RK9LdjEmgOnUCiOzyi8Zq_L2xzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/0vFjVDYAA-6QI2qHPCdosu1GYFw.roa
Signing time: Thu 02 Jan 2025 17:55:16 +0000
ROA not before: Thu 02 Jan 2025 17:55:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57152
IP address blocks: 185.70.97.0/24 maxlen: 24
185.70.99.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:28:4b:04:6c:df:07:85:63:dd:42:43:5a:1f:8a:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44af4b76312680e9d40a23b3ca2f19abf2f6c73b
Validity
Not Before: Jan 2 17:55:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d2f16354360003ee90236a873c2768b2ed46605c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:43:fa:c6:bf:e9:2d:01:45:bf:96:84:32:73:
81:17:b6:f8:f8:09:7d:29:d9:07:e9:49:90:44:6e:
a1:98:e9:24:19:cf:18:4d:c6:da:1f:0e:84:4e:0e:
fb:af:a4:97:f1:29:1c:6a:51:9c:25:60:74:31:63:
90:d9:02:0f:19:6f:ae:92:41:f9:6e:67:1b:96:a1:
9d:d0:3e:a9:37:f2:56:97:64:d2:a6:70:5e:ce:a8:
b7:66:c9:93:45:5a:f9:b5:13:6c:4d:b9:34:75:6b:
73:d8:79:2a:a3:7e:f4:0a:4c:b4:b0:60:47:37:30:
f3:a0:7d:fb:d1:b4:98:42:d1:df:63:68:88:eb:ba:
fc:36:4f:3a:f1:34:d0:fc:03:d2:a5:6e:77:64:c6:
86:33:95:ba:2d:98:25:a2:eb:c5:df:c4:d9:3e:a7:
8c:ca:ad:ad:80:48:c9:16:ae:17:9b:0a:3a:f4:63:
f9:d6:71:eb:ef:3d:f4:25:c0:62:61:b6:e6:ea:3a:
60:bf:6c:bb:b5:fc:ea:ce:23:e1:e6:be:e1:ac:34:
d9:08:7f:1f:72:54:ee:c2:37:bf:4d:1e:ca:4c:17:
d4:fa:84:bf:64:4f:55:b7:67:58:58:fb:22:00:30:
b3:93:ac:32:b6:95:0b:e1:02:df:17:ff:35:12:2d:
eb:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:F1:63:54:36:00:03:EE:90:23:6A:87:3C:27:68:B2:ED:46:60:5C
X509v3 Authority Key Identifier:
keyid:44:AF:4B:76:31:26:80:E9:D4:0A:23:B3:CA:2F:19:AB:F2:F6:C7:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RK9LdjEmgOnUCiOzyi8Zq_L2xzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/0vFjVDYAA-6QI2qHPCdosu1GYFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/RK9LdjEmgOnUCiOzyi8Zq_L2xzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.97.0/24
185.70.99.0/24
Signature Algorithm: sha256WithRSAEncryption
79:02:c8:61:a4:04:5c:bd:9d:cd:61:9e:0e:b8:fa:07:c8:5b:
89:40:ef:1a:71:d8:b0:93:e5:7e:8c:db:7d:f8:d9:4b:79:a6:
46:d6:3d:1d:1e:a4:11:a0:ae:56:ce:66:64:ee:89:83:83:9d:
a6:02:13:84:0b:df:1f:77:1d:7c:78:5d:9a:37:8b:eb:ff:14:
73:96:3e:6f:25:47:81:8d:0c:56:f9:18:48:f1:07:19:84:e2:
a8:ac:81:8c:83:2c:d4:67:22:5a:c7:73:ad:37:90:f7:43:e3:
20:85:00:b7:67:6a:fc:dc:f7:7d:cb:56:12:4b:c4:fe:16:96:
c9:95:4d:cc:b4:ac:10:f8:94:7b:a5:6a:0d:b1:68:cb:a2:29:
86:10:9c:23:3c:a7:be:a0:1a:e3:26:46:a7:31:89:2e:1e:78:
b9:ad:39:92:8a:21:69:36:55:ac:9c:73:38:6c:b8:c2:9e:ae:
27:da:be:61:e2:50:b5:f0:c8:dd:81:b4:48:c5:dd:1f:5f:54:
59:04:a7:96:de:64:a9:ae:11:7e:68:4f:08:9a:d2:4c:9a:16:
d4:eb:24:d4:cf:37:15:15:f0:61:88:8d:26:86:73:10:3b:2e:
4a:0a:e1:bb:0a:26:2e:98:bf:58:ac:31:10:a3:a4:31:f5:25:
c9:97:6b:cf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoKEsEbN8HhWPdQkNaH4pzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YWY0Yjc2MzEyNjgwZTlkNDBhMjNiM2NhMmYxOWFiZjJm
NmM3M2IwHhcNMjUwMTAyMTc1NTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmYxNjM1NDM2MDAwM2VlOTAyMzZhODczYzI3NjhiMmVkNDY2MDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3EP6xr/pLQFFv5aEMnOBF7b4+Al9
KdkH6UmQRG6hmOkkGc8YTcbaHw6ETg77r6SX8SkcalGcJWB0MWOQ2QIPGW+ukkH5
bmcblqGd0D6pN/JWl2TSpnBezqi3ZsmTRVr5tRNsTbk0dWtz2Hkqo370Cky0sGBH
NzDzoH370bSYQtHfY2iI67r8Nk868TTQ/APSpW53ZMaGM5W6LZglouvF38TZPqeM
yq2tgEjJFq4Xmwo69GP51nHr7z30JcBiYbbm6jpgv2y7tfzqziPh5r7hrDTZCH8f
clTuwje/TR7KTBfU+oS/ZE9Vt2dYWPsiADCzk6wytpUL4QLfF/81Ei3rOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNLxY1Q2AAPukCNqhzwnaLLtRmBcMB8GA1UdIwQY
MBaAFESvS3YxJoDp1Aojs8ovGavy9sc7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUks5TGRqRW1nT25VQ2lPenlpOFpxX0wyeHpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82ODVhYTEtZWYyMi00OGE1LWI3MGEt
NWVhOGY1M2FiNDkxLzEvMHZGalZEWUFBLTZRSTJxSFBDZG9zdTFHWUZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82ODVhYTEtZWYyMi00OGE1LWI3MGEtNWVhOGY1M2FiNDkx
LzEvUks5TGRqRW1nT25VQ2lPenlpOFpxX0wyeHpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuUZhAwQA
uUZjMA0GCSqGSIb3DQEBCwUAA4IBAQB5AshhpARcvZ3NYZ4OuPoHyFuJQO8acdiw
k+V+jNt9+NlLeaZG1j0dHqQRoK5WzmZk7omDg52mAhOEC98fdx18eF2aN4vr/xRz
lj5vJUeBjQxW+RhI8QcZhOKorIGMgyzUZyJax3OtN5D3Q+MghQC3Z2r83Pd9y1YS
S8T+FpbJlU3MtKwQ+JR7pWoNsWjLoimGEJwjPKe+oBrjJkanMYkuHni5rTmSiiFp
NlWsnHM4bLjCnq4n2r5h4lC18MjdgbRIxd0fX1RZBKeW3mSprhF+aE8ImtJMmhbU
6yTUzzcVFfBhiI0mhnMQOy5KCuG7CiYumL9YrDEQo6Qx9SXJl2vP
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:05:44 2025 by rpki-client