Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/3C5Kpf5FVj4NF6ajlEQM0QOqgqk.roa
File: 3C5Kpf5FVj4NF6ajlEQM0QOqgqk.roa (raw, json)
Hash identifier: U9OviTY/uoXQjvuInkq8Q2sdhSdFsSu1IZzjMir3Pfo=
Subject key identifier: DC:2E:4A:A5:FE:45:56:3E:0D:17:A6:A3:94:44:0C:D1:03:AA:82:A9
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0194222060A8FFF78B0F1AEBBB883BCB2735
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/3C5Kpf5FVj4NF6ajlEQM0QOqgqk.roa
Signing time: Wed 01 Jan 2025 13:48:54 +0000
ROA not before: Wed 01 Jan 2025 13:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397423
IP address blocks: 185.234.21.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:60:a8:ff:f7:8b:0f:1a:eb:bb:88:3b:cb:27:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc2e4aa5fe45563e0d17a6a394440cd103aa82a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:bd:c7:8a:97:b8:1c:cc:00:64:33:b1:83:89:
c6:12:bd:5d:d9:e6:d4:b8:47:a6:a0:9e:97:c8:9c:
2f:95:d4:fe:95:e5:f6:ee:35:d4:cb:79:32:c7:40:
8b:a9:68:0d:b8:3c:2b:63:e9:97:c9:41:60:d1:58:
83:e7:ef:b4:5f:0a:df:ed:e6:f0:57:30:f6:6a:e1:
01:dc:1f:68:f4:e1:80:00:5d:e2:c6:1e:44:e7:b3:
c4:22:f7:45:29:19:57:f0:71:50:4b:6b:14:6b:9f:
74:76:0b:66:f3:e6:6a:11:8e:24:88:65:ab:bb:0a:
7e:d1:f4:b0:37:07:80:12:75:eb:c9:6e:0e:bc:ef:
e8:b7:65:9b:92:68:7e:21:78:78:b0:11:a6:02:30:
4d:da:5a:6d:25:3d:96:a2:85:cd:33:a3:7f:84:c9:
57:65:cc:9b:93:b0:17:a1:49:df:c0:92:44:c3:4e:
06:dd:3d:f8:56:f9:6b:08:dc:4a:60:47:fe:82:18:
ad:89:8f:a9:36:2a:b2:e5:33:c0:e6:35:c2:d8:69:
55:a9:66:ca:da:71:fd:f8:5f:e1:b3:8b:78:9b:65:
17:e9:98:9e:50:05:5f:7d:b9:92:ee:55:5d:04:00:
eb:65:da:87:7b:10:8e:de:d7:09:b0:d3:5e:ac:a1:
fe:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:2E:4A:A5:FE:45:56:3E:0D:17:A6:A3:94:44:0C:D1:03:AA:82:A9
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/3C5Kpf5FVj4NF6ajlEQM0QOqgqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.21.0/24
Signature Algorithm: sha256WithRSAEncryption
22:e9:6e:a5:ec:ed:ba:f4:f9:be:a0:fb:24:7c:3f:71:4e:53:
d0:fb:1e:42:85:67:bc:8a:ea:c5:cc:a8:0f:87:ca:59:28:53:
18:04:50:49:70:e5:76:f2:fc:e7:e5:9f:96:f2:a6:66:47:61:
4a:77:d9:6e:12:ea:a3:7c:92:07:38:f6:a0:9a:06:50:46:c5:
ab:96:a8:b6:71:47:49:94:55:b5:dd:67:cc:86:c7:bc:08:88:
5f:30:29:87:55:33:06:a1:fe:06:d8:ed:52:65:14:ef:a9:a3:
8c:f5:5e:e4:bd:2b:43:fb:18:cc:9f:32:bd:a4:73:9a:36:df:
46:20:ae:bd:e5:61:b1:d1:ed:fb:af:e0:2c:d8:49:94:c0:3b:
af:6c:64:0a:7c:50:bd:1c:e4:4e:86:fc:d5:4b:d6:a0:10:5e:
a5:2f:db:b4:4d:5b:04:2f:78:2f:0d:d7:4c:9b:34:fe:86:82:
4f:8a:60:9a:ec:18:8c:5d:7f:ef:74:30:65:7c:a3:c2:6e:93:
03:3a:d3:1f:00:1a:0c:60:68:c6:b4:86:e9:0e:85:a9:be:d0:
1d:f9:55:ee:09:47:e5:96:2f:7c:cf:7b:74:83:1f:95:a9:80:
4c:79:d8:46:2d:45:8b:97:31:cd:e7:a9:4d:ae:58:da:57:a3:
ed:41:3e:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIGCo//eLDxrru4g7yyc1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzJlNGFhNWZlNDU1NjNlMGQxN2E2YTM5NDQ0MGNkMTAzYWE4MmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnr3Hipe4HMwAZDOxg4nGEr1d2ebU
uEemoJ6XyJwvldT+leX27jXUy3kyx0CLqWgNuDwrY+mXyUFg0ViD5++0Xwrf7ebw
VzD2auEB3B9o9OGAAF3ixh5E57PEIvdFKRlX8HFQS2sUa590dgtm8+ZqEY4kiGWr
uwp+0fSwNweAEnXryW4OvO/ot2Wbkmh+IXh4sBGmAjBN2lptJT2WooXNM6N/hMlX
Zcybk7AXoUnfwJJEw04G3T34VvlrCNxKYEf+ghitiY+pNiqy5TPA5jXC2GlVqWbK
2nH9+F/hs4t4m2UX6ZieUAVffbmS7lVdBADrZdqHexCO3tcJsNNerKH+kwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNwuSqX+RVY+DRemo5REDNEDqoKpMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvM0M1S3BmNUZWajRORjZhamxFUU0wUU9xZ3FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueoVMA0G
CSqGSIb3DQEBCwUAA4IBAQAi6W6l7O269Pm+oPskfD9xTlPQ+x5ChWe8iurFzKgP
h8pZKFMYBFBJcOV28vzn5Z+W8qZmR2FKd9luEuqjfJIHOPagmgZQRsWrlqi2cUdJ
lFW13WfMhse8CIhfMCmHVTMGof4G2O1SZRTvqaOM9V7kvStD+xjMnzK9pHOaNt9G
IK695WGx0e37r+As2EmUwDuvbGQKfFC9HOROhvzVS9agEF6lL9u0TVsEL3gvDddM
mzT+hoJPimCa7BiMXX/vdDBlfKPCbpMDOtMfABoMYGjGtIbpDoWpvtAd+VXuCUfl
li98z3t0gx+VqYBMedhGLUWLlzHN56lNrljaV6PtQT4M
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:46:35 2025 by rpki-client