Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/JTw7NmtLpWflzEJ7sUFjDsnuYIM.roa
File: JTw7NmtLpWflzEJ7sUFjDsnuYIM.roa (raw, json)
Hash identifier: uYFVzEifvcYFoRA+QdkXmVBuBBNqiRhVczkGrdnFE8s=
Subject key identifier: 25:3C:3B:36:6B:4B:A5:67:E5:CC:42:7B:B1:41:63:0E:C9:EE:60:83
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0194222028706EFD63779367FD8D3DF3B362
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/JTw7NmtLpWflzEJ7sUFjDsnuYIM.roa
Signing time: Wed 01 Jan 2025 13:48:40 +0000
ROA not before: Wed 01 Jan 2025 13:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50666
IP address blocks: 185.228.160.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:28:70:6e:fd:63:77:93:67:fd:8d:3d:f3:b3:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=253c3b366b4ba567e5cc427bb141630ec9ee6083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f5:64:34:b8:fe:2e:6f:60:cf:5a:ba:08:6b:
92:be:a0:19:4d:6f:dd:52:9f:57:a2:09:e2:6f:8e:
76:f0:c0:6c:9b:ca:64:ed:80:22:b7:52:b4:60:94:
f4:a6:51:dd:70:8b:2a:e5:14:ee:ea:af:58:2b:ed:
70:84:a2:28:5b:f4:8c:e9:11:06:14:74:fd:8d:c0:
86:3e:c8:36:42:a5:3b:fd:c1:e1:16:81:3a:05:50:
db:f2:6a:f2:18:e3:66:b3:fd:31:6e:52:e4:e7:cd:
ff:44:fe:d4:4c:70:40:21:c5:dd:38:0f:45:a3:08:
89:cb:9e:2f:20:fb:68:ba:31:68:d2:b4:fb:9f:dc:
25:6e:4a:3b:67:e1:88:6f:e6:7f:4d:a5:96:06:f4:
53:20:a7:96:57:51:77:dc:88:46:c3:d6:62:95:05:
62:51:04:45:52:2e:f8:c8:07:e1:f0:26:5b:35:fd:
c7:8f:24:d6:13:49:e0:9f:6f:2e:ac:54:54:eb:10:
31:29:e6:d3:6f:6b:2e:96:14:d2:eb:95:78:08:14:
c5:c9:50:cd:97:7f:e4:f3:7c:ae:ac:c9:b4:fa:93:
dd:6d:a7:9c:43:a2:66:e2:cf:a8:97:89:ed:e2:7d:
86:8e:57:69:4a:91:1c:e4:cb:54:7f:d5:2c:8a:85:
58:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:3C:3B:36:6B:4B:A5:67:E5:CC:42:7B:B1:41:63:0E:C9:EE:60:83
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/JTw7NmtLpWflzEJ7sUFjDsnuYIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.160.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:2f:78:b2:85:07:b0:44:a0:3d:d5:de:ce:65:e3:58:57:ee:
69:f5:60:ab:d6:66:6c:aa:1e:b6:e0:5d:86:94:8b:73:f4:06:
4a:cc:84:8f:de:ec:4b:c2:bf:e1:d6:77:31:67:0c:2f:15:e3:
fb:f9:c9:37:6b:a8:ba:43:f6:b8:5a:d8:fc:35:5b:14:7d:b6:
47:ca:ba:ed:0e:05:46:e8:dd:13:e8:f3:05:57:7e:40:ad:af:
23:d6:88:8c:47:b9:02:f5:1e:4e:2b:9e:dc:85:0c:fc:e6:c6:
50:de:9b:c8:b7:8f:a9:a4:aa:d6:bc:16:82:1c:03:95:9c:8d:
a1:da:7f:80:00:64:3e:ac:b8:5d:c1:c7:18:bd:c5:fd:4f:d6:
fa:be:db:04:3d:00:09:e3:0c:2e:69:73:5c:b9:a4:07:c2:39:
35:45:76:ef:dd:34:bd:74:67:7b:84:75:7d:41:27:0a:fd:4e:
35:49:c6:7a:23:0c:f0:87:30:fd:ab:3b:4b:ec:9e:22:65:dd:
7c:e1:ea:5c:5c:d9:86:e5:dc:dd:83:2a:6e:5f:63:7e:83:f9:
eb:85:bb:f9:76:70:39:0b:ea:ed:ce:c5:f5:83:2a:6f:ed:9f:
49:4d:ae:28:b0:9b:fe:1b:a5:f1:3c:1d:39:82:15:80:54:1f:
36:18:f3:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIChwbv1jd5Nn/Y0987NiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTNjM2IzNjZiNGJhNTY3ZTVjYzQyN2JiMTQxNjMwZWM5ZWU2MDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufVkNLj+Lm9gz1q6CGuSvqAZTW/d
Up9Xognib4528MBsm8pk7YAit1K0YJT0plHdcIsq5RTu6q9YK+1whKIoW/SM6REG
FHT9jcCGPsg2QqU7/cHhFoE6BVDb8mryGONms/0xblLk583/RP7UTHBAIcXdOA9F
owiJy54vIPtoujFo0rT7n9wlbko7Z+GIb+Z/TaWWBvRTIKeWV1F33IhGw9ZilQVi
UQRFUi74yAfh8CZbNf3HjyTWE0ngn28urFRU6xAxKebTb2sulhTS65V4CBTFyVDN
l3/k83yurMm0+pPdbaecQ6Jm4s+ol4nt4n2GjldpSpEc5MtUf9UsioVYQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCU8OzZrS6Vn5cxCe7FBYw7J7mCDMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvSlR3N05tdExwV2ZsekVKN3NVRmpEc251WUlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueSgMA0G
CSqGSIb3DQEBCwUAA4IBAQB/L3iyhQewRKA91d7OZeNYV+5p9WCr1mZsqh624F2G
lItz9AZKzISP3uxLwr/h1ncxZwwvFeP7+ck3a6i6Q/a4Wtj8NVsUfbZHyrrtDgVG
6N0T6PMFV35Ara8j1oiMR7kC9R5OK57chQz85sZQ3pvIt4+ppKrWvBaCHAOVnI2h
2n+AAGQ+rLhdwccYvcX9T9b6vtsEPQAJ4wwuaXNcuaQHwjk1RXbv3TS9dGd7hHV9
QScK/U41ScZ6IwzwhzD9qztL7J4iZd184epcXNmG5dzdgypuX2N+g/nrhbv5dnA5
C+rtzsX1gypv7Z9JTa4osJv+G6XxPB05ghWAVB82GPPg
-----END CERTIFICATE-----
Generated at Sat Apr 12 09:29:53 2025 by rpki-client