Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/jPAlD5BCmQM_M3gq7qp_Ay9ZNKY.roa
File: jPAlD5BCmQM_M3gq7qp_Ay9ZNKY.roa (raw, json)
Hash identifier: lR5DqMCoH1cp06HdK+II3Vi9YKh7mrZok8SWfh2ldTo=
Subject key identifier: 8C:F0:25:0F:90:42:99:03:3F:33:78:2A:EE:AA:7F:03:2F:59:34:A6
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019422203DEDACD67CB7930E95691126F6C4
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/jPAlD5BCmQM_M3gq7qp_Ay9ZNKY.roa
Signing time: Wed 01 Jan 2025 13:48:45 +0000
ROA not before: Wed 01 Jan 2025 13:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206092
IP address blocks: 185.238.231.0/24 maxlen: 24
185.255.125.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:3d:ed:ac:d6:7c:b7:93:0e:95:69:11:26:f6:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8cf0250f904299033f33782aeeaa7f032f5934a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:37:a8:cf:9d:c5:50:72:87:77:58:d3:be:a9:
7d:be:2b:20:99:2c:09:f9:35:3c:10:99:32:af:c7:
eb:8d:c4:ef:a8:d7:a4:f6:e8:9e:aa:4b:d2:c5:59:
d8:74:df:6b:4a:a3:dc:ac:a8:4d:ae:b2:1d:04:39:
ec:60:85:d3:1c:8c:73:1f:3b:a2:08:bc:1d:94:d6:
6e:62:c9:83:2c:ac:b8:8b:08:99:34:82:74:be:97:
79:21:6b:e3:e7:80:d2:d1:23:ee:72:89:3a:2f:e0:
36:b8:4a:6e:e2:07:cc:cc:79:c4:f5:f4:8a:61:4d:
8a:87:7b:6c:9f:3f:18:5f:58:85:93:12:da:76:9b:
6e:3a:3f:d2:fe:f1:ff:77:71:f5:e3:cd:0b:a7:2c:
c6:67:65:30:fe:5c:86:5a:b8:ed:ad:d4:5c:5e:00:
3f:96:53:8e:7b:12:4c:a5:74:a0:83:cc:7f:0f:32:
80:f1:e6:36:97:ee:a0:1a:4c:51:4f:0b:f4:45:b4:
be:26:3d:ad:b5:d4:66:5c:f8:d3:d0:f3:9d:56:cb:
92:47:6c:a7:39:3b:d9:e4:94:3d:45:ff:93:84:0d:
26:76:c5:70:17:1e:55:97:3c:ca:66:72:52:88:24:
4e:f5:cc:15:61:8f:47:e4:15:42:97:c8:f3:1f:28:
46:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:F0:25:0F:90:42:99:03:3F:33:78:2A:EE:AA:7F:03:2F:59:34:A6
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/jPAlD5BCmQM_M3gq7qp_Ay9ZNKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.231.0/24
185.255.125.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:56:f9:19:b5:7b:56:41:74:02:9c:87:0a:e4:8d:0c:d4:cd:
d7:92:d6:d4:10:46:0f:61:56:73:d7:24:da:41:7b:90:c7:24:
2e:58:e0:c1:3d:2b:c4:ee:a9:33:b0:ae:c4:75:ef:25:43:dc:
de:de:25:97:b4:a9:59:50:ce:ac:07:56:1b:85:9e:f1:b6:4d:
e4:05:0f:93:e8:cf:59:8c:7f:e1:9e:a7:b6:d9:f4:2b:87:b7:
d9:b7:15:ec:c9:69:da:d6:d2:cc:d6:3a:17:e1:a4:f1:18:00:
07:c8:3f:7c:1e:ec:78:3b:7f:6f:c3:f6:c6:cd:bd:84:d9:5f:
bb:eb:2e:83:af:89:00:2e:79:bc:c9:2a:2d:dc:26:73:52:0a:
5e:65:f9:89:32:ef:34:af:65:99:d6:56:fb:17:c4:9c:ec:6b:
40:cc:9a:2f:55:b1:c7:04:d5:aa:f3:d9:79:49:c4:37:8c:06:
87:e2:be:01:83:f0:9a:49:8e:22:e1:7c:5c:27:ec:bb:b6:ed:
09:90:86:d3:19:bd:0d:0e:c6:48:87:86:af:b7:00:46:0f:d8:
5a:05:c0:a2:3f:5d:e5:8e:34:c7:19:cb:5d:c7:5c:59:b2:4f:
d9:d3:a6:f9:ab:b2:37:0a:c7:5c:39:c6:ef:37:6f:12:73:88:
19:1a:10:51
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiID3trNZ8t5MOlWkRJvbEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2YwMjUwZjkwNDI5OTAzM2YzMzc4MmFlZWFhN2YwMzJmNTkzNGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzeoz53FUHKHd1jTvql9visgmSwJ
+TU8EJkyr8frjcTvqNek9uieqkvSxVnYdN9rSqPcrKhNrrIdBDnsYIXTHIxzHzui
CLwdlNZuYsmDLKy4iwiZNIJ0vpd5IWvj54DS0SPucok6L+A2uEpu4gfMzHnE9fSK
YU2Kh3tsnz8YX1iFkxLadptuOj/S/vH/d3H1480LpyzGZ2Uw/lyGWrjtrdRcXgA/
llOOexJMpXSgg8x/DzKA8eY2l+6gGkxRTwv0RbS+Jj2ttdRmXPjT0POdVsuSR2yn
OTvZ5JQ9Rf+ThA0mdsVwFx5VlzzKZnJSiCRO9cwVYY9H5BVCl8jzHyhGDQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIzwJQ+QQpkDPzN4Ku6qfwMvWTSmMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvalBBbEQ1QkNtUU1fTTNncTdxcF9BeTlaTktZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAue7nAwQA
uf99MA0GCSqGSIb3DQEBCwUAA4IBAQB9VvkZtXtWQXQCnIcK5I0M1M3XktbUEEYP
YVZz1yTaQXuQxyQuWODBPSvE7qkzsK7Ede8lQ9ze3iWXtKlZUM6sB1YbhZ7xtk3k
BQ+T6M9ZjH/hnqe22fQrh7fZtxXsyWna1tLM1joX4aTxGAAHyD98Hux4O39vw/bG
zb2E2V+76y6Dr4kALnm8ySot3CZzUgpeZfmJMu80r2WZ1lb7F8Sc7GtAzJovVbHH
BNWq89l5ScQ3jAaH4r4Bg/CaSY4i4XxcJ+y7tu0JkIbTGb0NDsZIh4avtwBGD9ha
BcCiP13ljjTHGctdx1xZsk/Z06b5q7I3CsdcOcbvN28Sc4gZGhBR
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:19:16 2025 by rpki-client