Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/vaJmh4nE5MVA88FJW8VyMltsNBE.roa
File: vaJmh4nE5MVA88FJW8VyMltsNBE.roa (raw, json)
Hash identifier: fwX0EeAkkTYexbLbW1IFVhe3e2kqqvzl9ETNeUZXL1g=
Subject key identifier: BD:A2:66:87:89:C4:E4:C5:40:F3:C1:49:5B:C5:72:32:5B:6C:34:11
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019422205DB353F7EF7047EF95AFC3647AA0
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/vaJmh4nE5MVA88FJW8VyMltsNBE.roa
Signing time: Wed 01 Jan 2025 13:48:53 +0000
ROA not before: Wed 01 Jan 2025 13:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 270564
IP address blocks: 185.228.72.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:5d:b3:53:f7:ef:70:47:ef:95:af:c3:64:7a:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bda2668789c4e4c540f3c1495bc572325b6c3411
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:da:af:87:74:e0:e3:76:81:0e:08:4a:8f:87:
58:89:ed:f9:e4:b7:87:34:b9:7f:15:e9:0b:11:13:
2c:a1:98:e8:92:c0:1d:d9:88:54:58:9b:b0:9c:3c:
d4:5a:38:96:0a:d6:ce:ce:24:2e:92:f7:8e:01:8a:
c4:bc:a0:0c:e9:5c:49:48:ea:84:8c:8b:09:5b:8e:
87:0e:07:99:43:6d:22:a3:55:06:55:9e:0c:ed:df:
97:59:2a:62:79:b2:36:9c:0e:5a:ce:6d:2a:2c:d4:
b4:de:30:d5:7b:19:34:2a:e7:fa:2e:10:7e:b4:f7:
b8:f0:9f:09:ef:b1:29:3e:3f:37:56:c9:02:17:f5:
f0:05:ae:06:03:4d:0a:2c:f6:4c:84:67:a5:45:29:
36:ce:e9:c9:8c:2e:b5:7a:fa:d0:c6:fc:d5:6f:d6:
44:5a:d3:55:69:7f:00:2d:21:b4:6d:2f:14:f0:ce:
21:39:9e:3c:70:39:27:d7:4c:b7:30:27:3e:32:84:
59:8d:3e:9b:f6:f4:b2:77:ce:c4:88:ea:11:ba:cd:
95:7b:d0:62:15:9e:e0:94:0c:2e:63:41:5e:16:93:
7d:42:e3:56:2f:f5:ae:e1:d0:2a:e2:80:48:c4:8b:
66:cd:ad:7d:f6:1b:e7:ec:a8:e8:67:aa:8e:03:f0:
61:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:A2:66:87:89:C4:E4:C5:40:F3:C1:49:5B:C5:72:32:5B:6C:34:11
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/vaJmh4nE5MVA88FJW8VyMltsNBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.72.0/24
Signature Algorithm: sha256WithRSAEncryption
99:8d:7d:5c:0b:bd:b1:b3:da:4f:fe:15:59:94:68:a2:2b:87:
e7:bc:d6:72:db:41:84:96:02:26:13:67:46:cf:53:f3:74:de:
cb:ae:c9:84:33:6e:b7:f2:28:64:7d:14:14:7c:5a:cc:22:26:
a7:6e:00:59:0c:ca:c2:11:0d:05:0f:2d:f7:6a:a2:9d:e9:5d:
f1:37:60:ac:c9:ba:9c:9a:bc:12:25:5e:b6:09:ab:84:a0:d6:
47:fb:b4:a0:ae:03:54:0e:10:ba:a5:a0:54:7b:ae:c3:4e:e2:
4d:bd:60:a0:38:08:ba:f3:d1:68:1d:c1:ea:5f:6b:57:51:2e:
4f:1f:b2:71:cd:a8:cd:e0:07:2b:63:d0:52:f5:82:57:01:8b:
2b:29:7e:e9:52:7d:cd:71:88:44:d2:90:52:94:38:df:84:35:
91:98:f9:13:c2:ea:65:c4:57:20:4d:de:1b:1b:27:81:f7:0e:
9d:d2:5c:3f:ae:92:e0:ed:ad:1c:68:38:f0:a1:be:35:3f:28:
0e:36:2b:e8:c7:a8:91:b2:12:77:76:fe:2a:af:1c:1e:cc:90:
bd:60:38:9d:96:50:f1:68:f0:fb:1d:13:bd:77:6c:12:58:d6:
55:5f:bd:b1:c0:9b:a4:51:d6:65:90:63:23:d5:a4:df:a1:b5:
d0:e4:c6:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIF2zU/fvcEfvla/DZHqgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGEyNjY4Nzg5YzRlNGM1NDBmM2MxNDk1YmM1NzIzMjViNmMzNDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA59qvh3Tg43aBDghKj4dYie355LeH
NLl/FekLERMsoZjoksAd2YhUWJuwnDzUWjiWCtbOziQukveOAYrEvKAM6VxJSOqE
jIsJW46HDgeZQ20io1UGVZ4M7d+XWSpiebI2nA5azm0qLNS03jDVexk0Kuf6LhB+
tPe48J8J77EpPj83VskCF/XwBa4GA00KLPZMhGelRSk2zunJjC61evrQxvzVb9ZE
WtNVaX8ALSG0bS8U8M4hOZ48cDkn10y3MCc+MoRZjT6b9vSyd87EiOoRus2Ve9Bi
FZ7glAwuY0FeFpN9QuNWL/Wu4dAq4oBIxItmza199hvn7KjoZ6qOA/BhfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL2iZoeJxOTFQPPBSVvFcjJbbDQRMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvdmFKbWg0bkU1TVZBODhGSlc4VnlNbHRzTkJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueRIMA0G
CSqGSIb3DQEBCwUAA4IBAQCZjX1cC72xs9pP/hVZlGiiK4fnvNZy20GElgImE2dG
z1PzdN7LrsmEM2638ihkfRQUfFrMIianbgBZDMrCEQ0FDy33aqKd6V3xN2Csybqc
mrwSJV62CauEoNZH+7SgrgNUDhC6paBUe67DTuJNvWCgOAi689FoHcHqX2tXUS5P
H7JxzajN4AcrY9BS9YJXAYsrKX7pUn3NcYhE0pBSlDjfhDWRmPkTwuplxFcgTd4b
GyeB9w6d0lw/rpLg7a0caDjwob41PygONivox6iRshJ3dv4qrxwezJC9YDidllDx
aPD7HRO9d2wSWNZVX72xwJukUdZlkGMj1aTfobXQ5Mav
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:34:53 2025 by rpki-client