Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/4DbPAMYKqsowRrlSN2jKxG6pmU0.roa
File: 4DbPAMYKqsowRrlSN2jKxG6pmU0.roa (raw, json)
Hash identifier: nbUFPEgVdvwK+c7ZeGDi63JJWI8wJkBfNG0hLO8Wois=
Subject key identifier: E0:36:CF:00:C6:0A:AA:CA:30:46:B9:52:37:68:CA:C4:6E:A9:99:4D
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0194236A37F2BB8FC78D7C830E09D6BCC2BC
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/4DbPAMYKqsowRrlSN2jKxG6pmU0.roa
Signing time: Wed 01 Jan 2025 19:49:10 +0000
ROA not before: Wed 01 Jan 2025 19:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 22649
IP address blocks: 185.141.204.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:37:f2:bb:8f:c7:8d:7c:83:0e:09:d6:bc:c2:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 19:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e036cf00c60aaaca3046b9523768cac46ea9994d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:92:5f:fe:33:94:99:be:f7:24:ae:15:bd:e7:
34:96:65:73:c8:1b:18:0b:72:17:64:63:6e:60:c8:
7f:07:5e:17:14:5a:4f:63:74:57:20:0a:ea:c6:38:
cf:e3:cf:84:8c:63:dd:00:f2:ca:38:dd:1f:1b:cf:
1e:36:78:68:1f:37:d7:9a:25:4b:bf:03:f8:09:9a:
6e:d2:f0:1a:f5:0d:b3:1c:2b:65:72:f7:a3:90:13:
0a:8f:a6:4e:df:9f:ea:e6:54:3a:00:a4:f2:98:34:
e1:df:98:05:de:5e:04:a1:a2:ba:3e:ea:f8:df:7f:
c1:07:2d:72:a5:22:0f:73:81:79:7e:4c:bc:d7:5a:
7b:98:02:fc:26:19:d6:27:dc:66:d5:ac:0d:0a:2c:
b3:29:27:a3:77:cd:31:c1:db:ff:e7:9c:9b:f5:02:
d3:50:82:a9:8a:6e:ad:3a:58:8e:36:02:c4:b4:71:
09:8a:18:fd:b2:4f:e0:9c:8c:db:94:29:0d:b5:a1:
d2:b9:70:43:64:8b:4a:03:36:a4:d1:9a:81:77:00:
47:62:4b:94:a8:b6:65:65:6e:fd:35:58:3a:8d:6a:
e6:31:37:45:b0:67:9a:18:5c:d2:65:72:e5:ba:2e:
91:b4:c5:1b:2c:8e:b1:e0:cf:95:79:fd:db:a9:f9:
39:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:36:CF:00:C6:0A:AA:CA:30:46:B9:52:37:68:CA:C4:6E:A9:99:4D
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/4DbPAMYKqsowRrlSN2jKxG6pmU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.204.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:b7:9e:8a:8d:7e:e3:14:3e:4e:7b:7d:68:4b:b6:78:ee:4e:
9a:15:de:c3:54:b9:4a:5b:b0:47:ad:ab:65:07:df:e1:4c:f7:
d5:3e:2c:7b:25:87:42:6e:fd:52:b7:9c:04:4d:45:bb:4a:17:
a1:5a:40:27:93:6f:97:1c:b9:d5:b6:db:d9:ad:bc:2d:77:58:
c8:ef:02:20:a8:c7:ae:5a:de:15:53:6c:31:07:85:45:66:e0:
ed:dc:2c:0c:21:03:f1:87:6e:59:b4:1e:07:3d:84:0a:10:2e:
06:a2:8b:2f:6f:34:17:c5:f4:c8:32:3e:10:d3:ea:1a:e8:6e:
b0:2f:6b:4f:d4:ba:80:e9:33:09:b4:33:f0:95:70:f5:22:b9:
9d:b4:c1:88:25:af:b1:1f:ca:7e:3b:1d:20:98:ac:d2:4f:73:
25:4c:1a:0d:12:29:d3:40:42:29:b7:99:bc:57:d3:58:1d:4e:
04:e8:e1:f8:0d:52:17:fd:ce:04:19:a6:62:6e:de:e9:a2:b8:
5f:a9:46:6c:ea:f5:ee:4c:b5:5c:71:92:d9:3d:d5:01:94:11:
ce:d7:bc:46:68:e5:c2:33:12:1e:56:57:06:81:d8:07:fd:4b:
43:31:55:85:49:0f:0c:eb:1f:cc:52:e0:1b:c2:ca:15:66:65:
e5:37:2f:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjajfyu4/HjXyDDgnWvMK8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMTAxMTk0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDM2Y2YwMGM2MGFhYWNhMzA0NmI5NTIzNzY4Y2FjNDZlYTk5OTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJJf/jOUmb73JK4Vvec0lmVzyBsY
C3IXZGNuYMh/B14XFFpPY3RXIArqxjjP48+EjGPdAPLKON0fG88eNnhoHzfXmiVL
vwP4CZpu0vAa9Q2zHCtlcvejkBMKj6ZO35/q5lQ6AKTymDTh35gF3l4EoaK6Pur4
33/BBy1ypSIPc4F5fky811p7mAL8JhnWJ9xm1awNCiyzKSejd80xwdv/55yb9QLT
UIKpim6tOliONgLEtHEJihj9sk/gnIzblCkNtaHSuXBDZItKAzak0ZqBdwBHYkuU
qLZlZW79NVg6jWrmMTdFsGeaGFzSZXLlui6RtMUbLI6x4M+Vef3bqfk52wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOA2zwDGCqrKMEa5UjdoysRuqZlNMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvNERiUEFNWUtxc293UnJsU04yakt4RzZwbVUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuY3MMA0G
CSqGSIb3DQEBCwUAA4IBAQC3t56KjX7jFD5Oe31oS7Z47k6aFd7DVLlKW7BHratl
B9/hTPfVPix7JYdCbv1St5wETUW7ShehWkAnk2+XHLnVttvZrbwtd1jI7wIgqMeu
Wt4VU2wxB4VFZuDt3CwMIQPxh25ZtB4HPYQKEC4GoosvbzQXxfTIMj4Q0+oa6G6w
L2tP1LqA6TMJtDPwlXD1IrmdtMGIJa+xH8p+Ox0gmKzST3MlTBoNEinTQEIpt5m8
V9NYHU4E6OH4DVIX/c4EGaZibt7porhfqUZs6vXuTLVccZLZPdUBlBHO17xGaOXC
MxIeVlcGgdgH/UtDMVWFSQ8M6x/MUuAbwsoVZmXlNy9g
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:33:42 2025 by rpki-client