Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/D7PGGduIwX7v-ShQSUz8OVV9C1w.roa
File: D7PGGduIwX7v-ShQSUz8OVV9C1w.roa (raw, json)
Hash identifier: 7ckgBrpQ8LkiNGwk/n+SRdsap+chU5QW5iJNm8qHanE=
Subject key identifier: 0F:B3:C6:19:DB:88:C1:7E:EF:F9:28:50:49:4C:FC:39:55:7D:0B:5C
Certificate issuer: /CN=dd640339e59addc75fd978101b40082b5d2b8796
Certificate serial: 01942143FF3E3103DAE211BEA82D0C952E4B
Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/D7PGGduIwX7v-ShQSUz8OVV9C1w.roa
Signing time: Wed 01 Jan 2025 09:48:11 +0000
ROA not before: Wed 01 Jan 2025 09:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 185.191.147.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:ff:3e:31:03:da:e2:11:be:a8:2d:0c:95:2e:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796
Validity
Not Before: Jan 1 09:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0fb3c619db88c17eeff92850494cfc39557d0b5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:98:9e:82:af:9a:16:c2:7d:f9:d3:d6:4f:ba:
c6:ce:0a:8a:41:89:5d:e2:4d:a1:b9:62:dc:6b:63:
40:48:3b:0b:7d:c6:76:24:5b:9e:98:44:ab:53:07:
1b:0f:c7:23:b1:e0:e1:53:25:78:66:f4:0c:a3:25:
d4:3a:ea:25:d0:a7:cc:95:72:9a:6e:92:d8:20:81:
39:2a:4d:f2:62:d5:19:00:64:72:a3:48:5d:2a:90:
4a:0f:d3:d2:99:b4:53:35:04:6e:62:02:d2:6b:f7:
c3:db:84:d3:dd:fb:db:ad:5a:e4:b8:8a:b8:6d:fd:
e5:c3:0e:69:2f:90:65:e1:8b:b4:63:af:cc:c1:71:
ce:7e:54:b4:06:75:95:c6:11:4a:c5:b5:46:7a:6f:
d2:ea:2b:c7:74:0b:ba:2e:21:cc:40:b3:02:f1:65:
75:dd:76:9e:9c:ab:64:84:b2:e0:1a:75:45:5c:d8:
06:4f:4c:83:a5:43:fb:99:eb:07:f8:16:52:74:47:
26:6e:4a:9f:88:4b:88:1b:52:43:56:a0:0a:fe:6b:
eb:b8:c9:ce:d8:e5:3e:45:ee:1d:bc:f2:2e:cf:b9:
43:d5:c2:ae:b0:59:e7:68:08:a7:26:dc:92:e6:78:
7f:fd:8e:70:1e:bb:9f:21:80:91:d2:bd:01:0c:68:
a0:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:B3:C6:19:DB:88:C1:7E:EF:F9:28:50:49:4C:FC:39:55:7D:0B:5C
X509v3 Authority Key Identifier:
keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/D7PGGduIwX7v-ShQSUz8OVV9C1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.147.0/24
Signature Algorithm: sha256WithRSAEncryption
21:93:a2:53:3e:cd:d6:5c:5d:32:bc:9b:e3:8e:4e:3c:f3:bd:
90:ac:a6:56:80:c5:f8:d5:2f:8c:4a:80:4c:c2:4a:c7:35:07:
9d:2a:48:fc:07:c4:7b:8b:7c:50:6d:fa:2b:54:3a:bf:1a:cf:
8a:1b:57:a2:25:82:15:65:d3:cd:33:92:5a:81:73:ac:97:c5:
0a:0e:b9:09:d9:ca:66:79:78:5f:20:ab:91:c6:f1:ed:e4:03:
1d:14:ec:8f:04:68:3f:29:da:07:57:f0:ec:6d:24:9b:20:d0:
40:ac:b4:07:df:02:d0:30:12:15:52:5b:18:32:51:bd:4a:95:
2c:64:e4:f8:f7:2c:32:f9:61:3a:4c:ae:33:74:81:6c:dd:44:
fc:02:b4:b9:a7:e9:da:6e:58:e5:d8:57:55:00:25:83:66:04:
c7:f2:b2:f2:4c:a1:62:f5:18:93:e3:29:7e:52:a7:63:96:6e:
fc:fc:cf:d3:91:0e:fa:25:3f:fb:d8:bf:55:60:55:b4:0c:96:
7c:bc:ac:ed:7c:b3:19:fb:21:e8:11:e4:c0:ca:40:b3:f6:51:
be:54:02:69:b8:c0:86:0a:93:d3:09:7f:f5:95:3d:34:cd:a4:
8d:04:af:23:bf:5e:3d:20:18:8c:6e:42:ec:e9:39:8d:93:7d:
39:67:55:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ/8+MQPa4hG+qC0MlS5LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQy
Yjg3OTYwHhcNMjUwMTAxMDk0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmIzYzYxOWRiODhjMTdlZWZmOTI4NTA0OTRjZmMzOTU1N2QwYjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpiegq+aFsJ9+dPWT7rGzgqKQYld
4k2huWLca2NASDsLfcZ2JFuemESrUwcbD8cjseDhUyV4ZvQMoyXUOuol0KfMlXKa
bpLYIIE5Kk3yYtUZAGRyo0hdKpBKD9PSmbRTNQRuYgLSa/fD24TT3fvbrVrkuIq4
bf3lww5pL5Bl4Yu0Y6/MwXHOflS0BnWVxhFKxbVGem/S6ivHdAu6LiHMQLMC8WV1
3XaenKtkhLLgGnVFXNgGT0yDpUP7mesH+BZSdEcmbkqfiEuIG1JDVqAK/mvruMnO
2OU+Re4dvPIuz7lD1cKusFnnaAinJtyS5nh//Y5wHrufIYCR0r0BDGigcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA+zxhnbiMF+7/koUElM/DlVfQtcMB8GA1UdIwQY
MBaAFN1kAznlmt3HX9l4EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAt
NjFiNzMzNTRhYmRiLzEvRDdQR0dkdUl3WDd2LVNoUVNVejhPVlY5QzF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRi
LzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub+TMA0G
CSqGSIb3DQEBCwUAA4IBAQAhk6JTPs3WXF0yvJvjjk48872QrKZWgMX41S+MSoBM
wkrHNQedKkj8B8R7i3xQbforVDq/Gs+KG1eiJYIVZdPNM5JagXOsl8UKDrkJ2cpm
eXhfIKuRxvHt5AMdFOyPBGg/KdoHV/DsbSSbINBArLQH3wLQMBIVUlsYMlG9SpUs
ZOT49ywy+WE6TK4zdIFs3UT8ArS5p+nabljl2FdVACWDZgTH8rLyTKFi9RiT4yl+
Uqdjlm78/M/TkQ76JT/72L9VYFW0DJZ8vKztfLMZ+yHoEeTAykCz9lG+VAJpuMCG
CpPTCX/1lT00zaSNBK8jv149IBiMbkLs6TmNk305Z1WU
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:21:46 2025 by rpki-client