Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/b7olnPm2pVg5Ob4v16oi-G1xEQM.roa
File: b7olnPm2pVg5Ob4v16oi-G1xEQM.roa (raw, json)
Hash identifier: J0AL4R5GbREjGNBekfUiGGx8hLXqZqXomf3F0E/LozM=
Subject key identifier: 6F:BA:25:9C:F9:B6:A5:58:39:39:BE:2F:D7:AA:22:F8:6D:71:11:03
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 01944A64C2EE2492630803FA23DCDF9ECEDD
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/b7olnPm2pVg5Ob4v16oi-G1xEQM.roa
Signing time: Thu 09 Jan 2025 09:28:24 +0000
ROA not before: Thu 09 Jan 2025 09:28:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207691
IP address blocks: 78.142.3.0/24 maxlen: 24
185.43.56.0/23 maxlen: 24
185.43.56.0/24 maxlen: 24
185.43.57.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4a:64:c2:ee:24:92:63:08:03:fa:23:dc:df:9e:ce:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jan 9 09:28:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6fba259cf9b6a5583939be2fd7aa22f86d711103
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:23:e5:d8:12:18:da:62:e9:d6:22:76:77:bc:
43:c7:21:fa:99:68:ef:6b:4a:61:ee:e5:7d:9d:bb:
2b:15:ae:95:ae:2b:41:91:7c:50:8b:a3:1e:88:fc:
8f:91:a2:c0:d6:2a:70:9a:f4:99:8d:fc:d8:7f:65:
35:47:84:48:cd:3d:bf:2d:35:49:d3:32:0f:4a:3d:
e8:fc:4b:34:1d:11:3c:f1:2d:b0:2a:ae:aa:63:2e:
16:8c:7a:0c:8f:05:fa:6f:e5:3a:d5:20:8b:7c:d0:
16:9c:ea:36:06:09:ba:9f:19:b1:e5:03:0b:ed:36:
1f:c6:8b:3c:78:16:c3:b5:50:f7:f3:6e:ca:b8:df:
50:3c:3d:e8:46:9e:a0:49:73:2b:8e:ba:05:c4:f2:
0e:45:72:ce:19:c8:b9:6f:0c:ba:f0:e6:e8:89:7b:
1a:88:7f:57:8c:5b:04:c4:6b:a6:98:cf:80:c3:a6:
c9:a6:cc:5e:3d:96:02:fe:57:cf:86:de:1c:ad:0e:
9f:69:28:ab:dd:2b:b8:cf:48:b2:5f:52:1f:df:ea:
15:90:57:cf:f1:b2:86:68:ae:9f:58:f4:98:c8:ac:
bf:cf:ac:bc:42:c3:e4:7a:21:5c:5c:ed:d6:c2:1d:
dc:29:57:46:d7:cd:39:11:32:cc:b5:ad:0a:d1:e2:
3d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:BA:25:9C:F9:B6:A5:58:39:39:BE:2F:D7:AA:22:F8:6D:71:11:03
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/b7olnPm2pVg5Ob4v16oi-G1xEQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.3.0/24
185.43.56.0/23
Signature Algorithm: sha256WithRSAEncryption
ca:09:7c:ee:36:5f:77:99:12:01:3a:e8:ba:23:a0:e0:b4:cf:
42:95:4d:b4:f5:c6:8a:c9:e0:a4:03:38:50:2c:86:5f:16:b2:
80:e6:38:7d:e7:6a:bc:3c:dd:45:fd:d2:da:7a:a8:9d:4e:e9:
a4:f9:75:b3:e8:7c:77:e5:a8:44:60:55:7e:22:f0:c4:56:22:
f9:2b:72:89:25:5d:18:2b:37:ea:70:e0:29:5d:ff:f1:2a:1f:
e2:3e:57:67:a1:ca:f7:66:36:1d:75:8b:23:f0:cd:a2:3d:cb:
2d:29:27:1c:8b:cd:e3:97:e2:15:a6:3b:a9:4e:5d:92:b7:cd:
68:71:8d:87:3c:00:ed:08:66:6a:50:1f:d4:2e:bc:14:8a:4b:
60:10:6c:f9:b8:d6:38:8f:6f:b1:20:c3:e9:f2:1c:26:45:04:
76:a7:d7:2b:6f:90:91:36:1f:75:09:dc:e1:10:01:25:f8:50:
76:da:68:fb:ee:a7:d7:87:54:75:37:c8:5b:47:3a:46:5e:aa:
96:5b:8b:d2:94:e9:96:d0:96:6a:d6:b5:d7:87:90:40:4a:69:
df:ea:b5:67:12:a5:a3:ab:ba:8d:73:9d:01:ed:b7:97:0f:7c:
32:cd:26:42:b6:af:e3:6c:ac:9d:0c:26:35:38:02:c1:f5:02:
d3:31:0d:20
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZRKZMLuJJJjCAP6I9zfns7dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwMTA5MDkyODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmJhMjU5Y2Y5YjZhNTU4MzkzOWJlMmZkN2FhMjJmODZkNzExMTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1iPl2BIY2mLp1iJ2d7xDxyH6mWjv
a0ph7uV9nbsrFa6VritBkXxQi6MeiPyPkaLA1ipwmvSZjfzYf2U1R4RIzT2/LTVJ
0zIPSj3o/Es0HRE88S2wKq6qYy4WjHoMjwX6b+U61SCLfNAWnOo2Bgm6nxmx5QML
7TYfxos8eBbDtVD3827KuN9QPD3oRp6gSXMrjroFxPIORXLOGci5bwy68OboiXsa
iH9XjFsExGummM+Aw6bJpsxePZYC/lfPht4crQ6faSir3Su4z0iyX1If3+oVkFfP
8bKGaK6fWPSYyKy/z6y8QsPkeiFcXO3Wwh3cKVdG1805ETLMta0K0eI97wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG+6JZz5tqVYOTm+L9eqIvhtcREDMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvYjdvbG5QbTJwVmc1T2I0djE2b2ktRzF4RVFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATo4DAwQB
uSs4MA0GCSqGSIb3DQEBCwUAA4IBAQDKCXzuNl93mRIBOui6I6DgtM9ClU209caK
yeCkAzhQLIZfFrKA5jh952q8PN1F/dLaeqidTumk+XWz6Hx35ahEYFV+IvDEViL5
K3KJJV0YKzfqcOApXf/xKh/iPldnocr3ZjYddYsj8M2iPcstKScci83jl+IVpjup
Tl2St81ocY2HPADtCGZqUB/ULrwUiktgEGz5uNY4j2+xIMPp8hwmRQR2p9crb5CR
Nh91CdzhEAEl+FB22mj77qfXh1R1N8hbRzpGXqqWW4vSlOmW0JZq1rXXh5BASmnf
6rVnEqWjq7qNc50B7beXD3wyzSZCtq/jbKydDCY1OALB9QLTMQ0g
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:10:38 2025 by rpki-client