Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/eBqKSHgKWTxCSnbljPDU-9ZyCRQ.roa
File: eBqKSHgKWTxCSnbljPDU-9ZyCRQ.roa (raw, json)
Hash identifier: o4qwAFjO8gqa1dj9In35HHflOPsQKJqXMXI8DdCylZI=
Subject key identifier: 78:1A:8A:48:78:0A:59:3C:42:4A:76:E5:8C:F0:D4:FB:D6:72:09:14
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 01942369E7432F59C0A02E4154FD6CFBD81B
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/eBqKSHgKWTxCSnbljPDU-9ZyCRQ.roa
Signing time: Wed 01 Jan 2025 19:48:50 +0000
ROA not before: Wed 01 Jan 2025 19:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59538
IP address blocks: 185.0.34.0/24 maxlen: 24
194.180.196.0/24 maxlen: 24
2a0f:7800::/31 maxlen: 48
2a0f:7800:600::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:e7:43:2f:59:c0:a0:2e:41:54:fd:6c:fb:d8:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: Jan 1 19:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=781a8a48780a593c424a76e58cf0d4fbd6720914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:45:c0:53:a0:c2:33:4d:87:83:38:9f:44:0a:
fa:2e:00:36:b6:da:9b:40:e4:32:70:08:8d:fa:9b:
84:01:cb:99:dc:47:e0:66:77:0f:58:21:a6:a8:1e:
28:b1:28:3a:96:ef:f0:86:f0:e3:57:d8:de:bf:7f:
8a:3b:eb:d4:5e:f0:00:32:c4:fb:cb:35:7b:ef:e6:
84:57:0f:0d:10:3a:d9:33:03:ea:c5:83:bc:61:24:
c1:ba:6f:be:66:ee:ef:a0:e8:62:d7:8f:78:cb:08:
6b:0b:74:8c:cd:b0:67:93:80:74:3f:25:73:8a:12:
52:28:9b:1f:81:e4:ce:db:09:4d:b5:65:75:fb:ef:
63:ae:b5:ef:f9:74:5a:6b:24:77:c7:ff:1f:32:3f:
e8:77:c3:86:ff:1a:55:68:8e:36:12:87:b6:aa:20:
81:22:1e:54:f9:e3:a3:c5:0f:ef:2e:fe:48:9b:84:
fe:73:36:b1:2f:58:f8:af:09:5c:59:6d:cb:80:89:
fb:cb:fa:b6:81:66:ba:81:da:62:13:0a:ec:2b:6a:
7a:6d:68:5f:49:d3:78:df:2d:22:d0:b7:47:45:06:
26:90:76:7d:b8:84:f9:f7:4a:e7:86:f7:28:83:c9:
12:ce:43:26:2f:38:11:8b:46:c5:ac:de:1d:d6:79:
a2:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:1A:8A:48:78:0A:59:3C:42:4A:76:E5:8C:F0:D4:FB:D6:72:09:14
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/eBqKSHgKWTxCSnbljPDU-9ZyCRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.0.34.0/24
194.180.196.0/24
IPv6:
2a0f:7800::/31
Signature Algorithm: sha256WithRSAEncryption
5d:04:a8:5c:f4:06:4c:c1:84:73:0e:df:46:62:39:4d:92:43:
3f:e8:08:b2:7d:ea:ea:8a:4a:9e:8d:3f:11:0d:61:a1:fe:ba:
86:9f:dd:2d:ff:e8:08:1e:bb:79:c2:e5:a0:11:d3:66:d5:25:
0c:90:30:82:0f:03:9d:0f:02:61:f8:8a:39:e8:7f:ad:ba:5c:
6d:21:cc:5f:6c:c6:e8:6c:a3:13:3d:7b:de:aa:e7:1e:60:82:
1c:b9:c5:9a:64:89:2a:41:4c:c6:4d:81:21:26:f7:76:d2:46:
4c:ca:1d:51:6f:b5:23:c4:8e:9e:ea:32:1e:4f:2b:40:3f:0f:
7f:05:03:e0:89:8e:21:4f:39:04:3c:01:d6:7f:5f:57:e7:89:
40:3d:23:c9:c9:b6:cc:b1:27:94:08:d0:87:6c:f0:32:69:35:
2c:4c:fc:e5:85:63:a3:4d:50:da:55:86:a4:11:78:5f:77:de:
6f:d7:fb:63:06:70:49:81:fb:4c:46:a4:2b:46:a2:ee:82:e8:
b4:fe:fe:e7:0f:ac:d1:14:04:f0:c0:38:1d:23:26:b6:5d:f8:
ab:9a:82:0c:c9:c2:e1:12:ec:7a:e8:4f:6c:7d:9c:49:60:68:
55:ec:ef:88:d3:7c:4e:e2:92:6a:df:b3:bf:f8:8f:2e:df:8d:
fc:86:80:1b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQjaedDL1nAoC5BVP1s+9gbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjUwMTAxMTk0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODFhOGE0ODc4MGE1OTNjNDI0YTc2ZTU4Y2YwZDRmYmQ2NzIwOTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUXAU6DCM02HgzifRAr6LgA2ttqb
QOQycAiN+puEAcuZ3EfgZncPWCGmqB4osSg6lu/whvDjV9jev3+KO+vUXvAAMsT7
yzV77+aEVw8NEDrZMwPqxYO8YSTBum++Zu7voOhi1494ywhrC3SMzbBnk4B0PyVz
ihJSKJsfgeTO2wlNtWV1++9jrrXv+XRaayR3x/8fMj/od8OG/xpVaI42Eoe2qiCB
Ih5U+eOjxQ/vLv5Im4T+czaxL1j4rwlcWW3LgIn7y/q2gWa6gdpiEwrsK2p6bWhf
SdN43y0i0LdHRQYmkHZ9uIT590rnhvcog8kSzkMmLzgRi0bFrN4d1nmi8wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHgaikh4Clk8Qkp25Yzw1PvWcgkUMB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvZUJxS1NIZ0tXVHhDU25ibGpQRFUtOVp5Q1JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuQAiAwQA
wrTEMA0EAgACMAcDBQEqD3gAMA0GCSqGSIb3DQEBCwUAA4IBAQBdBKhc9AZMwYRz
Dt9GYjlNkkM/6AiyferqikqejT8RDWGh/rqGn90t/+gIHrt5wuWgEdNm1SUMkDCC
DwOdDwJh+Io56H+tulxtIcxfbMbobKMTPXvequceYIIcucWaZIkqQUzGTYEhJvd2
0kZMyh1Rb7UjxI6e6jIeTytAPw9/BQPgiY4hTzkEPAHWf19X54lAPSPJybbMsSeU
CNCHbPAyaTUsTPzlhWOjTVDaVYakEXhfd95v1/tjBnBJgftMRqQrRqLugui0/v7n
D6zRFATwwDgdIya2XfirmoIMycLhEux66E9sfZxJYGhV7O+I03xO4pJq37O/+I8u
3438hoAb
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:59 2025 by rpki-client