Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/c77825-68a3-4b3e-bc90-523fd86a07c7/1/aDocXw9aAWTC2tonweXjSXZoNMs.roa
File: aDocXw9aAWTC2tonweXjSXZoNMs.roa (raw, json)
Hash identifier: M6NywDoKFY4uKrDQ3WCmTb7f59Ph9hBt6rzgbYZvGvU=
Subject key identifier: 68:3A:1C:5F:0F:5A:01:64:C2:DA:DA:27:C1:E5:E3:49:76:68:34:CB
Certificate issuer: /CN=53787cd7946e10d88646ac79de57cc6ec59e4132
Certificate serial: 019422FB5FF6BF2C7FC73348AF114B0F6B28
Authority key identifier: 53:78:7C:D7:94:6E:10:D8:86:46:AC:79:DE:57:CC:6E:C5:9E:41:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U3h815RuENiGRqx53lfMbsWeQTI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/c77825-68a3-4b3e-bc90-523fd86a07c7/1/aDocXw9aAWTC2tonweXjSXZoNMs.roa
Signing time: Wed 01 Jan 2025 17:48:06 +0000
ROA not before: Wed 01 Jan 2025 17:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60008
IP address blocks: 185.54.124.0/23 maxlen: 23
185.54.124.0/24 maxlen: 24
185.54.125.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:5f:f6:bf:2c:7f:c7:33:48:af:11:4b:0f:6b:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53787cd7946e10d88646ac79de57cc6ec59e4132
Validity
Not Before: Jan 1 17:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=683a1c5f0f5a0164c2dada27c1e5e349766834cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:da:6a:29:24:b0:20:07:c2:69:ef:31:db:06:
2a:4f:41:4d:66:6e:32:ab:36:20:7c:d5:3f:de:bc:
55:21:5a:a1:e5:43:d3:7d:a2:e8:fb:da:bb:76:c2:
25:25:44:3d:ae:6b:f0:e6:e3:84:68:23:9a:b5:1a:
03:57:17:39:da:95:01:f5:4f:a5:18:2f:ba:2d:00:
b2:64:51:79:e6:24:06:35:e6:30:fb:6e:f6:53:52:
1d:09:2c:1b:c9:5c:8d:dd:36:6d:fe:fc:ce:d6:82:
92:cc:d2:1f:fb:e5:9e:89:c5:89:08:ff:58:e7:ad:
3a:5b:b0:57:01:91:72:2f:86:f5:13:b2:f1:ad:a8:
08:8d:30:11:87:d8:58:bd:65:cf:44:fd:f4:90:e7:
7d:43:6a:9c:c9:ae:f8:fb:8e:c3:16:fb:46:8f:8c:
b4:21:dd:ce:4c:55:59:6a:ee:30:12:56:fb:4f:48:
6f:7c:04:4a:d8:dd:8b:e9:95:77:fa:72:c8:a0:13:
4e:7f:fd:ca:fe:67:60:96:bb:50:9e:a3:f3:b8:90:
57:24:56:ff:eb:66:5c:a3:bf:94:b4:51:8b:ff:5c:
fa:47:23:39:93:ac:07:fb:63:30:83:fe:3a:0c:55:
48:50:4a:05:b3:19:75:6d:46:0f:03:51:77:e0:cc:
10:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:3A:1C:5F:0F:5A:01:64:C2:DA:DA:27:C1:E5:E3:49:76:68:34:CB
X509v3 Authority Key Identifier:
keyid:53:78:7C:D7:94:6E:10:D8:86:46:AC:79:DE:57:CC:6E:C5:9E:41:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U3h815RuENiGRqx53lfMbsWeQTI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/c77825-68a3-4b3e-bc90-523fd86a07c7/1/aDocXw9aAWTC2tonweXjSXZoNMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/c77825-68a3-4b3e-bc90-523fd86a07c7/1/U3h815RuENiGRqx53lfMbsWeQTI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.124.0/23
Signature Algorithm: sha256WithRSAEncryption
c6:b6:ef:d8:77:86:b9:19:d0:f0:52:2e:5d:22:3f:17:f0:3a:
c9:d7:26:2d:e7:6f:8e:63:95:33:00:6e:e1:88:27:1d:c8:2b:
e1:df:38:dc:dd:bf:a5:de:8c:c2:da:65:98:a0:c5:02:4f:6c:
33:89:4e:c8:25:47:ce:fc:77:cd:36:fa:5d:98:f5:3f:fe:5c:
fe:60:11:b1:61:0a:2a:00:d1:0a:f2:96:d1:ec:af:58:25:5c:
82:8b:5a:f9:ff:12:3e:0f:4d:39:34:cd:c6:0d:55:cc:1a:21:
71:df:b2:ec:0d:27:be:fb:02:4a:49:af:d9:d6:05:83:a7:87:
39:98:d2:f1:51:d5:24:d6:8f:8d:ca:02:8f:b3:b1:e4:7e:6f:
0d:7c:6b:b2:45:86:81:f6:73:a3:bd:29:ee:f7:24:5b:8b:86:
9f:d6:bd:aa:de:96:f7:02:e0:44:4b:11:0e:41:de:eb:25:b8:
5a:20:f8:37:29:d7:be:4c:4d:97:8d:13:e7:67:3b:71:be:45:
0b:73:3d:44:80:53:c6:f5:af:c8:9a:ee:dc:1c:91:00:09:f0:
b0:37:e2:c0:78:99:aa:ab:5c:d5:c8:4e:9e:a5:cf:d2:09:1a:
3d:cd:ac:53:9e:97:e0:04:b2:cb:b8:fb:d8:ac:a4:12:b1:04:
1e:0f:0f:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+1/2vyx/xzNIrxFLD2soMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNzg3Y2Q3OTQ2ZTEwZDg4NjQ2YWM3OWRlNTdjYzZlYzU5
ZTQxMzIwHhcNMjUwMTAxMTc0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODNhMWM1ZjBmNWEwMTY0YzJkYWRhMjdjMWU1ZTM0OTc2NjgzNGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstpqKSSwIAfCae8x2wYqT0FNZm4y
qzYgfNU/3rxVIVqh5UPTfaLo+9q7dsIlJUQ9rmvw5uOEaCOatRoDVxc52pUB9U+l
GC+6LQCyZFF55iQGNeYw+272U1IdCSwbyVyN3TZt/vzO1oKSzNIf++WeicWJCP9Y
5606W7BXAZFyL4b1E7LxragIjTARh9hYvWXPRP30kOd9Q2qcya74+47DFvtGj4y0
Id3OTFVZau4wElb7T0hvfARK2N2L6ZV3+nLIoBNOf/3K/mdglrtQnqPzuJBXJFb/
62Zco7+UtFGL/1z6RyM5k6wH+2Mwg/46DFVIUEoFsxl1bUYPA1F34MwQXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGg6HF8PWgFkwtraJ8Hl40l2aDTLMB8GA1UdIwQY
MBaAFFN4fNeUbhDYhkased5XzG7FnkEyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTNoODE1UnVFTmlHUnF4NTNsZk1ic1dlUVRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9jNzc4MjUtNjhhMy00YjNlLWJjOTAt
NTIzZmQ4NmEwN2M3LzEvYURvY1h3OWFBV1RDMnRvbndlWGpTWFpvTk1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9jNzc4MjUtNjhhMy00YjNlLWJjOTAtNTIzZmQ4NmEwN2M3
LzEvVTNoODE1UnVFTmlHUnF4NTNsZk1ic1dlUVRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuTZ8MA0G
CSqGSIb3DQEBCwUAA4IBAQDGtu/Yd4a5GdDwUi5dIj8X8DrJ1yYt52+OY5UzAG7h
iCcdyCvh3zjc3b+l3ozC2mWYoMUCT2wziU7IJUfO/HfNNvpdmPU//lz+YBGxYQoq
ANEK8pbR7K9YJVyCi1r5/xI+D005NM3GDVXMGiFx37LsDSe++wJKSa/Z1gWDp4c5
mNLxUdUk1o+NygKPs7Hkfm8NfGuyRYaB9nOjvSnu9yRbi4af1r2q3pb3AuBESxEO
Qd7rJbhaIPg3Kde+TE2XjRPnZztxvkULcz1EgFPG9a/Imu7cHJEACfCwN+LAeJmq
q1zVyE6epc/SCRo9zaxTnpfgBLLLuPvYrKQSsQQeDw8n
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:01 2025 by rpki-client