Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/0b9f07-f166-4675-b185-60b6ebbb7e6f/1/cOU0f1SCKSAnKUQtSDidcXUui3Y.roa
File: cOU0f1SCKSAnKUQtSDidcXUui3Y.roa (raw, json)
Hash identifier: SxetuqQIAbe3h1o0xhzW+JEeQWRKvCIOYuGwJHKjEXs=
Subject key identifier: 70:E5:34:7F:54:82:29:20:27:29:44:2D:48:38:9D:71:75:2E:8B:76
Certificate issuer: /CN=40cfd3a49bc71e74a0d0bf7e346ca89b29597a12
Certificate serial: 01942747DCDB8C88E19243EBD32F0FD6C05D
Authority key identifier: 40:CF:D3:A4:9B:C7:1E:74:A0:D0:BF:7E:34:6C:A8:9B:29:59:7A:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QM_TpJvHHnSg0L9-NGyomylZehI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/0b9f07-f166-4675-b185-60b6ebbb7e6f/1/cOU0f1SCKSAnKUQtSDidcXUui3Y.roa
Signing time: Thu 02 Jan 2025 13:50:08 +0000
ROA not before: Thu 02 Jan 2025 13:50:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29119
IP address blocks: 185.223.96.0/22 maxlen: 22
195.128.12.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:dc:db:8c:88:e1:92:43:eb:d3:2f:0f:d6:c0:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40cfd3a49bc71e74a0d0bf7e346ca89b29597a12
Validity
Not Before: Jan 2 13:50:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70e5347f548229202729442d48389d71752e8b76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:6b:c3:f8:2f:c5:34:e5:00:46:a8:6a:1e:93:
9a:db:0a:d9:cb:bf:19:5d:a0:91:7e:3a:1d:75:d0:
bb:ac:21:a5:78:b5:96:04:dd:55:40:c7:1f:db:5b:
fa:74:a1:1a:48:a2:34:55:ac:3c:7a:22:b9:b9:7f:
8e:82:e4:e2:a0:cd:64:a1:a5:a8:36:43:20:fa:3d:
0b:f7:f7:2e:d5:5c:bd:25:ec:aa:3b:63:ee:f7:3c:
30:ef:7c:9e:0f:16:bc:fd:40:9b:39:f7:71:df:6e:
49:8a:c0:62:44:91:d3:29:aa:bc:78:dc:ab:f7:c5:
ea:8d:b7:83:e5:7f:af:cf:ca:79:de:c6:34:55:bb:
02:9a:93:25:74:aa:5f:8e:f2:fc:a2:a5:3b:db:40:
7a:af:a7:e9:ba:d5:16:c9:be:cb:1c:2d:ce:e8:26:
4c:2b:b5:69:20:b5:b3:dd:5f:10:f5:ae:77:7d:8e:
a6:02:a8:5a:1d:45:b7:f0:5b:66:b9:f7:ac:07:07:
2e:f9:ac:cd:4f:b9:ae:93:c5:03:05:1b:75:4f:ee:
b0:bc:11:4c:e5:ca:df:07:c0:43:f4:c7:77:d1:61:
df:ed:f5:e8:d9:80:c9:17:fa:f6:19:16:06:58:a1:
63:4f:6c:2a:65:66:90:f0:1b:b9:24:63:1f:de:6e:
80:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:E5:34:7F:54:82:29:20:27:29:44:2D:48:38:9D:71:75:2E:8B:76
X509v3 Authority Key Identifier:
keyid:40:CF:D3:A4:9B:C7:1E:74:A0:D0:BF:7E:34:6C:A8:9B:29:59:7A:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QM_TpJvHHnSg0L9-NGyomylZehI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0b9f07-f166-4675-b185-60b6ebbb7e6f/1/cOU0f1SCKSAnKUQtSDidcXUui3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0b9f07-f166-4675-b185-60b6ebbb7e6f/1/QM_TpJvHHnSg0L9-NGyomylZehI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.223.96.0/22
195.128.12.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:c6:8b:86:c4:0c:8e:c1:24:5a:8b:a3:3e:25:e2:24:7d:62:
86:40:d2:b2:8b:93:a1:3d:04:22:f3:ea:4d:e4:ff:fb:5e:fd:
f5:f4:e5:1b:88:30:15:9b:20:e6:08:18:f2:f8:15:80:68:62:
5d:40:62:aa:2b:81:a0:20:21:c6:e5:eb:0b:6b:68:35:5f:7f:
34:0e:ea:9b:4b:65:aa:ff:70:88:db:05:08:7a:19:17:1b:27:
09:38:60:65:84:52:d5:76:d7:d4:b7:1e:15:7e:1d:db:ee:98:
df:77:db:14:69:f6:ac:f6:d2:da:7f:15:28:f2:f0:3e:74:fb:
c7:7b:74:15:85:5c:0d:b6:2e:f9:b7:d5:b5:d4:ea:a3:9a:62:
f9:a6:89:02:02:35:4a:f4:ca:c3:8b:19:a0:8d:94:60:8c:55:
e7:c7:bb:29:a8:19:32:a2:fd:76:f8:04:e7:b4:34:1a:62:4a:
84:09:55:11:76:3f:49:7e:0a:ae:fe:32:d8:61:ed:a7:04:22:
f8:59:34:ad:0a:76:81:ed:4b:82:32:e1:65:93:3a:01:10:e5:
52:c1:95:25:d4:99:4b:c3:ee:c7:e5:f1:2a:62:bf:54:e8:b9:
be:0e:35:ac:5a:06:e2:40:cc:dc:bb:c5:8e:77:0d:4b:d1:89:
f2:e8:0a:41
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnR9zbjIjhkkPr0y8P1sBdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwY2ZkM2E0OWJjNzFlNzRhMGQwYmY3ZTM0NmNhODliMjk1
OTdhMTIwHhcNMjUwMTAyMTM1MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGU1MzQ3ZjU0ODIyOTIwMjcyOTQ0MmQ0ODM4OWQ3MTc1MmU4Yjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmvD+C/FNOUARqhqHpOa2wrZy78Z
XaCRfjodddC7rCGleLWWBN1VQMcf21v6dKEaSKI0Vaw8eiK5uX+OguTioM1koaWo
NkMg+j0L9/cu1Vy9JeyqO2Pu9zww73yeDxa8/UCbOfdx325JisBiRJHTKaq8eNyr
98XqjbeD5X+vz8p53sY0VbsCmpMldKpfjvL8oqU720B6r6fputUWyb7LHC3O6CZM
K7VpILWz3V8Q9a53fY6mAqhaHUW38FtmufesBwcu+azNT7muk8UDBRt1T+6wvBFM
5crfB8BD9Md30WHf7fXo2YDJF/r2GRYGWKFjT2wqZWaQ8Bu5JGMf3m6ABQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHDlNH9UgikgJylELUg4nXF1Lot2MB8GA1UdIwQY
MBaAFEDP06Sbxx50oNC/fjRsqJspWXoSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU1fVHBKdkhIblNnMEw5LU5HeW9teWxaZWhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wYjlmMDctZjE2Ni00Njc1LWIxODUt
NjBiNmViYmI3ZTZmLzEvY09VMGYxU0NLU0FuS1VRdFNEaWRjWFV1aTNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wYjlmMDctZjE2Ni00Njc1LWIxODUtNjBiNmViYmI3ZTZm
LzEvUU1fVHBKdkhIblNnMEw5LU5HeW9teWxaZWhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCud9gAwQC
w4AMMA0GCSqGSIb3DQEBCwUAA4IBAQCnxouGxAyOwSRai6M+JeIkfWKGQNKyi5Oh
PQQi8+pN5P/7Xv319OUbiDAVmyDmCBjy+BWAaGJdQGKqK4GgICHG5esLa2g1X380
DuqbS2Wq/3CI2wUIehkXGycJOGBlhFLVdtfUtx4Vfh3b7pjfd9sUafas9tLafxUo
8vA+dPvHe3QVhVwNti75t9W11OqjmmL5pokCAjVK9MrDixmgjZRgjFXnx7spqBky
ov12+ATntDQaYkqECVURdj9Jfgqu/jLYYe2nBCL4WTStCnaB7UuCMuFlkzoBEOVS
wZUl1JlLw+7H5fEqYr9U6Lm+DjWsWgbiQMzcu8WOdw1L0Yny6ApB
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:52:43 2025 by rpki-client