Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/clX0YNiQqxrLh5KRIQ1WDmi_sYg.roa
File: clX0YNiQqxrLh5KRIQ1WDmi_sYg.roa (raw, json)
Hash identifier: lHdAtOJZ05TKI2DoNumHZCY0VkGmTIkvqW26oGZ3P+8=
Subject key identifier: 72:55:F4:60:D8:90:AB:1A:CB:87:92:91:21:0D:56:0E:68:BF:B1:88
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 0194266B03B83366EAC360B7ADE627BC042F
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/clX0YNiQqxrLh5KRIQ1WDmi_sYg.roa
Signing time: Thu 02 Jan 2025 09:48:54 +0000
ROA not before: Thu 02 Jan 2025 09:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 11938
IP address blocks: 185.255.114.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:03:b8:33:66:ea:c3:60:b7:ad:e6:27:bc:04:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jan 2 09:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7255f460d890ab1acb879291210d560e68bfb188
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:29:db:dd:72:d1:be:60:40:59:9f:62:b9:d6:
45:7d:0a:17:34:d9:b3:ab:bf:3b:fa:1e:07:61:d1:
6b:36:12:67:ae:6f:62:c8:9e:4f:bf:d8:aa:fe:cf:
7b:84:80:e2:45:d6:84:14:bf:72:48:50:30:c7:b1:
84:b2:36:b4:48:40:7d:5f:0d:a8:87:82:6b:d0:58:
b1:f5:ea:6a:95:48:6d:dd:2e:de:36:d9:f6:c1:02:
c6:47:03:15:ec:ba:ce:27:d0:c8:e3:d6:82:bd:d5:
08:d4:ca:05:c0:dd:d0:0c:a7:54:07:5e:82:f2:f7:
83:e5:a4:bb:33:7a:8c:de:96:41:b0:3c:ce:f1:a9:
37:65:01:31:1b:c6:db:fb:65:8a:1e:58:31:dd:88:
66:a1:4b:20:d7:18:2b:6e:0d:67:44:77:c5:52:32:
f7:91:c2:28:30:d3:dc:2f:6a:d3:b2:6a:d7:5f:9d:
6b:70:7a:3c:94:4a:2e:3d:11:75:7e:c2:f3:77:46:
d9:b2:62:94:47:54:79:f8:26:ee:84:d7:6d:27:d6:
0f:28:cd:a5:ea:18:4f:5d:39:41:67:66:c7:a0:d1:
ad:e1:7b:20:78:28:c4:d2:94:27:c6:23:f0:83:ca:
b3:51:13:65:a5:d9:31:76:94:38:d7:66:0f:c9:6f:
7a:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:55:F4:60:D8:90:AB:1A:CB:87:92:91:21:0D:56:0E:68:BF:B1:88
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/clX0YNiQqxrLh5KRIQ1WDmi_sYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.114.0/24
Signature Algorithm: sha256WithRSAEncryption
82:ee:00:b2:6b:56:93:fc:76:f7:b2:52:c9:d8:9b:5e:95:3b:
f0:94:58:23:57:d7:00:1b:81:cb:e3:db:26:17:fa:15:2a:87:
6c:5a:a6:7e:c0:b6:90:ba:3d:f5:4d:f3:85:19:79:3b:62:1e:
5d:a5:50:c5:7f:e8:35:c4:82:0d:27:51:8a:1c:d1:0e:86:da:
b9:96:ce:94:43:3c:cc:c6:af:8d:42:e3:a3:8f:b7:18:0f:07:
2e:06:c3:f5:e3:96:b8:8d:91:f5:ee:81:35:3b:e4:c8:46:0d:
b0:75:51:f8:f3:e6:2e:14:43:44:b2:b4:1b:33:12:ef:e0:b0:
5d:3f:2b:8d:ea:fa:c3:62:13:6b:76:53:e2:68:e2:8c:61:ba:
f5:0f:3b:1f:c8:9b:3a:f0:3d:cb:5a:69:4a:0b:fc:a2:54:7a:
82:b6:8d:4d:ab:84:17:5a:af:4a:32:91:8d:8c:df:91:41:86:
bc:55:b7:62:aa:d9:23:9c:de:89:56:79:1c:80:0a:5c:8a:e2:
5a:5d:6e:5f:d2:a3:37:ed:a6:f1:c2:30:b9:82:f4:90:95:d1:
9a:26:30:ee:7b:ca:e3:22:3e:da:dc:c5:92:1d:7c:b4:e8:ef:
b8:05:93:20:85:90:36:bc:ed:5b:17:b0:83:86:82:15:83:25:
5b:82:f5:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmawO4M2bqw2C3reYnvAQvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjUwMTAyMDk0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjU1ZjQ2MGQ4OTBhYjFhY2I4NzkyOTEyMTBkNTYwZTY4YmZiMTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiynb3XLRvmBAWZ9iudZFfQoXNNmz
q787+h4HYdFrNhJnrm9iyJ5Pv9iq/s97hIDiRdaEFL9ySFAwx7GEsja0SEB9Xw2o
h4Jr0Fix9epqlUht3S7eNtn2wQLGRwMV7LrOJ9DI49aCvdUI1MoFwN3QDKdUB16C
8veD5aS7M3qM3pZBsDzO8ak3ZQExG8bb+2WKHlgx3YhmoUsg1xgrbg1nRHfFUjL3
kcIoMNPcL2rTsmrXX51rcHo8lEouPRF1fsLzd0bZsmKUR1R5+CbuhNdtJ9YPKM2l
6hhPXTlBZ2bHoNGt4XsgeCjE0pQnxiPwg8qzURNlpdkxdpQ412YPyW96GQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHJV9GDYkKsay4eSkSENVg5ov7GIMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvY2xYMFlOaVFxeHJMaDVLUklRMVdEbWlfc1lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf9yMA0G
CSqGSIb3DQEBCwUAA4IBAQCC7gCya1aT/Hb3slLJ2JtelTvwlFgjV9cAG4HL49sm
F/oVKodsWqZ+wLaQuj31TfOFGXk7Yh5dpVDFf+g1xIINJ1GKHNEOhtq5ls6UQzzM
xq+NQuOjj7cYDwcuBsP145a4jZH17oE1O+TIRg2wdVH48+YuFENEsrQbMxLv4LBd
PyuN6vrDYhNrdlPiaOKMYbr1DzsfyJs68D3LWmlKC/yiVHqCto1Nq4QXWq9KMpGN
jN+RQYa8VbdiqtkjnN6JVnkcgApciuJaXW5f0qM37abxwjC5gvSQldGaJjDue8rj
Ij7a3MWSHXy06O+4BZMghZA2vO1bF7CDhoIVgyVbgvW3
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:42:09 2025 by rpki-client