Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/14e141-caa5-41fb-945b-ffb16ebd111f/1/j3K4X35kfjEUhm8UmbEuSZuRvvY.roa
File: j3K4X35kfjEUhm8UmbEuSZuRvvY.roa (raw, json)
Hash identifier: uk+5aj7HJZZkakM6PdHtx3JuETeBBl+0lL4mUEVaQ90=
Subject key identifier: 8F:72:B8:5F:7E:64:7E:31:14:86:6F:14:99:B1:2E:49:9B:91:BE:F6
Certificate issuer: /CN=fca396f1c344b079c5d2f27bfb313377febb2ec7
Certificate serial: 01942747E9C374CB25DA6F8FF5842787339D
Authority key identifier: FC:A3:96:F1:C3:44:B0:79:C5:D2:F2:7B:FB:31:33:77:FE:BB:2E:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_KOW8cNEsHnF0vJ7-zEzd_67Lsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/14e141-caa5-41fb-945b-ffb16ebd111f/1/j3K4X35kfjEUhm8UmbEuSZuRvvY.roa
Signing time: Thu 02 Jan 2025 13:50:11 +0000
ROA not before: Thu 02 Jan 2025 13:50:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202
IP address blocks: 185.168.10.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:e9:c3:74:cb:25:da:6f:8f:f5:84:27:87:33:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fca396f1c344b079c5d2f27bfb313377febb2ec7
Validity
Not Before: Jan 2 13:50:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f72b85f7e647e3114866f1499b12e499b91bef6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:42:15:d9:c9:05:4f:45:c1:f9:6e:19:16:31:
9c:3d:c9:6a:fa:2b:fe:4f:59:bf:f9:f6:c0:cb:ab:
04:f6:0e:f5:22:c0:bd:4b:aa:4c:03:1e:34:75:d0:
94:0e:1a:4b:a7:83:66:59:e3:31:13:77:64:6e:89:
b0:3a:87:62:3c:24:12:68:35:c0:09:a2:89:d0:ce:
62:91:40:69:5c:f9:8d:bb:2e:9e:08:57:b4:7b:f0:
dd:cc:81:15:ae:83:b3:b5:36:8c:7e:4a:57:16:eb:
76:96:e2:b3:ed:39:a7:3f:03:45:6c:f1:0d:cd:ce:
65:ea:e4:ab:08:71:61:0e:cd:67:01:10:5a:3f:cf:
11:02:00:01:82:f3:8a:25:e7:54:8c:f4:10:dc:73:
c4:02:26:13:0d:61:61:a9:17:b0:1e:92:72:90:0e:
a9:f5:41:30:1a:b3:cf:0d:cc:73:6f:fd:01:a8:d8:
d0:8d:fa:02:96:d8:06:4a:5c:69:f0:10:92:a8:a4:
62:70:36:36:bb:3d:d6:3a:bf:22:cd:6c:f4:83:ed:
bc:d4:67:53:4f:04:60:62:8d:2f:1e:49:15:8c:96:
74:cb:34:dd:b7:e2:c0:73:1e:29:ea:8b:59:5e:f0:
26:fb:d4:1d:87:f3:67:16:58:b0:72:9d:7b:58:24:
be:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:72:B8:5F:7E:64:7E:31:14:86:6F:14:99:B1:2E:49:9B:91:BE:F6
X509v3 Authority Key Identifier:
keyid:FC:A3:96:F1:C3:44:B0:79:C5:D2:F2:7B:FB:31:33:77:FE:BB:2E:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_KOW8cNEsHnF0vJ7-zEzd_67Lsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/14e141-caa5-41fb-945b-ffb16ebd111f/1/j3K4X35kfjEUhm8UmbEuSZuRvvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/14e141-caa5-41fb-945b-ffb16ebd111f/1/_KOW8cNEsHnF0vJ7-zEzd_67Lsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.168.10.0/24
Signature Algorithm: sha256WithRSAEncryption
46:21:37:36:a0:53:13:5f:dc:dd:40:98:5b:4a:e4:af:6e:88:
ec:cf:ce:bf:cd:d4:fe:26:aa:ff:f2:5c:ed:a0:b4:ab:be:32:
8f:3c:39:74:14:68:8d:5d:9a:ff:10:ac:5b:55:f9:e4:94:f1:
95:9f:fe:27:84:5b:77:64:b3:23:6e:3b:1a:40:2c:b1:91:90:
6e:ed:bd:74:50:94:24:3b:57:f1:87:3c:95:5b:b3:3a:f6:1b:
08:6e:9d:e9:5e:55:b4:23:cc:91:60:50:69:b2:11:47:40:ab:
79:ab:cb:fc:3e:e1:74:dd:ee:3b:f0:ad:6c:1c:9a:e3:60:04:
5c:7d:cf:59:23:e6:dd:1f:03:18:53:db:f5:5c:08:2e:c6:5f:
e6:83:24:e3:d7:19:75:8b:6d:1d:43:ae:a1:80:3b:2e:a5:70:
b1:47:6a:72:40:97:59:cc:11:9e:74:13:b7:38:2c:cb:e7:99:
ed:48:d0:a1:7c:73:c9:b3:be:9b:ff:81:85:44:a6:99:c9:07:
74:4f:a5:ab:e6:b2:4e:d6:dc:c4:4a:61:e0:d6:a7:5b:4d:6e:
fe:29:15:61:c6:44:4f:ae:4d:2d:3c:1f:c2:4d:e1:a3:07:1b:
a2:ff:fe:63:24:b7:5e:ac:99:65:3e:59:cc:86:cf:92:12:4a:
df:e8:9e:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR+nDdMsl2m+P9YQnhzOdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjYTM5NmYxYzM0NGIwNzljNWQyZjI3YmZiMzEzMzc3ZmVi
YjJlYzcwHhcNMjUwMTAyMTM1MDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjcyYjg1ZjdlNjQ3ZTMxMTQ4NjZmMTQ5OWIxMmU0OTliOTFiZWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0IV2ckFT0XB+W4ZFjGcPclq+iv+
T1m/+fbAy6sE9g71IsC9S6pMAx40ddCUDhpLp4NmWeMxE3dkbomwOodiPCQSaDXA
CaKJ0M5ikUBpXPmNuy6eCFe0e/DdzIEVroOztTaMfkpXFut2luKz7TmnPwNFbPEN
zc5l6uSrCHFhDs1nARBaP88RAgABgvOKJedUjPQQ3HPEAiYTDWFhqRewHpJykA6p
9UEwGrPPDcxzb/0BqNjQjfoCltgGSlxp8BCSqKRicDY2uz3WOr8izWz0g+281GdT
TwRgYo0vHkkVjJZ0yzTdt+LAcx4p6otZXvAm+9Qdh/NnFliwcp17WCS+xwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI9yuF9+ZH4xFIZvFJmxLkmbkb72MB8GA1UdIwQY
MBaAFPyjlvHDRLB5xdLye/sxM3f+uy7HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0tPVzhjTkVzSG5GMHZKNy16RXpkXzY3THNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xNGUxNDEtY2FhNS00MWZiLTk0NWIt
ZmZiMTZlYmQxMTFmLzEvajNLNFgzNWtmakVVaG04VW1iRXVTWnVSdnZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xNGUxNDEtY2FhNS00MWZiLTk0NWItZmZiMTZlYmQxMTFm
LzEvX0tPVzhjTkVzSG5GMHZKNy16RXpkXzY3THNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuagKMA0G
CSqGSIb3DQEBCwUAA4IBAQBGITc2oFMTX9zdQJhbSuSvbojsz86/zdT+Jqr/8lzt
oLSrvjKPPDl0FGiNXZr/EKxbVfnklPGVn/4nhFt3ZLMjbjsaQCyxkZBu7b10UJQk
O1fxhzyVW7M69hsIbp3pXlW0I8yRYFBpshFHQKt5q8v8PuF03e478K1sHJrjYARc
fc9ZI+bdHwMYU9v1XAguxl/mgyTj1xl1i20dQ66hgDsupXCxR2pyQJdZzBGedBO3
OCzL55ntSNChfHPJs76b/4GFRKaZyQd0T6Wr5rJO1tzESmHg1qdbTW7+KRVhxkRP
rk0tPB/CTeGjBxui//5jJLderJllPlnMhs+SEkrf6J7s
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:44:56 2025 by rpki-client