Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/c987b6-ef00-4d28-a4ae-6549cd59aa4f/1/kemSd2KPq5UUT0EZWa92ek2Cwpc.roa
File: kemSd2KPq5UUT0EZWa92ek2Cwpc.roa (raw, json)
Hash identifier: kh0wd5NltixPwrZZXBgelPgGkebz79/WC48Vz4n628s=
Subject key identifier: 91:E9:92:77:62:8F:AB:95:14:4F:41:19:59:AF:76:7A:4D:82:C2:97
Certificate issuer: /CN=afe6f8cae7492d064e03071c9147392eedd45bc7
Certificate serial: 019427478EEF82D27D856EF917A7F338134F
Authority key identifier: AF:E6:F8:CA:E7:49:2D:06:4E:03:07:1C:91:47:39:2E:ED:D4:5B:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r-b4yudJLQZOAwcckUc5Lu3UW8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/c987b6-ef00-4d28-a4ae-6549cd59aa4f/1/kemSd2KPq5UUT0EZWa92ek2Cwpc.roa
Signing time: Thu 02 Jan 2025 13:49:48 +0000
ROA not before: Thu 02 Jan 2025 13:49:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41359
IP address blocks: 185.220.220.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:8e:ef:82:d2:7d:85:6e:f9:17:a7:f3:38:13:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afe6f8cae7492d064e03071c9147392eedd45bc7
Validity
Not Before: Jan 2 13:49:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91e99277628fab95144f411959af767a4d82c297
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:5f:a3:b6:a9:09:2a:db:b7:3f:3d:11:9a:63:
a3:b3:f4:35:55:71:9f:f7:41:22:a0:26:8f:d9:67:
b0:dd:ba:1a:c8:01:1c:0a:55:18:e6:e1:78:1b:21:
08:d8:fe:6d:f4:21:0d:f4:17:7c:69:84:e3:d9:e3:
ae:b7:6d:a4:2b:9e:73:52:c5:4e:fc:90:62:3a:54:
50:90:13:9b:2e:f1:47:8a:cb:2b:c9:7c:a9:fa:68:
a6:59:68:80:fd:8c:87:66:f6:3a:3a:03:a2:9f:70:
3d:26:4a:8a:5b:3f:a5:4f:26:c1:83:67:b0:d2:83:
19:a8:0d:01:dc:83:3a:01:30:46:b8:9d:db:0b:54:
86:e0:29:29:1d:e2:ec:d9:c0:41:8c:b7:6c:b5:d8:
49:a7:ed:4d:bb:90:b6:47:68:0d:c1:a9:a9:5d:0e:
bf:7c:8c:22:b9:7f:6f:00:b1:d1:1a:67:74:14:53:
72:3c:ed:cc:b9:2a:1e:c1:0c:59:02:a5:d7:32:af:
00:04:20:ba:fd:97:8a:97:b3:ba:64:ee:b3:a4:a6:
61:09:8d:8e:9e:3a:c1:55:6a:ba:ec:5e:aa:e1:28:
48:b4:34:5c:f1:38:c3:3a:76:ef:9a:ba:bd:65:36:
93:81:40:d2:ef:ef:a9:99:87:fc:8d:a8:9f:e2:de:
1a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:E9:92:77:62:8F:AB:95:14:4F:41:19:59:AF:76:7A:4D:82:C2:97
X509v3 Authority Key Identifier:
keyid:AF:E6:F8:CA:E7:49:2D:06:4E:03:07:1C:91:47:39:2E:ED:D4:5B:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r-b4yudJLQZOAwcckUc5Lu3UW8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c987b6-ef00-4d28-a4ae-6549cd59aa4f/1/kemSd2KPq5UUT0EZWa92ek2Cwpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c987b6-ef00-4d28-a4ae-6549cd59aa4f/1/r-b4yudJLQZOAwcckUc5Lu3UW8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.220.0/24
Signature Algorithm: sha256WithRSAEncryption
72:fc:f2:b1:c2:63:d1:7c:9e:21:e7:c3:f6:b2:be:d3:52:87:
3c:06:0a:4a:3a:61:48:14:1c:8b:a9:f5:dd:e9:93:8b:e5:da:
79:df:5c:b1:f8:e5:bf:0f:6d:a0:9e:dd:37:8b:9f:e9:68:36:
c9:bb:e0:24:cb:06:5c:76:ee:01:ea:19:de:dc:a8:3a:64:7d:
aa:bf:cc:ce:9a:2a:4b:64:22:79:73:f5:57:43:8c:87:bd:27:
54:71:2c:02:d4:df:cf:b0:a8:f9:9a:35:eb:b8:98:5a:c0:d0:
dd:da:03:60:cb:7c:f4:9a:1e:cc:57:53:8b:51:1e:56:96:71:
3d:7a:26:03:e9:f0:f0:87:1c:6c:f4:af:10:75:e5:6b:80:22:
75:9c:4c:d7:ba:50:c6:8e:70:f5:a6:e8:b2:e9:6c:42:0f:ed:
a4:e7:fd:67:3c:30:a4:6c:d3:06:a3:38:28:33:98:32:0e:5b:
c2:93:a0:87:88:d1:86:51:fe:43:19:20:86:c3:66:11:6f:cd:
e7:4d:70:6b:6e:2b:fa:34:3e:58:54:7f:ac:e9:97:2e:2b:d1:
4a:78:4a:8f:27:7a:95:ce:7f:e8:12:6d:d2:6c:76:93:ff:b2:
cf:ca:c7:dc:c8:5b:3d:b7:73:26:e0:74:f0:29:2a:33:12:c1:
fc:71:dd:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR47vgtJ9hW75F6fzOBNPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZTZmOGNhZTc0OTJkMDY0ZTAzMDcxYzkxNDczOTJlZWRk
NDViYzcwHhcNMjUwMTAyMTM0OTQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWU5OTI3NzYyOGZhYjk1MTQ0ZjQxMTk1OWFmNzY3YTRkODJjMjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAql+jtqkJKtu3Pz0RmmOjs/Q1VXGf
90EioCaP2Wew3boayAEcClUY5uF4GyEI2P5t9CEN9Bd8aYTj2eOut22kK55zUsVO
/JBiOlRQkBObLvFHissryXyp+mimWWiA/YyHZvY6OgOin3A9JkqKWz+lTybBg2ew
0oMZqA0B3IM6ATBGuJ3bC1SG4CkpHeLs2cBBjLdstdhJp+1Nu5C2R2gNwampXQ6/
fIwiuX9vALHRGmd0FFNyPO3MuSoewQxZAqXXMq8ABCC6/ZeKl7O6ZO6zpKZhCY2O
njrBVWq67F6q4ShItDRc8TjDOnbvmrq9ZTaTgUDS7++pmYf8jaif4t4azQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJHpkndij6uVFE9BGVmvdnpNgsKXMB8GA1UdIwQY
MBaAFK/m+MrnSS0GTgMHHJFHOS7t1FvHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvci1iNHl1ZEpMUVpPQXdjY2tVYzVMdTNVVzhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jOTg3YjYtZWYwMC00ZDI4LWE0YWUt
NjU0OWNkNTlhYTRmLzEva2VtU2QyS1BxNVVVVDBFWldhOTJlazJDd3BjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9jOTg3YjYtZWYwMC00ZDI4LWE0YWUtNjU0OWNkNTlhYTRm
LzEvci1iNHl1ZEpMUVpPQXdjY2tVYzVMdTNVVzhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudzcMA0G
CSqGSIb3DQEBCwUAA4IBAQBy/PKxwmPRfJ4h58P2sr7TUoc8BgpKOmFIFByLqfXd
6ZOL5dp531yx+OW/D22gnt03i5/paDbJu+AkywZcdu4B6hne3Kg6ZH2qv8zOmipL
ZCJ5c/VXQ4yHvSdUcSwC1N/PsKj5mjXruJhawNDd2gNgy3z0mh7MV1OLUR5WlnE9
eiYD6fDwhxxs9K8QdeVrgCJ1nEzXulDGjnD1puiy6WxCD+2k5/1nPDCkbNMGozgo
M5gyDlvCk6CHiNGGUf5DGSCGw2YRb83nTXBrbiv6ND5YVH+s6ZcuK9FKeEqPJ3qV
zn/oEm3SbHaT/7LPysfcyFs9t3Mm4HTwKSozEsH8cd1X
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:48:37 2025 by rpki-client