Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/81d94d-2e40-4546-8b89-804f17ec245e/1/JSDk17ahgjuw722aAK05JMcAXY0.roa
File: JSDk17ahgjuw722aAK05JMcAXY0.roa (raw, json)
Hash identifier: /NFnbJGiq89G5CeYaHNRHk4PJoghq/D0jyLC3XejUq4=
Subject key identifier: 25:20:E4:D7:B6:A1:82:3B:B0:EF:6D:9A:00:AD:39:24:C7:00:5D:8D
Certificate issuer: /CN=0c17dae04476db1016caa43e3ed9bc6bd69f3975
Certificate serial: 01941F8C12649178140AC895B6893E66534B
Authority key identifier: 0C:17:DA:E0:44:76:DB:10:16:CA:A4:3E:3E:D9:BC:6B:D6:9F:39:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DBfa4ER22xAWyqQ-Ptm8a9afOXU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/81d94d-2e40-4546-8b89-804f17ec245e/1/JSDk17ahgjuw722aAK05JMcAXY0.roa
Signing time: Wed 01 Jan 2025 01:47:40 +0000
ROA not before: Wed 01 Jan 2025 01:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203228
IP address blocks: 185.124.72.0/22 maxlen: 22
185.124.75.0/24 maxlen: 24
2a03:93e0::/32 maxlen: 32
2a03:93e0:1000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:12:64:91:78:14:0a:c8:95:b6:89:3e:66:53:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c17dae04476db1016caa43e3ed9bc6bd69f3975
Validity
Not Before: Jan 1 01:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2520e4d7b6a1823bb0ef6d9a00ad3924c7005d8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:31:b5:f9:7e:4e:9a:53:7c:9e:4d:7d:02:22:
1c:1f:24:2c:4a:c9:88:f2:2a:ea:09:91:a9:c0:f0:
85:31:65:e5:cd:29:5a:81:7f:e3:82:99:10:e9:7c:
3c:0b:2b:2d:64:8d:ba:9f:c1:38:c2:18:fe:06:30:
05:cd:2e:cf:95:cb:a2:4c:a5:7d:0d:e7:29:cb:a6:
62:be:d0:71:db:1b:b8:70:49:67:5a:a7:38:7c:0c:
fa:11:78:e2:ad:2f:e0:e8:bd:5b:52:83:c0:72:ca:
cd:c0:8d:b2:fe:81:f1:d3:e1:19:e5:57:f5:4b:2d:
a8:18:ae:5f:04:7f:79:6e:cb:6e:71:7e:80:31:5c:
85:bb:b7:d3:70:d5:5b:fc:6c:71:17:b3:b8:0f:94:
8c:52:c5:88:d4:1c:41:5d:0a:29:3f:3e:54:b8:73:
b0:65:23:63:87:fb:25:94:6a:0d:52:dd:30:46:bd:
03:a8:01:07:c5:90:ea:af:47:d0:31:e1:3f:73:52:
7b:45:cb:98:9d:3e:68:41:9a:99:b4:ab:8e:39:22:
f9:fe:ab:21:44:72:d5:2d:70:a7:01:51:53:68:06:
b4:98:6e:e2:c5:76:55:8f:a9:9c:d1:e2:69:04:59:
0a:c7:27:aa:09:f8:1e:6c:a3:75:4f:31:15:e8:77:
33:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:20:E4:D7:B6:A1:82:3B:B0:EF:6D:9A:00:AD:39:24:C7:00:5D:8D
X509v3 Authority Key Identifier:
keyid:0C:17:DA:E0:44:76:DB:10:16:CA:A4:3E:3E:D9:BC:6B:D6:9F:39:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DBfa4ER22xAWyqQ-Ptm8a9afOXU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/81d94d-2e40-4546-8b89-804f17ec245e/1/JSDk17ahgjuw722aAK05JMcAXY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/81d94d-2e40-4546-8b89-804f17ec245e/1/DBfa4ER22xAWyqQ-Ptm8a9afOXU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.72.0/22
IPv6:
2a03:93e0::/32
Signature Algorithm: sha256WithRSAEncryption
75:b1:00:dd:db:73:49:18:99:b3:61:c2:f6:7b:a7:05:d6:08:
eb:0b:d6:c5:1a:a0:6b:50:64:49:e4:90:78:2e:d2:09:d9:31:
f2:7a:1e:3b:a8:21:20:3a:0f:1e:a7:24:2d:04:88:f0:12:f6:
03:af:d3:70:6c:27:94:1d:6f:ab:a0:47:66:d7:33:da:01:e1:
5d:94:71:65:3d:29:ec:ef:68:66:46:69:6b:a3:3a:a2:a9:40:
b0:b2:f7:e8:09:e8:93:94:3f:73:ef:34:50:e5:d0:1f:99:f3:
b6:6b:2e:07:11:73:18:97:78:48:3d:37:49:36:7b:76:ce:51:
fb:b3:e6:94:b5:3c:f8:af:d4:89:f4:68:ab:80:c1:41:0f:4b:
68:82:24:a9:00:2c:2e:52:cc:63:9c:48:c9:5a:12:90:98:71:
01:eb:2e:b7:63:72:1e:93:5a:6f:3f:23:29:b6:ab:ea:06:81:
4c:ef:2a:90:a5:a0:4a:6b:62:2c:08:ce:3c:7f:44:7a:25:f9:
23:0d:ad:a0:bb:5e:97:f9:d0:6d:20:35:21:62:73:6a:bd:2b:
5a:f0:2d:39:66:a5:8b:a1:9b:e4:d4:ec:9c:dd:24:7d:ec:36:
0e:0c:29:f4:28:6f:51:70:ae:b3:a0:c6:2e:98:95:6e:9b:42:
7b:d1:4a:8b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQfjBJkkXgUCsiVtok+ZlNLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMTdkYWUwNDQ3NmRiMTAxNmNhYTQzZTNlZDliYzZiZDY5
ZjM5NzUwHhcNMjUwMTAxMDE0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTIwZTRkN2I2YTE4MjNiYjBlZjZkOWEwMGFkMzkyNGM3MDA1ZDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzG1+X5OmlN8nk19AiIcHyQsSsmI
8irqCZGpwPCFMWXlzSlagX/jgpkQ6Xw8CystZI26n8E4whj+BjAFzS7PlcuiTKV9
Decpy6ZivtBx2xu4cElnWqc4fAz6EXjirS/g6L1bUoPAcsrNwI2y/oHx0+EZ5Vf1
Sy2oGK5fBH95bstucX6AMVyFu7fTcNVb/GxxF7O4D5SMUsWI1BxBXQopPz5UuHOw
ZSNjh/sllGoNUt0wRr0DqAEHxZDqr0fQMeE/c1J7RcuYnT5oQZqZtKuOOSL5/qsh
RHLVLXCnAVFTaAa0mG7ixXZVj6mc0eJpBFkKxyeqCfgebKN1TzEV6HczyQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCUg5Ne2oYI7sO9tmgCtOSTHAF2NMB8GA1UdIwQY
MBaAFAwX2uBEdtsQFsqkPj7ZvGvWnzl1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREJmYTRFUjIyeEFXeXFRLVB0bThhOWFmT1hVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi84MWQ5NGQtMmU0MC00NTQ2LThiODkt
ODA0ZjE3ZWMyNDVlLzEvSlNEazE3YWhnanV3NzIyYUFLMDVKTWNBWFkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi84MWQ5NGQtMmU0MC00NTQ2LThiODktODA0ZjE3ZWMyNDVl
LzEvREJmYTRFUjIyeEFXeXFRLVB0bThhOWFmT1hVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXxIMA0E
AgACMAcDBQAqA5PgMA0GCSqGSIb3DQEBCwUAA4IBAQB1sQDd23NJGJmzYcL2e6cF
1gjrC9bFGqBrUGRJ5JB4LtIJ2THyeh47qCEgOg8epyQtBIjwEvYDr9NwbCeUHW+r
oEdm1zPaAeFdlHFlPSns72hmRmlrozqiqUCwsvfoCeiTlD9z7zRQ5dAfmfO2ay4H
EXMYl3hIPTdJNnt2zlH7s+aUtTz4r9SJ9GirgMFBD0togiSpACwuUsxjnEjJWhKQ
mHEB6y63Y3Iek1pvPyMptqvqBoFM7yqQpaBKa2IsCM48f0R6JfkjDa2gu16X+dBt
IDUhYnNqvSta8C05ZqWLoZvk1Oyc3SR97DYODCn0KG9RcK6zoMYumJVum0J70UqL
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:33:41 2025 by rpki-client