Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/ce7de3-be30-418f-b965-c696a7b7fc57/1/w4AfMToU7JP5nYDh1bQukqqPtKI.roa
File: w4AfMToU7JP5nYDh1bQukqqPtKI.roa (raw, json)
Hash identifier: X6zZhIo5tq1i0IjDg9tH1V0hyW60Jjam1awx3+YUNdA=
Subject key identifier: C3:80:1F:31:3A:14:EC:93:F9:9D:80:E1:D5:B4:2E:92:AA:8F:B4:A2
Certificate issuer: /CN=d3fc2b6fd754bf8f224d289ccf65c38dec272b3d
Certificate serial: 019424B3C3AF06283485CAEBB417605B305C
Authority key identifier: D3:FC:2B:6F:D7:54:BF:8F:22:4D:28:9C:CF:65:C3:8D:EC:27:2B:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0_wrb9dUv48iTSicz2XDjewnKz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/ce7de3-be30-418f-b965-c696a7b7fc57/1/w4AfMToU7JP5nYDh1bQukqqPtKI.roa
Signing time: Thu 02 Jan 2025 01:49:08 +0000
ROA not before: Thu 02 Jan 2025 01:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20668
IP address blocks: 185.84.225.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:c3:af:06:28:34:85:ca:eb:b4:17:60:5b:30:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3fc2b6fd754bf8f224d289ccf65c38dec272b3d
Validity
Not Before: Jan 2 01:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c3801f313a14ec93f99d80e1d5b42e92aa8fb4a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:9b:2c:61:fb:9f:07:50:96:13:d5:b3:f1:02:
83:9b:47:c7:dc:82:45:8d:64:5b:ad:a1:d5:11:fe:
b2:6d:c3:bd:13:0a:09:58:38:7d:71:6b:fd:94:be:
f2:5b:71:60:cf:df:fb:e3:25:b9:ee:e7:c0:9e:d4:
18:56:7f:f1:b3:81:86:63:d2:71:4c:37:b4:28:e7:
52:c2:19:9f:2b:98:a0:b8:35:e4:88:ae:51:94:7e:
b9:9f:f4:26:7e:d7:be:37:2a:3c:b4:2a:ec:05:d1:
7b:08:3f:ff:57:57:4c:14:02:07:1f:90:7f:ec:9e:
7c:c0:24:f9:86:58:2f:2c:86:8c:07:c1:04:2b:c1:
88:14:85:08:b4:a9:d6:9a:f0:ee:01:ac:8a:1b:60:
4a:16:7e:bc:2a:d8:b2:90:42:bd:1f:51:c0:73:32:
4b:7b:be:c3:f1:76:dd:97:57:cb:f4:d9:54:80:0b:
08:3b:48:7a:6e:e7:f8:e9:96:56:c4:73:d9:60:24:
5b:82:51:6a:97:c3:75:e0:53:c3:ab:d2:c6:47:dd:
b8:3e:7f:0e:64:1f:56:6a:fb:64:da:00:60:58:c9:
0f:22:d6:d4:4c:8d:e1:a1:0e:bd:f6:bc:87:cc:f7:
ba:94:84:c5:40:bc:39:74:53:90:92:33:35:f8:9a:
9e:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:80:1F:31:3A:14:EC:93:F9:9D:80:E1:D5:B4:2E:92:AA:8F:B4:A2
X509v3 Authority Key Identifier:
keyid:D3:FC:2B:6F:D7:54:BF:8F:22:4D:28:9C:CF:65:C3:8D:EC:27:2B:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0_wrb9dUv48iTSicz2XDjewnKz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/ce7de3-be30-418f-b965-c696a7b7fc57/1/w4AfMToU7JP5nYDh1bQukqqPtKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/ce7de3-be30-418f-b965-c696a7b7fc57/1/0_wrb9dUv48iTSicz2XDjewnKz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.225.0/24
Signature Algorithm: sha256WithRSAEncryption
21:74:c4:69:e2:bd:5c:7f:14:19:c8:5e:a6:ff:6f:33:ce:6a:
48:8e:6d:e4:72:81:0c:15:60:52:b7:ca:ff:15:02:8a:bb:04:
9d:b5:88:43:e4:cb:98:f2:13:7f:7e:a0:d8:57:c5:f1:63:37:
01:7d:cf:fa:67:6f:75:5c:06:d4:6f:b6:ea:8d:7d:4c:74:0f:
f3:77:86:1f:cd:75:ec:a9:f8:6d:42:df:03:f4:d7:77:cb:5c:
d7:d3:8a:bd:08:3d:b1:16:dd:77:a8:77:7d:d0:4d:02:f6:f8:
a5:53:cf:fd:49:d3:1f:1b:30:60:29:98:52:47:55:91:22:4b:
ff:8b:a7:f4:be:7d:b0:23:09:ea:18:24:9d:a1:74:10:10:51:
fa:88:ea:24:aa:f8:f0:3d:01:73:58:6f:0f:be:47:82:79:ed:
fc:86:5e:1c:6e:1f:e0:0e:0e:b4:44:2f:1a:6d:ca:63:f5:a5:
21:c5:a2:bc:98:93:b6:28:e6:05:52:8d:51:c4:b4:f8:ec:5f:
db:c0:f6:c9:1a:c7:66:9d:f7:cd:86:76:1c:e0:f4:0b:e7:af:
85:cd:8a:c2:64:f1:f8:a0:72:06:02:4b:c7:8f:78:0e:1c:e5:
f7:22:d5:c2:69:46:bb:8f:41:14:c3:75:3e:aa:2e:82:32:0c:
f7:08:fc:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks8OvBig0hcrrtBdgWzBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZmMyYjZmZDc1NGJmOGYyMjRkMjg5Y2NmNjVjMzhkZWMy
NzJiM2QwHhcNMjUwMTAyMDE0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzgwMWYzMTNhMTRlYzkzZjk5ZDgwZTFkNWI0MmU5MmFhOGZiNGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05ssYfufB1CWE9Wz8QKDm0fH3IJF
jWRbraHVEf6ybcO9EwoJWDh9cWv9lL7yW3Fgz9/74yW57ufAntQYVn/xs4GGY9Jx
TDe0KOdSwhmfK5iguDXkiK5RlH65n/Qmfte+Nyo8tCrsBdF7CD//V1dMFAIHH5B/
7J58wCT5hlgvLIaMB8EEK8GIFIUItKnWmvDuAayKG2BKFn68KtiykEK9H1HAczJL
e77D8Xbdl1fL9NlUgAsIO0h6buf46ZZWxHPZYCRbglFql8N14FPDq9LGR924Pn8O
ZB9Wavtk2gBgWMkPItbUTI3hoQ699ryHzPe6lITFQLw5dFOQkjM1+JqezQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMOAHzE6FOyT+Z2A4dW0LpKqj7SiMB8GA1UdIwQY
MBaAFNP8K2/XVL+PIk0onM9lw43sJys9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMF93cmI5ZFV2NDhpVFNpY3oyWERqZXduS3owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9jZTdkZTMtYmUzMC00MThmLWI5NjUt
YzY5NmE3YjdmYzU3LzEvdzRBZk1Ub1U3SlA1bllEaDFiUXVrcXFQdEtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9jZTdkZTMtYmUzMC00MThmLWI5NjUtYzY5NmE3YjdmYzU3
LzEvMF93cmI5ZFV2NDhpVFNpY3oyWERqZXduS3owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVThMA0G
CSqGSIb3DQEBCwUAA4IBAQAhdMRp4r1cfxQZyF6m/28zzmpIjm3kcoEMFWBSt8r/
FQKKuwSdtYhD5MuY8hN/fqDYV8XxYzcBfc/6Z291XAbUb7bqjX1MdA/zd4YfzXXs
qfhtQt8D9Nd3y1zX04q9CD2xFt13qHd90E0C9vilU8/9SdMfGzBgKZhSR1WRIkv/
i6f0vn2wIwnqGCSdoXQQEFH6iOokqvjwPQFzWG8PvkeCee38hl4cbh/gDg60RC8a
bcpj9aUhxaK8mJO2KOYFUo1RxLT47F/bwPbJGsdmnffNhnYc4PQL56+FzYrCZPH4
oHIGAkvHj3gOHOX3ItXCaUa7j0EUw3U+qi6CMgz3CPyy
-----END CERTIFICATE-----
Generated at Wed Apr 16 21:54:49 2025 by rpki-client