Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/458011-5de1-4680-8255-b06fda01f46c/1/dGlwmlHKZ3Y604U9jPtZsAf1JsI.roa
File: dGlwmlHKZ3Y604U9jPtZsAf1JsI.roa (raw, json)
Hash identifier: g6t/bPLMAjqWES1EVRCv4fx129KuT8ofKzhDnvgk+CU=
Subject key identifier: 74:69:70:9A:51:CA:67:76:3A:D3:85:3D:8C:FB:59:B0:07:F5:26:C2
Certificate issuer: /CN=e8393bd1305f6cc4439192119c605f44bbf09bc9
Certificate serial: 0194236965622A0D26A674452C1C980E5AF2
Authority key identifier: E8:39:3B:D1:30:5F:6C:C4:43:91:92:11:9C:60:5F:44:BB:F0:9B:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6Dk70TBfbMRDkZIRnGBfRLvwm8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/458011-5de1-4680-8255-b06fda01f46c/1/dGlwmlHKZ3Y604U9jPtZsAf1JsI.roa
Signing time: Wed 01 Jan 2025 19:48:17 +0000
ROA not before: Wed 01 Jan 2025 19:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34762
IP address blocks: 185.135.12.0/23 maxlen: 24
2a06:efc0::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:65:62:2a:0d:26:a6:74:45:2c:1c:98:0e:5a:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8393bd1305f6cc4439192119c605f44bbf09bc9
Validity
Not Before: Jan 1 19:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7469709a51ca67763ad3853d8cfb59b007f526c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d3:7e:fb:9a:ab:5f:06:96:87:82:f7:59:68:
07:cd:16:dd:5e:8b:81:b4:54:08:bc:cf:2d:e0:53:
7a:7f:72:c1:50:89:4f:e8:cd:e8:42:8d:c5:2b:0e:
fb:b5:81:79:8a:ea:c8:cc:43:13:1a:0c:b1:da:4e:
49:21:df:a2:7d:44:ac:09:d2:c6:ed:68:ec:b5:b6:
59:e4:08:d8:95:68:e4:5b:ea:1c:6e:c0:8c:a1:5f:
7e:bc:1e:46:2f:1a:56:a2:ac:f7:72:08:de:f8:8e:
91:2b:32:43:f2:3a:03:47:92:4d:b9:32:d3:ac:d9:
dc:7c:6e:ef:7d:cc:7f:59:5d:6c:7b:00:af:be:bb:
92:04:27:8e:33:36:40:40:50:41:08:0e:f6:02:eb:
62:d7:40:4c:2c:de:05:f3:4d:c2:a3:f4:ac:3e:9e:
29:3a:5d:a6:72:4c:1a:83:8f:f1:b7:90:85:49:8a:
ff:55:fc:6b:60:86:1c:02:df:58:25:d9:be:ec:fe:
e7:90:42:fa:51:89:66:24:8e:83:e7:0c:bd:e1:b1:
44:7b:e8:8d:b0:00:51:6e:8a:04:79:0c:96:cf:22:
7a:bf:49:9d:d1:a4:a6:e6:cf:1f:cb:70:ac:05:02:
5d:04:0c:52:07:70:27:4a:33:68:9d:eb:12:07:76:
d1:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:69:70:9A:51:CA:67:76:3A:D3:85:3D:8C:FB:59:B0:07:F5:26:C2
X509v3 Authority Key Identifier:
keyid:E8:39:3B:D1:30:5F:6C:C4:43:91:92:11:9C:60:5F:44:BB:F0:9B:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Dk70TBfbMRDkZIRnGBfRLvwm8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/458011-5de1-4680-8255-b06fda01f46c/1/dGlwmlHKZ3Y604U9jPtZsAf1JsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/458011-5de1-4680-8255-b06fda01f46c/1/6Dk70TBfbMRDkZIRnGBfRLvwm8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.12.0/23
IPv6:
2a06:efc0::/32
Signature Algorithm: sha256WithRSAEncryption
3c:11:c7:c9:aa:49:b3:08:97:24:fc:82:85:60:3e:d3:2f:e2:
1c:35:80:f6:ef:4e:72:22:a5:ce:ea:7a:bb:d7:ae:8d:b7:58:
90:1b:51:d1:a1:65:9b:d2:a4:72:df:5e:52:a3:59:1e:30:b7:
73:09:05:42:03:fd:42:61:02:c2:aa:21:00:20:b3:8a:90:95:
41:6e:27:19:6b:e5:ea:a3:14:68:49:39:06:aa:e7:3c:dc:56:
97:32:2b:cc:14:7a:b3:1f:58:29:13:8b:a6:48:4e:c0:0f:0f:
66:84:b5:b0:ea:75:11:f8:00:09:47:67:30:5c:44:5b:04:33:
cd:80:01:0e:24:e9:bd:8b:1b:a9:3c:b8:54:5d:01:fb:1b:9a:
d4:0a:25:d3:c6:76:de:e5:a9:d3:71:f6:0d:60:7c:69:30:5c:
cd:08:6c:09:67:25:4f:fa:34:54:d9:1e:37:61:5e:a9:af:49:
a8:10:d7:d7:2e:fb:54:51:49:4f:74:60:51:59:11:1c:05:36:
ef:03:96:cf:36:4b:3a:dc:28:50:b4:52:96:c9:44:5c:f1:e5:
88:4c:3c:e5:3a:dd:9c:c8:b3:5f:2e:c8:be:c6:e8:73:b4:06:
bd:c6:a0:f7:0d:84:8f:7b:66:15:25:97:87:7b:0e:14:8a:62:
16:26:13:47
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQjaWViKg0mpnRFLByYDlryMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4MzkzYmQxMzA1ZjZjYzQ0MzkxOTIxMTljNjA1ZjQ0YmJm
MDliYzkwHhcNMjUwMTAxMTk0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDY5NzA5YTUxY2E2Nzc2M2FkMzg1M2Q4Y2ZiNTliMDA3ZjUyNmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdN++5qrXwaWh4L3WWgHzRbdXouB
tFQIvM8t4FN6f3LBUIlP6M3oQo3FKw77tYF5iurIzEMTGgyx2k5JId+ifUSsCdLG
7WjstbZZ5AjYlWjkW+ocbsCMoV9+vB5GLxpWoqz3cgje+I6RKzJD8joDR5JNuTLT
rNncfG7vfcx/WV1sewCvvruSBCeOMzZAQFBBCA72Auti10BMLN4F803Co/SsPp4p
Ol2mckwag4/xt5CFSYr/VfxrYIYcAt9YJdm+7P7nkEL6UYlmJI6D5wy94bFEe+iN
sABRbooEeQyWzyJ6v0md0aSm5s8fy3CsBQJdBAxSB3AnSjNonesSB3bROQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHRpcJpRymd2OtOFPYz7WbAH9SbCMB8GA1UdIwQY
MBaAFOg5O9EwX2zEQ5GSEZxgX0S78JvJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkRrNzBUQmZiTVJEa1pJUm5HQmZSTHZ3bThrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC80NTgwMTEtNWRlMS00NjgwLTgyNTUt
YjA2ZmRhMDFmNDZjLzEvZEdsd21sSEtaM1k2MDRVOWpQdFpzQWYxSnNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC80NTgwMTEtNWRlMS00NjgwLTgyNTUtYjA2ZmRhMDFmNDZj
LzEvNkRrNzBUQmZiTVJEa1pJUm5HQmZSTHZ3bThrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuYcMMA0E
AgACMAcDBQAqBu/AMA0GCSqGSIb3DQEBCwUAA4IBAQA8EcfJqkmzCJck/IKFYD7T
L+IcNYD2705yIqXO6nq7166Nt1iQG1HRoWWb0qRy315So1keMLdzCQVCA/1CYQLC
qiEAILOKkJVBbicZa+XqoxRoSTkGquc83FaXMivMFHqzH1gpE4umSE7ADw9mhLWw
6nUR+AAJR2cwXERbBDPNgAEOJOm9ixupPLhUXQH7G5rUCiXTxnbe5anTcfYNYHxp
MFzNCGwJZyVP+jRU2R43YV6pr0moENfXLvtUUUlPdGBRWREcBTbvA5bPNks63ChQ
tFKWyURc8eWITDzlOt2cyLNfLsi+xuhztAa9xqD3DYSPe2YVJZeHew4UimIWJhNH
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:15:24 2025 by rpki-client