Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/f3eb66-d7d7-411a-ad0b-e538e29fb1c0/1/kDzvgB_NRFmAkvFmWwXdAAjTFCw.roa
File: kDzvgB_NRFmAkvFmWwXdAAjTFCw.roa (raw, json)
Hash identifier: Je9V/SETkk0rgpci9CjD3RfuSHpDZJpA+Ok7E2xKrCw=
Subject key identifier: 90:3C:EF:80:1F:CD:44:59:80:92:F1:66:5B:05:DD:00:08:D3:14:2C
Certificate issuer: /CN=98db3dcf25d2c22c5b997d157a7cefac4d45f762
Certificate serial: 01941FFA6D030CD7FCA920E4BCA78D5E40F7
Authority key identifier: 98:DB:3D:CF:25:D2:C2:2C:5B:99:7D:15:7A:7C:EF:AC:4D:45:F7:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mNs9zyXSwixbmX0VenzvrE1F92I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/f3eb66-d7d7-411a-ad0b-e538e29fb1c0/1/kDzvgB_NRFmAkvFmWwXdAAjTFCw.roa
Signing time: Wed 01 Jan 2025 03:48:13 +0000
ROA not before: Wed 01 Jan 2025 03:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209007
IP address blocks: 185.188.29.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:6d:03:0c:d7:fc:a9:20:e4:bc:a7:8d:5e:40:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98db3dcf25d2c22c5b997d157a7cefac4d45f762
Validity
Not Before: Jan 1 03:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=903cef801fcd44598092f1665b05dd0008d3142c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:14:4c:9f:ad:11:fc:f4:51:31:a2:f9:7c:34:
77:c5:16:8d:11:e8:e7:ac:3d:3d:e5:89:e3:1b:31:
82:cd:d0:0f:69:4b:4b:e6:66:f0:f2:13:92:5e:a5:
11:0d:86:74:65:c8:8c:56:72:a2:ae:04:2c:92:ab:
25:c8:b6:d3:38:10:2f:7a:b2:94:ed:70:1a:95:20:
25:97:4c:01:f2:88:5b:3f:25:d4:7d:8e:d9:84:85:
2d:2f:69:23:33:76:b8:50:e8:e9:e6:da:b5:0d:6f:
33:a0:08:2c:80:8f:a1:b3:30:ac:37:fe:f1:7b:f2:
82:be:ba:07:4b:81:eb:64:d6:45:b4:ec:0f:df:ec:
99:70:53:11:e6:63:df:8a:b1:73:42:55:ab:39:a3:
46:88:44:35:1f:2e:56:8d:b3:32:08:78:60:32:4d:
9f:c3:93:b8:db:32:26:33:da:12:0d:27:70:ef:c8:
1d:34:81:c6:7f:6c:85:7b:74:45:5e:b6:fe:53:ed:
9e:13:d0:41:94:7f:5d:3c:f6:ed:7b:ad:96:29:61:
2e:e6:e2:ce:ad:e7:16:a7:4d:b2:35:da:f6:93:46:
4a:df:f7:b7:e7:85:96:3a:67:72:64:16:72:0f:bc:
c3:bc:77:03:ff:90:43:d8:35:fd:e6:3d:99:82:2f:
09:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:3C:EF:80:1F:CD:44:59:80:92:F1:66:5B:05:DD:00:08:D3:14:2C
X509v3 Authority Key Identifier:
keyid:98:DB:3D:CF:25:D2:C2:2C:5B:99:7D:15:7A:7C:EF:AC:4D:45:F7:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mNs9zyXSwixbmX0VenzvrE1F92I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/f3eb66-d7d7-411a-ad0b-e538e29fb1c0/1/kDzvgB_NRFmAkvFmWwXdAAjTFCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/f3eb66-d7d7-411a-ad0b-e538e29fb1c0/1/mNs9zyXSwixbmX0VenzvrE1F92I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.29.0/24
Signature Algorithm: sha256WithRSAEncryption
61:97:38:91:42:c7:7e:06:a8:a9:aa:28:d5:b2:ee:82:87:6e:
3b:31:f5:5d:9e:f1:dc:de:ba:4b:a2:10:ba:58:8c:1a:9b:7c:
65:fe:06:98:39:c3:08:ee:cd:6d:55:13:a7:fc:c2:01:39:6f:
6f:02:36:2f:0e:0f:68:80:7f:fb:63:47:e0:f6:cc:f3:85:f3:
81:5e:9a:9f:67:d1:8e:30:d5:d4:c3:43:a1:5f:e0:7a:16:5b:
c9:6c:d0:30:17:c8:ac:7b:50:7b:3b:22:7e:df:01:4e:3a:f1:
a5:26:79:87:c8:68:8a:e4:25:e6:4a:47:fc:12:82:e1:7b:15:
61:77:05:43:ad:8c:2f:8a:a5:28:27:6a:3c:6c:3e:3b:a8:fb:
14:3d:a9:ac:7e:6f:3e:7e:4d:25:34:66:9f:dc:fb:df:e1:ab:
e7:6a:af:12:20:57:be:99:55:2c:ea:6f:2b:3d:bc:87:db:60:
46:ab:28:85:17:58:e2:a3:9b:53:65:94:f1:d9:3f:2b:f8:9d:
5a:dc:54:78:1c:ad:79:93:00:16:60:08:75:cc:eb:44:68:65:
3d:c6:59:c9:70:c3:0f:70:1d:2b:da:6e:a9:c2:5f:7d:3b:77:
a8:af:f9:4e:d2:26:ba:96:e4:2e:2e:a1:71:85:5a:93:ce:c5:
68:b5:f9:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+m0DDNf8qSDkvKeNXkD3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4ZGIzZGNmMjVkMmMyMmM1Yjk5N2QxNTdhN2NlZmFjNGQ0
NWY3NjIwHhcNMjUwMTAxMDM0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDNjZWY4MDFmY2Q0NDU5ODA5MmYxNjY1YjA1ZGQwMDA4ZDMxNDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthRMn60R/PRRMaL5fDR3xRaNEejn
rD095YnjGzGCzdAPaUtL5mbw8hOSXqURDYZ0ZciMVnKirgQskqslyLbTOBAverKU
7XAalSAll0wB8ohbPyXUfY7ZhIUtL2kjM3a4UOjp5tq1DW8zoAgsgI+hszCsN/7x
e/KCvroHS4HrZNZFtOwP3+yZcFMR5mPfirFzQlWrOaNGiEQ1Hy5WjbMyCHhgMk2f
w5O42zImM9oSDSdw78gdNIHGf2yFe3RFXrb+U+2eE9BBlH9dPPbte62WKWEu5uLO
recWp02yNdr2k0ZK3/e354WWOmdyZBZyD7zDvHcD/5BD2DX95j2Zgi8JaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJA874AfzURZgJLxZlsF3QAI0xQsMB8GA1UdIwQY
MBaAFJjbPc8l0sIsW5l9FXp876xNRfdiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbU5zOXp5WFN3aXhibVgwVmVuenZyRTFGOTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9mM2ViNjYtZDdkNy00MTFhLWFkMGIt
ZTUzOGUyOWZiMWMwLzEva0R6dmdCX05SRm1Ba3ZGbVd3WGRBQWpURkN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9mM2ViNjYtZDdkNy00MTFhLWFkMGItZTUzOGUyOWZiMWMw
LzEvbU5zOXp5WFN3aXhibVgwVmVuenZyRTFGOTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubwdMA0G
CSqGSIb3DQEBCwUAA4IBAQBhlziRQsd+BqipqijVsu6Ch247MfVdnvHc3rpLohC6
WIwam3xl/gaYOcMI7s1tVROn/MIBOW9vAjYvDg9ogH/7Y0fg9szzhfOBXpqfZ9GO
MNXUw0OhX+B6FlvJbNAwF8ise1B7OyJ+3wFOOvGlJnmHyGiK5CXmSkf8EoLhexVh
dwVDrYwviqUoJ2o8bD47qPsUPamsfm8+fk0lNGaf3Pvf4avnaq8SIFe+mVUs6m8r
PbyH22BGqyiFF1jio5tTZZTx2T8r+J1a3FR4HK15kwAWYAh1zOtEaGU9xlnJcMMP
cB0r2m6pwl99O3eor/lO0ia6luQuLqFxhVqTzsVotflW
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:18:10 2025 by rpki-client