Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/44nY8xo2_DC63JpeIryBFG4szdQ.roa
File: 44nY8xo2_DC63JpeIryBFG4szdQ.roa (raw, json)
Hash identifier: efIE2v0XKUD30sbluIT7ZKbMSQuZbTeUS/u2oPtbj6o=
Subject key identifier: E3:89:D8:F3:1A:36:FC:30:BA:DC:9A:5E:22:BC:81:14:6E:2C:CD:D4
Certificate issuer: /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial: 019424459178A63935B895D00082CC97CCA0
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/44nY8xo2_DC63JpeIryBFG4szdQ.roa
Signing time: Wed 01 Jan 2025 23:48:46 +0000
ROA not before: Wed 01 Jan 2025 23:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49245
IP address blocks: 185.1.206.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:91:78:a6:39:35:b8:95:d0:00:82:cc:97:cc:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Validity
Not Before: Jan 1 23:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e389d8f31a36fc30badc9a5e22bc81146e2ccdd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:68:2d:91:35:e8:78:19:8c:97:4a:35:a7:9d:
d2:ad:87:83:35:9b:e6:66:4a:b4:d6:ed:93:18:f3:
ab:a5:db:c8:ea:d2:38:d9:61:66:10:5c:8a:8b:72:
07:92:c9:75:18:2e:ec:4c:c7:02:b2:02:02:76:c8:
49:f4:a7:37:3b:a9:08:38:18:e3:f9:79:5b:a9:9b:
4e:8c:f3:6c:bf:af:27:29:13:0c:dd:dc:ac:0e:b4:
e9:a0:31:1f:69:3a:7c:c9:92:e0:d6:b8:63:4c:c0:
ea:fa:be:f3:31:0a:7c:56:85:fa:b5:f2:e4:49:91:
13:9f:83:31:fc:cd:96:87:9a:0b:03:34:0d:6b:5d:
5a:33:99:e3:88:66:73:58:51:96:4b:47:47:0f:99:
44:f0:f0:80:ff:66:44:ae:ad:a7:55:ba:d0:71:6a:
bf:f1:13:95:5f:23:d8:d3:2b:3d:0f:b9:a4:2d:37:
e8:da:e8:1e:f9:bb:87:02:e7:03:b7:98:cd:19:de:
c8:40:45:60:91:3b:4c:88:10:36:f6:88:86:bc:b1:
5b:c7:ea:72:32:15:e2:6b:f6:24:b1:14:9a:3c:6b:
f9:59:9b:28:36:5d:a3:db:f3:22:5b:9a:61:d1:4b:
80:0e:75:d1:7b:1e:9d:c6:24:e4:12:f9:b8:49:ed:
d6:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:89:D8:F3:1A:36:FC:30:BA:DC:9A:5E:22:BC:81:14:6E:2C:CD:D4
X509v3 Authority Key Identifier:
keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/44nY8xo2_DC63JpeIryBFG4szdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.206.0/24
Signature Algorithm: sha256WithRSAEncryption
73:7f:4b:92:94:65:39:fa:8b:bc:7d:92:bf:a5:d3:56:df:a5:
b1:84:11:23:23:f4:20:d6:90:b4:f5:56:40:f8:bb:c5:ea:ec:
fb:f3:60:78:84:56:e0:42:ec:59:a3:11:35:f4:82:ac:7b:a7:
d8:d4:36:75:82:42:b6:c9:e9:bc:c6:6f:04:f0:46:54:1f:82:
8f:76:94:d1:b1:9a:b4:3d:b6:eb:e4:0c:a1:7c:32:d1:ab:56:
35:a8:dc:0f:9c:8c:bd:d8:50:75:a5:70:c8:6e:63:f9:8f:b9:
63:15:33:11:6d:b1:94:87:84:7f:7b:d2:e0:9d:75:aa:a3:7f:
1c:f4:fb:db:1c:2f:ab:77:f9:76:59:a6:65:13:85:72:3e:8b:
6e:ee:fe:69:66:62:64:89:f3:5d:c3:e0:39:db:c4:ad:61:66:
21:31:43:42:2e:5a:d8:b0:ca:25:46:ae:ba:24:68:24:df:3e:
cc:fb:2f:f7:69:ac:69:5b:c2:35:50:fd:18:c1:fe:5d:00:dd:
f0:fd:10:4d:30:e4:4d:3f:38:62:6d:fb:89:8f:7e:2b:ad:a6:
8a:3b:19:2f:b4:cf:43:b5:b2:64:e8:54:ec:3a:e4:8d:85:69:
d0:ce:42:69:14:a1:8e:5c:06:9a:16:68:cb:07:dd:9d:b3:13:
1d:30:6d:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRZF4pjk1uJXQAILMl8ygMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjUwMTAxMjM0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzg5ZDhmMzFhMzZmYzMwYmFkYzlhNWUyMmJjODExNDZlMmNjZGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1WgtkTXoeBmMl0o1p53SrYeDNZvm
Zkq01u2TGPOrpdvI6tI42WFmEFyKi3IHksl1GC7sTMcCsgICdshJ9Kc3O6kIOBjj
+XlbqZtOjPNsv68nKRMM3dysDrTpoDEfaTp8yZLg1rhjTMDq+r7zMQp8VoX6tfLk
SZETn4Mx/M2Wh5oLAzQNa11aM5njiGZzWFGWS0dHD5lE8PCA/2ZErq2nVbrQcWq/
8ROVXyPY0ys9D7mkLTfo2uge+buHAucDt5jNGd7IQEVgkTtMiBA29oiGvLFbx+py
MhXia/YksRSaPGv5WZsoNl2j2/MiW5ph0UuADnXRex6dxiTkEvm4Se3WAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOOJ2PMaNvwwutyaXiK8gRRuLM3UMB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvNDRuWTh4bzJfREM2M0pwZUlyeUJGRzRzemRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQHOMA0G
CSqGSIb3DQEBCwUAA4IBAQBzf0uSlGU5+ou8fZK/pdNW36WxhBEjI/Qg1pC09VZA
+LvF6uz782B4hFbgQuxZoxE19IKse6fY1DZ1gkK2yem8xm8E8EZUH4KPdpTRsZq0
Pbbr5AyhfDLRq1Y1qNwPnIy92FB1pXDIbmP5j7ljFTMRbbGUh4R/e9LgnXWqo38c
9PvbHC+rd/l2WaZlE4VyPotu7v5pZmJkifNdw+A528StYWYhMUNCLlrYsMolRq66
JGgk3z7M+y/3aaxpW8I1UP0Ywf5dAN3w/RBNMORNPzhibfuJj34rraaKOxkvtM9D
tbJk6FTsOuSNhWnQzkJpFKGOXAaaFmjLB92dsxMdMG39
-----END CERTIFICATE-----
Generated at Mon Apr 28 13:23:06 2025 by rpki-client