Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/6f433b-dc32-45a2-979e-ff143368753f/1/DIYTcQL0kTTU2q4HEzGujm0gUwo.roa
File: DIYTcQL0kTTU2q4HEzGujm0gUwo.roa (raw, json)
Hash identifier: RDp4zi/HUT9tIKN8ofgNKdiyOgNtG9lWPQ4C3eVO32Y=
Subject key identifier: 0C:86:13:71:02:F4:91:34:D4:DA:AE:07:13:31:AE:8E:6D:20:53:0A
Certificate issuer: /CN=ea55dfd13021d5855ff194534933cd7d6cacd6cf
Certificate serial: 01942521D13B2E0F6AFC77D9EE131286AADF
Authority key identifier: EA:55:DF:D1:30:21:D5:85:5F:F1:94:53:49:33:CD:7D:6C:AC:D6:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6lXf0TAh1YVf8ZRTSTPNfWys1s8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/6f433b-dc32-45a2-979e-ff143368753f/1/DIYTcQL0kTTU2q4HEzGujm0gUwo.roa
Signing time: Thu 02 Jan 2025 03:49:20 +0000
ROA not before: Thu 02 Jan 2025 03:49:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41753
IP address blocks: 185.102.16.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:d1:3b:2e:0f:6a:fc:77:d9:ee:13:12:86:aa:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea55dfd13021d5855ff194534933cd7d6cacd6cf
Validity
Not Before: Jan 2 03:49:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c86137102f49134d4daae071331ae8e6d20530a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c4:d4:20:c2:db:bb:2f:2f:99:4f:ca:9e:f0:
a9:ed:42:92:22:cc:46:9b:2c:d3:12:4a:bc:2d:42:
b8:cf:2d:b4:78:1f:41:f9:6d:17:48:ee:4f:16:b9:
7c:42:ac:f9:96:bc:57:07:b3:ac:52:49:c5:56:c6:
e1:63:65:bc:cd:44:be:f0:ad:e6:b9:47:d4:fb:b7:
a0:35:c2:25:f2:ca:b4:a6:83:ca:15:1e:d4:84:54:
38:9c:7f:8d:d6:77:b7:85:34:28:0a:62:2e:56:6a:
c3:d9:4d:67:9c:3f:ed:a1:f3:94:94:fe:95:a6:d9:
5b:7d:f0:c0:56:7e:b2:a9:44:f9:6e:48:3e:9a:93:
9d:c4:82:28:d0:aa:27:9b:fd:fe:a0:1a:27:3a:57:
4f:62:96:23:f4:d5:d5:d6:4c:f4:2d:89:4e:eb:89:
02:21:56:e5:b3:f3:35:fe:b4:e7:5d:6a:60:72:39:
e5:91:fd:2a:99:a1:15:41:3c:0b:da:1b:41:a7:78:
c1:7c:6c:b7:d1:20:d6:88:96:50:eb:be:2b:34:f4:
01:42:08:77:21:76:05:b2:28:c0:13:ee:2c:f7:fd:
54:d4:f6:b0:b1:44:e2:9e:33:a9:ff:87:8c:5e:26:
b8:0c:b1:2e:8f:16:cf:a1:ab:89:2d:e7:5c:77:6e:
4c:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:86:13:71:02:F4:91:34:D4:DA:AE:07:13:31:AE:8E:6D:20:53:0A
X509v3 Authority Key Identifier:
keyid:EA:55:DF:D1:30:21:D5:85:5F:F1:94:53:49:33:CD:7D:6C:AC:D6:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6lXf0TAh1YVf8ZRTSTPNfWys1s8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/6f433b-dc32-45a2-979e-ff143368753f/1/DIYTcQL0kTTU2q4HEzGujm0gUwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/6f433b-dc32-45a2-979e-ff143368753f/1/6lXf0TAh1YVf8ZRTSTPNfWys1s8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.102.16.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:a6:40:4a:de:be:1a:b8:85:78:39:8f:85:55:99:5d:60:01:
6e:26:50:bf:6f:4e:8f:e9:5e:1d:e0:ef:60:18:b9:69:0d:11:
5f:01:76:0f:f2:82:3f:09:f9:bf:15:25:93:a8:5f:d2:be:a9:
0d:c7:98:97:9d:17:71:07:2b:62:6d:2a:f8:73:1d:2e:50:fb:
86:14:fc:d4:cc:d3:dd:3d:a9:3c:81:f7:fa:5d:7f:25:ea:67:
1b:aa:64:9d:64:c0:c9:b8:ae:7b:be:db:0d:c2:eb:b5:32:57:
4b:ac:78:9c:5b:f1:3a:95:93:b2:eb:78:c1:68:26:13:12:dc:
1b:aa:7f:40:28:f2:69:0b:8c:53:bd:76:5d:96:38:18:79:64:
2e:75:50:73:9f:5a:19:9f:f8:92:97:d6:2f:09:4e:4a:2f:d9:
99:ec:1d:d6:e6:b9:46:1e:ac:6c:cc:9e:b1:ae:63:1b:44:8f:
bf:e6:38:29:9c:e5:61:c7:a5:91:f1:7e:96:c9:cc:a2:ce:b7:
a5:f0:76:c3:21:0b:01:58:8a:4a:b4:7d:2e:7a:44:35:c8:e8:
5e:24:01:5f:91:99:15:d6:a6:47:6a:40:6e:9a:80:f4:dd:49:
8b:a2:92:93:d6:9e:41:94:ba:4b:64:bd:ce:29:ef:2b:e5:3f:
49:31:fd:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIdE7Lg9q/HfZ7hMShqrfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhNTVkZmQxMzAyMWQ1ODU1ZmYxOTQ1MzQ5MzNjZDdkNmNh
Y2Q2Y2YwHhcNMjUwMTAyMDM0OTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzg2MTM3MTAyZjQ5MTM0ZDRkYWFlMDcxMzMxYWU4ZTZkMjA1MzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8TUIMLbuy8vmU/KnvCp7UKSIsxG
myzTEkq8LUK4zy20eB9B+W0XSO5PFrl8Qqz5lrxXB7OsUknFVsbhY2W8zUS+8K3m
uUfU+7egNcIl8sq0poPKFR7UhFQ4nH+N1ne3hTQoCmIuVmrD2U1nnD/tofOUlP6V
ptlbffDAVn6yqUT5bkg+mpOdxIIo0Konm/3+oBonOldPYpYj9NXV1kz0LYlO64kC
IVbls/M1/rTnXWpgcjnlkf0qmaEVQTwL2htBp3jBfGy30SDWiJZQ674rNPQBQgh3
IXYFsijAE+4s9/1U1PawsUTinjOp/4eMXia4DLEujxbPoauJLedcd25M7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAyGE3EC9JE01NquBxMxro5tIFMKMB8GA1UdIwQY
MBaAFOpV39EwIdWFX/GUU0kzzX1srNbPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmxYZjBUQWgxWVZmOFpSVFNUUE5mV3lzMXM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS82ZjQzM2ItZGMzMi00NWEyLTk3OWUt
ZmYxNDMzNjg3NTNmLzEvRElZVGNRTDBrVFRVMnE0SEV6R3VqbTBnVXdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS82ZjQzM2ItZGMzMi00NWEyLTk3OWUtZmYxNDMzNjg3NTNm
LzEvNmxYZjBUQWgxWVZmOFpSVFNUUE5mV3lzMXM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWYQMA0G
CSqGSIb3DQEBCwUAA4IBAQAepkBK3r4auIV4OY+FVZldYAFuJlC/b06P6V4d4O9g
GLlpDRFfAXYP8oI/Cfm/FSWTqF/SvqkNx5iXnRdxBytibSr4cx0uUPuGFPzUzNPd
Pak8gff6XX8l6mcbqmSdZMDJuK57vtsNwuu1MldLrHicW/E6lZOy63jBaCYTEtwb
qn9AKPJpC4xTvXZdljgYeWQudVBzn1oZn/iSl9YvCU5KL9mZ7B3W5rlGHqxszJ6x
rmMbRI+/5jgpnOVhx6WR8X6Wycyizrel8HbDIQsBWIpKtH0uekQ1yOheJAFfkZkV
1qZHakBumoD03UmLopKT1p5BlLpLZL3OKe8r5T9JMf2B
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:43:01 2025 by rpki-client