Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/4459b4-1838-4231-bd2c-40c0a652450a/1/KD8apQsVPJ4S-o7CJiMR0Jx51PQ.roa
File: KD8apQsVPJ4S-o7CJiMR0Jx51PQ.roa (raw, json)
Hash identifier: 8wRRkrMsyRGit65zp+ividrP3xMpOsDdKqxjsreQ+LE=
Subject key identifier: 28:3F:1A:A5:0B:15:3C:9E:12:FA:8E:C2:26:23:11:D0:9C:79:D4:F4
Certificate issuer: /CN=734fa61b08651038faf81ebf125ec845b1961883
Certificate serial: 0194236A0D7CE92C84F4773CCB026BDE2684
Authority key identifier: 73:4F:A6:1B:08:65:10:38:FA:F8:1E:BF:12:5E:C8:45:B1:96:18:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c0-mGwhlEDj6-B6_El7IRbGWGIM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/4459b4-1838-4231-bd2c-40c0a652450a/1/KD8apQsVPJ4S-o7CJiMR0Jx51PQ.roa
Signing time: Wed 01 Jan 2025 19:49:00 +0000
ROA not before: Wed 01 Jan 2025 19:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8685
IP address blocks: 185.135.40.0/24 maxlen: 24
185.135.42.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:0d:7c:e9:2c:84:f4:77:3c:cb:02:6b:de:26:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=734fa61b08651038faf81ebf125ec845b1961883
Validity
Not Before: Jan 1 19:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=283f1aa50b153c9e12fa8ec2262311d09c79d4f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:01:8a:86:72:30:69:e5:b9:a4:fe:30:c2:8b:
5b:b6:43:c1:d2:da:43:2a:99:f3:cf:f9:93:58:a5:
74:15:64:53:dc:f2:19:fb:13:19:c4:2c:1c:e3:f7:
93:42:7a:84:6c:f3:9a:b3:09:c2:7b:b0:48:64:20:
aa:fc:87:97:72:32:23:82:6b:a6:e9:4c:d5:61:db:
f0:33:04:da:05:e7:a2:d8:f9:a8:d2:22:78:1d:18:
92:73:be:90:57:87:53:16:b3:2e:53:59:18:a4:bd:
5f:b6:ff:8a:a2:29:29:08:a2:61:7d:1d:93:de:e5:
ca:2c:43:d4:f0:9c:4b:64:59:a4:7c:2f:12:e9:a9:
22:50:35:ee:3f:12:83:39:07:d5:d5:97:4d:32:d5:
4e:11:66:52:25:8a:5a:8e:7a:25:9b:07:54:da:00:
d1:a2:40:14:37:67:ac:d5:71:df:d8:52:37:bf:0f:
d3:a5:2d:77:31:c4:6d:2b:f2:68:2f:fa:57:68:06:
63:18:56:27:59:4d:c8:70:65:46:fc:d2:b8:c4:dd:
b8:a7:34:2d:b6:27:51:16:01:c0:fe:55:b9:31:91:
f4:3f:e0:4e:cb:94:12:d2:8e:24:03:7f:35:dd:7d:
41:1a:b1:cf:ac:37:8e:b6:dd:3d:ff:67:24:21:ec:
36:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:3F:1A:A5:0B:15:3C:9E:12:FA:8E:C2:26:23:11:D0:9C:79:D4:F4
X509v3 Authority Key Identifier:
keyid:73:4F:A6:1B:08:65:10:38:FA:F8:1E:BF:12:5E:C8:45:B1:96:18:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0-mGwhlEDj6-B6_El7IRbGWGIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/4459b4-1838-4231-bd2c-40c0a652450a/1/KD8apQsVPJ4S-o7CJiMR0Jx51PQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/4459b4-1838-4231-bd2c-40c0a652450a/1/c0-mGwhlEDj6-B6_El7IRbGWGIM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.40.0/24
185.135.42.0/24
Signature Algorithm: sha256WithRSAEncryption
30:0b:9b:56:2c:94:44:69:8e:bd:83:bb:a3:c4:f9:24:22:f8:
b9:86:f1:9e:46:e6:f1:02:61:87:dd:75:af:4d:f7:b1:a2:8e:
35:43:c9:35:f9:eb:8e:c1:5c:43:22:af:79:60:9a:68:fa:a5:
87:f7:bd:43:c8:6a:cd:17:70:9d:1e:1e:3a:30:7f:ce:a7:95:
09:96:60:22:b9:9b:1c:5b:95:77:1e:0f:e2:58:02:55:bf:92:
61:c8:fc:8e:f6:3e:ba:f9:4e:6e:c5:d0:e1:f4:1d:27:9a:eb:
33:10:b2:a3:7d:53:04:90:7e:24:d8:d6:1f:7e:53:14:2c:07:
9d:b0:c9:ab:9a:94:8b:58:ac:19:11:57:e3:02:90:50:b2:82:
4c:ff:c7:af:b1:5a:ff:43:3c:bd:2f:c3:aa:1c:98:66:4c:d0:
64:b7:fe:77:12:62:64:4d:15:ff:b5:b3:0b:d7:0a:9e:13:e2:
39:65:c4:89:fd:dd:d9:2c:0b:12:75:02:da:55:88:a3:3e:9e:
a7:17:f9:9d:5c:4d:0d:8c:5e:2d:4f:55:eb:de:09:b8:0a:4d:
d4:17:11:08:b0:db:df:05:b2:cb:22:3a:c8:e2:c7:75:49:73:
3b:a0:a6:fd:cb:a1:4b:aa:2a:04:b1:f2:1f:8e:6b:30:a0:62:
bc:b7:4b:3a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQjag186SyE9Hc8ywJr3iaEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczNGZhNjFiMDg2NTEwMzhmYWY4MWViZjEyNWVjODQ1YjE5
NjE4ODMwHhcNMjUwMTAxMTk0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODNmMWFhNTBiMTUzYzllMTJmYThlYzIyNjIzMTFkMDljNzlkNGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAGKhnIwaeW5pP4wwotbtkPB0tpD
Kpnzz/mTWKV0FWRT3PIZ+xMZxCwc4/eTQnqEbPOaswnCe7BIZCCq/IeXcjIjgmum
6UzVYdvwMwTaBeei2Pmo0iJ4HRiSc76QV4dTFrMuU1kYpL1ftv+KoikpCKJhfR2T
3uXKLEPU8JxLZFmkfC8S6akiUDXuPxKDOQfV1ZdNMtVOEWZSJYpajnolmwdU2gDR
okAUN2es1XHf2FI3vw/TpS13McRtK/JoL/pXaAZjGFYnWU3IcGVG/NK4xN24pzQt
tidRFgHA/lW5MZH0P+BOy5QS0o4kA3813X1BGrHPrDeOtt09/2ckIew2LwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCg/GqULFTyeEvqOwiYjEdCcedT0MB8GA1UdIwQY
MBaAFHNPphsIZRA4+vgevxJeyEWxlhiDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzAtbUd3aGxFRGo2LUI2X0VsN0lSYkdXR0lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi80NDU5YjQtMTgzOC00MjMxLWJkMmMt
NDBjMGE2NTI0NTBhLzEvS0Q4YXBRc1ZQSjRTLW83Q0ppTVIwSng1MVBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi80NDU5YjQtMTgzOC00MjMxLWJkMmMtNDBjMGE2NTI0NTBh
LzEvYzAtbUd3aGxFRGo2LUI2X0VsN0lSYkdXR0lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuYcoAwQA
uYcqMA0GCSqGSIb3DQEBCwUAA4IBAQAwC5tWLJREaY69g7ujxPkkIvi5hvGeRubx
AmGH3XWvTfexoo41Q8k1+euOwVxDIq95YJpo+qWH971DyGrNF3CdHh46MH/Op5UJ
lmAiuZscW5V3Hg/iWAJVv5JhyPyO9j66+U5uxdDh9B0nmuszELKjfVMEkH4k2NYf
flMULAedsMmrmpSLWKwZEVfjApBQsoJM/8evsVr/Qzy9L8OqHJhmTNBkt/53EmJk
TRX/tbML1wqeE+I5ZcSJ/d3ZLAsSdQLaVYijPp6nF/mdXE0NjF4tT1Xr3gm4Ck3U
FxEIsNvfBbLLIjrI4sd1SXM7oKb9y6FLqioEsfIfjmswoGK8t0s6
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:20:12 2025 by rpki-client