Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/9dac9c-85c6-4572-ad60-14512e7e59ef/1/dT_nuVNPNVy7zap0s-GlTGbCJFQ.roa
File: dT_nuVNPNVy7zap0s-GlTGbCJFQ.roa (raw, json)
Hash identifier: 2ckePt60vTr0Jaf/aV6ugqWUeBibjAZagoTGX9Ra3Qc=
Subject key identifier: 75:3F:E7:B9:53:4F:35:5C:BB:CD:AA:74:B3:E1:A5:4C:66:C2:24:54
Certificate issuer: /CN=6e3ec972f9760b855f1d4390bc375b3fa3d411b6
Certificate serial: 01942521714109E8BB5EB7D2AB95A4186C05
Authority key identifier: 6E:3E:C9:72:F9:76:0B:85:5F:1D:43:90:BC:37:5B:3F:A3:D4:11:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bj7Jcvl2C4VfHUOQvDdbP6PUEbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/9dac9c-85c6-4572-ad60-14512e7e59ef/1/dT_nuVNPNVy7zap0s-GlTGbCJFQ.roa
Signing time: Thu 02 Jan 2025 03:48:56 +0000
ROA not before: Thu 02 Jan 2025 03:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201367
IP address blocks: 185.76.56.0/24 maxlen: 24
185.76.57.0/24 maxlen: 24
185.76.58.0/24 maxlen: 24
185.76.59.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:71:41:09:e8:bb:5e:b7:d2:ab:95:a4:18:6c:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e3ec972f9760b855f1d4390bc375b3fa3d411b6
Validity
Not Before: Jan 2 03:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=753fe7b9534f355cbbcdaa74b3e1a54c66c22454
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5a:8b:4f:25:05:02:0e:12:85:c2:c7:c2:76:
ed:02:53:e0:30:05:29:04:0a:27:1f:c6:4b:0a:3d:
6c:e6:9a:3a:4c:60:10:bb:bf:71:54:e4:94:2a:c3:
dd:81:ae:6a:3f:5e:f7:6b:64:64:53:ea:28:fe:53:
4b:65:2a:38:cb:ea:3d:3d:64:2f:fe:ca:30:9f:d3:
a0:c1:c4:97:16:97:b7:e9:13:7c:19:af:61:ca:cd:
12:de:16:ce:c5:6d:fe:31:d3:24:9b:e8:ff:1b:51:
ef:bc:9d:ff:2c:af:b1:80:ab:ce:97:2f:53:9f:9f:
5f:72:c5:d3:e1:01:fa:3a:0f:45:27:30:ac:f8:47:
74:19:8f:6e:96:93:d3:e6:b1:f3:48:b2:85:7a:08:
33:8c:6e:82:5f:a3:ff:f0:4d:9b:2c:28:18:07:07:
6a:c6:d1:b6:b5:f9:f0:51:3b:72:47:d0:68:b5:5f:
b0:fe:77:65:18:e1:d4:cd:cf:5f:20:9e:81:8c:4c:
4a:5f:89:47:f7:3e:58:55:71:c4:c7:72:54:3c:d4:
ea:59:61:54:70:8a:96:04:23:a3:38:d8:e4:ff:34:
a0:ef:1b:31:4d:a7:3b:d0:77:ef:a0:a4:76:dd:fd:
2e:76:8e:df:01:59:54:9c:40:10:45:75:d1:ea:66:
dc:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:3F:E7:B9:53:4F:35:5C:BB:CD:AA:74:B3:E1:A5:4C:66:C2:24:54
X509v3 Authority Key Identifier:
keyid:6E:3E:C9:72:F9:76:0B:85:5F:1D:43:90:BC:37:5B:3F:A3:D4:11:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bj7Jcvl2C4VfHUOQvDdbP6PUEbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/9dac9c-85c6-4572-ad60-14512e7e59ef/1/dT_nuVNPNVy7zap0s-GlTGbCJFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/9dac9c-85c6-4572-ad60-14512e7e59ef/1/bj7Jcvl2C4VfHUOQvDdbP6PUEbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.76.56.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:f9:7f:fb:cd:4d:38:6d:f2:b9:ec:ac:7b:a2:a2:ff:c1:8a:
56:c7:6e:ea:ab:1f:38:5c:23:d3:27:80:dd:db:99:38:43:93:
cf:26:80:73:49:93:9a:2f:86:20:5d:e6:18:a4:f5:3f:11:ed:
42:62:d9:73:02:c7:af:d6:20:d2:26:c1:c4:0b:74:84:26:67:
db:3f:9d:28:16:72:40:72:6e:07:bd:11:1d:52:ff:8c:81:54:
28:a9:fd:b8:c2:d9:af:ef:57:f2:be:af:70:dd:51:21:d7:50:
88:0a:57:db:2d:d3:9d:f6:19:b9:c2:24:9e:4d:9d:24:e2:de:
b2:47:0f:a6:30:4f:69:05:df:a4:cc:e6:1e:a7:43:62:e9:1b:
d9:7e:2e:b7:49:f7:c5:40:09:64:6a:99:cc:8f:bd:c4:27:b2:
72:96:96:85:11:77:72:b2:0e:ab:ec:33:a7:8e:d0:98:96:b0:
51:a5:bb:90:04:d2:19:c3:db:65:31:e0:0a:b7:46:0e:a4:d8:
e7:00:6b:33:d0:3c:a4:d2:de:78:25:76:0f:7e:c6:95:05:84:
f1:fa:17:00:8a:2e:2d:ec:32:a7:90:b0:56:24:df:db:bf:cd:
9f:5b:87:20:dc:78:af:fe:18:a7:22:0c:63:ca:f3:61:f9:fb:
a7:a5:7a:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIXFBCei7XrfSq5WkGGwFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlM2VjOTcyZjk3NjBiODU1ZjFkNDM5MGJjMzc1YjNmYTNk
NDExYjYwHhcNMjUwMTAyMDM0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTNmZTdiOTUzNGYzNTVjYmJjZGFhNzRiM2UxYTU0YzY2YzIyNDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1qLTyUFAg4ShcLHwnbtAlPgMAUp
BAonH8ZLCj1s5po6TGAQu79xVOSUKsPdga5qP173a2RkU+oo/lNLZSo4y+o9PWQv
/sown9OgwcSXFpe36RN8Ga9hys0S3hbOxW3+MdMkm+j/G1HvvJ3/LK+xgKvOly9T
n59fcsXT4QH6Og9FJzCs+Ed0GY9ulpPT5rHzSLKFeggzjG6CX6P/8E2bLCgYBwdq
xtG2tfnwUTtyR9BotV+w/ndlGOHUzc9fIJ6BjExKX4lH9z5YVXHEx3JUPNTqWWFU
cIqWBCOjONjk/zSg7xsxTac70HfvoKR23f0udo7fAVlUnEAQRXXR6mbcDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHU/57lTTzVcu82qdLPhpUxmwiRUMB8GA1UdIwQY
MBaAFG4+yXL5dguFXx1DkLw3Wz+j1BG2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmo3SmN2bDJDNFZmSFVPUXZEZGJQNlBVRWJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS85ZGFjOWMtODVjNi00NTcyLWFkNjAt
MTQ1MTJlN2U1OWVmLzEvZFRfbnVWTlBOVnk3emFwMHMtR2xUR2JDSkZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS85ZGFjOWMtODVjNi00NTcyLWFkNjAtMTQ1MTJlN2U1OWVm
LzEvYmo3SmN2bDJDNFZmSFVPUXZEZGJQNlBVRWJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUw4MA0G
CSqGSIb3DQEBCwUAA4IBAQCt+X/7zU04bfK57Kx7oqL/wYpWx27qqx84XCPTJ4Dd
25k4Q5PPJoBzSZOaL4YgXeYYpPU/Ee1CYtlzAsev1iDSJsHEC3SEJmfbP50oFnJA
cm4HvREdUv+MgVQoqf24wtmv71fyvq9w3VEh11CIClfbLdOd9hm5wiSeTZ0k4t6y
Rw+mME9pBd+kzOYep0Ni6RvZfi63SffFQAlkapnMj73EJ7JylpaFEXdysg6r7DOn
jtCYlrBRpbuQBNIZw9tlMeAKt0YOpNjnAGsz0Dyk0t54JXYPfsaVBYTx+hcAii4t
7DKnkLBWJN/bv82fW4cg3Hiv/hinIgxjyvNh+funpXrn
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:18:49 2025 by rpki-client