Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/0fcd8e-1034-4a75-a070-699f3cd850fa/1/ek-bgKo0V51DyYfh9FUoM-CKgO8.roa
File: ek-bgKo0V51DyYfh9FUoM-CKgO8.roa (raw, json)
Hash identifier: aPF/FaJvXVYEUFEnZVNFtJQGYrjiMzQAcdLekCScrys=
Subject key identifier: 7A:4F:9B:80:AA:34:57:9D:43:C9:87:E1:F4:55:28:33:E0:8A:80:EF
Certificate issuer: /CN=8b2e0d184ff553375c847c38d4dfcdcde1219fd3
Certificate serial: 019421B1FCDA7A3419B23D4710E0101AB9AF
Authority key identifier: 8B:2E:0D:18:4F:F5:53:37:5C:84:7C:38:D4:DF:CD:CD:E1:21:9F:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iy4NGE_1UzdchHw41N_NzeEhn9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/0fcd8e-1034-4a75-a070-699f3cd850fa/1/ek-bgKo0V51DyYfh9FUoM-CKgO8.roa
Signing time: Wed 01 Jan 2025 11:48:20 +0000
ROA not before: Wed 01 Jan 2025 11:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203226
IP address blocks: 185.14.98.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:fc:da:7a:34:19:b2:3d:47:10:e0:10:1a:b9:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b2e0d184ff553375c847c38d4dfcdcde1219fd3
Validity
Not Before: Jan 1 11:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a4f9b80aa34579d43c987e1f4552833e08a80ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:88:e2:7f:68:cf:4b:3d:f9:c3:39:a9:49:4a:
af:7d:b6:4a:28:d9:5e:ca:a7:cc:ad:43:cd:ff:19:
74:ef:2e:65:4e:89:d0:4e:69:12:0f:bd:2d:f8:d2:
93:c3:b9:07:b9:45:69:7d:31:c0:79:86:08:ba:07:
4f:1c:70:af:3a:0e:b5:39:79:e9:88:1c:06:be:c1:
82:89:db:bb:07:0e:a3:4b:d7:29:0a:ab:9c:63:5b:
40:cf:d9:f7:bf:20:0c:03:17:63:50:8c:f9:1f:1d:
71:01:d7:85:9c:3b:2a:e9:01:48:26:be:aa:ea:d6:
5d:8d:26:1e:55:ac:84:f4:01:e4:67:26:01:d7:0a:
4d:7b:54:4b:0f:5d:72:7e:4e:af:01:88:70:99:c8:
b9:b9:d0:ca:43:2b:15:b1:b9:24:16:0a:19:4d:a6:
cf:6d:bd:29:bb:bb:6d:84:1b:f4:f2:70:b1:22:e4:
c6:be:47:60:ae:81:0c:b1:78:56:26:68:58:5c:06:
28:62:c3:1d:37:99:41:d8:ef:c8:29:ee:a4:88:37:
51:36:27:98:38:28:ca:d4:a8:07:f5:4c:7b:22:48:
58:5c:c6:6a:b1:ff:a6:8f:04:54:98:c0:9c:ef:47:
fd:3c:7f:d4:a4:b2:46:4d:83:3b:7d:12:1e:13:65:
4c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:4F:9B:80:AA:34:57:9D:43:C9:87:E1:F4:55:28:33:E0:8A:80:EF
X509v3 Authority Key Identifier:
keyid:8B:2E:0D:18:4F:F5:53:37:5C:84:7C:38:D4:DF:CD:CD:E1:21:9F:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iy4NGE_1UzdchHw41N_NzeEhn9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/0fcd8e-1034-4a75-a070-699f3cd850fa/1/ek-bgKo0V51DyYfh9FUoM-CKgO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/0fcd8e-1034-4a75-a070-699f3cd850fa/1/iy4NGE_1UzdchHw41N_NzeEhn9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.98.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:a9:3e:82:66:17:ef:9b:80:a9:d5:4b:53:5f:98:a9:df:f3:
cd:e1:23:9d:ef:61:c3:82:9a:02:a0:3d:76:c6:2f:7d:b7:59:
8e:b2:ff:ca:82:b7:6f:82:14:f6:cd:7e:51:a1:51:52:58:3d:
27:fe:6b:3f:ea:96:88:1b:95:5b:35:7f:01:5e:0d:9c:bc:7b:
c2:e8:5b:f5:5d:f1:3c:ba:76:71:9c:d5:3b:4e:3c:5c:94:63:
4c:fe:1b:f5:cd:92:bb:bb:b9:81:92:cd:f1:1f:76:c3:05:23:
a1:4c:7b:1d:c5:aa:ac:35:8d:e4:09:c4:cc:48:a3:a6:3c:e0:
08:a6:3e:26:75:ce:9c:9b:23:a2:d8:56:37:ce:e5:d2:1f:5e:
46:7a:b1:f9:45:a7:a5:dd:79:45:f7:2d:5b:38:5e:af:83:fa:
fb:9e:0a:48:c3:f7:e4:12:86:48:9f:35:74:e8:73:73:96:7e:
e1:6d:7b:8a:3f:14:58:0f:4f:b4:80:9d:2a:48:4c:9a:7c:ae:
76:6d:b9:17:87:d1:7d:3b:20:64:85:c5:e2:1f:af:04:39:51:
4a:d6:e7:c0:5b:bd:27:03:ff:fe:62:08:be:6e:c7:48:fc:56:
4b:0e:1a:e2:c4:a0:c9:3c:67:d4:b0:97:30:41:32:20:4b:95:
07:ba:2d:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsfzaejQZsj1HEOAQGrmvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMmUwZDE4NGZmNTUzMzc1Yzg0N2MzOGQ0ZGZjZGNkZTEy
MTlmZDMwHhcNMjUwMTAxMTE0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTRmOWI4MGFhMzQ1NzlkNDNjOTg3ZTFmNDU1MjgzM2UwOGE4MGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApojif2jPSz35wzmpSUqvfbZKKNle
yqfMrUPN/xl07y5lTonQTmkSD70t+NKTw7kHuUVpfTHAeYYIugdPHHCvOg61OXnp
iBwGvsGCidu7Bw6jS9cpCqucY1tAz9n3vyAMAxdjUIz5Hx1xAdeFnDsq6QFIJr6q
6tZdjSYeVayE9AHkZyYB1wpNe1RLD11yfk6vAYhwmci5udDKQysVsbkkFgoZTabP
bb0pu7tthBv08nCxIuTGvkdgroEMsXhWJmhYXAYoYsMdN5lB2O/IKe6kiDdRNieY
OCjK1KgH9Ux7IkhYXMZqsf+mjwRUmMCc70f9PH/UpLJGTYM7fRIeE2VMUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHpPm4CqNFedQ8mH4fRVKDPgioDvMB8GA1UdIwQY
MBaAFIsuDRhP9VM3XIR8ONTfzc3hIZ/TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXk0TkdFXzFVemRjaEh3NDFOX056ZUVobjlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8wZmNkOGUtMTAzNC00YTc1LWEwNzAt
Njk5ZjNjZDg1MGZhLzEvZWstYmdLbzBWNTFEeVlmaDlGVW9NLUNLZ084LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8wZmNkOGUtMTAzNC00YTc1LWEwNzAtNjk5ZjNjZDg1MGZh
LzEvaXk0TkdFXzFVemRjaEh3NDFOX056ZUVobjlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQ5iMA0G
CSqGSIb3DQEBCwUAA4IBAQAaqT6CZhfvm4Cp1UtTX5ip3/PN4SOd72HDgpoCoD12
xi99t1mOsv/KgrdvghT2zX5RoVFSWD0n/ms/6paIG5VbNX8BXg2cvHvC6Fv1XfE8
unZxnNU7TjxclGNM/hv1zZK7u7mBks3xH3bDBSOhTHsdxaqsNY3kCcTMSKOmPOAI
pj4mdc6cmyOi2FY3zuXSH15GerH5Rael3XlF9y1bOF6vg/r7ngpIw/fkEoZInzV0
6HNzln7hbXuKPxRYD0+0gJ0qSEyafK52bbkXh9F9OyBkhcXiH68EOVFK1ufAW70n
A//+Ygi+bsdI/FZLDhrixKDJPGfUsJcwQTIgS5UHui3v
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:24:16 2025 by rpki-client