Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/3a39e9-3d40-46f8-bb0f-5ba43b118f75/1/rjFAvFxrdSB0H68aH_zK0lS1GcA.roa
File: rjFAvFxrdSB0H68aH_zK0lS1GcA.roa (raw, json)
Hash identifier: iKO/ulWqGpWzjwhANl857sDa0g01+J+R36f50OBJrb0=
Subject key identifier: AE:31:40:BC:5C:6B:75:20:74:1F:AF:1A:1F:FC:CA:D2:54:B5:19:C0
Certificate issuer: /CN=0a2a157f00515f95b6df5dc0d52eb1b5d43fde5c
Certificate serial: 01942747F14A7F15E5B2498340365A6295B2
Authority key identifier: 0A:2A:15:7F:00:51:5F:95:B6:DF:5D:C0:D5:2E:B1:B5:D4:3F:DE:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CioVfwBRX5W2313A1S6xtdQ_3lw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/3a39e9-3d40-46f8-bb0f-5ba43b118f75/1/rjFAvFxrdSB0H68aH_zK0lS1GcA.roa
Signing time: Thu 02 Jan 2025 13:50:13 +0000
ROA not before: Thu 02 Jan 2025 13:50:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30848
IP address blocks: 185.211.12.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:f1:4a:7f:15:e5:b2:49:83:40:36:5a:62:95:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a2a157f00515f95b6df5dc0d52eb1b5d43fde5c
Validity
Not Before: Jan 2 13:50:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae3140bc5c6b7520741faf1a1ffccad254b519c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d0:f3:48:23:16:35:7b:8a:46:68:50:01:d9:
db:45:e7:46:2d:a0:7f:56:5d:07:12:c2:94:26:f1:
46:cb:6e:57:e5:a9:f9:10:84:a6:21:ab:fd:48:81:
64:18:06:47:59:e1:22:e6:5b:f6:26:cb:39:7e:39:
f6:ac:8f:cb:d7:43:97:4b:05:be:37:8f:8f:e8:f9:
c0:b0:94:93:09:0d:fa:fa:66:54:61:55:66:44:03:
48:fd:ce:be:a9:7e:1f:fe:7e:1f:de:6d:9c:4a:56:
ff:79:d3:a5:60:ef:99:84:cf:7c:d4:8e:9d:08:0f:
54:64:bc:7b:5e:e3:79:52:73:bf:58:fc:44:76:ff:
2f:5f:29:42:67:1d:fb:26:e1:8f:67:23:fa:4d:06:
c4:c3:83:f9:e1:73:20:91:e0:6f:36:92:50:78:d6:
7b:a6:2b:0d:b7:a2:a0:05:19:53:22:4d:0b:12:51:
82:d5:f4:f0:9e:12:0a:fd:fb:38:fe:73:d6:d2:56:
e3:6a:77:aa:0e:11:f4:b7:e5:ad:72:e7:6c:43:d1:
76:6b:43:97:04:df:fb:34:d7:f9:38:17:1e:4e:a8:
32:90:23:5e:70:76:1e:dd:f3:7a:f5:85:1e:db:3a:
b5:01:2f:81:28:1f:0a:f5:62:00:e4:0e:c2:b8:c1:
2f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:31:40:BC:5C:6B:75:20:74:1F:AF:1A:1F:FC:CA:D2:54:B5:19:C0
X509v3 Authority Key Identifier:
keyid:0A:2A:15:7F:00:51:5F:95:B6:DF:5D:C0:D5:2E:B1:B5:D4:3F:DE:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CioVfwBRX5W2313A1S6xtdQ_3lw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/3a39e9-3d40-46f8-bb0f-5ba43b118f75/1/rjFAvFxrdSB0H68aH_zK0lS1GcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/3a39e9-3d40-46f8-bb0f-5ba43b118f75/1/CioVfwBRX5W2313A1S6xtdQ_3lw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.12.0/23
Signature Algorithm: sha256WithRSAEncryption
15:51:9d:66:20:46:77:8a:18:05:f6:2c:6b:f1:0b:77:9c:1a:
1d:00:8d:a2:5a:5d:85:b3:5c:ad:23:41:a9:a3:ed:ad:e3:81:
ba:b8:21:73:16:58:ab:a5:22:3b:7c:50:69:db:00:e7:d7:a1:
ac:ac:92:69:09:61:bb:13:a0:e3:0f:93:a7:a9:2f:f6:60:8d:
1e:1d:f5:e1:58:13:e2:2e:12:d9:09:24:b6:c3:ad:30:97:36:
c6:b9:e2:1c:b7:e8:c9:d7:14:f5:98:e2:18:1d:97:10:a2:b5:
54:51:99:31:2b:fb:87:ae:b2:c7:18:bd:1d:09:a0:b3:19:34:
7a:99:67:22:65:1b:c5:1d:c9:58:17:b8:d2:af:2a:15:69:3f:
e6:ad:df:c6:e9:e5:63:be:78:af:60:61:0e:00:ef:57:cc:88:
2b:61:96:46:34:29:a8:e6:ac:9a:1f:81:2c:1c:e1:5f:7c:da:
bc:5e:2f:47:ec:b0:9a:2f:0f:49:41:e8:86:29:92:7a:b3:d0:
f3:32:92:0c:b4:10:90:3b:8f:43:b2:54:5a:35:8d:71:34:b9:
f0:07:87:84:c2:47:84:ae:63:bf:1e:9a:b7:9f:33:99:09:7c:
16:49:f5:3f:36:2b:6f:b5:b4:2d:89:f1:37:55:3b:a9:8b:7a:
f0:6b:56:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR/FKfxXlskmDQDZaYpWyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMmExNTdmMDA1MTVmOTViNmRmNWRjMGQ1MmViMWI1ZDQz
ZmRlNWMwHhcNMjUwMTAyMTM1MDEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTMxNDBiYzVjNmI3NTIwNzQxZmFmMWExZmZjY2FkMjU0YjUxOWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9DzSCMWNXuKRmhQAdnbRedGLaB/
Vl0HEsKUJvFGy25X5an5EISmIav9SIFkGAZHWeEi5lv2Jss5fjn2rI/L10OXSwW+
N4+P6PnAsJSTCQ36+mZUYVVmRANI/c6+qX4f/n4f3m2cSlb/edOlYO+ZhM981I6d
CA9UZLx7XuN5UnO/WPxEdv8vXylCZx37JuGPZyP6TQbEw4P54XMgkeBvNpJQeNZ7
pisNt6KgBRlTIk0LElGC1fTwnhIK/fs4/nPW0lbjaneqDhH0t+WtcudsQ9F2a0OX
BN/7NNf5OBceTqgykCNecHYe3fN69YUe2zq1AS+BKB8K9WIA5A7CuMEvFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK4xQLxca3UgdB+vGh/8ytJUtRnAMB8GA1UdIwQY
MBaAFAoqFX8AUV+Vtt9dwNUusbXUP95cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2lvVmZ3QlJYNVcyMzEzQTFTNnh0ZFFfM2x3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8zYTM5ZTktM2Q0MC00NmY4LWJiMGYt
NWJhNDNiMTE4Zjc1LzEvcmpGQXZGeHJkU0IwSDY4YUhfekswbFMxR2NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8zYTM5ZTktM2Q0MC00NmY4LWJiMGYtNWJhNDNiMTE4Zjc1
LzEvQ2lvVmZ3QlJYNVcyMzEzQTFTNnh0ZFFfM2x3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBudMMMA0G
CSqGSIb3DQEBCwUAA4IBAQAVUZ1mIEZ3ihgF9ixr8Qt3nBodAI2iWl2Fs1ytI0Gp
o+2t44G6uCFzFlirpSI7fFBp2wDn16GsrJJpCWG7E6DjD5OnqS/2YI0eHfXhWBPi
LhLZCSS2w60wlzbGueIct+jJ1xT1mOIYHZcQorVUUZkxK/uHrrLHGL0dCaCzGTR6
mWciZRvFHclYF7jSryoVaT/mrd/G6eVjvnivYGEOAO9XzIgrYZZGNCmo5qyaH4Es
HOFffNq8Xi9H7LCaLw9JQeiGKZJ6s9DzMpIMtBCQO49DslRaNY1xNLnwB4eEwkeE
rmO/Hpq3nzOZCXwWSfU/NitvtbQtifE3VTupi3rwa1Zv
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:54:28 2025 by rpki-client