Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/20974d-6403-4107-a75b-13fb7a5130ca/1/c4XFDsuP3oiOPuoN5dW6Mp7swps.roa
File: c4XFDsuP3oiOPuoN5dW6Mp7swps.roa (raw, json)
Hash identifier: RShjOJ6yyL7rh4X46zYbqRc79tC1/dWZp0uZXHk88jM=
Subject key identifier: 73:85:C5:0E:CB:8F:DE:88:8E:3E:EA:0D:E5:D5:BA:32:9E:EC:C2:9B
Certificate issuer: /CN=b4ec6c0a5ebec5817d91b91e79a6bc6132eb9d2c
Certificate serial: 01941F8C9CF4F39B7A0B039A918D62AB15A7
Authority key identifier: B4:EC:6C:0A:5E:BE:C5:81:7D:91:B9:1E:79:A6:BC:61:32:EB:9D:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tOxsCl6-xYF9kbkeeaa8YTLrnSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/20974d-6403-4107-a75b-13fb7a5130ca/1/c4XFDsuP3oiOPuoN5dW6Mp7swps.roa
Signing time: Wed 01 Jan 2025 01:48:16 +0000
ROA not before: Wed 01 Jan 2025 01:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20649
IP address blocks: 185.77.1.0/24 maxlen: 24
185.77.2.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:9c:f4:f3:9b:7a:0b:03:9a:91:8d:62:ab:15:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4ec6c0a5ebec5817d91b91e79a6bc6132eb9d2c
Validity
Not Before: Jan 1 01:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7385c50ecb8fde888e3eea0de5d5ba329eecc29b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:98:30:e7:5a:dd:f6:50:7d:0f:a2:73:4c:ba:
7d:29:ac:96:44:7d:01:46:bb:5f:46:f6:f2:a7:4c:
f6:ef:db:8b:cf:33:81:68:16:3f:9b:cc:73:29:13:
ae:e7:d8:14:c5:6d:8a:b1:82:a5:61:3a:c3:e9:ae:
40:ac:2f:de:4e:ca:28:6c:2b:64:93:68:c5:6b:23:
11:84:33:77:86:f7:83:ba:7f:89:95:61:f5:0f:08:
cd:58:6f:ec:de:3c:ae:b5:0b:b0:a1:d1:8e:7f:41:
39:f5:ef:4f:42:88:f1:99:19:e7:7c:7b:d8:9f:0f:
04:21:4c:9a:fb:d6:78:89:b8:90:d4:94:fb:91:6c:
c1:62:3a:7b:f5:78:1b:3f:e9:07:41:e5:51:2d:e2:
fd:23:0b:f8:8f:1e:c5:d9:14:64:ef:11:e8:18:51:
d0:4f:4e:24:f2:6c:14:44:7d:58:15:06:73:d6:43:
89:ac:4d:82:3e:6b:eb:5f:6b:d5:8c:54:0c:82:f3:
35:bb:89:b4:10:9a:bb:cc:a8:75:c7:c9:44:67:14:
a6:3d:bb:b5:a9:53:ff:4d:fd:44:ef:71:f9:50:21:
09:3a:b3:aa:0a:5a:9c:3b:6a:58:f6:9b:3c:d1:89:
5f:23:e7:11:f7:66:42:9e:c4:49:ec:a4:eb:05:71:
89:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:85:C5:0E:CB:8F:DE:88:8E:3E:EA:0D:E5:D5:BA:32:9E:EC:C2:9B
X509v3 Authority Key Identifier:
keyid:B4:EC:6C:0A:5E:BE:C5:81:7D:91:B9:1E:79:A6:BC:61:32:EB:9D:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tOxsCl6-xYF9kbkeeaa8YTLrnSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/20974d-6403-4107-a75b-13fb7a5130ca/1/c4XFDsuP3oiOPuoN5dW6Mp7swps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/20974d-6403-4107-a75b-13fb7a5130ca/1/tOxsCl6-xYF9kbkeeaa8YTLrnSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.1.0-185.77.2.255
Signature Algorithm: sha256WithRSAEncryption
68:a5:21:11:e3:d3:69:26:31:4f:84:cc:1a:9c:c6:c2:ac:f2:
f5:04:0f:28:ba:e7:d2:e5:4d:19:d5:cd:71:ae:c8:d3:d0:84:
02:24:d8:c0:7b:37:5c:ba:ae:02:f5:d0:47:e8:cf:02:01:12:
64:13:76:f9:f7:9c:81:b9:15:04:6a:da:b5:89:7e:e0:a4:60:
bc:ca:b8:fe:1e:6b:18:9f:ec:1a:ac:8f:17:2a:4b:a3:59:13:
bf:0f:06:e8:d4:c3:44:d8:45:69:df:51:13:84:fd:98:95:e3:
ab:91:d7:08:e9:ca:4a:6e:df:8f:85:46:c5:95:78:41:b9:f0:
41:82:75:df:5f:01:2c:ab:7f:63:7c:62:17:36:3a:f4:9b:ab:
0f:16:ae:ed:d5:19:b5:30:06:b4:ec:f4:c4:48:49:32:9c:d6:
32:92:5e:b5:10:d4:fc:5e:f3:d8:43:58:23:dd:64:18:b0:5f:
78:e8:ea:60:bc:8c:45:95:e8:26:4e:6c:9a:2f:61:ed:6c:56:
3b:ac:ea:b0:70:ee:04:7d:ef:c6:e2:1a:2d:24:43:fa:c6:f3:
2b:bb:0f:84:a3:ed:87:ea:2e:4d:d1:aa:44:06:1f:bc:84:ca:
30:32:22:d0:a5:11:c5:86:3c:00:c6:c3:cb:4c:80:1f:90:f1:
b7:9f:c5:08
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQfjJz085t6CwOakY1iqxWnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZWM2YzBhNWViZWM1ODE3ZDkxYjkxZTc5YTZiYzYxMzJl
YjlkMmMwHhcNMjUwMTAxMDE0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mzg1YzUwZWNiOGZkZTg4OGUzZWVhMGRlNWQ1YmEzMjllZWNjMjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZgw51rd9lB9D6JzTLp9KayWRH0B
RrtfRvbyp0z279uLzzOBaBY/m8xzKROu59gUxW2KsYKlYTrD6a5ArC/eTsoobCtk
k2jFayMRhDN3hveDun+JlWH1DwjNWG/s3jyutQuwodGOf0E59e9PQojxmRnnfHvY
nw8EIUya+9Z4ibiQ1JT7kWzBYjp79XgbP+kHQeVRLeL9Iwv4jx7F2RRk7xHoGFHQ
T04k8mwURH1YFQZz1kOJrE2CPmvrX2vVjFQMgvM1u4m0EJq7zKh1x8lEZxSmPbu1
qVP/Tf1E73H5UCEJOrOqClqcO2pY9ps80YlfI+cR92ZCnsRJ7KTrBXGJIQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHOFxQ7Lj96Ijj7qDeXVujKe7MKbMB8GA1UdIwQY
MBaAFLTsbApevsWBfZG5HnmmvGEy650sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE94c0NsNi14WUY5a2JrZWVhYThZVExyblN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8yMDk3NGQtNjQwMy00MTA3LWE3NWIt
MTNmYjdhNTEzMGNhLzEvYzRYRkRzdVAzb2lPUHVvTjVkVzZNcDdzd3BzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8yMDk3NGQtNjQwMy00MTA3LWE3NWItMTNmYjdhNTEzMGNh
LzEvdE94c0NsNi14WUY5a2JrZWVhYThZVExyblN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5TQED
BAC5TQIwDQYJKoZIhvcNAQELBQADggEBAGilIRHj02kmMU+EzBqcxsKs8vUEDyi6
59LlTRnVzXGuyNPQhAIk2MB7N1y6rgL10EfozwIBEmQTdvn3nIG5FQRq2rWJfuCk
YLzKuP4eaxif7BqsjxcqS6NZE78PBujUw0TYRWnfUROE/ZiV46uR1wjpykpu34+F
RsWVeEG58EGCdd9fASyrf2N8Yhc2OvSbqw8Wru3VGbUwBrTs9MRISTKc1jKSXrUQ
1Pxe89hDWCPdZBiwX3jo6mC8jEWV6CZObJovYe1sVjus6rBw7gR978biGi0kQ/rG
8yu7D4Sj7YfqLk3RqkQGH7yEyjAyItClEcWGPADGw8tMgB+Q8befxQg=
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:09:12 2025 by rpki-client