Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/fbde29-b946-43f3-b847-1a20cdd560c2/1/0sfAJDOKEgD2Tzsu1RWmyLUySdU.roa
File: 0sfAJDOKEgD2Tzsu1RWmyLUySdU.roa (raw, json)
Hash identifier: VH3wSYokwNKbdRdlo/plfnhiJKHB8F9C3/JbEz05f7k=
Subject key identifier: D2:C7:C0:24:33:8A:12:00:F6:4F:3B:2E:D5:15:A6:C8:B5:32:49:D5
Certificate issuer: /CN=4304d868b0b9d1d43678eb467ae7c3fa3bffe2f8
Certificate serial: 01942444D5D064322D73F35B473654CB4114
Authority key identifier: 43:04:D8:68:B0:B9:D1:D4:36:78:EB:46:7A:E7:C3:FA:3B:FF:E2:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwTYaLC50dQ2eOtGeufD-jv_4vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/fbde29-b946-43f3-b847-1a20cdd560c2/1/0sfAJDOKEgD2Tzsu1RWmyLUySdU.roa
Signing time: Wed 01 Jan 2025 23:47:58 +0000
ROA not before: Wed 01 Jan 2025 23:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39842
IP address blocks: 185.35.224.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:d5:d0:64:32:2d:73:f3:5b:47:36:54:cb:41:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4304d868b0b9d1d43678eb467ae7c3fa3bffe2f8
Validity
Not Before: Jan 1 23:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d2c7c024338a1200f64f3b2ed515a6c8b53249d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b0:08:69:0b:ca:d5:a6:4d:b4:7d:00:00:ae:
cb:f4:f3:d7:cd:c8:93:8a:10:97:3a:17:08:08:c8:
23:13:28:61:ca:60:1b:a3:6f:39:4f:0d:7e:54:ef:
d2:40:8b:97:47:10:1e:e1:9d:71:da:ef:3a:74:f2:
43:2d:6f:13:22:3f:96:18:bd:ea:ef:fe:5d:e6:a4:
6a:3c:8a:21:c8:4d:52:7f:bb:cb:e7:7d:2a:12:2e:
2c:e5:28:52:5e:62:96:3b:dd:e7:f2:72:60:6e:ce:
92:2a:e1:b2:50:97:83:4f:a2:46:68:51:10:c1:86:
be:fe:5a:8f:06:13:e3:10:41:ea:92:5c:e6:e8:d6:
a1:3d:f2:50:b7:16:3e:07:7b:da:48:02:20:4e:59:
96:2d:cd:ed:29:b6:7c:7f:f2:36:4e:72:b6:05:2e:
5b:f6:1c:cf:de:4d:dd:9b:99:ad:a7:28:dd:55:cd:
aa:a4:8a:83:f8:b1:95:7b:78:a4:f6:ba:0f:72:60:
7a:5e:b2:0f:73:40:6a:a7:0d:ee:24:8b:54:5e:bc:
83:9b:a4:f5:24:52:80:12:d6:9c:48:69:1c:52:38:
26:d0:dd:68:61:eb:d5:d0:49:42:c8:24:3e:ea:69:
2a:a6:a6:e8:64:63:2c:18:eb:0a:61:fd:63:18:1b:
b0:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:C7:C0:24:33:8A:12:00:F6:4F:3B:2E:D5:15:A6:C8:B5:32:49:D5
X509v3 Authority Key Identifier:
keyid:43:04:D8:68:B0:B9:D1:D4:36:78:EB:46:7A:E7:C3:FA:3B:FF:E2:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwTYaLC50dQ2eOtGeufD-jv_4vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/fbde29-b946-43f3-b847-1a20cdd560c2/1/0sfAJDOKEgD2Tzsu1RWmyLUySdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/fbde29-b946-43f3-b847-1a20cdd560c2/1/QwTYaLC50dQ2eOtGeufD-jv_4vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.35.224.0/22
Signature Algorithm: sha256WithRSAEncryption
33:88:c8:e5:14:da:1e:57:5f:9a:e3:32:7b:79:53:d4:52:62:
61:6c:ff:23:3f:51:64:be:73:f9:9f:dd:fa:de:f7:98:94:93:
51:b8:57:68:92:4f:04:17:bd:a1:8d:fa:df:d2:38:e1:0b:f5:
05:0c:7c:6e:86:12:54:c8:3a:b1:06:7f:79:81:ac:3c:e0:8c:
a9:2d:1e:06:ee:db:d8:cc:c7:08:44:5b:8e:02:ec:e0:d4:5a:
48:2f:c2:51:2c:9a:a0:cc:50:21:bc:f0:47:e3:3a:21:38:30:
2b:6c:38:d2:2d:d0:6c:92:eb:ac:3e:bb:9d:0b:9e:84:a0:b5:
df:e8:b8:68:6f:28:3c:fa:79:8e:cf:10:e3:00:74:0f:42:79:
cb:f0:db:8c:fa:3e:fa:db:8b:fe:72:12:c7:d3:62:56:55:1e:
f7:c5:ee:36:0b:c4:42:02:68:6e:24:d6:f9:21:98:fe:25:4e:
ad:63:3a:26:16:b6:08:3a:d2:53:2c:21:8f:7e:3e:92:30:4b:
ce:32:c4:ee:0a:0e:fa:3b:4e:b9:6c:5f:e1:8b:c3:a9:f5:5d:
d9:b9:c3:db:9b:9b:61:38:51:47:1f:8d:75:59:71:d6:71:0c:
94:63:d1:5f:77:c0:96:10:40:9f:f2:d7:7a:aa:40:e7:f1:58:
f9:53:7f:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRNXQZDItc/NbRzZUy0EUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDRkODY4YjBiOWQxZDQzNjc4ZWI0NjdhZTdjM2ZhM2Jm
ZmUyZjgwHhcNMjUwMTAxMjM0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmM3YzAyNDMzOGExMjAwZjY0ZjNiMmVkNTE1YTZjOGI1MzI0OWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrAIaQvK1aZNtH0AAK7L9PPXzciT
ihCXOhcICMgjEyhhymAbo285Tw1+VO/SQIuXRxAe4Z1x2u86dPJDLW8TIj+WGL3q
7/5d5qRqPIohyE1Sf7vL530qEi4s5ShSXmKWO93n8nJgbs6SKuGyUJeDT6JGaFEQ
wYa+/lqPBhPjEEHqklzm6NahPfJQtxY+B3vaSAIgTlmWLc3tKbZ8f/I2TnK2BS5b
9hzP3k3dm5mtpyjdVc2qpIqD+LGVe3ik9roPcmB6XrIPc0Bqpw3uJItUXryDm6T1
JFKAEtacSGkcUjgm0N1oYevV0ElCyCQ+6mkqpqboZGMsGOsKYf1jGBuwiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNLHwCQzihIA9k87LtUVpsi1MknVMB8GA1UdIwQY
MBaAFEME2GiwudHUNnjrRnrnw/o7/+L4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdUWWFMQzUwZFEyZU90R2V1ZkQtanZfNHZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9mYmRlMjktYjk0Ni00M2YzLWI4NDct
MWEyMGNkZDU2MGMyLzEvMHNmQUpET0tFZ0QyVHpzdTFSV215TFV5U2RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9mYmRlMjktYjk0Ni00M2YzLWI4NDctMWEyMGNkZDU2MGMy
LzEvUXdUWWFMQzUwZFEyZU90R2V1ZkQtanZfNHZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSPgMA0G
CSqGSIb3DQEBCwUAA4IBAQAziMjlFNoeV1+a4zJ7eVPUUmJhbP8jP1FkvnP5n936
3veYlJNRuFdokk8EF72hjfrf0jjhC/UFDHxuhhJUyDqxBn95gaw84IypLR4G7tvY
zMcIRFuOAuzg1FpIL8JRLJqgzFAhvPBH4zohODArbDjSLdBskuusPrudC56EoLXf
6Lhobyg8+nmOzxDjAHQPQnnL8NuM+j7624v+chLH02JWVR73xe42C8RCAmhuJNb5
IZj+JU6tYzomFrYIOtJTLCGPfj6SMEvOMsTuCg76O065bF/hi8Op9V3ZucPbm5th
OFFHH411WXHWcQyUY9Ffd8CWEECf8td6qkDn8Vj5U39z
-----END CERTIFICATE-----
Generated at Sat Apr 26 03:32:30 2025 by rpki-client