Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/0c3d2a-adb7-49e9-adfa-6968e2d81826/1/ctA-0p3K0spN-aqa_vSCSuEPIl8.roa
File: ctA-0p3K0spN-aqa_vSCSuEPIl8.roa (raw, json)
Hash identifier: 9zjfwehArRYt152AyBxRUd+hpMMW5KWg3wsX7MAnHPE=
Subject key identifier: 72:D0:3E:D2:9D:CA:D2:CA:4D:F9:AA:9A:FE:F4:82:4A:E1:0F:22:5F
Certificate issuer: /CN=394c6f73b3c83881ffc8e6603a6b64f45365acf1
Certificate serial: 01941FFA75805882F769373CBEFE8ABE6F9E
Authority key identifier: 39:4C:6F:73:B3:C8:38:81:FF:C8:E6:60:3A:6B:64:F4:53:65:AC:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OUxvc7PIOIH_yOZgOmtk9FNlrPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/0c3d2a-adb7-49e9-adfa-6968e2d81826/1/ctA-0p3K0spN-aqa_vSCSuEPIl8.roa
Signing time: Wed 01 Jan 2025 03:48:15 +0000
ROA not before: Wed 01 Jan 2025 03:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197060
IP address blocks: 185.155.252.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:75:80:58:82:f7:69:37:3c:be:fe:8a:be:6f:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=394c6f73b3c83881ffc8e6603a6b64f45365acf1
Validity
Not Before: Jan 1 03:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72d03ed29dcad2ca4df9aa9afef4824ae10f225f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2d:53:07:0a:90:13:9d:72:fb:ef:29:d2:7d:
ba:71:c1:95:6e:63:ee:0e:fd:45:10:9c:06:9d:bb:
1b:ec:d9:68:8a:cb:4e:f3:48:1e:4c:fe:d8:42:c3:
f1:06:38:3e:b5:91:e4:06:8e:b4:dd:36:59:6c:ad:
4a:15:b1:28:bc:50:c9:da:ec:16:e1:23:4a:72:ff:
0d:5e:9f:95:d5:06:f3:a0:63:53:6e:59:03:d3:bd:
99:b6:55:9c:cf:25:a7:cb:1f:22:b1:7b:84:f9:85:
81:3a:8b:e0:2f:82:1e:b8:ba:f0:a8:dd:47:7e:ec:
39:8c:f2:91:d0:51:1d:69:bc:11:1a:94:7d:46:6c:
40:50:3d:da:5a:1b:0c:87:0a:16:32:ab:4a:1d:d0:
55:1b:df:3a:0b:2d:95:87:0e:ba:db:f3:5b:f3:e5:
34:70:53:11:5d:28:f2:df:69:e2:2d:b4:c0:ed:dc:
38:83:fb:87:c5:68:09:6a:92:d2:43:a1:35:0e:40:
28:34:a6:0a:90:d1:b9:ff:7d:6e:46:6a:80:84:db:
74:26:a2:cf:b4:32:09:58:a3:7d:ed:4f:69:71:a8:
c1:0f:41:b7:24:aa:27:8f:38:f5:35:e6:cb:d9:dd:
06:07:1b:66:b8:d1:b2:38:e8:21:4c:73:6d:e2:44:
da:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:D0:3E:D2:9D:CA:D2:CA:4D:F9:AA:9A:FE:F4:82:4A:E1:0F:22:5F
X509v3 Authority Key Identifier:
keyid:39:4C:6F:73:B3:C8:38:81:FF:C8:E6:60:3A:6B:64:F4:53:65:AC:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OUxvc7PIOIH_yOZgOmtk9FNlrPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/0c3d2a-adb7-49e9-adfa-6968e2d81826/1/ctA-0p3K0spN-aqa_vSCSuEPIl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/0c3d2a-adb7-49e9-adfa-6968e2d81826/1/OUxvc7PIOIH_yOZgOmtk9FNlrPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.252.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:e4:6c:38:01:01:51:64:0d:fd:71:95:92:0d:33:45:cf:e8:
6e:e1:89:77:02:95:2e:7e:f1:4b:0b:44:d9:ae:49:6f:38:90:
5f:e8:da:48:3e:55:cd:d5:2b:0a:6d:b5:90:54:5f:07:29:c6:
39:d5:7d:72:8e:09:ff:d3:53:01:37:4a:5c:fb:b5:8f:4e:c6:
d1:d0:0a:86:c3:cc:a7:d4:95:16:83:b4:fb:7f:2a:7b:c4:a7:
1d:0b:0f:46:21:e0:e3:e6:99:ee:37:ce:e8:2c:8b:41:bb:ec:
9e:b9:0c:56:44:9a:59:ed:1b:f3:a9:1d:1b:3d:8f:dc:5c:da:
d3:5a:96:06:13:96:ae:cb:9b:fd:80:ec:d0:3a:65:43:29:97:
ae:0c:54:b2:05:7f:35:99:7e:24:5d:e2:29:6c:6c:57:f9:24:
cd:ae:40:68:b5:71:1d:2b:d2:61:56:c8:b8:c7:d2:0d:f7:be:
61:d3:c5:0b:0f:26:dd:29:df:2f:a1:e6:bf:ed:7d:7c:43:a9:
5c:1e:d0:4c:ec:37:70:7d:b5:31:37:84:b9:5c:a0:71:eb:c6:
32:10:e8:dc:24:3c:54:bd:12:ea:b2:42:c6:3b:fb:6d:86:df:
24:b8:da:70:46:d5:65:33:9a:ef:c5:53:c8:43:cd:79:5b:53:
a2:47:dc:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+nWAWIL3aTc8vv6Kvm+eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NGM2ZjczYjNjODM4ODFmZmM4ZTY2MDNhNmI2NGY0NTM2
NWFjZjEwHhcNMjUwMTAxMDM0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmQwM2VkMjlkY2FkMmNhNGRmOWFhOWFmZWY0ODI0YWUxMGYyMjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoy1TBwqQE51y++8p0n26ccGVbmPu
Dv1FEJwGnbsb7NloistO80geTP7YQsPxBjg+tZHkBo603TZZbK1KFbEovFDJ2uwW
4SNKcv8NXp+V1QbzoGNTblkD072ZtlWczyWnyx8isXuE+YWBOovgL4IeuLrwqN1H
fuw5jPKR0FEdabwRGpR9RmxAUD3aWhsMhwoWMqtKHdBVG986Cy2Vhw662/Nb8+U0
cFMRXSjy32niLbTA7dw4g/uHxWgJapLSQ6E1DkAoNKYKkNG5/31uRmqAhNt0JqLP
tDIJWKN97U9pcajBD0G3JKonjzj1NebL2d0GBxtmuNGyOOghTHNt4kTaCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHLQPtKdytLKTfmqmv70gkrhDyJfMB8GA1UdIwQY
MBaAFDlMb3OzyDiB/8jmYDprZPRTZazxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1V4dmM3UElPSUhfeU9aZ09tdGs5Rk5sclBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8wYzNkMmEtYWRiNy00OWU5LWFkZmEt
Njk2OGUyZDgxODI2LzEvY3RBLTBwM0swc3BOLWFxYV92U0NTdUVQSWw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8wYzNkMmEtYWRiNy00OWU5LWFkZmEtNjk2OGUyZDgxODI2
LzEvT1V4dmM3UElPSUhfeU9aZ09tdGs5Rk5sclBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZv8MA0G
CSqGSIb3DQEBCwUAA4IBAQAa5Gw4AQFRZA39cZWSDTNFz+hu4Yl3ApUufvFLC0TZ
rklvOJBf6NpIPlXN1SsKbbWQVF8HKcY51X1yjgn/01MBN0pc+7WPTsbR0AqGw8yn
1JUWg7T7fyp7xKcdCw9GIeDj5pnuN87oLItBu+yeuQxWRJpZ7RvzqR0bPY/cXNrT
WpYGE5auy5v9gOzQOmVDKZeuDFSyBX81mX4kXeIpbGxX+STNrkBotXEdK9JhVsi4
x9IN975h08ULDybdKd8voea/7X18Q6lcHtBM7DdwfbUxN4S5XKBx68YyEOjcJDxU
vRLqskLGO/ttht8kuNpwRtVlM5rvxVPIQ815W1OiR9wb
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:57:25 2025 by rpki-client