Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/pN9I61NTpOf1iptAeMEH4NWfXYw.roa
File: pN9I61NTpOf1iptAeMEH4NWfXYw.roa (raw, json)
Hash identifier: /osyl/RRKnWZO9AXYWEI4cWy1HpYeLX7qYgqul7Ks0g=
Subject key identifier: A4:DF:48:EB:53:53:A4:E7:F5:8A:9B:40:78:C1:07:E0:D5:9F:5D:8C
Certificate issuer: /CN=65816774b7c5665d67a86c20ceb6487b5b78b38d
Certificate serial: 01942825B356DD3E57055405D06401230276
Authority key identifier: 65:81:67:74:B7:C5:66:5D:67:A8:6C:20:CE:B6:48:7B:5B:78:B3:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZYFndLfFZl1nqGwgzrZIe1t4s40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/pN9I61NTpOf1iptAeMEH4NWfXYw.roa
Signing time: Thu 02 Jan 2025 17:52:26 +0000
ROA not before: Thu 02 Jan 2025 17:52:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208860
IP address blocks: 185.52.48.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:b3:56:dd:3e:57:05:54:05:d0:64:01:23:02:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65816774b7c5665d67a86c20ceb6487b5b78b38d
Validity
Not Before: Jan 2 17:52:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4df48eb5353a4e7f58a9b4078c107e0d59f5d8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:42:8a:f8:12:0d:dd:13:68:ba:80:9e:63:f6:
13:54:8e:19:06:48:6c:7e:3e:56:82:20:1b:8c:7b:
4f:33:33:ac:aa:01:62:61:97:36:6e:ff:c7:d5:69:
ea:ad:6c:d1:d3:06:b3:c1:78:c6:4f:25:a3:0c:3f:
77:2b:12:eb:cd:bd:7e:d9:8c:ba:a0:61:d9:dd:52:
65:ad:d6:40:f4:d7:6d:73:30:fb:04:90:38:e8:08:
08:f9:31:fa:e6:62:61:fa:88:b1:2e:e1:2d:c1:eb:
91:bb:27:e9:34:bd:be:98:d5:81:a5:29:c9:05:6f:
3e:3f:2a:e8:9a:bb:3c:1a:dd:e2:6f:2b:26:ec:5a:
c5:db:64:61:5b:55:eb:2d:b9:6b:62:ed:c9:04:43:
62:f0:ba:c1:49:00:d3:ed:56:75:3d:2f:eb:87:0d:
18:53:f4:b4:cd:d5:b4:32:cc:05:45:48:d3:ef:e8:
30:4b:07:97:a6:28:9c:25:4b:9f:73:6c:03:25:8c:
81:15:6a:4f:4e:e9:44:4b:68:ba:eb:11:d2:59:d0:
87:7d:2a:a0:42:66:21:22:33:e2:b3:c3:bd:3d:78:
35:ff:c6:47:0d:8b:9f:40:88:df:44:f6:2f:f8:af:
69:e6:98:0f:c8:40:24:a3:8a:f5:54:4e:41:ef:8b:
ee:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:DF:48:EB:53:53:A4:E7:F5:8A:9B:40:78:C1:07:E0:D5:9F:5D:8C
X509v3 Authority Key Identifier:
keyid:65:81:67:74:B7:C5:66:5D:67:A8:6C:20:CE:B6:48:7B:5B:78:B3:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYFndLfFZl1nqGwgzrZIe1t4s40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/pN9I61NTpOf1iptAeMEH4NWfXYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/ZYFndLfFZl1nqGwgzrZIe1t4s40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.48.0/24
Signature Algorithm: sha256WithRSAEncryption
93:e3:ec:bf:78:0e:c1:dd:b7:a9:b3:68:74:2b:64:65:8a:2c:
46:d9:18:ab:df:6a:cc:60:d1:f2:f7:78:99:8f:20:d4:ff:22:
8a:7a:03:bb:d3:51:90:2c:68:4b:c4:78:d4:c8:e8:82:5a:6a:
56:cd:0b:0a:4d:ac:6a:cc:7e:84:98:86:f0:40:b8:d4:2e:0e:
08:a1:77:f1:74:5f:4f:df:58:b9:2d:b4:8f:73:0d:54:7e:fe:
4b:7f:9d:fe:d2:c9:5c:98:41:ea:39:46:45:67:f0:f9:ed:4e:
fd:09:46:21:ab:57:73:44:c8:0f:1b:56:39:80:e9:72:56:65:
1a:01:27:21:aa:db:2f:df:a9:57:ab:cf:c5:c4:3d:4d:92:3e:
4a:e0:6d:04:8a:f5:d5:9e:8c:00:26:8d:c8:59:21:60:6a:de:
75:09:68:af:77:4e:b5:b6:14:01:1b:87:0c:c1:0e:e2:47:42:
15:9a:f4:98:90:8e:72:a5:65:d8:f3:71:28:0c:07:bc:90:0c:
65:9a:46:71:3c:80:0c:51:40:fa:da:21:97:59:75:80:71:b4:
9a:3a:ab:01:d3:62:a8:07:9d:a1:3a:8b:70:6a:da:73:04:ce:
5c:48:88:27:9e:42:e6:ac:95:08:36:61:69:0a:54:38:bd:a8:
23:61:f6:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJbNW3T5XBVQF0GQBIwJ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ODE2Nzc0YjdjNTY2NWQ2N2E4NmMyMGNlYjY0ODdiNWI3
OGIzOGQwHhcNMjUwMTAyMTc1MjI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGRmNDhlYjUzNTNhNGU3ZjU4YTliNDA3OGMxMDdlMGQ1OWY1ZDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA40KK+BIN3RNouoCeY/YTVI4ZBkhs
fj5WgiAbjHtPMzOsqgFiYZc2bv/H1WnqrWzR0wazwXjGTyWjDD93KxLrzb1+2Yy6
oGHZ3VJlrdZA9NdtczD7BJA46AgI+TH65mJh+oixLuEtweuRuyfpNL2+mNWBpSnJ
BW8+Pyromrs8Gt3ibysm7FrF22RhW1XrLblrYu3JBENi8LrBSQDT7VZ1PS/rhw0Y
U/S0zdW0MswFRUjT7+gwSweXpiicJUufc2wDJYyBFWpPTulES2i66xHSWdCHfSqg
QmYhIjPis8O9PXg1/8ZHDYufQIjfRPYv+K9p5pgPyEAko4r1VE5B74vuAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKTfSOtTU6Tn9YqbQHjBB+DVn12MMB8GA1UdIwQY
MBaAFGWBZ3S3xWZdZ6hsIM62SHtbeLONMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWllGbmRMZkZabDFucUd3Z3pyWkllMXQ0czQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9mM2I4MjUtY2JjMC00OWQyLThiNzYt
NmIxNDY5YzNiOTVhLzEvcE45STYxTlRwT2YxaXB0QWVNRUg0TldmWFl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9mM2I4MjUtY2JjMC00OWQyLThiNzYtNmIxNDY5YzNiOTVh
LzEvWllGbmRMZkZabDFucUd3Z3pyWkllMXQ0czQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTQwMA0G
CSqGSIb3DQEBCwUAA4IBAQCT4+y/eA7B3beps2h0K2RliixG2Rir32rMYNHy93iZ
jyDU/yKKegO701GQLGhLxHjUyOiCWmpWzQsKTaxqzH6EmIbwQLjULg4IoXfxdF9P
31i5LbSPcw1Ufv5Lf53+0slcmEHqOUZFZ/D57U79CUYhq1dzRMgPG1Y5gOlyVmUa
ASchqtsv36lXq8/FxD1Nkj5K4G0EivXVnowAJo3IWSFgat51CWivd061thQBG4cM
wQ7iR0IVmvSYkI5ypWXY83EoDAe8kAxlmkZxPIAMUUD62iGXWXWAcbSaOqsB02Ko
B52hOotwatpzBM5cSIgnnkLmrJUINmFpClQ4vagjYfYS
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:50:06 2025 by rpki-client