Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/4e0580-8b2f-49a7-abd8-5c38c7475aa9/1/du_2ZQg8yAJTgrrcsRgGTQ2XG_8.roa
File: du_2ZQg8yAJTgrrcsRgGTQ2XG_8.roa (raw, json)
Hash identifier: N5/CsUBVJG9ccVWuK1sk9cFhzshfMejmNQXFk3ysFrU=
Subject key identifier: 76:EF:F6:65:08:3C:C8:02:53:82:BA:DC:B1:18:06:4D:0D:97:1B:FF
Certificate issuer: /CN=9246785f469be8aa7151e3333e47465d478fd0e7
Certificate serial: 019427B611001620CB5C3E6CAC1B84EBB1F1
Authority key identifier: 92:46:78:5F:46:9B:E8:AA:71:51:E3:33:3E:47:46:5D:47:8F:D0:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kkZ4X0ab6KpxUeMzPkdGXUeP0Oc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/4e0580-8b2f-49a7-abd8-5c38c7475aa9/1/du_2ZQg8yAJTgrrcsRgGTQ2XG_8.roa
Signing time: Thu 02 Jan 2025 15:50:30 +0000
ROA not before: Thu 02 Jan 2025 15:50:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60902
IP address blocks: 185.24.16.0/24 maxlen: 24
185.24.17.0/24 maxlen: 24
185.24.18.0/24 maxlen: 24
185.24.19.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:11:00:16:20:cb:5c:3e:6c:ac:1b:84:eb:b1:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9246785f469be8aa7151e3333e47465d478fd0e7
Validity
Not Before: Jan 2 15:50:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76eff665083cc8025382badcb118064d0d971bff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:22:1b:90:58:d3:4c:f3:fe:60:45:cd:dc:67:
ef:e3:ee:78:f4:2d:01:a0:8a:f9:93:f3:bd:bb:da:
ed:f8:bd:0e:ae:5c:54:7c:6b:61:82:59:ca:84:f5:
cc:11:50:62:a3:a7:53:a7:f7:1a:98:c1:66:4e:fa:
95:a8:a3:52:e4:10:a1:20:3b:6e:b8:56:34:bb:58:
73:7a:3d:a8:60:4b:05:b2:8d:5a:df:9c:ae:64:a0:
99:c7:bc:a7:66:36:07:26:17:c9:54:cb:00:f8:8a:
d1:99:b5:9b:c2:f3:5c:1c:4f:c4:91:b3:21:c1:00:
df:b6:fd:7d:71:fe:d4:87:6b:81:43:36:f8:dc:4e:
eb:2a:2f:22:36:e9:4e:eb:2e:d8:59:cc:11:cb:df:
13:cc:2a:c2:69:b1:be:00:ac:e1:43:01:04:85:a2:
a5:8c:c8:ca:71:55:5f:fe:90:5f:53:01:0a:d0:cf:
29:d8:05:1b:2e:04:72:29:07:86:e1:1e:6b:5f:57:
52:07:71:14:1f:71:e0:d2:d2:b3:7a:e1:bd:3f:dc:
e1:17:36:f6:43:d7:dc:c8:e4:7a:85:0d:a0:a8:98:
ec:a8:4f:ba:90:ea:e2:dd:84:1d:2c:dc:41:da:66:
a1:3d:38:31:c5:95:ba:e2:d3:05:f1:70:81:6f:f8:
9e:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:EF:F6:65:08:3C:C8:02:53:82:BA:DC:B1:18:06:4D:0D:97:1B:FF
X509v3 Authority Key Identifier:
keyid:92:46:78:5F:46:9B:E8:AA:71:51:E3:33:3E:47:46:5D:47:8F:D0:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kkZ4X0ab6KpxUeMzPkdGXUeP0Oc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/4e0580-8b2f-49a7-abd8-5c38c7475aa9/1/du_2ZQg8yAJTgrrcsRgGTQ2XG_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/4e0580-8b2f-49a7-abd8-5c38c7475aa9/1/kkZ4X0ab6KpxUeMzPkdGXUeP0Oc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.16.0/22
Signature Algorithm: sha256WithRSAEncryption
22:30:c0:bc:12:e0:80:ff:08:db:9e:cc:5d:0a:73:9e:11:0f:
8d:24:e6:ed:3a:2e:22:f3:6b:77:62:23:61:a3:c1:52:7c:f8:
d1:eb:e8:fa:18:c4:49:81:fc:4e:94:67:97:f4:a5:f4:d8:5b:
6a:5b:16:04:8a:bb:8b:33:46:c2:27:83:aa:47:52:74:91:0e:
af:98:a3:17:42:7f:ce:7e:54:44:9e:2c:69:fd:6a:78:29:d0:
15:cc:b9:be:f9:0d:c0:81:11:40:48:42:5b:fa:a3:61:2a:2f:
66:0a:a2:43:c6:af:e5:b9:74:56:58:4b:a2:49:98:af:0b:61:
30:8b:0d:c4:52:1d:80:b1:12:5a:11:9b:07:6c:45:a9:33:e6:
83:a1:a3:16:1e:70:b8:04:4f:26:94:cb:dc:7c:59:2c:c1:65:
9e:9d:01:23:b8:7d:f2:37:b4:86:22:26:51:4c:ef:9b:71:89:
73:6d:6b:0b:1d:35:4a:54:33:e1:1f:33:f6:ce:65:e5:87:fb:
3a:8f:1a:ba:d9:2a:1c:e3:a2:06:81:23:1e:9b:e0:c2:65:39:
ab:2c:97:0a:90:e2:86:c1:c0:63:53:6e:e8:ef:48:a4:3e:6d:
fa:f9:95:bd:e8:ad:5d:17:3e:ca:94:7c:bd:f5:1e:5e:cf:8b:
6a:98:96:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnthEAFiDLXD5srBuE67HxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNDY3ODVmNDY5YmU4YWE3MTUxZTMzMzNlNDc0NjVkNDc4
ZmQwZTcwHhcNMjUwMTAyMTU1MDMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmVmZjY2NTA4M2NjODAyNTM4MmJhZGNiMTE4MDY0ZDBkOTcxYmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySIbkFjTTPP+YEXN3Gfv4+549C0B
oIr5k/O9u9rt+L0OrlxUfGthglnKhPXMEVBio6dTp/camMFmTvqVqKNS5BChIDtu
uFY0u1hzej2oYEsFso1a35yuZKCZx7ynZjYHJhfJVMsA+IrRmbWbwvNcHE/EkbMh
wQDftv19cf7Uh2uBQzb43E7rKi8iNulO6y7YWcwRy98TzCrCabG+AKzhQwEEhaKl
jMjKcVVf/pBfUwEK0M8p2AUbLgRyKQeG4R5rX1dSB3EUH3Hg0tKzeuG9P9zhFzb2
Q9fcyOR6hQ2gqJjsqE+6kOri3YQdLNxB2mahPTgxxZW64tMF8XCBb/ieOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHbv9mUIPMgCU4K63LEYBk0Nlxv/MB8GA1UdIwQY
MBaAFJJGeF9Gm+iqcVHjMz5HRl1Hj9DnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2taNFgwYWI2S3B4VWVNelBrZEdYVWVQME9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni80ZTA1ODAtOGIyZi00OWE3LWFiZDgt
NWMzOGM3NDc1YWE5LzEvZHVfMlpRZzh5QUpUZ3JyY3NSZ0dUUTJYR184LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni80ZTA1ODAtOGIyZi00OWE3LWFiZDgtNWMzOGM3NDc1YWE5
LzEva2taNFgwYWI2S3B4VWVNelBrZEdYVWVQME9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRgQMA0G
CSqGSIb3DQEBCwUAA4IBAQAiMMC8EuCA/wjbnsxdCnOeEQ+NJObtOi4i82t3YiNh
o8FSfPjR6+j6GMRJgfxOlGeX9KX02FtqWxYEiruLM0bCJ4OqR1J0kQ6vmKMXQn/O
flREnixp/Wp4KdAVzLm++Q3AgRFASEJb+qNhKi9mCqJDxq/luXRWWEuiSZivC2Ew
iw3EUh2AsRJaEZsHbEWpM+aDoaMWHnC4BE8mlMvcfFkswWWenQEjuH3yN7SGIiZR
TO+bcYlzbWsLHTVKVDPhHzP2zmXlh/s6jxq62Soc46IGgSMem+DCZTmrLJcKkOKG
wcBjU27o70ikPm36+ZW96K1dFz7KlHy99R5ez4tqmJbO
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:11:04 2025 by rpki-client