Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/d75759-8dcb-4532-8bfe-5b688acdb676/1/vHVqwO_nqH9ZrYztprb6WC9Q2ng.roa
File: vHVqwO_nqH9ZrYztprb6WC9Q2ng.roa (raw, json)
Hash identifier: hIMtMavbO55tW6Byt6lllDo5443jCsG0h73OMyjZ93A=
Subject key identifier: BC:75:6A:C0:EF:E7:A8:7F:59:AD:8C:ED:A6:B6:FA:58:2F:50:DA:78
Certificate issuer: /CN=d4474c1c06cbfde94614d65c7d05f614a6e23998
Certificate serial: 01941FFA53092F68F39A358C91EF47A00BE7
Authority key identifier: D4:47:4C:1C:06:CB:FD:E9:46:14:D6:5C:7D:05:F6:14:A6:E2:39:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1EdMHAbL_elGFNZcfQX2FKbiOZg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/d75759-8dcb-4532-8bfe-5b688acdb676/1/vHVqwO_nqH9ZrYztprb6WC9Q2ng.roa
Signing time: Wed 01 Jan 2025 03:48:06 +0000
ROA not before: Wed 01 Jan 2025 03:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201926
IP address blocks: 185.59.120.0/22 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:53:09:2f:68:f3:9a:35:8c:91:ef:47:a0:0b:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4474c1c06cbfde94614d65c7d05f614a6e23998
Validity
Not Before: Jan 1 03:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc756ac0efe7a87f59ad8ceda6b6fa582f50da78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:0c:0b:83:da:91:2f:38:b7:6d:37:77:3b:b9:
5e:8b:1b:12:07:f3:d4:f9:af:02:b1:5d:b6:15:94:
da:ff:c7:78:1a:59:59:bc:bb:1c:ca:c1:b4:f4:49:
b2:ed:35:51:b3:66:14:de:ac:f9:a4:fe:c7:34:76:
27:4c:9e:68:35:a5:59:05:98:06:74:65:93:c3:32:
f1:1d:c0:f8:33:68:3e:fa:3c:8b:ff:f1:53:de:ff:
99:e8:a7:48:e9:f3:a3:bc:94:34:46:3e:24:0c:ad:
98:41:7c:2e:4c:47:e7:9b:1f:05:d6:b1:ca:ea:6f:
f8:e1:0d:d2:9f:3f:a1:67:78:a8:9e:08:c4:37:9c:
f4:4e:5c:ae:13:86:6b:77:20:06:3b:45:38:eb:6c:
37:83:60:c1:a0:05:12:cf:12:b9:45:64:33:0b:ad:
a8:31:80:83:5f:09:a6:67:e3:9e:f1:d8:5a:3a:c6:
72:e2:00:f7:52:cb:3f:9e:bb:68:66:40:1c:cc:81:
7c:bb:0e:0a:b7:d5:a3:be:df:52:04:ad:8a:a7:88:
37:d5:7e:40:f3:c8:10:58:65:3d:fb:c3:7f:f6:d9:
a4:58:db:82:87:10:3c:ef:fb:3c:45:cf:4e:cc:78:
6e:91:00:7e:04:6f:e4:84:33:3d:65:65:97:97:c6:
71:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:75:6A:C0:EF:E7:A8:7F:59:AD:8C:ED:A6:B6:FA:58:2F:50:DA:78
X509v3 Authority Key Identifier:
keyid:D4:47:4C:1C:06:CB:FD:E9:46:14:D6:5C:7D:05:F6:14:A6:E2:39:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1EdMHAbL_elGFNZcfQX2FKbiOZg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/d75759-8dcb-4532-8bfe-5b688acdb676/1/vHVqwO_nqH9ZrYztprb6WC9Q2ng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/d75759-8dcb-4532-8bfe-5b688acdb676/1/1EdMHAbL_elGFNZcfQX2FKbiOZg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.59.120.0/22
Signature Algorithm: sha256WithRSAEncryption
62:a5:78:8f:19:e7:86:35:ed:87:18:c5:42:5e:20:f0:6b:e5:
cd:3e:18:ff:c3:6f:6c:13:66:08:94:b1:e6:7c:f8:85:60:cf:
8a:fc:34:1d:1f:1c:16:69:03:99:c4:59:f1:df:5e:fc:6d:bb:
cf:87:e7:37:b5:43:64:c1:d4:6c:da:c9:bb:ff:80:ce:70:67:
0a:39:5d:10:99:bc:77:28:55:20:29:ad:42:56:b8:21:96:73:
09:b4:38:d0:e3:8a:68:b5:d6:f3:46:9f:b5:fb:f7:b1:8d:1f:
58:19:c8:72:75:9f:f4:52:dc:89:b6:77:08:8a:2e:d1:87:98:
7f:83:d2:94:2d:05:e7:7e:8a:3a:84:e9:2b:ab:61:27:68:e6:
69:6f:ce:3b:9f:ac:3f:d1:c6:7a:cf:50:5f:42:e2:55:4b:e0:
3b:31:a9:6c:e9:9f:0c:58:f7:65:aa:cd:33:7b:6d:18:5c:af:
5a:85:88:0f:d6:4a:de:5e:ef:bb:85:ab:e8:60:58:ed:a8:90:
7c:5f:ff:68:03:b2:10:0c:8c:5b:d2:03:19:05:b5:dc:5a:82:
53:c2:d5:71:c2:56:ff:f2:7d:81:68:af:c1:48:2f:aa:6c:64:
d4:a6:ae:f1:de:67:63:33:f9:71:b6:56:eb:e2:ea:f7:b8:59:
6e:c3:3e:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+lMJL2jzmjWMke9HoAvnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NDc0YzFjMDZjYmZkZTk0NjE0ZDY1YzdkMDVmNjE0YTZl
MjM5OTgwHhcNMjUwMTAxMDM0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzc1NmFjMGVmZTdhODdmNTlhZDhjZWRhNmI2ZmE1ODJmNTBkYTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAwLg9qRLzi3bTd3O7leixsSB/PU
+a8CsV22FZTa/8d4GllZvLscysG09Emy7TVRs2YU3qz5pP7HNHYnTJ5oNaVZBZgG
dGWTwzLxHcD4M2g++jyL//FT3v+Z6KdI6fOjvJQ0Rj4kDK2YQXwuTEfnmx8F1rHK
6m/44Q3Snz+hZ3iongjEN5z0TlyuE4ZrdyAGO0U462w3g2DBoAUSzxK5RWQzC62o
MYCDXwmmZ+Oe8dhaOsZy4gD3Uss/nrtoZkAczIF8uw4Kt9Wjvt9SBK2Kp4g31X5A
88gQWGU9+8N/9tmkWNuChxA87/s8Rc9OzHhukQB+BG/khDM9ZWWXl8ZxhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLx1asDv56h/Wa2M7aa2+lgvUNp4MB8GA1UdIwQY
MBaAFNRHTBwGy/3pRhTWXH0F9hSm4jmYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUVkTUhBYkxfZWxHRk5aY2ZRWDJGS2JpT1pnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9kNzU3NTktOGRjYi00NTMyLThiZmUt
NWI2ODhhY2RiNjc2LzEvdkhWcXdPX25xSDlacll6dHByYjZXQzlRMm5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9kNzU3NTktOGRjYi00NTMyLThiZmUtNWI2ODhhY2RiNjc2
LzEvMUVkTUhBYkxfZWxHRk5aY2ZRWDJGS2JpT1pnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTt4MA0G
CSqGSIb3DQEBCwUAA4IBAQBipXiPGeeGNe2HGMVCXiDwa+XNPhj/w29sE2YIlLHm
fPiFYM+K/DQdHxwWaQOZxFnx3178bbvPh+c3tUNkwdRs2sm7/4DOcGcKOV0Qmbx3
KFUgKa1CVrghlnMJtDjQ44potdbzRp+1+/exjR9YGchydZ/0UtyJtncIii7Rh5h/
g9KULQXnfoo6hOkrq2EnaOZpb847n6w/0cZ6z1BfQuJVS+A7Mals6Z8MWPdlqs0z
e20YXK9ahYgP1kreXu+7havoYFjtqJB8X/9oA7IQDIxb0gMZBbXcWoJTwtVxwlb/
8n2BaK/BSC+qbGTUpq7x3mdjM/lxtlbr4ur3uFluwz68
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:57:00 2025 by rpki-client