Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/64d313-644c-4b9f-811a-38a5c9105cc5/1/t3EOhCqhRV2WckdeZdMmZde2sco.roa
File: t3EOhCqhRV2WckdeZdMmZde2sco.roa (raw, json)
Hash identifier: 9YigDUievW+JnsoS3fARTo39jCVhAjMEThq2WY+OCkQ=
Subject key identifier: B7:71:0E:84:2A:A1:45:5D:96:72:47:5E:65:D3:26:65:D7:B6:B1:CA
Certificate issuer: /CN=570cdd1732e5643a15eed9ee77e1394b80242548
Certificate serial: 01942143C92958A839B1E00DB4E6A327DA05
Authority key identifier: 57:0C:DD:17:32:E5:64:3A:15:EE:D9:EE:77:E1:39:4B:80:24:25:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VwzdFzLlZDoV7tnud-E5S4AkJUg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/64d313-644c-4b9f-811a-38a5c9105cc5/1/t3EOhCqhRV2WckdeZdMmZde2sco.roa
Signing time: Wed 01 Jan 2025 09:47:58 +0000
ROA not before: Wed 01 Jan 2025 09:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212693
IP address blocks: 185.175.89.0/24 maxlen: 24
2a10:4440::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:c9:29:58:a8:39:b1:e0:0d:b4:e6:a3:27:da:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=570cdd1732e5643a15eed9ee77e1394b80242548
Validity
Not Before: Jan 1 09:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b7710e842aa1455d9672475e65d32665d7b6b1ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ff:ad:25:e8:e9:95:0b:4d:9d:24:62:49:b2:
54:ca:3c:99:48:f5:b2:8f:e5:15:56:79:93:23:49:
95:c7:8b:54:1c:47:3c:8c:11:56:d2:7b:d7:ed:5a:
bc:de:ec:ac:e8:fa:31:ca:10:2a:0b:c4:7b:81:1d:
ad:9d:c9:4c:6b:6e:17:38:36:11:15:e0:3d:2f:ac:
07:56:dd:5b:66:7a:e7:77:b3:e0:d4:71:03:6a:ea:
29:2e:88:57:7e:47:b3:65:a2:89:8b:9b:8a:a5:6a:
b9:3a:c4:d6:f5:bc:d8:da:f5:f3:70:bd:42:43:41:
bb:56:51:70:3b:99:c9:24:57:f1:ba:d5:57:97:dd:
ef:0a:99:45:cf:27:3a:48:70:09:4c:ab:1c:30:9f:
90:8b:dc:80:0d:1a:0b:ae:ed:e0:e0:0d:96:b8:bf:
88:bf:54:96:72:17:37:a6:bd:9c:a5:a6:73:c6:d9:
ca:b7:73:67:70:1c:67:1d:f3:ab:07:08:0a:41:eb:
d4:ac:c6:b7:a7:13:10:a2:43:13:bf:fc:36:19:d9:
2e:bc:52:eb:1b:62:e4:8c:16:4d:67:83:27:b1:83:
1c:de:5d:27:70:f8:5f:91:55:4e:13:c6:57:8e:27:
a1:7a:2e:6f:a1:b7:97:39:98:dd:f6:48:9c:88:9d:
3d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:71:0E:84:2A:A1:45:5D:96:72:47:5E:65:D3:26:65:D7:B6:B1:CA
X509v3 Authority Key Identifier:
keyid:57:0C:DD:17:32:E5:64:3A:15:EE:D9:EE:77:E1:39:4B:80:24:25:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VwzdFzLlZDoV7tnud-E5S4AkJUg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/64d313-644c-4b9f-811a-38a5c9105cc5/1/t3EOhCqhRV2WckdeZdMmZde2sco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/64d313-644c-4b9f-811a-38a5c9105cc5/1/VwzdFzLlZDoV7tnud-E5S4AkJUg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.175.89.0/24
IPv6:
2a10:4440::/29
Signature Algorithm: sha256WithRSAEncryption
75:e3:58:6c:0b:f1:38:48:82:3e:ad:1f:42:f7:31:b1:4b:47:
15:2b:03:4c:32:c0:53:92:c7:f0:f4:17:e6:e1:69:6a:67:af:
28:3a:d5:b8:d8:53:71:7d:d1:71:c4:2c:38:3a:8a:2d:05:b7:
d6:56:46:ce:11:1a:09:35:55:87:8d:b8:9b:c4:1f:3b:f7:77:
ac:60:6c:a7:81:bb:c3:93:62:db:17:94:e3:34:27:3e:9b:f3:
3d:e7:43:df:2e:ff:5d:01:8b:bc:fd:8a:88:29:89:5a:f4:19:
2a:1d:12:c9:96:65:44:0b:fa:80:c2:a2:75:0c:f1:06:a9:f9:
11:a3:e2:b9:0e:61:a5:1e:35:e3:d3:4e:ee:3f:33:1c:c9:ca:
3c:5c:e2:8c:e9:4f:53:1e:f8:52:07:b3:13:cb:70:20:38:09:
ed:8a:ad:db:4c:5a:93:56:c8:64:46:f7:7a:fe:4c:69:26:d5:
d0:8f:7b:b0:cb:31:1b:2d:1f:03:de:03:e4:c3:1f:7e:b5:89:
92:59:9b:cf:cb:6d:e1:82:c3:24:a0:f9:8f:04:ed:31:08:ec:
8c:32:70:74:d2:47:84:b4:1d:8d:ad:3a:41:55:14:cc:90:66:
80:a9:78:7b:a2:5d:5e:53:01:e7:df:0c:52:d2:93:84:b8:f5:
c5:08:1c:ab
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhQ8kpWKg5seANtOajJ9oFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MGNkZDE3MzJlNTY0M2ExNWVlZDllZTc3ZTEzOTRiODAy
NDI1NDgwHhcNMjUwMTAxMDk0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzcxMGU4NDJhYTE0NTVkOTY3MjQ3NWU2NWQzMjY2NWQ3YjZiMWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxv+tJejplQtNnSRiSbJUyjyZSPWy
j+UVVnmTI0mVx4tUHEc8jBFW0nvX7Vq83uys6PoxyhAqC8R7gR2tnclMa24XODYR
FeA9L6wHVt1bZnrnd7Pg1HEDauopLohXfkezZaKJi5uKpWq5OsTW9bzY2vXzcL1C
Q0G7VlFwO5nJJFfxutVXl93vCplFzyc6SHAJTKscMJ+Qi9yADRoLru3g4A2WuL+I
v1SWchc3pr2cpaZzxtnKt3NncBxnHfOrBwgKQevUrMa3pxMQokMTv/w2GdkuvFLr
G2LkjBZNZ4MnsYMc3l0ncPhfkVVOE8ZXjiehei5vobeXOZjd9kiciJ09QwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLdxDoQqoUVdlnJHXmXTJmXXtrHKMB8GA1UdIwQY
MBaAFFcM3Rcy5WQ6Fe7Z7nfhOUuAJCVIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnd6ZEZ6TGxaRG9WN3RudWQtRTVTNEFrSlVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My82NGQzMTMtNjQ0Yy00YjlmLTgxMWEt
MzhhNWM5MTA1Y2M1LzEvdDNFT2hDcWhSVjJXY2tkZVpkTW1aZGUyc2NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My82NGQzMTMtNjQ0Yy00YjlmLTgxMWEtMzhhNWM5MTA1Y2M1
LzEvVnd6ZEZ6TGxaRG9WN3RudWQtRTVTNEFrSlVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAua9ZMA0E
AgACMAcDBQMqEERAMA0GCSqGSIb3DQEBCwUAA4IBAQB141hsC/E4SII+rR9C9zGx
S0cVKwNMMsBTksfw9Bfm4WlqZ68oOtW42FNxfdFxxCw4OootBbfWVkbOERoJNVWH
jbibxB8793esYGyngbvDk2LbF5TjNCc+m/M950PfLv9dAYu8/YqIKYla9BkqHRLJ
lmVEC/qAwqJ1DPEGqfkRo+K5DmGlHjXj007uPzMcyco8XOKM6U9THvhSB7MTy3Ag
OAntiq3bTFqTVshkRvd6/kxpJtXQj3uwyzEbLR8D3gPkwx9+tYmSWZvPy23hgsMk
oPmPBO0xCOyMMnB00keEtB2NrTpBVRTMkGaAqXh7ol1eUwHn3wxS0pOEuPXFCByr
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:50:44 2025 by rpki-client