Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/3c5ddd-d621-4dd0-ad67-98d9046694e7/1/XOdvLraV2qR3zq976W5c3J9zPFs.roa
File: XOdvLraV2qR3zq976W5c3J9zPFs.roa (raw, json)
Hash identifier: bgSJB/XwiNZRaO9bNHldSaleJhQexHKIWnqzJX66Ook=
Subject key identifier: 5C:E7:6F:2E:B6:95:DA:A4:77:CE:AF:7B:E9:6E:5C:DC:9F:73:3C:5B
Certificate issuer: /CN=3ee93eb7d4b5baff7206855b14e0ee586113d09f
Certificate serial: 019421B23647F4F91B54D329AA95DBB24512
Authority key identifier: 3E:E9:3E:B7:D4:B5:BA:FF:72:06:85:5B:14:E0:EE:58:61:13:D0:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Puk-t9S1uv9yBoVbFODuWGET0J8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/3c5ddd-d621-4dd0-ad67-98d9046694e7/1/XOdvLraV2qR3zq976W5c3J9zPFs.roa
Signing time: Wed 01 Jan 2025 11:48:34 +0000
ROA not before: Wed 01 Jan 2025 11:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212849
IP address blocks: 185.120.142.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:36:47:f4:f9:1b:54:d3:29:aa:95:db:b2:45:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ee93eb7d4b5baff7206855b14e0ee586113d09f
Validity
Not Before: Jan 1 11:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ce76f2eb695daa477ceaf7be96e5cdc9f733c5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a0:0b:f5:26:60:be:4b:42:8d:36:41:95:15:
b0:38:d4:1b:a6:57:f2:2e:99:18:5f:71:ab:75:5d:
be:c5:58:8f:54:92:ca:8d:42:55:e7:91:d7:ef:8b:
01:2c:2c:9c:73:03:9d:36:b6:93:d8:f9:83:47:40:
af:52:be:3f:ec:9f:4a:2b:45:1f:c8:a9:68:b6:b5:
79:ff:d3:b4:10:b7:76:22:c2:2d:32:20:dc:b9:23:
4b:b8:ce:63:26:a1:ea:42:f9:91:f5:42:d1:ee:ae:
a0:37:77:59:db:14:8c:e3:b8:5d:20:f9:80:2f:76:
61:30:5e:09:ee:6c:2a:06:d6:99:af:47:8d:fb:34:
c5:6f:c7:b1:02:3c:48:4a:28:3d:3f:25:48:97:78:
96:69:fd:ef:24:29:23:49:4a:ba:a4:0d:0a:1f:e7:
b1:31:78:3e:44:8b:c1:cf:f9:ea:be:78:ae:b6:ae:
d1:69:30:cc:a8:ce:b1:57:0c:03:bf:06:c1:99:87:
c6:ce:fe:52:ad:7f:96:cb:17:95:03:6b:e8:e6:89:
63:d8:2c:d5:04:20:dd:e1:07:e9:00:72:00:b8:7f:
6f:0e:a8:7d:86:9a:c4:f0:78:7b:21:55:e1:f0:07:
ca:8c:d4:f6:e1:62:4e:5d:cd:cb:65:b9:f2:f7:ab:
72:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:E7:6F:2E:B6:95:DA:A4:77:CE:AF:7B:E9:6E:5C:DC:9F:73:3C:5B
X509v3 Authority Key Identifier:
keyid:3E:E9:3E:B7:D4:B5:BA:FF:72:06:85:5B:14:E0:EE:58:61:13:D0:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Puk-t9S1uv9yBoVbFODuWGET0J8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/3c5ddd-d621-4dd0-ad67-98d9046694e7/1/XOdvLraV2qR3zq976W5c3J9zPFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/3c5ddd-d621-4dd0-ad67-98d9046694e7/1/Puk-t9S1uv9yBoVbFODuWGET0J8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.142.0/24
Signature Algorithm: sha256WithRSAEncryption
48:90:fd:e4:38:ee:a2:9f:62:72:e5:0c:ad:fc:34:2d:c5:cc:
a4:fe:43:64:5b:94:7e:04:18:b4:1a:8e:b7:53:86:d6:35:f3:
6d:93:b8:92:20:44:af:e0:c7:fb:8b:e4:6c:f1:e5:eb:9f:83:
66:b6:d3:c4:34:ec:26:5d:49:03:b2:de:5d:a4:4e:e4:e4:a0:
3f:b1:68:ae:a4:b7:b1:1e:d0:94:8d:f9:a7:d2:d6:df:7f:42:
61:36:74:48:ca:a1:be:54:57:b5:18:1d:7d:7d:94:ab:bd:e4:
2c:21:89:20:2d:43:58:d7:fc:a8:61:25:56:6f:62:3e:34:0a:
d4:08:a0:4d:5d:d5:15:88:b1:c5:9b:53:8a:07:79:41:03:29:
11:b8:cc:63:1c:f5:11:5d:b0:65:30:02:bd:9f:a2:57:26:b0:
72:9b:48:0d:dd:97:03:56:00:b2:e8:43:ed:0f:3b:2d:94:b0:
b5:99:0f:cc:9e:d4:6d:3a:6f:f1:d5:da:57:cd:8f:47:dd:24:
0d:cb:06:43:48:3d:50:ed:8f:2b:b2:d6:22:7f:18:4a:58:0f:
8f:30:ce:3c:10:fe:cc:43:c9:39:9e:be:2d:c0:76:cd:1c:aa:
9c:69:bd:56:13:67:fe:50:bc:a4:66:a9:79:ef:24:d4:be:b8:
67:bd:48:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsjZH9PkbVNMpqpXbskUSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZTkzZWI3ZDRiNWJhZmY3MjA2ODU1YjE0ZTBlZTU4NjEx
M2QwOWYwHhcNMjUwMTAxMTE0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2U3NmYyZWI2OTVkYWE0NzdjZWFmN2JlOTZlNWNkYzlmNzMzYzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKAL9SZgvktCjTZBlRWwONQbplfy
LpkYX3GrdV2+xViPVJLKjUJV55HX74sBLCyccwOdNraT2PmDR0CvUr4/7J9KK0Uf
yKlotrV5/9O0ELd2IsItMiDcuSNLuM5jJqHqQvmR9ULR7q6gN3dZ2xSM47hdIPmA
L3ZhMF4J7mwqBtaZr0eN+zTFb8exAjxISig9PyVIl3iWaf3vJCkjSUq6pA0KH+ex
MXg+RIvBz/nqvniutq7RaTDMqM6xVwwDvwbBmYfGzv5SrX+WyxeVA2vo5olj2CzV
BCDd4QfpAHIAuH9vDqh9hprE8Hh7IVXh8AfKjNT24WJOXc3LZbny96tycwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFznby62ldqkd86ve+luXNyfczxbMB8GA1UdIwQY
MBaAFD7pPrfUtbr/cgaFWxTg7lhhE9CfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHVrLXQ5UzF1djl5Qm9WYkZPRHVXR0VUMEo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS8zYzVkZGQtZDYyMS00ZGQwLWFkNjct
OThkOTA0NjY5NGU3LzEvWE9kdkxyYVYycVIzenE5NzZXNWMzSjl6UEZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS8zYzVkZGQtZDYyMS00ZGQwLWFkNjctOThkOTA0NjY5NGU3
LzEvUHVrLXQ5UzF1djl5Qm9WYkZPRHVXR0VUMEo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXiOMA0G
CSqGSIb3DQEBCwUAA4IBAQBIkP3kOO6in2Jy5Qyt/DQtxcyk/kNkW5R+BBi0Go63
U4bWNfNtk7iSIESv4Mf7i+Rs8eXrn4NmttPENOwmXUkDst5dpE7k5KA/sWiupLex
HtCUjfmn0tbff0JhNnRIyqG+VFe1GB19fZSrveQsIYkgLUNY1/yoYSVWb2I+NArU
CKBNXdUViLHFm1OKB3lBAykRuMxjHPURXbBlMAK9n6JXJrBym0gN3ZcDVgCy6EPt
DzstlLC1mQ/MntRtOm/x1dpXzY9H3SQNywZDSD1Q7Y8rstYifxhKWA+PMM48EP7M
Q8k5nr4twHbNHKqcab1WE2f+ULykZql57yTUvrhnvUgE
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:16:35 2025 by rpki-client