Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/02cccd-0433-4330-981c-c672d673686f/1/D3QeUsU8Q-1bY74EwK2MA0No9Ew.roa
File: D3QeUsU8Q-1bY74EwK2MA0No9Ew.roa (raw, json)
Hash identifier: N97kcfMNA4uFpsheDLzM7+Nl7AAF28L1BPIs41yYMZY=
Subject key identifier: 0F:74:1E:52:C5:3C:43:ED:5B:63:BE:04:C0:AD:8C:03:43:68:F4:4C
Certificate issuer: /CN=579353cb42e0c4fba5cae253a5768bc1f2465b99
Certificate serial: 01942143FDA26AB7A9A562D938993F75D800
Authority key identifier: 57:93:53:CB:42:E0:C4:FB:A5:CA:E2:53:A5:76:8B:C1:F2:46:5B:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V5NTy0LgxPulyuJTpXaLwfJGW5k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/02cccd-0433-4330-981c-c672d673686f/1/D3QeUsU8Q-1bY74EwK2MA0No9Ew.roa
Signing time: Wed 01 Jan 2025 09:48:11 +0000
ROA not before: Wed 01 Jan 2025 09:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48728
IP address blocks: 185.25.12.0/23 maxlen: 23
185.25.14.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:fd:a2:6a:b7:a9:a5:62:d9:38:99:3f:75:d8:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=579353cb42e0c4fba5cae253a5768bc1f2465b99
Validity
Not Before: Jan 1 09:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f741e52c53c43ed5b63be04c0ad8c034368f44c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:92:a0:8a:23:f2:49:66:bd:1d:00:1f:f1:a1:
f0:0f:26:04:1a:7a:58:05:6e:05:98:d5:fa:46:f9:
75:5e:74:64:e8:fd:c9:bc:c5:52:95:2e:ed:e2:3b:
2f:1c:51:3b:a7:82:bb:82:b1:dd:f6:bc:ef:2b:f6:
cd:f7:35:4c:1f:f9:39:6e:0b:ba:8c:78:4d:cb:01:
d7:c4:65:7b:5c:f1:59:84:24:dc:51:83:94:70:d8:
fd:95:aa:ad:41:ce:6b:73:ec:a9:a7:11:f9:6b:ff:
4f:b9:b6:9a:18:4f:8b:af:55:8f:66:0a:c2:b1:0b:
8a:21:ec:37:b1:09:ea:04:fc:09:fb:07:93:5b:0c:
1b:6e:13:be:a7:89:43:6b:d1:ff:b6:25:53:e6:f3:
d9:d1:b1:59:2e:f6:81:7f:1d:ca:4e:a8:fa:4b:e2:
be:fd:ba:f6:e4:2a:80:de:0e:05:80:66:82:9c:3f:
e4:3e:c7:0d:9e:b5:6c:cf:f4:2f:61:ba:45:7a:dd:
32:49:cf:55:c1:8c:a5:d2:62:2e:cb:d9:ef:8b:e0:
75:58:10:3d:93:ee:bc:85:2d:63:29:9e:02:a8:de:
b5:52:61:a0:76:41:d4:72:23:48:dd:4c:b8:83:04:
de:5c:9d:78:d1:dd:32:c2:65:00:2e:34:51:cf:e8:
cd:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:74:1E:52:C5:3C:43:ED:5B:63:BE:04:C0:AD:8C:03:43:68:F4:4C
X509v3 Authority Key Identifier:
keyid:57:93:53:CB:42:E0:C4:FB:A5:CA:E2:53:A5:76:8B:C1:F2:46:5B:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5NTy0LgxPulyuJTpXaLwfJGW5k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/02cccd-0433-4330-981c-c672d673686f/1/D3QeUsU8Q-1bY74EwK2MA0No9Ew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/02cccd-0433-4330-981c-c672d673686f/1/V5NTy0LgxPulyuJTpXaLwfJGW5k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.12.0/22
Signature Algorithm: sha256WithRSAEncryption
26:5a:86:11:b9:ef:cf:a5:43:33:b1:4d:55:53:cb:72:d0:b6:
e5:02:94:5c:d1:58:10:bc:e6:8e:28:40:a7:94:88:4d:ec:2b:
7c:5e:66:e5:4b:dc:77:13:24:49:9b:60:35:be:fd:5e:b1:90:
2d:06:e5:27:55:06:2f:2b:2f:77:a7:f6:42:64:e1:12:de:63:
bb:48:21:8b:cf:27:1b:e1:66:44:59:41:70:09:51:6c:40:93:
da:69:67:c0:a4:87:cb:c9:bb:9f:d5:47:9d:66:98:e4:d6:fb:
0c:a8:07:5b:62:5c:14:da:d1:50:ce:48:0e:dd:4d:11:6b:e0:
40:43:48:af:51:b3:bf:e3:0e:36:87:3f:1b:a5:23:29:f4:be:
11:9b:e8:8e:90:20:2c:fd:ca:a7:82:a1:ae:54:6d:af:1e:cb:
64:d2:55:d1:37:9d:09:21:1c:c8:ff:47:c4:6e:7f:1f:af:03:
d3:6e:7f:ea:99:db:fa:d6:b2:c5:f5:f5:1a:3c:fe:2d:8d:f6:
9d:18:de:5f:73:9d:87:ac:9a:ca:49:d1:61:82:13:51:0c:73:
a1:b2:9f:3a:7f:b2:f4:0c:4f:b3:ba:89:69:b6:64:8c:16:72:
e1:e6:31:dd:d5:d2:fb:79:b4:75:b6:90:75:96:25:39:84:d7:
2d:8a:61:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ/2iareppWLZOJk/ddgAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OTM1M2NiNDJlMGM0ZmJhNWNhZTI1M2E1NzY4YmMxZjI0
NjViOTkwHhcNMjUwMTAxMDk0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjc0MWU1MmM1M2M0M2VkNWI2M2JlMDRjMGFkOGMwMzQzNjhmNDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZKgiiPySWa9HQAf8aHwDyYEGnpY
BW4FmNX6Rvl1XnRk6P3JvMVSlS7t4jsvHFE7p4K7grHd9rzvK/bN9zVMH/k5bgu6
jHhNywHXxGV7XPFZhCTcUYOUcNj9laqtQc5rc+yppxH5a/9PubaaGE+Lr1WPZgrC
sQuKIew3sQnqBPwJ+weTWwwbbhO+p4lDa9H/tiVT5vPZ0bFZLvaBfx3KTqj6S+K+
/br25CqA3g4FgGaCnD/kPscNnrVsz/QvYbpFet0ySc9VwYyl0mIuy9nvi+B1WBA9
k+68hS1jKZ4CqN61UmGgdkHUciNI3Uy4gwTeXJ140d0ywmUALjRRz+jNMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA90HlLFPEPtW2O+BMCtjANDaPRMMB8GA1UdIwQY
MBaAFFeTU8tC4MT7pcriU6V2i8HyRluZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjVOVHkwTGd4UHVseXVKVHBYYUx3ZkpHVzVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8wMmNjY2QtMDQzMy00MzMwLTk4MWMt
YzY3MmQ2NzM2ODZmLzEvRDNRZVVzVThRLTFiWTc0RXdLMk1BME5vOUV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8wMmNjY2QtMDQzMy00MzMwLTk4MWMtYzY3MmQ2NzM2ODZm
LzEvVjVOVHkwTGd4UHVseXVKVHBYYUx3ZkpHVzVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRkMMA0G
CSqGSIb3DQEBCwUAA4IBAQAmWoYRue/PpUMzsU1VU8ty0LblApRc0VgQvOaOKECn
lIhN7Ct8XmblS9x3EyRJm2A1vv1esZAtBuUnVQYvKy93p/ZCZOES3mO7SCGLzycb
4WZEWUFwCVFsQJPaaWfApIfLybuf1UedZpjk1vsMqAdbYlwU2tFQzkgO3U0Ra+BA
Q0ivUbO/4w42hz8bpSMp9L4Rm+iOkCAs/cqngqGuVG2vHstk0lXRN50JIRzI/0fE
bn8frwPTbn/qmdv61rLF9fUaPP4tjfadGN5fc52HrJrKSdFhghNRDHOhsp86f7L0
DE+zuolptmSMFnLh5jHd1dL7ebR1tpB1liU5hNctimFI
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:29:10 2025 by rpki-client