Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/054d47-a112-48c6-b4aa-fb1942b5aff4/1/1-9t0f5pWOLIrwK_cL4cCfcUs--g.roa
File: 1-9t0f5pWOLIrwK_cL4cCfcUs--g.roa (raw, json)
Hash identifier: e1mtbJ2ht6De/xDwLJN90SOW2t+nYcE6pdn+FIjcDXQ=
Subject key identifier: FB:DB:74:7F:9A:56:38:B2:2B:C0:AF:DC:2F:87:02:7D:C5:2C:FB:E8
Certificate issuer: /CN=032b8c544e0debcfd6d7554d1595f044c2050783
Certificate serial: 019425FC22FE5647CC8C2CE495FEA112351B
Authority key identifier: 03:2B:8C:54:4E:0D:EB:CF:D6:D7:55:4D:15:95:F0:44:C2:05:07:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AyuMVE4N68_W11VNFZXwRMIFB4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/054d47-a112-48c6-b4aa-fb1942b5aff4/1/1-9t0f5pWOLIrwK_cL4cCfcUs--g.roa
Signing time: Thu 02 Jan 2025 07:47:48 +0000
ROA not before: Thu 02 Jan 2025 07:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201629
IP address blocks: 185.68.12.0/22 maxlen: 22
185.68.12.0/24 maxlen: 24
185.68.13.0/24 maxlen: 24
185.68.14.0/24 maxlen: 24
185.68.15.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:22:fe:56:47:cc:8c:2c:e4:95:fe:a1:12:35:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=032b8c544e0debcfd6d7554d1595f044c2050783
Validity
Not Before: Jan 2 07:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fbdb747f9a5638b22bc0afdc2f87027dc52cfbe8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a2:5b:67:d3:24:14:d5:bc:e6:99:c4:51:ba:
ef:63:97:69:46:f5:91:8f:6e:80:3d:ea:8d:20:80:
88:aa:2d:ce:04:6e:b8:cf:2c:70:a5:2d:bf:c1:08:
b8:13:5e:51:e1:7b:f3:ed:81:29:d8:93:fb:1a:89:
a1:3d:e4:5d:86:9c:65:22:b1:0d:be:29:8a:c1:47:
5d:66:5c:6f:5e:9b:82:8a:24:2d:8b:44:7a:9e:43:
f2:fd:32:7b:ab:ef:ce:26:ea:ce:72:33:89:0d:97:
e9:aa:62:91:3b:b7:1f:3b:2b:dc:b1:81:e4:1b:b2:
ee:dc:15:52:5f:07:45:1d:b3:96:ba:a1:4e:d9:a5:
ad:68:0e:a0:de:cf:e6:d3:e1:4b:a1:91:ed:73:5c:
f8:19:e8:7c:10:72:b4:b4:fd:b6:05:e7:01:5d:3b:
55:01:24:a2:4d:a1:45:6e:45:aa:2b:a6:a4:de:3d:
df:3f:b2:aa:5f:5a:8d:d1:14:fa:9e:92:1b:1e:4f:
6c:d5:9f:86:ba:09:e3:9b:d3:af:c9:b0:00:b5:3a:
f8:30:15:47:f8:d5:04:4a:44:82:70:64:33:87:ff:
49:19:01:52:d3:81:10:09:0b:f5:b6:63:e6:12:21:
5d:39:51:7b:bb:56:de:b5:38:a4:49:34:3b:c7:99:
f9:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:DB:74:7F:9A:56:38:B2:2B:C0:AF:DC:2F:87:02:7D:C5:2C:FB:E8
X509v3 Authority Key Identifier:
keyid:03:2B:8C:54:4E:0D:EB:CF:D6:D7:55:4D:15:95:F0:44:C2:05:07:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AyuMVE4N68_W11VNFZXwRMIFB4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/054d47-a112-48c6-b4aa-fb1942b5aff4/1/1-9t0f5pWOLIrwK_cL4cCfcUs--g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/054d47-a112-48c6-b4aa-fb1942b5aff4/1/AyuMVE4N68_W11VNFZXwRMIFB4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.12.0/22
Signature Algorithm: sha256WithRSAEncryption
07:fa:dd:42:a0:82:8a:5e:e5:94:c5:7a:18:cf:57:14:1c:e2:
ca:84:65:37:89:6a:29:2d:2a:8e:12:85:02:4a:e8:b8:ef:e6:
b3:66:c8:82:e0:e8:ad:3f:ef:39:2a:9c:64:b4:97:79:07:94:
d9:3b:d5:8f:81:69:fc:8b:58:fc:be:ef:70:5f:66:46:56:28:
9a:b7:5d:d8:90:b5:47:22:75:bb:9f:2e:4b:71:04:30:95:67:
1e:72:49:a5:b3:28:10:a2:70:e4:a2:22:b6:dd:91:75:ee:6b:
10:1e:df:22:ea:31:36:80:0c:1c:8b:73:b6:99:1b:80:dd:35:
9c:7a:c7:b0:0b:6b:56:33:02:03:37:af:b1:1a:35:a5:fc:03:
31:82:0d:62:56:ed:5d:b8:93:d2:bc:1f:8e:2d:60:ee:3d:36:
0b:6c:27:e2:d4:00:9e:5e:a3:c4:2c:3b:d7:78:68:fd:2f:24:
96:b4:c9:88:00:d6:cb:55:47:64:76:34:43:14:64:bc:fe:43:
63:9d:13:1c:51:8e:d8:29:be:ce:8f:4f:d1:e3:65:39:c9:a6:
41:7a:1a:a2:6d:4e:8c:03:a1:05:71:b6:02:4a:1b:fa:4a:f0:
e9:ee:b4:d1:fa:6b:5d:eb:20:1f:10:69:b6:e0:7c:81:4e:3c:
50:79:c3:03
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQl/CL+VkfMjCzklf6hEjUbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMmI4YzU0NGUwZGViY2ZkNmQ3NTU0ZDE1OTVmMDQ0YzIw
NTA3ODMwHhcNMjUwMTAyMDc0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmRiNzQ3ZjlhNTYzOGIyMmJjMGFmZGMyZjg3MDI3ZGM1MmNmYmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKJbZ9MkFNW85pnEUbrvY5dpRvWR
j26APeqNIICIqi3OBG64zyxwpS2/wQi4E15R4Xvz7YEp2JP7GomhPeRdhpxlIrEN
vimKwUddZlxvXpuCiiQti0R6nkPy/TJ7q+/OJurOcjOJDZfpqmKRO7cfOyvcsYHk
G7Lu3BVSXwdFHbOWuqFO2aWtaA6g3s/m0+FLoZHtc1z4Geh8EHK0tP22BecBXTtV
ASSiTaFFbkWqK6ak3j3fP7KqX1qN0RT6npIbHk9s1Z+Gugnjm9OvybAAtTr4MBVH
+NUESkSCcGQzh/9JGQFS04EQCQv1tmPmEiFdOVF7u1betTikSTQ7x5n5bwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPvbdH+aVjiyK8Cv3C+HAn3FLPvoMB8GA1UdIwQY
MBaAFAMrjFRODevP1tdVTRWV8ETCBQeDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXl1TVZFNE42OF9XMTFWTkZaWHdSTUlGQjRNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8wNTRkNDctYTExMi00OGM2LWI0YWEt
ZmIxOTQyYjVhZmY0LzEvMS05dDBmNXBXT0xJcndLX2NMNGNDZmNVcy0tZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTEvMDU0ZDQ3LWExMTItNDhjNi1iNGFhLWZiMTk0MmI1YWZm
NC8xL0F5dU1WRTRONjhfVzExVk5GWlh3Uk1JRkI0TS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlEDDAN
BgkqhkiG9w0BAQsFAAOCAQEAB/rdQqCCil7llMV6GM9XFBziyoRlN4lqKS0qjhKF
AkrouO/ms2bIguDorT/vOSqcZLSXeQeU2TvVj4Fp/ItY/L7vcF9mRlYomrdd2JC1
RyJ1u58uS3EEMJVnHnJJpbMoEKJw5KIitt2Rde5rEB7fIuoxNoAMHItztpkbgN01
nHrHsAtrVjMCAzevsRo1pfwDMYINYlbtXbiT0rwfji1g7j02C2wn4tQAnl6jxCw7
13ho/S8klrTJiADWy1VHZHY0QxRkvP5DY50THFGO2Cm+zo9P0eNlOcmmQXoaom1O
jAOhBXG2Akob+krw6e600fprXesgHxBptuB8gU48UHnDAw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:19:21 2025 by rpki-client