Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/344e2c-1c56-43ab-8108-eaf68b59e599/1/DC68jaJzKs4sWOyzS3O5wTgtZNE.roa
File: DC68jaJzKs4sWOyzS3O5wTgtZNE.roa (raw, json)
Hash identifier: 1O1Vjs/w38AlpgFvrtScFHTsBaANSIlvVfPi7Rtab9k=
Subject key identifier: 0C:2E:BC:8D:A2:73:2A:CE:2C:58:EC:B3:4B:73:B9:C1:38:2D:64:D1
Certificate issuer: /CN=6cfd360736f1fa6c9770fcb48be594be609e5b3e
Certificate serial: 01942369B54D87D6F4119937ACA655896B03
Authority key identifier: 6C:FD:36:07:36:F1:FA:6C:97:70:FC:B4:8B:E5:94:BE:60:9E:5B:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bP02Bzbx-myXcPy0i-WUvmCeWz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/344e2c-1c56-43ab-8108-eaf68b59e599/1/DC68jaJzKs4sWOyzS3O5wTgtZNE.roa
Signing time: Wed 01 Jan 2025 19:48:37 +0000
ROA not before: Wed 01 Jan 2025 19:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44439
IP address blocks: 91.231.184.0/24 maxlen: 24
185.70.228.0/22 maxlen: 22
2a05:2cc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:b5:4d:87:d6:f4:11:99:37:ac:a6:55:89:6b:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cfd360736f1fa6c9770fcb48be594be609e5b3e
Validity
Not Before: Jan 1 19:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c2ebc8da2732ace2c58ecb34b73b9c1382d64d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:2a:87:8a:be:b4:8e:39:e6:5b:16:a5:35:5b:
2c:e9:21:18:9c:74:90:5d:da:e3:e4:b0:4a:43:10:
68:46:8d:be:44:b1:12:12:be:cd:4c:a0:2a:14:68:
8b:96:3e:18:9b:c3:5e:1a:9f:b3:c0:00:52:78:b2:
99:2b:1f:d8:c2:46:36:64:5f:57:b9:f7:dc:a5:3b:
59:c2:4f:c3:e2:87:0d:d8:b2:38:b6:7d:f8:79:51:
86:2d:14:ca:b4:c8:f7:c9:26:ab:28:55:0f:86:f2:
fd:ac:5b:61:73:b1:50:fc:4b:a2:5c:49:cb:b7:7e:
ac:d2:f0:af:6a:3e:d1:d1:de:16:34:45:84:c2:07:
9d:ff:3b:04:af:d0:1c:c1:33:89:81:55:d3:99:8c:
df:0a:60:4c:8b:8e:77:1c:44:bf:e9:b4:b7:00:b1:
bc:cb:7d:c0:6a:1e:37:67:b2:72:18:75:7d:7b:59:
3e:e4:e2:84:a1:54:71:90:db:bc:16:02:2e:08:d2:
5b:eb:7c:59:e6:91:59:f5:5b:ce:f4:66:72:a9:d5:
bb:e4:b0:89:98:d9:3a:ea:1a:eb:12:cd:63:f2:96:
00:ab:02:82:9b:8b:64:a8:68:b9:9e:11:cd:23:d2:
48:20:b5:01:bd:13:5a:04:04:14:73:6b:ce:3e:5e:
93:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:2E:BC:8D:A2:73:2A:CE:2C:58:EC:B3:4B:73:B9:C1:38:2D:64:D1
X509v3 Authority Key Identifier:
keyid:6C:FD:36:07:36:F1:FA:6C:97:70:FC:B4:8B:E5:94:BE:60:9E:5B:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bP02Bzbx-myXcPy0i-WUvmCeWz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/344e2c-1c56-43ab-8108-eaf68b59e599/1/DC68jaJzKs4sWOyzS3O5wTgtZNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/344e2c-1c56-43ab-8108-eaf68b59e599/1/bP02Bzbx-myXcPy0i-WUvmCeWz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.184.0/24
185.70.228.0/22
IPv6:
2a05:2cc0::/29
Signature Algorithm: sha256WithRSAEncryption
a3:cd:79:33:9c:bf:61:8c:5b:19:bc:fe:4e:79:17:5a:a8:bd:
b5:88:e9:6e:a6:a4:b6:d3:c0:fa:cb:38:31:87:ff:9a:26:7e:
1c:59:c1:c4:2e:f1:18:b6:ae:8d:65:54:40:49:00:ac:56:fe:
2c:e6:be:1c:80:70:52:21:e8:a1:d9:03:52:c7:38:b3:19:3e:
d4:6a:a9:d5:9d:a1:84:67:cd:c8:02:30:ae:81:28:97:d6:aa:
6f:3d:30:02:95:0f:83:63:14:d9:a8:86:3a:7d:e3:08:6c:3f:
03:81:46:8b:d5:85:1c:4d:cb:45:9d:bc:1b:a5:b3:08:5a:e7:
38:50:c5:cb:14:55:62:f3:b8:e0:76:be:bb:8c:8e:c9:ce:46:
d6:14:34:7a:e1:0f:e5:02:ca:b1:c2:91:ce:64:3b:48:6d:67:
1f:e8:ad:55:ca:15:f1:6b:26:89:b3:92:a7:24:b2:1b:05:53:
8d:6e:06:2b:4d:76:3a:23:3b:38:27:1b:f9:51:7e:c5:77:6d:
78:72:1b:d5:d2:2f:a7:44:94:21:26:33:14:f2:04:4d:c9:2b:
73:0f:05:24:9c:b8:96:07:30:6c:d2:bc:9d:18:e6:c8:1f:c2:
09:c5:e9:39:e2:15:5f:f1:d7:62:7b:c3:8b:07:41:b0:82:dd:
4a:79:fd:11
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQjabVNh9b0EZk3rKZViWsDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZmQzNjA3MzZmMWZhNmM5NzcwZmNiNDhiZTU5NGJlNjA5
ZTViM2UwHhcNMjUwMTAxMTk0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzJlYmM4ZGEyNzMyYWNlMmM1OGVjYjM0YjczYjljMTM4MmQ2NGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2yqHir60jjnmWxalNVss6SEYnHSQ
Xdrj5LBKQxBoRo2+RLESEr7NTKAqFGiLlj4Ym8NeGp+zwABSeLKZKx/YwkY2ZF9X
uffcpTtZwk/D4ocN2LI4tn34eVGGLRTKtMj3ySarKFUPhvL9rFthc7FQ/EuiXEnL
t36s0vCvaj7R0d4WNEWEwged/zsEr9AcwTOJgVXTmYzfCmBMi453HES/6bS3ALG8
y33Aah43Z7JyGHV9e1k+5OKEoVRxkNu8FgIuCNJb63xZ5pFZ9VvO9GZyqdW75LCJ
mNk66hrrEs1j8pYAqwKCm4tkqGi5nhHNI9JIILUBvRNaBAQUc2vOPl6T8wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAwuvI2icyrOLFjss0tzucE4LWTRMB8GA1UdIwQY
MBaAFGz9Ngc28fpsl3D8tIvllL5gnls+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlAwMkJ6YngtbXlYY1B5MGktV1V2bUNlV3o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8zNDRlMmMtMWM1Ni00M2FiLTgxMDgt
ZWFmNjhiNTllNTk5LzEvREM2OGphSnpLczRzV095elMzTzV3VGd0Wk5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8zNDRlMmMtMWM1Ni00M2FiLTgxMDgtZWFmNjhiNTllNTk5
LzEvYlAwMkJ6YngtbXlYY1B5MGktV1V2bUNlV3o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW+e4AwQC
uUbkMA0EAgACMAcDBQMqBSzAMA0GCSqGSIb3DQEBCwUAA4IBAQCjzXkznL9hjFsZ
vP5OeRdaqL21iOlupqS208D6yzgxh/+aJn4cWcHELvEYtq6NZVRASQCsVv4s5r4c
gHBSIeih2QNSxzizGT7UaqnVnaGEZ83IAjCugSiX1qpvPTAClQ+DYxTZqIY6feMI
bD8DgUaL1YUcTctFnbwbpbMIWuc4UMXLFFVi87jgdr67jI7JzkbWFDR64Q/lAsqx
wpHOZDtIbWcf6K1VyhXxayaJs5KnJLIbBVONbgYrTXY6Izs4Jxv5UX7Fd214chvV
0i+nRJQhJjMU8gRNyStzDwUknLiWBzBs0rydGObIH8IJxek54hVf8ddie8OLB0Gw
gt1Kef0R
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:09:33 2025 by rpki-client