Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/hSaGIfnDKdSKWJHlieXEwfTU6q4.roa
File: hSaGIfnDKdSKWJHlieXEwfTU6q4.roa (raw, json)
Hash identifier: Tlzb8RdlRarMmGqY7TfSTybKDQ3T0ImXEyxGHQXUK8s=
Subject key identifier: 85:26:86:21:F9:C3:29:D4:8A:58:91:E5:89:E5:C4:C1:F4:D4:EA:AE
Certificate issuer: /CN=de456cdb4d140345c3dcaebfc7634d4e7cdcb913
Certificate serial: 01942825381A71BA588240856D4D679E2D19
Authority key identifier: DE:45:6C:DB:4D:14:03:45:C3:DC:AE:BF:C7:63:4D:4E:7C:DC:B9:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3kVs200UA0XD3K6_x2NNTnzcuRM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/hSaGIfnDKdSKWJHlieXEwfTU6q4.roa
Signing time: Thu 02 Jan 2025 17:51:55 +0000
ROA not before: Thu 02 Jan 2025 17:51:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204561
IP address blocks: 128.127.182.0/24 maxlen: 24
128.127.183.0/24 maxlen: 24
185.192.44.0/24 maxlen: 24
2a05:8a40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:38:1a:71:ba:58:82:40:85:6d:4d:67:9e:2d:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de456cdb4d140345c3dcaebfc7634d4e7cdcb913
Validity
Not Before: Jan 2 17:51:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85268621f9c329d48a5891e589e5c4c1f4d4eaae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:78:06:bf:9b:30:5b:7b:f8:10:18:7a:fd:9d:
07:23:88:5a:fe:39:1a:0f:e7:9a:44:e8:3e:af:2b:
61:a1:1c:02:3b:15:c4:d5:21:d8:ee:23:2a:06:52:
f2:92:ff:ec:bb:a1:68:81:74:b0:39:93:8d:4d:f7:
36:a9:f8:a7:11:46:dc:ff:9d:e4:4b:70:50:13:04:
3c:af:15:f3:3f:d5:56:13:0b:c5:0d:0b:a2:f1:ff:
26:e7:de:57:e8:0f:05:61:64:eb:df:01:9b:30:a4:
20:53:dd:3d:52:b2:c4:03:5d:c3:e5:a9:37:b5:a1:
bb:ce:25:24:88:e7:03:8b:24:d9:13:08:3c:42:ec:
f3:b0:f2:5a:b7:24:2b:b3:10:c4:12:d2:97:71:f7:
3a:6d:92:9b:4c:f8:47:8b:5c:bd:fc:b3:bd:79:b9:
9f:c6:1e:51:50:c5:a7:2d:77:05:36:25:e1:67:dc:
d8:af:e6:72:4b:4f:8c:c4:8f:65:65:02:2f:ca:8a:
42:64:dc:7d:03:a0:3e:ee:a6:0e:fe:31:d6:2d:ed:
61:44:0d:da:fa:42:6f:23:0f:8e:2f:8f:0d:59:f2:
45:89:76:1e:74:e4:8d:3c:b2:43:d0:99:d8:ad:37:
99:a8:02:1c:ac:0e:2b:66:eb:7b:3d:d4:56:cc:97:
fa:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:26:86:21:F9:C3:29:D4:8A:58:91:E5:89:E5:C4:C1:F4:D4:EA:AE
X509v3 Authority Key Identifier:
keyid:DE:45:6C:DB:4D:14:03:45:C3:DC:AE:BF:C7:63:4D:4E:7C:DC:B9:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3kVs200UA0XD3K6_x2NNTnzcuRM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/hSaGIfnDKdSKWJHlieXEwfTU6q4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/3kVs200UA0XD3K6_x2NNTnzcuRM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.127.182.0/23
185.192.44.0/24
IPv6:
2a05:8a40::/29
Signature Algorithm: sha256WithRSAEncryption
b6:03:8f:09:a1:da:fe:39:49:c0:84:3b:ea:c1:b7:d1:ee:45:
c5:45:78:1f:cb:83:18:95:f2:9b:1b:7d:bd:38:39:15:d5:9d:
4b:60:5e:e5:b5:fc:b0:65:a0:ca:ab:35:6a:5d:fb:f6:61:97:
ef:13:9f:b2:98:54:fb:bc:a3:2e:1d:fa:d8:49:f8:1b:81:81:
59:ab:f5:20:a6:16:f2:3d:8a:0f:69:c3:a3:47:7c:62:ba:b7:
68:c3:a7:92:23:20:f7:59:39:89:3d:8b:6f:a7:e5:31:7d:5c:
f7:a0:cc:bb:4e:16:c9:03:6a:fc:9a:45:b2:21:ac:b3:fa:00:
43:f9:05:06:a9:21:32:4c:64:fc:7b:1c:fd:e1:d5:fd:2c:f7:
92:95:77:ca:01:1a:3f:a2:f5:e4:ab:93:cf:6f:80:01:69:68:
98:ad:10:f9:c9:b3:20:b0:3d:bd:a8:8d:e2:1f:ef:47:61:66:
a9:a9:0c:98:10:ae:a7:d0:4a:9d:46:ef:db:da:48:4a:3f:8c:
fa:2f:bb:35:71:7f:d8:bb:92:a3:53:f9:fa:eb:77:0b:6c:89:
34:ce:b0:84:c3:64:ec:09:75:f6:ac:b6:2f:24:cf:17:d1:dc:
6b:34:ef:e5:5b:f9:59:3f:fb:a6:9e:ea:8a:95:f6:7a:c6:56:
dd:37:80:b2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQoJTgacbpYgkCFbU1nni0ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDU2Y2RiNGQxNDAzNDVjM2RjYWViZmM3NjM0ZDRlN2Nk
Y2I5MTMwHhcNMjUwMTAyMTc1MTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTI2ODYyMWY5YzMyOWQ0OGE1ODkxZTU4OWU1YzRjMWY0ZDRlYWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArngGv5swW3v4EBh6/Z0HI4ha/jka
D+eaROg+rythoRwCOxXE1SHY7iMqBlLykv/su6FogXSwOZONTfc2qfinEUbc/53k
S3BQEwQ8rxXzP9VWEwvFDQui8f8m595X6A8FYWTr3wGbMKQgU909UrLEA13D5ak3
taG7ziUkiOcDiyTZEwg8QuzzsPJatyQrsxDEEtKXcfc6bZKbTPhHi1y9/LO9ebmf
xh5RUMWnLXcFNiXhZ9zYr+ZyS0+MxI9lZQIvyopCZNx9A6A+7qYO/jHWLe1hRA3a
+kJvIw+OL48NWfJFiXYedOSNPLJD0JnYrTeZqAIcrA4rZut7PdRWzJf63QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIUmhiH5wynUiliR5YnlxMH01OquMB8GA1UdIwQY
MBaAFN5FbNtNFANFw9yuv8djTU583LkTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tWczIwMFVBMFhEM0s2X3gyTk5UbnpjdVJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8yMGNiMzMtZTJiZi00NmFhLWFiZmEt
OTI4ZTdiYzY5NTcwLzEvaFNhR0lmbkRLZFNLV0pIbGllWEV3ZlRVNnE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8yMGNiMzMtZTJiZi00NmFhLWFiZmEtOTI4ZTdiYzY5NTcw
LzEvM2tWczIwMFVBMFhEM0s2X3gyTk5UbnpjdVJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBgH+2AwQA
ucAsMA0EAgACMAcDBQMqBYpAMA0GCSqGSIb3DQEBCwUAA4IBAQC2A48Jodr+OUnA
hDvqwbfR7kXFRXgfy4MYlfKbG329ODkV1Z1LYF7ltfywZaDKqzVqXfv2YZfvE5+y
mFT7vKMuHfrYSfgbgYFZq/UgphbyPYoPacOjR3xiurdow6eSIyD3WTmJPYtvp+Ux
fVz3oMy7ThbJA2r8mkWyIayz+gBD+QUGqSEyTGT8exz94dX9LPeSlXfKARo/ovXk
q5PPb4ABaWiYrRD5ybMgsD29qI3iH+9HYWapqQyYEK6n0EqdRu/b2khKP4z6L7s1
cX/Yu5KjU/n663cLbIk0zrCEw2TsCXX2rLYvJM8X0dxrNO/lW/lZP/umnuqKlfZ6
xlbdN4Cy
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:02:21 2025 by rpki-client