Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/dcbd3a-7528-499e-a3bd-bf28875ab261/1/P00v87nrou1jHf3IyWsCvn49wIw.roa
File: P00v87nrou1jHf3IyWsCvn49wIw.roa (raw, json)
Hash identifier: 7G/m2+VXvGbn3QbXJwae3mt6bGUijMD8TCCAhr6uALc=
Subject key identifier: 3F:4D:2F:F3:B9:EB:A2:ED:63:1D:FD:C8:C9:6B:02:BE:7E:3D:C0:8C
Certificate issuer: /CN=2c3e1c03efa2f2d9fff9dbec3325bc6c37694250
Certificate serial: 0194244560D899EF335BE5C8C3ED0B20E217
Authority key identifier: 2C:3E:1C:03:EF:A2:F2:D9:FF:F9:DB:EC:33:25:BC:6C:37:69:42:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LD4cA--i8tn_-dvsMyW8bDdpQlA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/dcbd3a-7528-499e-a3bd-bf28875ab261/1/P00v87nrou1jHf3IyWsCvn49wIw.roa
Signing time: Wed 01 Jan 2025 23:48:34 +0000
ROA not before: Wed 01 Jan 2025 23:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57687
IP address blocks: 185.129.168.0/24 maxlen: 24
185.129.169.0/24 maxlen: 24
185.129.170.0/24 maxlen: 24
185.129.171.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:60:d8:99:ef:33:5b:e5:c8:c3:ed:0b:20:e2:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c3e1c03efa2f2d9fff9dbec3325bc6c37694250
Validity
Not Before: Jan 1 23:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f4d2ff3b9eba2ed631dfdc8c96b02be7e3dc08c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a3:13:19:89:0b:97:33:76:58:73:83:fb:4e:
d8:6e:8c:09:db:0e:e1:cf:d0:bf:85:60:61:be:ea:
ce:ec:e9:a1:5a:7c:89:c7:20:c1:18:2e:0a:47:1e:
77:a1:2f:a4:fc:2c:d6:e8:9a:78:60:b2:09:4d:45:
b8:fe:2a:b7:2d:67:6b:13:55:0d:8c:b2:4b:56:fe:
9c:9c:ef:f6:f9:c2:93:a4:ff:90:45:95:9f:85:0b:
76:10:ea:e0:60:6c:fe:df:af:36:07:57:df:f7:c8:
7f:b2:b2:d9:04:0e:d6:c6:7f:58:79:9e:fb:88:5c:
65:16:a2:cb:43:0c:9e:7e:ec:c9:c3:e7:dc:42:6c:
03:8c:62:79:6f:41:3e:23:e0:50:52:24:2d:be:8c:
d5:b4:31:6e:0f:4c:c2:6b:a0:0f:3c:8c:a9:30:3f:
c8:50:d7:65:e7:d0:29:95:dc:92:38:df:7b:37:8d:
10:35:8f:48:11:bc:71:2b:b9:50:2e:15:20:c7:b9:
ab:43:c3:dc:6d:c5:aa:2c:d8:aa:68:ec:a4:da:74:
05:cf:8d:1d:af:73:1e:17:d8:6a:a2:c6:90:ec:d1:
70:4b:20:e5:42:1a:03:30:60:6e:94:e0:ae:09:99:
f1:fd:70:d0:9b:c4:25:e1:b6:f1:65:e7:2a:64:f1:
c7:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:4D:2F:F3:B9:EB:A2:ED:63:1D:FD:C8:C9:6B:02:BE:7E:3D:C0:8C
X509v3 Authority Key Identifier:
keyid:2C:3E:1C:03:EF:A2:F2:D9:FF:F9:DB:EC:33:25:BC:6C:37:69:42:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LD4cA--i8tn_-dvsMyW8bDdpQlA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/dcbd3a-7528-499e-a3bd-bf28875ab261/1/P00v87nrou1jHf3IyWsCvn49wIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/dcbd3a-7528-499e-a3bd-bf28875ab261/1/LD4cA--i8tn_-dvsMyW8bDdpQlA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.168.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:0f:0c:42:5a:cf:4a:25:cd:8a:76:8c:0b:c7:ac:99:c6:4f:
19:91:61:bf:32:e7:b4:9b:d5:dd:56:8c:9e:23:0e:06:ca:5c:
20:77:6a:8e:ac:17:ed:ea:b9:68:10:7a:a9:ad:c5:19:18:d6:
ec:70:bf:65:ea:a4:c5:3d:ea:f9:22:a9:bb:5d:43:39:75:d0:
c7:9b:20:7f:29:ea:ad:17:cf:69:b9:19:88:4d:fa:29:29:60:
4d:d8:0b:79:6b:93:b3:c4:76:9f:d6:f7:61:e6:0e:f4:29:32:
10:f0:97:db:8c:34:c0:c1:6a:54:df:a9:42:9c:38:53:5d:a2:
36:a4:b3:57:28:07:b4:5a:e9:f3:35:15:7b:db:ef:b0:00:cb:
4a:19:76:9a:09:5c:21:44:b7:65:66:9b:21:4f:ad:77:4f:fd:
7c:e5:a1:43:2d:98:4b:a4:bb:52:b9:c3:ec:3b:b6:47:de:16:
49:9c:bd:c8:b3:7d:24:90:e6:29:7f:fb:91:27:1c:64:ba:9e:
ac:7b:08:1d:30:2f:6b:44:67:3a:b1:63:35:a4:48:9d:b3:c5:
eb:d6:c2:ab:c9:14:cf:49:82:cb:c6:9b:9d:1d:0e:3e:3e:08:
b8:3e:b9:1d:5f:87:33:46:1b:f6:27:1a:70:c2:7a:a2:3c:06:
9a:bb:99:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRWDYme8zW+XIw+0LIOIXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjM2UxYzAzZWZhMmYyZDlmZmY5ZGJlYzMzMjViYzZjMzc2
OTQyNTAwHhcNMjUwMTAxMjM0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjRkMmZmM2I5ZWJhMmVkNjMxZGZkYzhjOTZiMDJiZTdlM2RjMDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqMTGYkLlzN2WHOD+07YbowJ2w7h
z9C/hWBhvurO7OmhWnyJxyDBGC4KRx53oS+k/CzW6Jp4YLIJTUW4/iq3LWdrE1UN
jLJLVv6cnO/2+cKTpP+QRZWfhQt2EOrgYGz+3682B1ff98h/srLZBA7Wxn9YeZ77
iFxlFqLLQwyefuzJw+fcQmwDjGJ5b0E+I+BQUiQtvozVtDFuD0zCa6APPIypMD/I
UNdl59ApldySON97N40QNY9IEbxxK7lQLhUgx7mrQ8PcbcWqLNiqaOyk2nQFz40d
r3MeF9hqosaQ7NFwSyDlQhoDMGBulOCuCZnx/XDQm8Ql4bbxZecqZPHH5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD9NL/O566LtYx39yMlrAr5+PcCMMB8GA1UdIwQY
MBaAFCw+HAPvovLZ//nb7DMlvGw3aUJQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEQ0Y0EtLWk4dG5fLWR2c015VzhiRGRwUWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9kY2JkM2EtNzUyOC00OTllLWEzYmQt
YmYyODg3NWFiMjYxLzEvUDAwdjg3bnJvdTFqSGYzSXlXc0N2bjQ5d0l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9kY2JkM2EtNzUyOC00OTllLWEzYmQtYmYyODg3NWFiMjYx
LzEvTEQ0Y0EtLWk4dG5fLWR2c015VzhiRGRwUWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYGoMA0G
CSqGSIb3DQEBCwUAA4IBAQAODwxCWs9KJc2KdowLx6yZxk8ZkWG/Mue0m9XdVoye
Iw4Gylwgd2qOrBft6rloEHqprcUZGNbscL9l6qTFPer5Iqm7XUM5ddDHmyB/Keqt
F89puRmITfopKWBN2At5a5OzxHaf1vdh5g70KTIQ8JfbjDTAwWpU36lCnDhTXaI2
pLNXKAe0WunzNRV72++wAMtKGXaaCVwhRLdlZpshT613T/185aFDLZhLpLtSucPs
O7ZH3hZJnL3Is30kkOYpf/uRJxxkup6sewgdMC9rRGc6sWM1pEids8Xr1sKryRTP
SYLLxpudHQ4+Pgi4PrkdX4czRhv2JxpwwnqiPAaau5lL
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:31:18 2025 by rpki-client