Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/157299-9d1c-4c5b-9a41-c25fdc4ca2f6/1/Awd1yGOmw0G9ufYkJyOwIDHo3Qk.roa
File: Awd1yGOmw0G9ufYkJyOwIDHo3Qk.roa (raw, json)
Hash identifier: NpDJRKt/f4syIfXokbOL4x73rCHTvURrkdu0Yrl2tN4=
Subject key identifier: 03:07:75:C8:63:A6:C3:41:BD:B9:F6:24:27:23:B0:20:31:E8:DD:09
Certificate issuer: /CN=1713129ef4fa454e0f0ac407e008e957a1b795a0
Certificate serial: 019424B2C546FF80CD4B6F7B9C6802269DC5
Authority key identifier: 17:13:12:9E:F4:FA:45:4E:0F:0A:C4:07:E0:08:E9:57:A1:B7:95:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FxMSnvT6RU4PCsQH4AjpV6G3laA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/157299-9d1c-4c5b-9a41-c25fdc4ca2f6/1/Awd1yGOmw0G9ufYkJyOwIDHo3Qk.roa
Signing time: Thu 02 Jan 2025 01:48:03 +0000
ROA not before: Thu 02 Jan 2025 01:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13058
IP address blocks: 185.240.52.0/22 maxlen: 24
2a0c:7280::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:c5:46:ff:80:cd:4b:6f:7b:9c:68:02:26:9d:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1713129ef4fa454e0f0ac407e008e957a1b795a0
Validity
Not Before: Jan 2 01:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=030775c863a6c341bdb9f6242723b02031e8dd09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:60:d9:a6:f2:bc:58:2b:07:bf:1a:3c:9e:5d:
61:3c:ab:f4:47:90:c6:0a:53:f8:44:aa:b0:09:19:
f8:ef:cb:78:e9:5e:5a:c6:29:01:9b:9d:b0:10:5c:
44:e4:72:c6:ca:2e:47:dc:32:68:e7:88:42:ce:93:
f6:f6:28:ec:e6:db:e5:8a:04:c3:2f:7c:bf:aa:8f:
46:25:e6:c7:cc:7e:03:17:af:c0:0d:84:33:12:0e:
45:a5:45:57:a1:8d:43:f3:2f:fc:2f:b0:b7:b9:40:
a4:1d:62:1f:40:82:94:c1:6e:bd:b0:a7:8d:ae:ff:
a7:3c:1a:39:cb:55:fa:e6:76:80:3a:2a:6c:c7:d9:
6a:2b:a2:a0:dc:67:35:35:c8:da:10:57:cb:d1:7a:
62:4f:bf:4e:7b:6c:91:4e:70:2e:5d:92:27:f9:f2:
be:18:6d:90:d1:30:e9:ee:cb:d2:b0:b9:7e:a7:07:
98:22:4b:34:01:6c:b4:2f:c5:9f:28:64:db:08:f8:
78:56:41:b8:d4:8e:75:66:7b:b8:ff:f1:6e:a9:c6:
ed:db:5d:cb:19:c3:d9:ed:22:fd:13:92:95:90:07:
7d:20:e0:ba:37:67:6f:9c:a5:89:d3:f6:0f:53:87:
4c:04:39:fb:0f:b6:4e:1f:6b:42:61:37:63:39:4b:
38:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:07:75:C8:63:A6:C3:41:BD:B9:F6:24:27:23:B0:20:31:E8:DD:09
X509v3 Authority Key Identifier:
keyid:17:13:12:9E:F4:FA:45:4E:0F:0A:C4:07:E0:08:E9:57:A1:B7:95:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FxMSnvT6RU4PCsQH4AjpV6G3laA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/157299-9d1c-4c5b-9a41-c25fdc4ca2f6/1/Awd1yGOmw0G9ufYkJyOwIDHo3Qk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/157299-9d1c-4c5b-9a41-c25fdc4ca2f6/1/FxMSnvT6RU4PCsQH4AjpV6G3laA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.52.0/22
IPv6:
2a0c:7280::/29
Signature Algorithm: sha256WithRSAEncryption
49:94:37:5b:d5:fc:03:d2:a6:a5:c9:59:a1:4d:b8:c1:90:77:
23:64:2f:3e:c9:01:88:01:e7:09:e7:5a:6c:34:dc:5b:45:f8:
d9:68:fc:b3:5c:42:6e:a7:86:f8:6d:e2:9c:f1:d4:6e:c8:3f:
ef:4f:cb:ef:82:b4:f0:00:2c:aa:b6:0d:ea:41:e2:6a:9a:47:
27:87:15:40:17:8c:69:ad:c0:3b:4f:cb:c2:86:1e:f0:4c:ce:
42:35:9a:d2:9f:c9:54:7b:b8:19:93:2c:b5:f9:4e:1c:e5:76:
20:66:b6:11:04:e0:ef:2e:f6:3b:7b:2a:1a:9e:c1:5d:b8:9b:
ef:56:de:60:6d:a8:5f:05:85:03:29:07:36:ce:a5:90:3c:67:
4a:ae:48:9e:e0:b1:07:69:03:c4:f9:a9:c6:fd:bc:59:6e:ba:
9e:8e:bc:1a:d3:13:ab:75:c0:6d:b3:b3:73:cd:25:89:39:14:
3a:34:15:a4:4e:c6:d1:d3:2b:82:ff:35:ab:b2:6f:63:95:2c:
a8:e6:54:fc:fe:12:6a:11:a0:6f:04:42:2f:ac:75:2d:be:f7:
06:a4:f7:4c:3c:19:77:69:1d:8f:b9:c8:b0:cb:7a:a9:cb:93:
40:68:dd:8f:98:2a:fd:03:f8:e3:ff:f9:70:73:6f:09:1d:5a:
0f:bc:33:c7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQkssVG/4DNS297nGgCJp3FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MTMxMjllZjRmYTQ1NGUwZjBhYzQwN2UwMDhlOTU3YTFi
Nzk1YTAwHhcNMjUwMTAyMDE0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzA3NzVjODYzYTZjMzQxYmRiOWY2MjQyNzIzYjAyMDMxZThkZDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4mDZpvK8WCsHvxo8nl1hPKv0R5DG
ClP4RKqwCRn478t46V5axikBm52wEFxE5HLGyi5H3DJo54hCzpP29ijs5tvligTD
L3y/qo9GJebHzH4DF6/ADYQzEg5FpUVXoY1D8y/8L7C3uUCkHWIfQIKUwW69sKeN
rv+nPBo5y1X65naAOipsx9lqK6Kg3Gc1NcjaEFfL0XpiT79Oe2yRTnAuXZIn+fK+
GG2Q0TDp7svSsLl+pweYIks0AWy0L8WfKGTbCPh4VkG41I51Znu4//Fuqcbt213L
GcPZ7SL9E5KVkAd9IOC6N2dvnKWJ0/YPU4dMBDn7D7ZOH2tCYTdjOUs4cQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAMHdchjpsNBvbn2JCcjsCAx6N0JMB8GA1UdIwQY
MBaAFBcTEp70+kVODwrEB+AI6Veht5WgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnhNU252VDZSVTRQQ3NRSDRBanBWNkczbGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8xNTcyOTktOWQxYy00YzViLTlhNDEt
YzI1ZmRjNGNhMmY2LzEvQXdkMXlHT213MEc5dWZZa0p5T3dJREhvM1FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8xNTcyOTktOWQxYy00YzViLTlhNDEtYzI1ZmRjNGNhMmY2
LzEvRnhNU252VDZSVTRQQ3NRSDRBanBWNkczbGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufA0MA0E
AgACMAcDBQMqDHKAMA0GCSqGSIb3DQEBCwUAA4IBAQBJlDdb1fwD0qalyVmhTbjB
kHcjZC8+yQGIAecJ51psNNxbRfjZaPyzXEJup4b4beKc8dRuyD/vT8vvgrTwACyq
tg3qQeJqmkcnhxVAF4xprcA7T8vChh7wTM5CNZrSn8lUe7gZkyy1+U4c5XYgZrYR
BODvLvY7eyoansFduJvvVt5gbahfBYUDKQc2zqWQPGdKrkie4LEHaQPE+anG/bxZ
brqejrwa0xOrdcBts7NzzSWJORQ6NBWkTsbR0yuC/zWrsm9jlSyo5lT8/hJqEaBv
BEIvrHUtvvcGpPdMPBl3aR2Puciwy3qpy5NAaN2PmCr9A/jj//lwc28JHVoPvDPH
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:44:25 2025 by rpki-client