Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/cBlGJ5bNODNILYzK1oNt3QzAw7M.roa
File: cBlGJ5bNODNILYzK1oNt3QzAw7M.roa (raw, json)
Hash identifier: 7wWvEWZaVuq+kybNFqA4kbf75m0LmBkO8WIx9pDUDFw=
Subject key identifier: 70:19:46:27:96:CD:38:33:48:2D:8C:CA:D6:83:6D:DD:0C:C0:C3:B3
Certificate issuer: /CN=d7401e0249418b357547268824f6244925d8db39
Certificate serial: 019424B36FDEFE1522B386A4F5ACE366A71C
Authority key identifier: D7:40:1E:02:49:41:8B:35:75:47:26:88:24:F6:24:49:25:D8:DB:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10AeAklBizV1RyaIJPYkSSXY2zk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/cBlGJ5bNODNILYzK1oNt3QzAw7M.roa
Signing time: Thu 02 Jan 2025 01:48:46 +0000
ROA not before: Thu 02 Jan 2025 01:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60478
IP address blocks: 185.31.100.0/22 maxlen: 22
2a00:b420::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:6f:de:fe:15:22:b3:86:a4:f5:ac:e3:66:a7:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7401e0249418b357547268824f6244925d8db39
Validity
Not Before: Jan 2 01:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7019462796cd3833482d8ccad6836ddd0cc0c3b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:9b:41:45:13:b5:72:4b:8f:0d:af:1a:e7:db:
62:13:b8:c0:d0:e2:16:1a:97:6b:39:d1:f1:73:6b:
3c:76:50:43:8d:5b:ad:b5:b5:19:51:b6:41:29:3a:
9b:24:ac:64:bf:22:02:1b:ed:a6:e3:f2:cb:6a:9f:
59:61:3d:25:1e:48:c6:fb:55:aa:77:70:c1:8a:2b:
7c:9f:ff:6e:ed:e2:e9:72:9d:35:5e:ff:c8:ea:f1:
21:92:b1:6a:97:7f:ed:14:e3:2e:85:91:c0:93:15:
47:ea:02:77:dd:fa:74:08:5b:98:ef:93:23:df:93:
c4:3e:73:22:65:2a:a1:ce:2b:26:9e:d6:2d:f3:83:
75:30:e8:15:4a:db:35:9f:23:dc:12:40:b1:5b:d9:
2c:2e:9e:86:87:76:fd:01:20:36:bf:4a:88:5a:94:
5c:e8:d3:02:ac:e8:cb:8d:6d:b0:03:95:42:47:93:
23:2e:b3:3c:b6:f5:77:16:87:15:c0:f5:ab:1e:23:
2b:e8:21:88:38:41:b8:f0:07:02:e3:4d:0a:2e:38:
07:97:2e:17:6f:e1:d8:10:7a:fd:51:06:84:a9:52:
26:8d:d7:b3:5d:11:54:9b:b9:13:c6:03:c3:53:05:
d2:38:6e:e5:eb:fa:a7:18:3b:30:f2:9b:dc:1f:84:
74:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:19:46:27:96:CD:38:33:48:2D:8C:CA:D6:83:6D:DD:0C:C0:C3:B3
X509v3 Authority Key Identifier:
keyid:D7:40:1E:02:49:41:8B:35:75:47:26:88:24:F6:24:49:25:D8:DB:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10AeAklBizV1RyaIJPYkSSXY2zk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/cBlGJ5bNODNILYzK1oNt3QzAw7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/10AeAklBizV1RyaIJPYkSSXY2zk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.100.0/22
IPv6:
2a00:b420::/32
Signature Algorithm: sha256WithRSAEncryption
78:66:4f:1a:7c:a4:43:23:98:57:7c:0c:c9:2a:47:48:e7:11:
dd:38:86:00:b8:4d:50:fe:bb:dd:8c:05:72:c6:0d:96:1f:41:
c4:ee:b7:28:db:70:e1:2e:89:57:e0:70:dc:28:5b:1b:d9:bc:
ee:58:dc:29:6b:54:c0:fb:2a:58:c4:75:9c:ee:e2:09:49:bd:
cf:78:6c:0b:cf:e9:cf:cf:f9:d1:82:8f:81:6d:0f:ad:d1:8b:
ee:57:a8:65:0f:55:12:f1:d3:f3:23:61:04:27:16:cb:b0:d3:
67:d7:2b:49:b7:ae:a0:4b:a0:df:52:6c:f6:b6:07:1f:09:c9:
ae:ab:4e:2b:84:4f:d4:7f:ab:13:ea:dc:95:07:99:20:31:fe:
8c:1c:98:8b:c3:88:ce:f8:d0:6b:fd:c3:f9:8f:21:5d:bd:6a:
10:40:a5:eb:69:ff:1b:e2:4d:05:fe:1c:10:86:b7:ee:e8:af:
df:d7:2b:10:0b:cb:00:94:ba:8f:71:03:8b:33:2f:41:bc:73:
7e:d2:b0:6b:e0:1a:70:60:ed:a0:bb:77:54:99:06:7c:e3:50:
ea:d1:a5:ae:44:8f:cb:bb:a6:10:87:eb:44:cc:b2:ee:a3:d3:
c4:2d:69:4f:bd:ab:94:c4:b5:30:0c:e9:84:56:34:96:92:48:
77:3b:3b:f5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQks2/e/hUis4ak9azjZqccMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDAxZTAyNDk0MThiMzU3NTQ3MjY4ODI0ZjYyNDQ5MjVk
OGRiMzkwHhcNMjUwMTAyMDE0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDE5NDYyNzk2Y2QzODMzNDgyZDhjY2FkNjgzNmRkZDBjYzBjM2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5tBRRO1ckuPDa8a59tiE7jA0OIW
GpdrOdHxc2s8dlBDjVuttbUZUbZBKTqbJKxkvyICG+2m4/LLap9ZYT0lHkjG+1Wq
d3DBiit8n/9u7eLpcp01Xv/I6vEhkrFql3/tFOMuhZHAkxVH6gJ33fp0CFuY75Mj
35PEPnMiZSqhzismntYt84N1MOgVSts1nyPcEkCxW9ksLp6Gh3b9ASA2v0qIWpRc
6NMCrOjLjW2wA5VCR5MjLrM8tvV3FocVwPWrHiMr6CGIOEG48AcC400KLjgHly4X
b+HYEHr9UQaEqVImjdezXRFUm7kTxgPDUwXSOG7l6/qnGDsw8pvcH4R0yQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHAZRieWzTgzSC2MytaDbd0MwMOzMB8GA1UdIwQY
MBaAFNdAHgJJQYs1dUcmiCT2JEkl2Ns5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBBZUFrbEJpelYxUnlhSUpQWWtTU1hZMnprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9kNzMxMzctYjA4OS00ZGI0LWI2YjIt
NTA3ODkxMzk1NDE3LzEvY0JsR0o1Yk5PRE5JTFl6SzFvTnQzUXpBdzdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9kNzMxMzctYjA4OS00ZGI0LWI2YjItNTA3ODkxMzk1NDE3
LzEvMTBBZUFrbEJpelYxUnlhSUpQWWtTU1hZMnprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuR9kMA0E
AgACMAcDBQAqALQgMA0GCSqGSIb3DQEBCwUAA4IBAQB4Zk8afKRDI5hXfAzJKkdI
5xHdOIYAuE1Q/rvdjAVyxg2WH0HE7rco23DhLolX4HDcKFsb2bzuWNwpa1TA+ypY
xHWc7uIJSb3PeGwLz+nPz/nRgo+BbQ+t0YvuV6hlD1US8dPzI2EEJxbLsNNn1ytJ
t66gS6DfUmz2tgcfCcmuq04rhE/Uf6sT6tyVB5kgMf6MHJiLw4jO+NBr/cP5jyFd
vWoQQKXraf8b4k0F/hwQhrfu6K/f1ysQC8sAlLqPcQOLMy9BvHN+0rBr4BpwYO2g
u3dUmQZ841Dq0aWuRI/Lu6YQh+tEzLLuo9PELWlPvauUxLUwDOmEVjSWkkh3Ozv1
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:03:32 2025 by rpki-client