Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/acgWZk7QsmW2aj_bCsaJjnM5BPc.roa
File: acgWZk7QsmW2aj_bCsaJjnM5BPc.roa (raw, json)
Hash identifier: HUCf1r1zAbFUe3WPNLagsH4LPR/2P6TikCHZR4iIaH0=
Subject key identifier: 69:C8:16:66:4E:D0:B2:65:B6:6A:3F:DB:0A:C6:89:8E:73:39:04:F7
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 019425FCDDE9EF477AAE02B86C24A939D56C
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/acgWZk7QsmW2aj_bCsaJjnM5BPc.roa
Signing time: Thu 02 Jan 2025 07:48:36 +0000
ROA not before: Thu 02 Jan 2025 07:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16247
IP address blocks: 185.201.42.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:dd:e9:ef:47:7a:ae:02:b8:6c:24:a9:39:d5:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 2 07:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69c816664ed0b265b66a3fdb0ac6898e733904f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:98:de:0a:ca:a7:54:41:00:cb:f3:a3:41:97:
06:16:4c:de:5e:df:2c:e6:be:7d:54:a9:bc:37:58:
33:4a:41:8f:08:22:c4:4d:22:8b:36:76:9a:ba:8b:
26:12:03:53:d9:43:6f:9a:57:70:12:86:cb:fb:48:
f6:06:02:b9:06:1b:58:9b:9b:9e:ca:fe:f9:07:db:
c0:a5:80:fe:f1:be:68:6d:eb:9a:b0:21:da:68:4d:
9b:73:a0:83:24:a7:2d:1c:ae:ed:df:18:54:5e:6e:
ce:a9:4b:c8:de:99:5f:d0:c3:49:cd:04:98:c8:b5:
54:f4:95:ea:bd:4b:d1:e9:d3:63:9f:d8:30:80:eb:
dc:7c:ca:c7:28:40:37:60:3c:cf:d8:77:de:15:60:
4e:79:24:1d:b4:5b:5a:e1:61:38:b6:06:46:71:3e:
9a:de:d8:ed:36:24:b7:7e:c3:0a:07:5f:1e:55:e0:
dc:32:ec:0a:d9:35:ed:5d:05:e6:68:39:7f:6b:03:
e5:8c:48:3b:11:ac:29:52:ad:d5:4c:25:87:05:4f:
36:89:f7:96:74:53:3e:f2:1a:21:28:e9:21:4b:bd:
d5:9d:73:7d:5e:91:5b:4e:52:de:e6:06:f3:0e:fc:
db:9e:36:65:58:f7:19:bf:00:62:7c:67:17:56:e8:
9b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:C8:16:66:4E:D0:B2:65:B6:6A:3F:DB:0A:C6:89:8E:73:39:04:F7
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/acgWZk7QsmW2aj_bCsaJjnM5BPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.42.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:df:aa:17:81:83:f7:05:2b:5d:ae:f8:2e:c9:fe:e7:8d:71:
b8:c2:47:4e:23:56:0f:89:7e:5e:6f:b6:f3:27:6a:65:76:25:
63:17:32:4d:5a:f5:9a:2e:80:1d:fa:fd:b6:50:ae:52:52:cd:
29:91:da:4c:f4:12:56:f4:99:6b:fc:52:5a:26:6d:94:b7:a2:
6c:3a:8f:ef:bd:6a:dd:cb:59:2e:78:6b:cd:5a:1b:43:4e:0e:
f4:0f:b7:e4:25:a9:3b:67:eb:a9:7c:3e:77:89:de:6b:39:0a:
e2:dc:50:5e:b2:3c:da:82:9d:ee:ee:04:49:10:41:a1:3e:48:
d3:52:0b:d0:60:ce:69:d4:0b:76:6c:06:47:4e:fd:3a:5a:9d:
6b:94:8a:3a:9f:1e:51:c7:c9:08:bf:3d:86:2a:c1:eb:c2:37:
86:29:02:77:7c:f2:f5:2a:fc:d9:e0:0a:f4:15:fb:6f:71:ac:
ef:ef:c8:13:03:99:53:54:44:cd:9a:da:c5:9c:a1:8b:80:fa:
02:de:6a:26:ce:87:22:7a:bc:eb:ea:39:3d:58:e9:5a:99:83:
ad:d5:ab:a2:0f:a6:a8:bb:9f:41:00:b6:5b:6a:e7:eb:cf:6d:
48:8a:a3:e3:77:4c:fc:2e:9d:3d:ed:6c:f7:b0:5c:7a:c4:3d:
f8:6a:9a:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/N3p70d6rgK4bCSpOdVsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUwMTAyMDc0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWM4MTY2NjRlZDBiMjY1YjY2YTNmZGIwYWM2ODk4ZTczMzkwNGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJjeCsqnVEEAy/OjQZcGFkzeXt8s
5r59VKm8N1gzSkGPCCLETSKLNnaauosmEgNT2UNvmldwEobL+0j2BgK5BhtYm5ue
yv75B9vApYD+8b5obeuasCHaaE2bc6CDJKctHK7t3xhUXm7OqUvI3plf0MNJzQSY
yLVU9JXqvUvR6dNjn9gwgOvcfMrHKEA3YDzP2HfeFWBOeSQdtFta4WE4tgZGcT6a
3tjtNiS3fsMKB18eVeDcMuwK2TXtXQXmaDl/awPljEg7EawpUq3VTCWHBU82ifeW
dFM+8hohKOkhS73VnXN9XpFbTlLe5gbzDvzbnjZlWPcZvwBifGcXVuibmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGnIFmZO0LJltmo/2wrGiY5zOQT3MB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvYWNnV1prN1FzbVcyYWpfYkNzYUpqbk01QlBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuckqMA0G
CSqGSIb3DQEBCwUAA4IBAQBP36oXgYP3BStdrvguyf7njXG4wkdOI1YPiX5eb7bz
J2pldiVjFzJNWvWaLoAd+v22UK5SUs0pkdpM9BJW9Jlr/FJaJm2Ut6JsOo/vvWrd
y1kueGvNWhtDTg70D7fkJak7Z+upfD53id5rOQri3FBesjzagp3u7gRJEEGhPkjT
UgvQYM5p1At2bAZHTv06Wp1rlIo6nx5Rx8kIvz2GKsHrwjeGKQJ3fPL1KvzZ4Ar0
Fftvcazv78gTA5lTVETNmtrFnKGLgPoC3momzocierzr6jk9WOlamYOt1auiD6ao
u59BALZbaufrz21IiqPjd0z8Lp097Wz3sFx6xD34apo7
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:55:08 2025 by rpki-client