Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2JAKkDYf5XSo8AO8ti4tZHAImi4.roa
File: 2JAKkDYf5XSo8AO8ti4tZHAImi4.roa (raw, json)
Hash identifier: 12hLnnFSkXzPf0mB/K0RePK0+6VZSOrN51/uyvCHuwg=
Subject key identifier: D8:90:0A:90:36:1F:E5:74:A8:F0:03:BC:B6:2E:2D:64:70:08:9A:2E
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01942220402FE67AAC46D5F4F68B3B39AD28
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2JAKkDYf5XSo8AO8ti4tZHAImi4.roa
Signing time: Wed 01 Jan 2025 13:48:46 +0000
ROA not before: Wed 01 Jan 2025 13:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206275
IP address blocks: 185.225.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:40:2f:e6:7a:ac:46:d5:f4:f6:8b:3b:39:ad:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8900a90361fe574a8f003bcb62e2d6470089a2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:be:40:71:e3:dd:f1:2c:3e:90:80:dd:51:26:
77:cb:98:5a:96:41:dc:16:70:9b:24:60:c7:1c:3a:
2c:fd:fb:ce:61:3e:73:80:52:63:91:5f:3f:8d:ba:
cf:48:d2:bb:d9:f2:3b:90:3f:08:aa:30:11:09:11:
b2:98:1c:a5:f9:da:cb:55:0b:9f:a8:87:ce:29:fa:
dd:62:6f:84:b4:7a:71:26:c0:ae:96:67:32:e9:93:
d0:02:c7:c0:75:6e:4b:b4:ff:d3:0c:a3:60:ae:a8:
49:82:95:30:61:0f:2a:1d:00:31:d0:18:7f:65:58:
95:17:4e:1b:0e:ae:6e:f1:e3:84:69:4c:2c:2e:a5:
a9:62:e0:dd:8e:4e:b8:31:d6:b4:ba:c2:81:b4:c7:
d7:ee:44:f8:3f:37:35:3b:af:41:21:67:22:8b:25:
8a:cd:05:37:f0:5f:4a:14:6b:b7:6d:e0:ec:0c:b0:
7f:3d:a7:0b:76:9e:30:87:4c:8c:fd:50:23:92:84:
94:4f:d0:37:3c:89:b0:d5:c6:31:c4:97:43:80:6e:
ba:ed:25:3e:19:fb:37:a5:e5:0f:21:36:9b:60:ab:
06:75:3b:7e:57:fc:65:1a:31:53:f1:7c:0b:df:ba:
bc:45:35:9a:0f:8e:6c:41:e5:7e:e0:6a:02:b6:f4:
89:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:90:0A:90:36:1F:E5:74:A8:F0:03:BC:B6:2E:2D:64:70:08:9A:2E
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2JAKkDYf5XSo8AO8ti4tZHAImi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.3.0/24
Signature Algorithm: sha256WithRSAEncryption
09:cc:72:b6:fb:49:9f:5c:ca:82:a7:b7:ab:f3:11:ca:5b:a6:
12:a4:7a:55:84:60:fd:7d:d3:9d:5f:da:0c:75:88:12:c9:8d:
b2:cb:c0:c8:bc:bb:6d:62:43:01:e2:cd:c9:de:7e:6e:29:67:
d7:13:73:6c:a0:f3:9f:00:4c:8e:fd:a8:c1:8a:08:15:f3:a7:
42:c1:81:27:48:93:49:d4:a0:ce:6b:5c:3f:57:ab:ad:35:a7:
2e:38:f1:c3:99:31:3b:3b:3d:55:e1:99:ff:49:71:33:9c:ba:
32:38:37:c9:ca:5b:d1:c5:07:d0:ec:88:38:c6:6c:d7:50:30:
87:3b:58:dd:4c:5b:5a:89:48:a4:82:cf:5e:82:ce:85:6f:0b:
a6:35:cd:a1:c6:3b:9c:76:25:d1:52:9a:8d:6d:97:e0:b1:d8:
0f:bf:ed:1c:fa:ed:d0:00:32:8e:87:57:31:49:11:7e:d0:97:
58:11:0f:94:27:39:93:ae:80:f0:b7:48:88:49:0d:48:b5:fd:
ba:97:27:a4:3c:79:dd:cf:76:57:5f:86:48:b0:19:4b:85:e2:
33:33:f7:04:d8:a5:6f:f2:29:3d:be:e3:2b:5a:88:f0:e9:ec:
10:38:c7:d8:76:24:e7:3c:99:a6:e0:e8:21:da:d9:6e:f3:60:
01:aa:16:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIEAv5nqsRtX09os7Oa0oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODkwMGE5MDM2MWZlNTc0YThmMDAzYmNiNjJlMmQ2NDcwMDg5YTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw75AcePd8Sw+kIDdUSZ3y5halkHc
FnCbJGDHHDos/fvOYT5zgFJjkV8/jbrPSNK72fI7kD8IqjARCRGymByl+drLVQuf
qIfOKfrdYm+EtHpxJsCulmcy6ZPQAsfAdW5LtP/TDKNgrqhJgpUwYQ8qHQAx0Bh/
ZViVF04bDq5u8eOEaUwsLqWpYuDdjk64Mda0usKBtMfX7kT4Pzc1O69BIWciiyWK
zQU38F9KFGu3beDsDLB/PacLdp4wh0yM/VAjkoSUT9A3PImw1cYxxJdDgG667SU+
Gfs3peUPITabYKsGdTt+V/xlGjFT8XwL37q8RTWaD45sQeV+4GoCtvSJdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNiQCpA2H+V0qPADvLYuLWRwCJouMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMkpBS2tEWWY1WFNvOEFPOHRpNHRaSEFJbWk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueEDMA0G
CSqGSIb3DQEBCwUAA4IBAQAJzHK2+0mfXMqCp7er8xHKW6YSpHpVhGD9fdOdX9oM
dYgSyY2yy8DIvLttYkMB4s3J3n5uKWfXE3NsoPOfAEyO/ajBiggV86dCwYEnSJNJ
1KDOa1w/V6utNacuOPHDmTE7Oz1V4Zn/SXEznLoyODfJylvRxQfQ7Ig4xmzXUDCH
O1jdTFtaiUikgs9egs6FbwumNc2hxjucdiXRUpqNbZfgsdgPv+0c+u3QADKOh1cx
SRF+0JdYEQ+UJzmTroDwt0iISQ1Itf26lyekPHndz3ZXX4ZIsBlLheIzM/cE2KVv
8ik9vuMrWojw6ewQOMfYdiTnPJmm4Ogh2tlu82ABqhZm
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:05:46 2025 by rpki-client