Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/vdk3N5VRHo2sARS7nAPz0A9u-gE.roa
File: vdk3N5VRHo2sARS7nAPz0A9u-gE.roa (raw, json)
Hash identifier: f8eadAG5o3B9v+Z54jElI6dVz3Rd4/6xP/dW1sgwXbM=
Subject key identifier: BD:D9:37:37:95:51:1E:8D:AC:01:14:BB:9C:03:F3:D0:0F:6E:FA:01
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01942220224EC304EC7FD3F3D912F985A2B6
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/vdk3N5VRHo2sARS7nAPz0A9u-gE.roa
Signing time: Wed 01 Jan 2025 13:48:38 +0000
ROA not before: Wed 01 Jan 2025 13:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 176.125.248.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:22:4e:c3:04:ec:7f:d3:f3:d9:12:f9:85:a2:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bdd9373795511e8dac0114bb9c03f3d00f6efa01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:02:cd:8a:9e:2d:5e:90:8d:66:13:3d:6e:99:
d7:4d:8a:d2:0f:47:07:72:a0:cb:16:f5:9e:26:b0:
85:a2:f7:75:7f:cc:3c:47:41:e1:83:7c:1e:53:51:
7e:80:67:e0:44:de:2e:26:da:e6:e3:8e:2e:bb:88:
a3:40:5c:1e:38:db:35:3e:1a:d0:36:78:ce:a2:19:
c8:a5:03:cc:62:87:4d:58:37:f3:82:b5:94:3a:f7:
b4:fe:14:82:88:c3:41:a6:ec:3c:94:53:a6:14:bb:
59:53:bd:ac:81:1b:f8:cc:a7:27:ea:bd:4b:1d:1a:
c5:14:b1:34:07:4a:f8:92:e0:45:8c:58:25:23:40:
bb:a3:af:05:e7:ab:63:77:28:6f:be:7d:ca:0d:db:
89:f4:42:0f:fa:83:33:50:99:72:ba:5f:6a:0f:e1:
7a:e4:3a:a4:23:d9:59:96:5d:d2:1e:8e:40:2f:aa:
44:11:a5:cb:66:5e:48:b7:37:14:99:a0:5a:58:d2:
6e:82:f5:ee:49:b4:06:e5:2c:19:eb:01:ff:73:7c:
e6:5e:b3:99:7a:96:61:24:dd:64:e9:9a:74:18:c5:
dd:74:4f:14:0e:0a:f3:c3:dc:40:20:f7:51:29:d2:
12:29:1e:5e:27:45:d7:2b:33:09:f7:fe:a0:b5:ea:
5a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:D9:37:37:95:51:1E:8D:AC:01:14:BB:9C:03:F3:D0:0F:6E:FA:01
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/vdk3N5VRHo2sARS7nAPz0A9u-gE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.248.0/24
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:c2:ac:cf:d1:5d:d0:01:79:c0:77:a2:2b:c9:50:ac:59:6c:
aa:a2:66:8d:9c:56:7e:40:ba:27:42:8d:7b:89:49:2c:dd:9d:
26:fd:9c:d4:21:be:82:f5:07:82:e3:79:e1:41:97:5f:b2:d6:
e7:94:1e:10:17:c7:8b:48:cf:4f:c9:95:a3:5c:bf:01:c8:e2:
68:98:d8:d5:a9:b3:af:ff:31:40:60:c9:9c:b2:c7:47:67:77:
2f:3b:35:38:c9:ee:5f:49:86:2d:8d:92:ce:69:c5:9e:15:87:
26:32:d9:4a:e4:b2:9a:99:2f:41:ac:7b:e0:cd:da:bb:39:3d:
d5:79:28:24:ca:73:3e:db:c8:c8:7c:1a:ce:1b:35:35:0a:cd:
0c:69:17:f2:9e:1b:1b:ce:87:85:b5:b3:89:54:51:e2:92:63:
b3:46:4c:e7:16:17:33:21:c5:f9:9f:e0:fe:ff:8e:d5:11:3c:
fb:1b:e9:39:86:71:28:a6:7b:d5:93:b3:41:9d:64:c6:b7:b5:
a1:33:03:92:d4:56:c8:e2:1d:8a:83:82:32:0e:3a:fd:d8:0f:
03:50:c5:14:66:9f:f2:0b:08:17:7e:fb:30:65:f6:c6:45:0e:
24:5a:51:8a:43:b5:83:21:0b:84:37:8b:76:09:c6:bf:87:e1:
22:96:d3:2f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiICJOwwTsf9Pz2RL5haK2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGQ5MzczNzk1NTExZThkYWMwMTE0YmI5YzAzZjNkMDBmNmVmYTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwLNip4tXpCNZhM9bpnXTYrSD0cH
cqDLFvWeJrCFovd1f8w8R0Hhg3weU1F+gGfgRN4uJtrm444uu4ijQFweONs1PhrQ
NnjOohnIpQPMYodNWDfzgrWUOve0/hSCiMNBpuw8lFOmFLtZU72sgRv4zKcn6r1L
HRrFFLE0B0r4kuBFjFglI0C7o68F56tjdyhvvn3KDduJ9EIP+oMzUJlyul9qD+F6
5DqkI9lZll3SHo5AL6pEEaXLZl5ItzcUmaBaWNJugvXuSbQG5SwZ6wH/c3zmXrOZ
epZhJN1k6Zp0GMXddE8UDgrzw9xAIPdRKdISKR5eJ0XXKzMJ9/6gtepalwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL3ZNzeVUR6NrAEUu5wD89APbvoBMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvdmRrM041VlJIbzJzQVJTN25BUHowQTl1LWdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsH34AwQA
ufvnMA0GCSqGSIb3DQEBCwUAA4IBAQAawqzP0V3QAXnAd6IryVCsWWyqomaNnFZ+
QLonQo17iUks3Z0m/ZzUIb6C9QeC43nhQZdfstbnlB4QF8eLSM9PyZWjXL8ByOJo
mNjVqbOv/zFAYMmcssdHZ3cvOzU4ye5fSYYtjZLOacWeFYcmMtlK5LKamS9BrHvg
zdq7OT3VeSgkynM+28jIfBrOGzU1Cs0MaRfynhsbzoeFtbOJVFHikmOzRkznFhcz
IcX5n+D+/47VETz7G+k5hnEopnvVk7NBnWTGt7WhMwOS1FbI4h2Kg4IyDjr92A8D
UMUUZp/yCwgXfvswZfbGRQ4kWlGKQ7WDIQuEN4t2Cca/h+EiltMv
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:28:22 2025 by rpki-client