Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/30cdbe-11e1-44ca-b654-029e63f0889a/1/7M8D3IxMWjzAgVSAuyFX2gLMxAs.roa
File: 7M8D3IxMWjzAgVSAuyFX2gLMxAs.roa (raw, json)
Hash identifier: MD3KP2LMgWTsm6lhsmms5WwgB8xDS3rVO74n7Xs0hs0=
Subject key identifier: EC:CF:03:DC:8C:4C:5A:3C:C0:81:54:80:BB:21:57:DA:02:CC:C4:0B
Certificate issuer: /CN=8b03dca76319903152f246e05c069fd1a1db5c59
Certificate serial: 019484723BC6A1B874B9F19CFB1D42BC3BE8
Authority key identifier: 8B:03:DC:A7:63:19:90:31:52:F2:46:E0:5C:06:9F:D1:A1:DB:5C:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iwPcp2MZkDFS8kbgXAaf0aHbXFk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/30cdbe-11e1-44ca-b654-029e63f0889a/1/7M8D3IxMWjzAgVSAuyFX2gLMxAs.roa
Signing time: Mon 20 Jan 2025 16:01:06 +0000
ROA not before: Mon 20 Jan 2025 16:01:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211368
IP address blocks: 185.45.253.0/24 maxlen: 24
2a13:e6c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:84:72:3b:c6:a1:b8:74:b9:f1:9c:fb:1d:42:bc:3b:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b03dca76319903152f246e05c069fd1a1db5c59
Validity
Not Before: Jan 20 16:01:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eccf03dc8c4c5a3cc0815480bb2157da02ccc40b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:65:fd:31:d5:60:a8:de:f9:f9:7d:12:b9:32:
27:5c:b4:ac:cd:4c:ce:6c:9c:44:a0:f5:c1:8f:9b:
6b:35:58:d0:fa:f9:20:ba:a0:af:ad:df:cc:8d:83:
b9:45:b4:c6:89:78:ef:17:98:ae:a4:99:8e:0d:84:
51:c1:61:19:bf:cc:31:f2:a2:13:23:a4:82:4e:64:
ca:fa:c2:06:dd:6d:8c:07:e7:26:fd:7a:7f:de:79:
77:b6:45:f5:e8:e3:ec:3e:08:fd:04:84:7a:21:26:
65:6a:6a:d7:8b:1e:ad:81:c6:ba:5f:40:06:df:01:
9c:af:c9:95:ac:33:60:d5:71:df:61:63:5e:2d:a0:
bc:f0:43:56:7b:ca:d1:f9:e5:be:be:8f:2e:23:c3:
75:5b:1c:bb:86:61:c6:8b:c4:62:c1:ce:aa:9c:10:
6e:d6:41:cc:85:07:db:1a:62:7d:29:b6:e3:de:19:
48:d4:86:61:a3:f4:a5:01:4b:53:0e:75:e9:5c:87:
cb:d5:12:8d:c5:9d:5e:d5:36:3b:d7:7a:e2:18:95:
92:85:c5:c4:29:6b:b8:9f:3a:f6:48:e7:4d:18:29:
8e:c4:3f:d5:ee:9b:e6:cc:e6:50:48:a7:ea:aa:86:
d0:fb:45:63:68:06:62:aa:cb:74:a2:f5:3d:82:03:
0e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:CF:03:DC:8C:4C:5A:3C:C0:81:54:80:BB:21:57:DA:02:CC:C4:0B
X509v3 Authority Key Identifier:
keyid:8B:03:DC:A7:63:19:90:31:52:F2:46:E0:5C:06:9F:D1:A1:DB:5C:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iwPcp2MZkDFS8kbgXAaf0aHbXFk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/30cdbe-11e1-44ca-b654-029e63f0889a/1/7M8D3IxMWjzAgVSAuyFX2gLMxAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/30cdbe-11e1-44ca-b654-029e63f0889a/1/iwPcp2MZkDFS8kbgXAaf0aHbXFk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.45.253.0/24
IPv6:
2a13:e6c0::/29
Signature Algorithm: sha256WithRSAEncryption
af:e9:74:88:6c:f8:5e:c8:e4:26:8a:a3:2c:49:6c:d0:79:e6:
ee:dd:bf:a5:1f:b5:5b:03:83:59:d9:c3:09:a8:6b:7a:a2:46:
57:9a:7e:e2:9c:65:cb:1e:28:c3:d4:1a:93:40:e5:1c:f0:9b:
50:8e:a0:76:9f:78:cf:fe:78:e2:ee:ee:9b:c8:27:d6:1f:f4:
6d:ec:d2:9f:49:df:b5:57:6b:55:cc:05:df:fe:bd:fb:f3:10:
ad:8a:85:02:b2:5f:24:8f:5f:71:76:67:a3:5b:44:74:ab:d5:
f8:99:84:70:7b:75:16:a5:67:82:90:6a:8b:30:b5:fa:57:0d:
fb:b6:4e:f0:8f:63:ca:40:7a:36:41:1d:47:00:d8:30:5e:7b:
2f:ba:6f:ef:d1:74:bb:a0:b6:fc:f5:25:d2:89:12:84:07:cf:
e5:e4:9c:14:8a:f7:8a:38:33:7f:b2:d3:10:c6:aa:f7:0b:5c:
71:3e:8b:75:fd:95:4f:f1:b3:af:37:65:a4:16:35:fa:54:6e:
ad:d9:2d:b0:2a:3d:f3:9d:c3:26:1f:08:9d:30:43:10:88:18:
cb:ba:ef:4e:0a:e1:2a:0d:bc:bb:d9:88:22:e4:a9:12:d9:32:
8a:f9:ad:0c:a1:57:6b:70:ab:01:b2:c3:b1:1f:28:36:3f:f9:
ae:1e:b3:4e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZSEcjvGobh0ufGc+x1CvDvoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMDNkY2E3NjMxOTkwMzE1MmYyNDZlMDVjMDY5ZmQxYTFk
YjVjNTkwHhcNMjUwMTIwMTYwMTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2NmMDNkYzhjNGM1YTNjYzA4MTU0ODBiYjIxNTdkYTAyY2NjNDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGX9MdVgqN75+X0SuTInXLSszUzO
bJxEoPXBj5trNVjQ+vkguqCvrd/MjYO5RbTGiXjvF5iupJmODYRRwWEZv8wx8qIT
I6SCTmTK+sIG3W2MB+cm/Xp/3nl3tkX16OPsPgj9BIR6ISZlamrXix6tgca6X0AG
3wGcr8mVrDNg1XHfYWNeLaC88ENWe8rR+eW+vo8uI8N1Wxy7hmHGi8Riwc6qnBBu
1kHMhQfbGmJ9Kbbj3hlI1IZho/SlAUtTDnXpXIfL1RKNxZ1e1TY713riGJWShcXE
KWu4nzr2SOdNGCmOxD/V7pvmzOZQSKfqqobQ+0VjaAZiqst0ovU9ggMO5wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOzPA9yMTFo8wIFUgLshV9oCzMQLMB8GA1UdIwQY
MBaAFIsD3KdjGZAxUvJG4FwGn9Gh21xZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXdQY3AyTVprREZTOGtiZ1hBYWYwYUhiWEZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8zMGNkYmUtMTFlMS00NGNhLWI2NTQt
MDI5ZTYzZjA4ODlhLzEvN004RDNJeE1XanpBZ1ZTQXV5RlgyZ0xNeEFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8zMGNkYmUtMTFlMS00NGNhLWI2NTQtMDI5ZTYzZjA4ODlh
LzEvaXdQY3AyTVprREZTOGtiZ1hBYWYwYUhiWEZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuS39MA0E
AgACMAcDBQMqE+bAMA0GCSqGSIb3DQEBCwUAA4IBAQCv6XSIbPheyOQmiqMsSWzQ
eebu3b+lH7VbA4NZ2cMJqGt6okZXmn7inGXLHijD1BqTQOUc8JtQjqB2n3jP/nji
7u6byCfWH/Rt7NKfSd+1V2tVzAXf/r378xCtioUCsl8kj19xdmejW0R0q9X4mYRw
e3UWpWeCkGqLMLX6Vw37tk7wj2PKQHo2QR1HANgwXnsvum/v0XS7oLb89SXSiRKE
B8/l5JwUiveKODN/stMQxqr3C1xxPot1/ZVP8bOvN2WkFjX6VG6t2S2wKj3zncMm
HwidMEMQiBjLuu9OCuEqDby72Ygi5KkS2TKK+a0MoVdrcKsBssOxHyg2P/muHrNO
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:46:47 2025 by rpki-client