Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/3dc72e-0861-4316-a4be-a295813f1f82/1/12Zahr8ypxTDNrQSGTJX87wf4FU.roa
File: 12Zahr8ypxTDNrQSGTJX87wf4FU.roa (raw, json)
Hash identifier: 1xnPEzPjKosfERE7d2w2vVj9bJxLTdzPRRY8ixKvDnU=
Subject key identifier: D7:66:5A:86:BF:32:A7:14:C3:36:B4:12:19:32:57:F3:BC:1F:E0:55
Certificate issuer: /CN=0c1e6d5e72daf4108cf60bd47e936df1a1e97226
Certificate serial: 019424455EB9687ACADB680E8AAC5C693833
Authority key identifier: 0C:1E:6D:5E:72:DA:F4:10:8C:F6:0B:D4:7E:93:6D:F1:A1:E9:72:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DB5tXnLa9BCM9gvUfpNt8aHpciY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/3dc72e-0861-4316-a4be-a295813f1f82/1/12Zahr8ypxTDNrQSGTJX87wf4FU.roa
Signing time: Wed 01 Jan 2025 23:48:33 +0000
ROA not before: Wed 01 Jan 2025 23:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206211
IP address blocks: 185.247.240.0/24 maxlen: 24
185.247.243.0/24 maxlen: 24
2a0d:d180::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:5e:b9:68:7a:ca:db:68:0e:8a:ac:5c:69:38:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c1e6d5e72daf4108cf60bd47e936df1a1e97226
Validity
Not Before: Jan 1 23:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d7665a86bf32a714c336b412193257f3bc1fe055
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:91:e7:7d:14:e6:93:b6:7f:87:49:c1:f1:95:
02:3d:34:b5:8f:d8:54:5c:96:ab:7d:42:39:7e:3e:
9a:f8:0d:6d:5f:d2:b5:1c:cf:52:45:9a:92:64:0d:
54:2b:ba:9b:fa:10:fa:b1:db:97:62:3b:9a:06:3e:
a1:50:d6:19:42:dc:66:96:eb:43:ac:a2:aa:db:4c:
4c:50:60:79:8b:dd:44:cc:18:00:a8:98:9c:2e:fc:
fb:0a:78:b9:c5:75:d5:82:9b:51:69:88:8e:50:35:
10:30:55:66:5b:d4:06:49:2f:85:1c:11:7b:ff:0b:
c7:b6:e6:4d:92:ef:64:46:4a:eb:fa:43:44:32:72:
fe:1e:ed:1f:e8:0c:40:9c:59:8a:7c:07:ac:97:d8:
8a:49:c6:a0:56:a7:af:f5:d6:9a:b2:bb:5a:56:bc:
da:4b:7e:5d:5a:de:02:7b:8e:89:f9:fd:b3:6e:7a:
0d:02:cc:57:7c:5c:ce:2f:03:7c:77:0d:dd:3e:7f:
a5:44:85:ba:5c:f0:47:84:36:e6:f3:de:17:7a:c0:
51:db:65:36:8a:a2:2d:04:a6:95:d0:d9:4f:13:03:
fa:06:1c:f5:0d:1d:d7:86:9f:f7:f0:09:0c:0f:10:
6b:a9:bb:e6:37:a3:f8:ef:96:5f:1d:58:36:40:a6:
12:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:66:5A:86:BF:32:A7:14:C3:36:B4:12:19:32:57:F3:BC:1F:E0:55
X509v3 Authority Key Identifier:
keyid:0C:1E:6D:5E:72:DA:F4:10:8C:F6:0B:D4:7E:93:6D:F1:A1:E9:72:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DB5tXnLa9BCM9gvUfpNt8aHpciY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/3dc72e-0861-4316-a4be-a295813f1f82/1/12Zahr8ypxTDNrQSGTJX87wf4FU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/3dc72e-0861-4316-a4be-a295813f1f82/1/DB5tXnLa9BCM9gvUfpNt8aHpciY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.247.240.0/24
185.247.243.0/24
IPv6:
2a0d:d180::/29
Signature Algorithm: sha256WithRSAEncryption
38:e2:6d:48:ca:6a:8a:f3:1e:56:be:7f:26:34:93:3f:5f:85:
4a:b9:a4:cb:15:af:ee:42:e6:03:30:a9:4a:0c:95:11:38:3f:
b1:4e:02:6d:df:8a:8b:e8:c1:30:1a:2f:12:7e:1a:e4:8f:e2:
d4:d8:78:fe:0b:d6:2d:5d:7f:4b:8b:ae:03:27:0d:cf:46:5e:
b4:fd:20:0e:a9:cc:8d:27:1a:e7:2b:20:90:c2:75:99:14:4a:
66:ee:25:34:76:8f:4c:4d:5b:8a:f2:35:68:41:92:69:c5:6c:
12:e3:3c:83:29:8b:e2:9b:23:c1:12:8b:b0:b3:36:d4:57:67:
43:5d:ec:26:57:2c:96:95:93:0f:d6:a9:ca:07:30:6b:7b:f5:
8f:0e:85:07:43:4c:6c:c9:03:e6:b3:36:c5:9b:4a:85:96:3e:
1d:a8:ef:c3:a2:be:a7:8f:38:f3:45:85:15:fa:1b:93:5a:4a:
3b:28:86:3d:38:4c:89:c8:37:fa:36:e6:12:d9:14:3c:44:e2:
ed:bb:98:cd:bb:2c:c8:8f:17:ae:d9:58:81:7b:e9:17:f9:6c:
63:d5:5c:7c:e1:36:03:a4:bd:2a:fb:0e:f6:df:e3:74:8e:a8:
36:e1:5c:5e:99:54:3a:95:01:c4:c6:85:28:dc:de:bc:ab:86:
ca:99:fd:3c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQkRV65aHrK22gOiqxcaTgzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMWU2ZDVlNzJkYWY0MTA4Y2Y2MGJkNDdlOTM2ZGYxYTFl
OTcyMjYwHhcNMjUwMTAxMjM0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzY2NWE4NmJmMzJhNzE0YzMzNmI0MTIxOTMyNTdmM2JjMWZlMDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZHnfRTmk7Z/h0nB8ZUCPTS1j9hU
XJarfUI5fj6a+A1tX9K1HM9SRZqSZA1UK7qb+hD6sduXYjuaBj6hUNYZQtxmlutD
rKKq20xMUGB5i91EzBgAqJicLvz7Cni5xXXVgptRaYiOUDUQMFVmW9QGSS+FHBF7
/wvHtuZNku9kRkrr+kNEMnL+Hu0f6AxAnFmKfAesl9iKScagVqev9daasrtaVrza
S35dWt4Ce46J+f2zbnoNAsxXfFzOLwN8dw3dPn+lRIW6XPBHhDbm894XesBR22U2
iqItBKaV0NlPEwP6Bhz1DR3Xhp/38AkMDxBrqbvmN6P475ZfHVg2QKYSWwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNdmWoa/MqcUwza0EhkyV/O8H+BVMB8GA1UdIwQY
MBaAFAwebV5y2vQQjPYL1H6TbfGh6XImMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREI1dFhuTGE5QkNNOWd2VWZwTnQ4YUhwY2lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8zZGM3MmUtMDg2MS00MzE2LWE0YmUt
YTI5NTgxM2YxZjgyLzEvMTJaYWhyOHlweFRETnJRU0dUSlg4N3dmNEZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8zZGM3MmUtMDg2MS00MzE2LWE0YmUtYTI5NTgxM2YxZjgy
LzEvREI1dFhuTGE5QkNNOWd2VWZwTnQ4YUhwY2lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuffwAwQA
uffzMA0EAgACMAcDBQMqDdGAMA0GCSqGSIb3DQEBCwUAA4IBAQA44m1IymqK8x5W
vn8mNJM/X4VKuaTLFa/uQuYDMKlKDJUROD+xTgJt34qL6MEwGi8Sfhrkj+LU2Hj+
C9YtXX9Li64DJw3PRl60/SAOqcyNJxrnKyCQwnWZFEpm7iU0do9MTVuK8jVoQZJp
xWwS4zyDKYvimyPBEouwszbUV2dDXewmVyyWlZMP1qnKBzBre/WPDoUHQ0xsyQPm
szbFm0qFlj4dqO/Dor6njzjzRYUV+huTWko7KIY9OEyJyDf6NuYS2RQ8ROLtu5jN
uyzIjxeu2ViBe+kX+Wxj1Vx84TYDpL0q+w723+N0jqg24VxemVQ6lQHExoUo3N68
q4bKmf08
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:17:07 2025 by rpki-client