Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/5b373e-d314-4459-b858-cf1d1f007a36/1/Kd7_5vl2w2YSR6oDwH4ZLSBCJg4.roa
File: Kd7_5vl2w2YSR6oDwH4ZLSBCJg4.roa (raw, json)
Hash identifier: EwnV+wUuaOySMH9KRvnlNbPyo/46xzUnRyjwxeytk6w=
Subject key identifier: 29:DE:FF:E6:F9:76:C3:66:12:47:AA:03:C0:7E:19:2D:20:42:26:0E
Certificate issuer: /CN=9b129de9eba6b47516f0a155734205abbb98b7c2
Certificate serial: 019420D61A6322A22163880B3E35B9638B0A
Authority key identifier: 9B:12:9D:E9:EB:A6:B4:75:16:F0:A1:55:73:42:05:AB:BB:98:B7:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mxKd6eumtHUW8KFVc0IFq7uYt8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/5b373e-d314-4459-b858-cf1d1f007a36/1/Kd7_5vl2w2YSR6oDwH4ZLSBCJg4.roa
Signing time: Wed 01 Jan 2025 07:48:09 +0000
ROA not before: Wed 01 Jan 2025 07:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205732
IP address blocks: 185.208.105.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:1a:63:22:a2:21:63:88:0b:3e:35:b9:63:8b:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b129de9eba6b47516f0a155734205abbb98b7c2
Validity
Not Before: Jan 1 07:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=29deffe6f976c3661247aa03c07e192d2042260e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:7f:dc:2b:6f:b5:49:3a:02:9c:2b:da:d4:53:
4f:c2:7c:7d:28:e1:26:eb:07:aa:88:31:dc:9f:19:
2a:b0:d9:4d:71:79:b0:7c:42:bb:b1:7e:83:30:49:
ed:17:38:a7:6f:30:e1:05:1f:3e:68:14:f7:b7:0b:
c7:e6:47:bb:d4:b1:0e:55:41:70:83:c3:81:9b:dc:
d4:cb:f9:3a:61:63:5c:aa:9c:3e:14:59:fc:fa:a1:
a0:a4:36:25:72:4d:7e:1d:99:25:3a:d7:12:ee:2d:
56:eb:81:16:6f:48:e7:19:e9:6d:48:d1:dc:01:4f:
cb:97:e9:34:0f:6c:8b:3a:17:34:52:09:d6:b1:6a:
1f:3c:c0:70:f5:33:1c:db:b6:89:48:ab:9f:d3:9c:
b7:ca:9e:9c:27:7d:da:e0:42:03:00:2a:e4:53:69:
78:de:53:e4:df:36:dc:5a:0a:22:23:f7:a4:b9:d9:
5d:ae:ce:78:23:ef:e6:b2:86:77:44:1a:2d:1a:62:
d3:65:f3:90:2a:23:fb:1a:70:72:06:c1:10:d5:44:
47:80:5e:05:1b:eb:0b:ee:c1:f0:f7:87:2f:0f:8a:
d4:d0:1a:2b:4b:5b:41:11:05:43:e3:fb:25:b0:2e:
42:7a:31:51:46:c3:07:4e:a9:04:0b:73:c7:9e:cf:
2d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:DE:FF:E6:F9:76:C3:66:12:47:AA:03:C0:7E:19:2D:20:42:26:0E
X509v3 Authority Key Identifier:
keyid:9B:12:9D:E9:EB:A6:B4:75:16:F0:A1:55:73:42:05:AB:BB:98:B7:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mxKd6eumtHUW8KFVc0IFq7uYt8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/5b373e-d314-4459-b858-cf1d1f007a36/1/Kd7_5vl2w2YSR6oDwH4ZLSBCJg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/5b373e-d314-4459-b858-cf1d1f007a36/1/mxKd6eumtHUW8KFVc0IFq7uYt8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.105.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:89:b2:b5:02:20:0d:bd:c5:29:86:19:a8:b6:a1:e5:31:2a:
4d:91:b9:b5:9e:45:c5:08:34:f9:45:df:fa:e7:00:fd:40:e0:
7d:25:14:d5:18:59:a5:4e:b7:bc:97:ef:9b:76:bb:31:a8:3e:
59:85:cb:05:5d:25:96:d0:db:e0:81:2c:1f:ac:1a:45:59:e3:
46:d5:1e:77:04:8c:3e:90:90:fa:e0:0f:e4:85:c6:28:44:78:
b4:7b:59:93:e1:68:3e:3e:3f:0e:76:8e:74:db:18:81:42:55:
05:83:07:2f:54:e3:09:60:eb:58:0e:ff:4b:bb:76:a1:28:d7:
80:c6:10:0c:95:4e:99:75:d5:00:b6:0f:aa:ee:e8:e5:57:cb:
8f:e9:06:26:8e:77:4c:61:21:ff:31:9b:19:96:73:85:6c:d8:
ec:67:c1:37:fc:d4:a4:9d:fb:fa:ae:7b:99:46:57:d6:f1:f9:
53:e4:d1:5d:b3:95:10:04:52:a1:bc:8e:39:71:19:f1:b1:50:
36:3b:71:b2:e1:43:1c:1c:0e:ee:7c:f8:f9:cf:90:4f:c3:3b:
3b:67:51:dd:89:94:06:47:7b:91:3d:bf:39:6f:2b:4e:8a:da:
81:f5:06:2e:34:4c:69:06:12:05:12:55:fd:d1:38:36:d2:7a:
1c:6d:55:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1hpjIqIhY4gLPjW5Y4sKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMTI5ZGU5ZWJhNmI0NzUxNmYwYTE1NTczNDIwNWFiYmI5
OGI3YzIwHhcNMjUwMTAxMDc0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWRlZmZlNmY5NzZjMzY2MTI0N2FhMDNjMDdlMTkyZDIwNDIyNjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAun/cK2+1SToCnCva1FNPwnx9KOEm
6weqiDHcnxkqsNlNcXmwfEK7sX6DMEntFzinbzDhBR8+aBT3twvH5ke71LEOVUFw
g8OBm9zUy/k6YWNcqpw+FFn8+qGgpDYlck1+HZklOtcS7i1W64EWb0jnGeltSNHc
AU/Ll+k0D2yLOhc0UgnWsWofPMBw9TMc27aJSKuf05y3yp6cJ33a4EIDACrkU2l4
3lPk3zbcWgoiI/ekudldrs54I+/msoZ3RBotGmLTZfOQKiP7GnByBsEQ1URHgF4F
G+sL7sHw94cvD4rU0BorS1tBEQVD4/slsC5CejFRRsMHTqkEC3PHns8tcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCne/+b5dsNmEkeqA8B+GS0gQiYOMB8GA1UdIwQY
MBaAFJsSnenrprR1FvChVXNCBau7mLfCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXhLZDZldW10SFVXOEtGVmMwSUZxN3VZdDhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy81YjM3M2UtZDMxNC00NDU5LWI4NTgt
Y2YxZDFmMDA3YTM2LzEvS2Q3XzV2bDJ3MllTUjZvRHdINFpMU0JDSmc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy81YjM3M2UtZDMxNC00NDU5LWI4NTgtY2YxZDFmMDA3YTM2
LzEvbXhLZDZldW10SFVXOEtGVmMwSUZxN3VZdDhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudBpMA0G
CSqGSIb3DQEBCwUAA4IBAQCOibK1AiANvcUphhmotqHlMSpNkbm1nkXFCDT5Rd/6
5wD9QOB9JRTVGFmlTre8l++bdrsxqD5ZhcsFXSWW0NvggSwfrBpFWeNG1R53BIw+
kJD64A/khcYoRHi0e1mT4Wg+Pj8Odo502xiBQlUFgwcvVOMJYOtYDv9Lu3ahKNeA
xhAMlU6ZddUAtg+q7ujlV8uP6QYmjndMYSH/MZsZlnOFbNjsZ8E3/NSknfv6rnuZ
RlfW8flT5NFds5UQBFKhvI45cRnxsVA2O3Gy4UMcHA7ufPj5z5BPwzs7Z1HdiZQG
R3uRPb85bytOitqB9QYuNExpBhIFElX90Tg20nocbVUh
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:32:00 2025 by rpki-client