Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/08af22-ffc9-4c1b-a9d7-94bedb5d0334/1/RdszoR0XDemrxWZ7ZuzRpfNYzZk.roa
File: RdszoR0XDemrxWZ7ZuzRpfNYzZk.roa (raw, json)
Hash identifier: YWnaBwFSvymmXHCPjERkvxYdDqJ7Cm5zkK0Huya48uA=
Subject key identifier: 45:DB:33:A1:1D:17:0D:E9:AB:C5:66:7B:66:EC:D1:A5:F3:58:CD:99
Certificate issuer: /CN=7c45672fc42bdd33e545338a7417e8171a04ee3f
Certificate serial: 0194236A220D1FA171EEBB97CB708E96A9B5
Authority key identifier: 7C:45:67:2F:C4:2B:DD:33:E5:45:33:8A:74:17:E8:17:1A:04:EE:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fEVnL8Qr3TPlRTOKdBfoFxoE7j8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/08af22-ffc9-4c1b-a9d7-94bedb5d0334/1/RdszoR0XDemrxWZ7ZuzRpfNYzZk.roa
Signing time: Wed 01 Jan 2025 19:49:05 +0000
ROA not before: Wed 01 Jan 2025 19:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29695
IP address blocks: 185.131.200.0/24 maxlen: 24
185.197.211.0/24 maxlen: 24
2a0c:1bc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:22:0d:1f:a1:71:ee:bb:97:cb:70:8e:96:a9:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c45672fc42bdd33e545338a7417e8171a04ee3f
Validity
Not Before: Jan 1 19:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=45db33a11d170de9abc5667b66ecd1a5f358cd99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:4c:1e:2a:6e:17:47:12:ca:7e:b0:77:ae:39:
2b:60:18:b3:ee:a6:68:84:3c:5d:87:21:48:72:e3:
27:ac:82:73:31:4a:96:4f:f9:2e:60:22:0a:5f:e2:
7f:0c:27:f0:2d:e0:af:c3:39:a9:c5:48:48:3b:fe:
14:d8:f9:c5:45:d5:b2:18:4d:13:b9:85:29:94:c5:
13:7d:85:79:5d:8d:65:91:4b:f4:b0:16:c2:9d:d6:
6f:ae:ca:a5:bc:42:e1:26:66:6b:d9:a8:9f:89:87:
58:65:cd:2f:13:fc:76:d9:82:db:63:b8:c3:c6:b6:
e3:61:3b:6a:9b:c6:16:0a:ee:ad:e9:2d:e9:57:88:
6f:f0:71:38:48:fc:11:4d:9f:af:93:73:a4:62:f7:
57:b4:b5:8f:ac:1b:43:19:82:a5:c0:bb:4b:05:f3:
9a:ff:ac:a8:77:da:dc:19:a5:e3:4f:b5:5b:d8:81:
58:5d:fe:f6:40:54:4a:2d:1c:a8:74:21:5a:bf:d6:
e1:98:35:4b:7b:9e:88:8a:ae:41:47:5d:3c:f5:99:
d9:71:fd:fb:3c:3e:d4:37:8d:be:c9:dc:c7:57:e1:
f7:fe:4d:19:df:73:76:81:0d:f9:15:66:aa:dc:b1:
3e:c0:e3:f0:1c:28:e4:59:a4:d7:bf:11:53:89:83:
72:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:DB:33:A1:1D:17:0D:E9:AB:C5:66:7B:66:EC:D1:A5:F3:58:CD:99
X509v3 Authority Key Identifier:
keyid:7C:45:67:2F:C4:2B:DD:33:E5:45:33:8A:74:17:E8:17:1A:04:EE:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fEVnL8Qr3TPlRTOKdBfoFxoE7j8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/08af22-ffc9-4c1b-a9d7-94bedb5d0334/1/RdszoR0XDemrxWZ7ZuzRpfNYzZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/08af22-ffc9-4c1b-a9d7-94bedb5d0334/1/fEVnL8Qr3TPlRTOKdBfoFxoE7j8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.200.0/24
185.197.211.0/24
IPv6:
2a0c:1bc0::/29
Signature Algorithm: sha256WithRSAEncryption
91:43:e2:5f:46:59:2a:5e:8f:e1:5a:85:0d:d5:d0:ab:15:63:
ec:40:e4:3d:bd:ad:9b:d5:5b:1d:62:66:2d:13:b9:33:22:20:
c8:36:9c:6a:ba:c7:7a:8c:42:01:9d:0b:04:71:f8:d2:5c:9a:
9d:77:c1:d7:75:61:66:21:45:41:46:7f:30:a1:cb:cb:e2:e3:
00:13:c0:bc:ed:4f:29:28:47:43:2e:2d:44:02:9d:8b:4d:a3:
02:66:c1:23:35:b2:ef:8b:fd:87:7d:f7:13:27:e8:a8:e9:6e:
fe:7c:da:25:b6:4c:d3:0b:c8:42:5b:ca:9b:18:f9:98:0d:2e:
bf:95:a3:6d:08:79:2b:8b:af:04:22:df:3b:70:69:63:d1:55:
e6:a1:81:af:1f:b4:14:11:6b:fb:5a:ce:77:a0:94:ca:f7:ef:
17:72:f6:22:87:58:25:16:38:db:ad:91:f5:68:68:c8:35:75:
24:63:4c:1c:19:a9:91:40:4b:59:96:c3:3e:16:e7:3f:f3:06:
9c:63:99:b1:3f:d2:56:ab:d6:d8:51:ee:6a:3f:58:85:08:41:
aa:70:e2:54:d0:4b:41:f3:6e:89:4d:dd:f1:b6:da:bd:0e:59:
bf:aa:6c:7e:42:5a:1d:f1:a9:16:6a:73:2e:74:0a:6d:0e:d8:
18:ba:b4:eb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQjaiINH6Fx7ruXy3COlqm1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjNDU2NzJmYzQyYmRkMzNlNTQ1MzM4YTc0MTdlODE3MWEw
NGVlM2YwHhcNMjUwMTAxMTk0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWRiMzNhMTFkMTcwZGU5YWJjNTY2N2I2NmVjZDFhNWYzNThjZDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUweKm4XRxLKfrB3rjkrYBiz7qZo
hDxdhyFIcuMnrIJzMUqWT/kuYCIKX+J/DCfwLeCvwzmpxUhIO/4U2PnFRdWyGE0T
uYUplMUTfYV5XY1lkUv0sBbCndZvrsqlvELhJmZr2aifiYdYZc0vE/x22YLbY7jD
xrbjYTtqm8YWCu6t6S3pV4hv8HE4SPwRTZ+vk3OkYvdXtLWPrBtDGYKlwLtLBfOa
/6yod9rcGaXjT7Vb2IFYXf72QFRKLRyodCFav9bhmDVLe56Iiq5BR1089ZnZcf37
PD7UN42+ydzHV+H3/k0Z33N2gQ35FWaq3LE+wOPwHCjkWaTXvxFTiYNyJwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEXbM6EdFw3pq8Vme2bs0aXzWM2ZMB8GA1UdIwQY
MBaAFHxFZy/EK90z5UUzinQX6BcaBO4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkVWbkw4UXIzVFBsUlRPS2RCZm9GeG9FN2o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8wOGFmMjItZmZjOS00YzFiLWE5ZDct
OTRiZWRiNWQwMzM0LzEvUmRzem9SMFhEZW1yeFdaN1p1elJwZk5ZelprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8wOGFmMjItZmZjOS00YzFiLWE5ZDctOTRiZWRiNWQwMzM0
LzEvZkVWbkw4UXIzVFBsUlRPS2RCZm9GeG9FN2o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuYPIAwQA
ucXTMA0EAgACMAcDBQMqDBvAMA0GCSqGSIb3DQEBCwUAA4IBAQCRQ+JfRlkqXo/h
WoUN1dCrFWPsQOQ9va2b1VsdYmYtE7kzIiDINpxqusd6jEIBnQsEcfjSXJqdd8HX
dWFmIUVBRn8wocvL4uMAE8C87U8pKEdDLi1EAp2LTaMCZsEjNbLvi/2HffcTJ+io
6W7+fNoltkzTC8hCW8qbGPmYDS6/laNtCHkri68EIt87cGlj0VXmoYGvH7QUEWv7
Ws53oJTK9+8XcvYih1glFjjbrZH1aGjINXUkY0wcGamRQEtZlsM+Fuc/8wacY5mx
P9JWq9bYUe5qP1iFCEGqcOJU0EtB826JTd3xttq9Dlm/qmx+Qlod8akWanMudApt
DtgYurTr
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:39:40 2025 by rpki-client