Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/700fd3-c360-48ab-8a06-56129b7dc018/1/dntaOaxuIDGd8pI8wGTFAJRgyN0.roa
File: dntaOaxuIDGd8pI8wGTFAJRgyN0.roa (raw, json)
Hash identifier: ZmPkwqzAaYGLrLg5+RqVjoLEOwPFE1N2kmesXzCCUwI=
Subject key identifier: 76:7B:5A:39:AC:6E:20:31:9D:F2:92:3C:C0:64:C5:00:94:60:C8:DD
Certificate issuer: /CN=08af091858bb99651764399c6565df7a0834dbad
Certificate serial: 01942825687685E7B56984516C41EAB11F07
Authority key identifier: 08:AF:09:18:58:BB:99:65:17:64:39:9C:65:65:DF:7A:08:34:DB:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CK8JGFi7mWUXZDmcZWXfegg0260.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/700fd3-c360-48ab-8a06-56129b7dc018/1/dntaOaxuIDGd8pI8wGTFAJRgyN0.roa
Signing time: Thu 02 Jan 2025 17:52:07 +0000
ROA not before: Thu 02 Jan 2025 17:52:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204685
IP address blocks: 185.212.251.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:68:76:85:e7:b5:69:84:51:6c:41:ea:b1:1f:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08af091858bb99651764399c6565df7a0834dbad
Validity
Not Before: Jan 2 17:52:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=767b5a39ac6e20319df2923cc064c5009460c8dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d3:9d:ca:b9:9b:06:80:2d:ae:b0:e9:76:79:
ea:cc:ff:2a:25:8c:66:e6:2e:c1:9a:44:2c:df:8b:
35:6d:fb:60:e8:64:d2:b7:4c:83:2d:7c:52:2e:81:
8b:91:4f:fd:ab:69:5f:3d:88:6d:67:f3:a9:90:94:
bf:57:f4:ee:8d:01:84:b0:57:07:8b:cc:b7:17:09:
ce:bd:f1:d3:ff:02:fd:20:08:f8:6a:64:5e:d7:aa:
90:5a:59:d4:79:be:4b:b3:4b:fd:ed:a8:c0:b6:b9:
05:34:db:1c:11:d0:64:99:ae:c7:1e:fc:61:54:3b:
d7:35:de:f5:1e:6a:6f:3c:ca:e0:d2:1b:0d:78:cd:
1c:2f:f4:6d:81:f7:6c:8c:96:c8:6d:a1:90:6e:7b:
01:05:65:29:c1:0c:f8:14:61:6c:75:46:83:3d:06:
23:8a:4d:e8:85:0a:ec:bd:34:84:99:1a:92:9f:5d:
43:8e:30:95:93:0b:77:4f:13:90:7c:c0:f5:79:c0:
8a:49:82:7a:f2:f5:a9:9f:e9:92:39:25:9f:54:a5:
e2:b4:df:98:65:3a:7f:46:73:21:fb:fa:20:2e:f7:
ba:d5:a8:d0:85:cb:80:90:92:6a:eb:47:2d:00:3b:
ba:8f:02:68:c3:7d:5d:63:6a:e2:2f:59:a1:77:a9:
93:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:7B:5A:39:AC:6E:20:31:9D:F2:92:3C:C0:64:C5:00:94:60:C8:DD
X509v3 Authority Key Identifier:
keyid:08:AF:09:18:58:BB:99:65:17:64:39:9C:65:65:DF:7A:08:34:DB:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CK8JGFi7mWUXZDmcZWXfegg0260.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/700fd3-c360-48ab-8a06-56129b7dc018/1/dntaOaxuIDGd8pI8wGTFAJRgyN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/700fd3-c360-48ab-8a06-56129b7dc018/1/CK8JGFi7mWUXZDmcZWXfegg0260.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.212.251.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:5b:65:a7:74:f5:73:1d:66:d2:05:fa:f1:6a:94:fc:bd:5b:
15:1d:3d:8a:54:ee:2e:f0:f2:44:f8:af:81:02:6c:c1:02:46:
71:9f:39:98:01:80:7e:3a:ea:4f:c7:18:e3:89:37:a8:b5:d4:
29:cb:5d:28:88:52:f9:50:63:94:69:60:6d:e3:8e:d1:ca:1a:
0f:3e:7b:3a:4c:d7:b0:d0:78:90:e8:9d:3c:85:46:ce:a5:0f:
c9:94:ec:0b:a2:4a:94:00:a2:49:4c:2c:9e:a0:63:86:62:2b:
14:d5:08:7d:77:0f:41:33:91:bb:27:67:73:f8:eb:5c:4c:01:
49:85:d0:41:81:50:68:01:07:cb:01:29:d1:92:16:f4:86:36:
56:63:05:af:f5:c0:e3:c5:bf:17:90:47:37:be:f3:91:93:36:
56:c6:93:87:9e:1a:b5:f1:60:48:8a:a2:9f:1e:99:bf:47:b3:
4c:7b:67:82:25:ee:4f:d7:ad:e9:23:04:ed:f1:30:c5:86:e0:
0a:6a:60:4a:08:5c:2e:1e:1e:41:eb:e5:d4:ee:8e:a6:b7:81:
b0:84:f6:c4:6c:4b:29:18:67:ac:e0:98:38:8e:b5:dc:f5:11:
b5:e3:8d:5c:70:83:78:b4:c7:95:76:1b:b9:b6:ca:32:9a:9b:
9c:c1:66:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJWh2hee1aYRRbEHqsR8HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YWYwOTE4NThiYjk5NjUxNzY0Mzk5YzY1NjVkZjdhMDgz
NGRiYWQwHhcNMjUwMTAyMTc1MjA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjdiNWEzOWFjNmUyMDMxOWRmMjkyM2NjMDY0YzUwMDk0NjBjOGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttOdyrmbBoAtrrDpdnnqzP8qJYxm
5i7BmkQs34s1bftg6GTSt0yDLXxSLoGLkU/9q2lfPYhtZ/OpkJS/V/TujQGEsFcH
i8y3FwnOvfHT/wL9IAj4amRe16qQWlnUeb5Ls0v97ajAtrkFNNscEdBkma7HHvxh
VDvXNd71HmpvPMrg0hsNeM0cL/RtgfdsjJbIbaGQbnsBBWUpwQz4FGFsdUaDPQYj
ik3ohQrsvTSEmRqSn11DjjCVkwt3TxOQfMD1ecCKSYJ68vWpn+mSOSWfVKXitN+Y
ZTp/RnMh+/ogLve61ajQhcuAkJJq60ctADu6jwJow31dY2riL1mhd6mTwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHZ7WjmsbiAxnfKSPMBkxQCUYMjdMB8GA1UdIwQY
MBaAFAivCRhYu5llF2Q5nGVl33oINNutMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0s4SkdGaTdtV1VYWkRtY1pXWGZlZ2cwMjYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS83MDBmZDMtYzM2MC00OGFiLThhMDYt
NTYxMjliN2RjMDE4LzEvZG50YU9heHVJREdkOHBJOHdHVEZBSlJneU4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS83MDBmZDMtYzM2MC00OGFiLThhMDYtNTYxMjliN2RjMDE4
LzEvQ0s4SkdGaTdtV1VYWkRtY1pXWGZlZ2cwMjYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudT7MA0G
CSqGSIb3DQEBCwUAA4IBAQDJW2WndPVzHWbSBfrxapT8vVsVHT2KVO4u8PJE+K+B
AmzBAkZxnzmYAYB+OupPxxjjiTeotdQpy10oiFL5UGOUaWBt447RyhoPPns6TNew
0HiQ6J08hUbOpQ/JlOwLokqUAKJJTCyeoGOGYisU1Qh9dw9BM5G7J2dz+OtcTAFJ
hdBBgVBoAQfLASnRkhb0hjZWYwWv9cDjxb8XkEc3vvORkzZWxpOHnhq18WBIiqKf
Hpm/R7NMe2eCJe5P163pIwTt8TDFhuAKamBKCFwuHh5B6+XU7o6mt4GwhPbEbEsp
GGes4Jg4jrXc9RG1441ccIN4tMeVdhu5tsoympucwWbB
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:00:36 2025 by rpki-client