Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/61db6b-1d73-4ec2-8be0-f37cbaf7ce5a/1/bXuLlzwCurMedfx4RUMXi7r1h0M.roa
File: bXuLlzwCurMedfx4RUMXi7r1h0M.roa (raw, json)
Hash identifier: sXVX+GwCrEzWh3/PYurD7SBft7awlkJnghtSxD3UtHo=
Subject key identifier: 6D:7B:8B:97:3C:02:BA:B3:1E:75:FC:78:45:43:17:8B:BA:F5:87:43
Certificate issuer: /CN=3a7b03913e3a285efe51cdac65f5504c87a34460
Certificate serial: 01942747B3A6580A1E1A40843E3DD4D151DE
Authority key identifier: 3A:7B:03:91:3E:3A:28:5E:FE:51:CD:AC:65:F5:50:4C:87:A3:44:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OnsDkT46KF7-Uc2sZfVQTIejRGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/61db6b-1d73-4ec2-8be0-f37cbaf7ce5a/1/bXuLlzwCurMedfx4RUMXi7r1h0M.roa
Signing time: Thu 02 Jan 2025 13:49:58 +0000
ROA not before: Thu 02 Jan 2025 13:49:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35043
IP address blocks: 185.95.180.0/24 maxlen: 24
185.95.181.0/24 maxlen: 24
185.95.182.0/24 maxlen: 24
185.95.183.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:b3:a6:58:0a:1e:1a:40:84:3e:3d:d4:d1:51:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a7b03913e3a285efe51cdac65f5504c87a34460
Validity
Not Before: Jan 2 13:49:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d7b8b973c02bab31e75fc784543178bbaf58743
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f6:af:03:ff:54:82:37:14:30:04:95:fe:07:
39:6d:c9:fd:60:31:ee:a4:14:4a:ee:ba:ce:4d:54:
46:c0:a0:43:14:5c:2b:81:3e:20:a5:4b:47:16:83:
51:94:8f:e3:15:28:5c:42:05:12:da:da:51:1a:63:
c0:78:12:ca:a6:d9:41:7f:44:11:3c:af:9a:96:c4:
ff:41:f9:85:8b:9b:99:ba:51:cb:cf:19:ce:d2:b5:
24:ed:e5:d7:4d:7e:bb:a8:d7:c0:83:b5:3b:cc:f1:
47:a2:ce:58:60:f3:cd:18:6c:2f:47:e7:57:0d:b0:
09:db:91:14:fc:9a:6d:14:5f:41:d5:42:0b:d9:ea:
18:8e:fd:97:7c:9c:6f:29:ea:6e:3a:b5:9e:45:bc:
c7:48:01:b8:84:17:49:84:8c:1a:fd:5a:71:ec:5e:
d1:81:78:13:9c:c1:21:3a:9e:c4:14:15:ee:95:a3:
e1:26:0c:89:02:25:d8:41:69:48:8e:eb:48:85:28:
d7:21:32:fc:34:2c:4c:d3:71:ec:bb:fd:44:3a:b6:
93:06:d8:5c:4b:32:a7:45:f8:14:f9:5f:47:0d:10:
3a:75:20:27:0a:f4:fc:5a:f4:42:a9:ad:eb:21:4f:
bd:0b:ab:18:da:e6:61:41:1f:1d:03:2c:c3:a1:60:
9d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:7B:8B:97:3C:02:BA:B3:1E:75:FC:78:45:43:17:8B:BA:F5:87:43
X509v3 Authority Key Identifier:
keyid:3A:7B:03:91:3E:3A:28:5E:FE:51:CD:AC:65:F5:50:4C:87:A3:44:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OnsDkT46KF7-Uc2sZfVQTIejRGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/61db6b-1d73-4ec2-8be0-f37cbaf7ce5a/1/bXuLlzwCurMedfx4RUMXi7r1h0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/61db6b-1d73-4ec2-8be0-f37cbaf7ce5a/1/OnsDkT46KF7-Uc2sZfVQTIejRGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.180.0/22
Signature Algorithm: sha256WithRSAEncryption
39:0e:83:3b:34:d6:27:cf:a8:dd:f6:c8:98:91:ea:8c:2f:14:
81:e1:7e:39:a1:b7:f1:ff:c0:7d:c5:63:19:9d:2b:cb:0d:ce:
67:e8:36:88:cd:02:89:47:70:fc:2b:f9:4b:c5:ed:68:9c:e9:
3d:cb:e0:af:27:ba:0a:7f:e1:6e:bf:80:ce:e9:0e:00:a0:5a:
f6:32:86:7b:d1:9b:20:3e:24:1a:66:4e:ba:8e:04:46:f2:9a:
ab:bc:68:53:5c:91:95:05:64:02:18:14:d1:96:38:87:e7:47:
06:42:16:fd:21:9a:d7:7f:2d:05:8b:9f:59:a7:12:1f:bd:05:
41:31:c4:d5:a2:be:48:50:28:0e:66:fd:21:57:4c:3a:e6:a3:
96:8a:8c:11:c1:a8:86:08:3d:c7:6d:28:96:82:85:06:93:56:
ab:08:b0:b1:cc:62:70:e4:0d:2a:90:a4:23:b0:47:c3:6a:2e:
6b:ae:46:7a:1b:d4:2e:b8:3c:e9:82:98:6f:cd:a5:8b:22:44:
eb:81:99:0a:0f:5d:e9:71:0f:c9:88:97:f8:51:22:11:2e:1e:
7b:32:a6:c7:d8:76:9b:00:e8:03:d6:03:41:15:5b:a5:f4:85:
3b:db:ec:93:8c:09:01:bd:36:20:87:f5:33:3a:09:b2:54:79:
b2:19:20:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR7OmWAoeGkCEPj3U0VHeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhN2IwMzkxM2UzYTI4NWVmZTUxY2RhYzY1ZjU1MDRjODdh
MzQ0NjAwHhcNMjUwMTAyMTM0OTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDdiOGI5NzNjMDJiYWIzMWU3NWZjNzg0NTQzMTc4YmJhZjU4NzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvavA/9UgjcUMASV/gc5bcn9YDHu
pBRK7rrOTVRGwKBDFFwrgT4gpUtHFoNRlI/jFShcQgUS2tpRGmPAeBLKptlBf0QR
PK+alsT/QfmFi5uZulHLzxnO0rUk7eXXTX67qNfAg7U7zPFHos5YYPPNGGwvR+dX
DbAJ25EU/JptFF9B1UIL2eoYjv2XfJxvKepuOrWeRbzHSAG4hBdJhIwa/Vpx7F7R
gXgTnMEhOp7EFBXulaPhJgyJAiXYQWlIjutIhSjXITL8NCxM03Hsu/1EOraTBthc
SzKnRfgU+V9HDRA6dSAnCvT8WvRCqa3rIU+9C6sY2uZhQR8dAyzDoWCdIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG17i5c8ArqzHnX8eEVDF4u69YdDMB8GA1UdIwQY
MBaAFDp7A5E+Oihe/lHNrGX1UEyHo0RgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25zRGtUNDZLRjctVWMyc1pmVlFUSWVqUkdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC82MWRiNmItMWQ3My00ZWMyLThiZTAt
ZjM3Y2JhZjdjZTVhLzEvYlh1TGx6d0N1ck1lZGZ4NFJVTVhpN3IxaDBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC82MWRiNmItMWQ3My00ZWMyLThiZTAtZjM3Y2JhZjdjZTVh
LzEvT25zRGtUNDZLRjctVWMyc1pmVlFUSWVqUkdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuV+0MA0G
CSqGSIb3DQEBCwUAA4IBAQA5DoM7NNYnz6jd9siYkeqMLxSB4X45obfx/8B9xWMZ
nSvLDc5n6DaIzQKJR3D8K/lLxe1onOk9y+CvJ7oKf+Fuv4DO6Q4AoFr2MoZ70Zsg
PiQaZk66jgRG8pqrvGhTXJGVBWQCGBTRljiH50cGQhb9IZrXfy0Fi59ZpxIfvQVB
McTVor5IUCgOZv0hV0w65qOWiowRwaiGCD3HbSiWgoUGk1arCLCxzGJw5A0qkKQj
sEfDai5rrkZ6G9QuuDzpgphvzaWLIkTrgZkKD13pcQ/JiJf4USIRLh57MqbH2Hab
AOgD1gNBFVul9IU72+yTjAkBvTYgh/UzOgmyVHmyGSBn
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:16:07 2025 by rpki-client