Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/142664-4c33-442a-b432-fafb12a16c31/1/aZfIA1mdNwDoDxgfY6tBelF7aNY.roa
File: aZfIA1mdNwDoDxgfY6tBelF7aNY.roa (raw, json)
Hash identifier: NjtTz5KeQEE5wv9Gv/KkLD9huPimRUXA9UXZF96THEY=
Subject key identifier: 69:97:C8:03:59:9D:37:00:E8:0F:18:1F:63:AB:41:7A:51:7B:68:D6
Certificate issuer: /CN=785840e3a0f0474a4acce45ed5fc9cff77858d93
Certificate serial: 01942068262B0493DF2BFB51DB931908319B
Authority key identifier: 78:58:40:E3:A0:F0:47:4A:4A:CC:E4:5E:D5:FC:9C:FF:77:85:8D:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eFhA46DwR0pKzORe1fyc_3eFjZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/142664-4c33-442a-b432-fafb12a16c31/1/aZfIA1mdNwDoDxgfY6tBelF7aNY.roa
Signing time: Wed 01 Jan 2025 05:48:03 +0000
ROA not before: Wed 01 Jan 2025 05:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59437
IP address blocks: 185.241.110.0/24 maxlen: 24
2a10:9640::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:26:2b:04:93:df:2b:fb:51:db:93:19:08:31:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=785840e3a0f0474a4acce45ed5fc9cff77858d93
Validity
Not Before: Jan 1 05:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6997c803599d3700e80f181f63ab417a517b68d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b5:4f:ec:c3:38:3f:e3:49:8c:13:26:32:b0:
96:bc:50:7e:c2:2b:1e:3a:41:b3:7a:a6:cc:94:d7:
96:09:95:cd:bd:71:30:a7:01:16:58:1c:50:46:5b:
3e:bd:2b:29:8a:7b:1a:4e:05:21:f5:61:1f:82:f5:
62:f9:50:6a:36:53:77:80:7e:70:35:49:0c:75:9e:
1b:38:28:ff:3b:e6:f7:c6:59:ff:a7:9b:fd:92:a3:
56:e6:ee:85:6c:68:aa:de:c8:4d:5f:e5:3d:bf:84:
ff:e4:59:d9:17:4a:da:db:ad:ae:30:1a:e6:e7:8a:
3e:81:59:8a:51:17:cf:61:d7:2c:85:5d:36:71:e0:
db:b3:0a:fd:d6:3b:bd:a6:9a:e3:c4:32:85:8e:93:
27:48:4a:87:64:ae:48:fc:c9:af:37:30:ca:14:94:
b0:b2:2c:95:d0:17:c2:51:3c:75:1e:84:8f:5c:70:
fe:1b:5d:6a:5e:f2:87:ed:f9:0f:4b:1d:92:0b:e6:
da:d7:bd:04:06:1c:11:72:20:b3:f4:e6:ac:da:17:
82:ce:78:0c:9b:8e:b1:52:9e:86:2d:c9:5d:b6:dc:
4c:56:8a:da:55:e3:cf:72:2f:ec:75:ea:e3:67:a8:
f4:8f:8d:3e:72:69:cb:7a:af:2e:8b:b3:61:cc:eb:
5e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:97:C8:03:59:9D:37:00:E8:0F:18:1F:63:AB:41:7A:51:7B:68:D6
X509v3 Authority Key Identifier:
keyid:78:58:40:E3:A0:F0:47:4A:4A:CC:E4:5E:D5:FC:9C:FF:77:85:8D:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eFhA46DwR0pKzORe1fyc_3eFjZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/142664-4c33-442a-b432-fafb12a16c31/1/aZfIA1mdNwDoDxgfY6tBelF7aNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/142664-4c33-442a-b432-fafb12a16c31/1/eFhA46DwR0pKzORe1fyc_3eFjZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.110.0/24
IPv6:
2a10:9640::/29
Signature Algorithm: sha256WithRSAEncryption
0d:bd:cd:f0:3e:cf:0f:f7:4c:5b:c1:1c:d4:ca:cc:ef:c3:76:
e5:ba:88:09:92:93:ad:57:06:c2:3c:4e:14:d0:0c:0a:46:59:
5b:88:e1:ef:bc:3b:a7:0d:86:aa:e4:78:dd:42:6b:f2:89:1d:
e4:37:09:3e:a8:df:3a:7d:14:a8:23:5d:da:42:b0:be:03:e5:
04:91:eb:20:de:44:06:4b:84:f9:e1:1f:e8:46:6c:21:12:75:
0f:e9:82:c0:69:5c:9c:e3:6d:fa:9e:79:ef:37:d7:98:da:97:
bb:13:41:fd:cb:06:11:4d:75:1c:58:6b:31:6b:08:44:28:eb:
72:fc:88:e6:67:16:97:7f:ad:74:86:3f:28:b7:3c:25:64:98:
98:99:d1:c2:ed:4d:1f:27:e2:09:48:e8:a3:e5:19:5c:ef:1a:
84:1a:14:62:40:fb:d4:aa:87:3d:a4:ef:6d:32:06:4f:3e:10:
e4:ef:98:36:57:62:63:f9:7e:7c:76:9b:ca:fa:55:11:73:0a:
bc:b1:c1:32:57:5c:93:8f:e2:f4:82:be:e8:8d:ec:6f:61:2c:
e5:bd:68:7f:63:dc:84:ab:9f:68:13:70:36:0f:58:04:a8:97:
34:38:90:ef:d5:6b:44:5e:ba:b2:d6:3a:72:fb:56:d2:68:c2:
e7:6c:a0:5a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQgaCYrBJPfK/tR25MZCDGbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4NTg0MGUzYTBmMDQ3NGE0YWNjZTQ1ZWQ1ZmM5Y2ZmNzc4
NThkOTMwHhcNMjUwMTAxMDU0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTk3YzgwMzU5OWQzNzAwZTgwZjE4MWY2M2FiNDE3YTUxN2I2OGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLVP7MM4P+NJjBMmMrCWvFB+wise
OkGzeqbMlNeWCZXNvXEwpwEWWBxQRls+vSspinsaTgUh9WEfgvVi+VBqNlN3gH5w
NUkMdZ4bOCj/O+b3xln/p5v9kqNW5u6FbGiq3shNX+U9v4T/5FnZF0ra262uMBrm
54o+gVmKURfPYdcshV02ceDbswr91ju9pprjxDKFjpMnSEqHZK5I/MmvNzDKFJSw
siyV0BfCUTx1HoSPXHD+G11qXvKH7fkPSx2SC+ba170EBhwRciCz9Oas2heCzngM
m46xUp6GLcldttxMVoraVePPci/sderjZ6j0j40+cmnLeq8ui7NhzOteUwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGmXyANZnTcA6A8YH2OrQXpRe2jWMB8GA1UdIwQY
MBaAFHhYQOOg8EdKSszkXtX8nP93hY2TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUZoQTQ2RHdSMHBLek9SZTFmeWNfM2VGalpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8xNDI2NjQtNGMzMy00NDJhLWI0MzIt
ZmFmYjEyYTE2YzMxLzEvYVpmSUExbWROd0RvRHhnZlk2dEJlbEY3YU5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8xNDI2NjQtNGMzMy00NDJhLWI0MzItZmFmYjEyYTE2YzMx
LzEvZUZoQTQ2RHdSMHBLek9SZTFmeWNfM2VGalpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAufFuMA0E
AgACMAcDBQMqEJZAMA0GCSqGSIb3DQEBCwUAA4IBAQANvc3wPs8P90xbwRzUyszv
w3bluogJkpOtVwbCPE4U0AwKRllbiOHvvDunDYaq5HjdQmvyiR3kNwk+qN86fRSo
I13aQrC+A+UEkesg3kQGS4T54R/oRmwhEnUP6YLAaVyc4236nnnvN9eY2pe7E0H9
ywYRTXUcWGsxawhEKOty/IjmZxaXf610hj8otzwlZJiYmdHC7U0fJ+IJSOij5Rlc
7xqEGhRiQPvUqoc9pO9tMgZPPhDk75g2V2Jj+X58dpvK+lURcwq8scEyV1yTj+L0
gr7ojexvYSzlvWh/Y9yEq59oE3A2D1gEqJc0OJDv1WtEXrqy1jpy+1bSaMLnbKBa
-----END CERTIFICATE-----
Generated at Fri Apr 25 16:38:30 2025 by rpki-client