Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/618ee0-bcc7-4851-bc2c-fab9bf7a26d8/1/3RChXaGg2mHXT_oEdTM0SpY6jhc.roa
File: 3RChXaGg2mHXT_oEdTM0SpY6jhc.roa (raw, json)
Hash identifier: PV09Dkm12mpf6AJ4aFGi0VOS8JddqTI6zuA00aTTnSY=
Subject key identifier: DD:10:A1:5D:A1:A0:DA:61:D7:4F:FA:04:75:33:34:4A:96:3A:8E:17
Certificate issuer: /CN=aac53499ff20f035cb8b1c0aa9b77c3d7d28976c
Certificate serial: 0194228DCC282E5D09CF2614FE99FAF93254
Authority key identifier: AA:C5:34:99:FF:20:F0:35:CB:8B:1C:0A:A9:B7:7C:3D:7D:28:97:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qsU0mf8g8DXLixwKqbd8PX0ol2w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/618ee0-bcc7-4851-bc2c-fab9bf7a26d8/1/3RChXaGg2mHXT_oEdTM0SpY6jhc.roa
Signing time: Wed 01 Jan 2025 15:48:25 +0000
ROA not before: Wed 01 Jan 2025 15:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204965
IP address blocks: 185.231.214.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:cc:28:2e:5d:09:cf:26:14:fe:99:fa:f9:32:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aac53499ff20f035cb8b1c0aa9b77c3d7d28976c
Validity
Not Before: Jan 1 15:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd10a15da1a0da61d74ffa047533344a963a8e17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:2f:7f:c6:d1:7e:8b:b7:b1:30:81:83:5c:c7:
67:36:88:c7:0b:76:0f:5b:1d:16:a9:c5:43:4a:2b:
d5:71:f0:ae:ef:60:7f:71:61:8e:ed:60:33:83:d3:
47:4e:9b:03:a5:fa:05:1a:80:6f:3a:d5:b7:8a:27:
5e:2c:27:8c:7f:97:51:bb:45:e3:65:6f:07:89:be:
a8:5e:44:b9:b6:d4:c6:c9:55:9a:ce:ba:c2:93:a7:
6a:d3:b6:bd:b8:75:2f:9e:1b:46:6d:86:d4:05:d6:
69:f7:11:7b:a3:8b:01:28:29:2c:e6:3b:1d:9a:c6:
b7:9b:56:ae:ab:36:f3:fc:8f:dc:27:09:f0:d7:3d:
5f:c8:19:8d:34:d5:88:74:0c:05:13:5a:ef:ff:12:
90:2a:8d:ac:4a:cd:ff:a7:67:7e:23:b4:49:e4:bf:
e2:d8:72:f4:1c:f5:9f:dc:39:ac:5f:65:a4:64:ba:
eb:bb:c8:2e:e4:c3:71:58:4d:06:a9:fd:4d:e2:f0:
38:0d:47:cd:dd:5b:6b:81:f9:f5:5d:85:f3:7b:3a:
57:0d:c0:c4:a7:de:d7:a7:9a:d0:b1:65:89:8f:67:
42:f1:51:f2:c6:b9:0f:31:ca:62:45:5e:e9:75:df:
8f:de:a0:6a:a9:6d:9d:80:90:45:ef:01:97:11:6b:
5f:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:10:A1:5D:A1:A0:DA:61:D7:4F:FA:04:75:33:34:4A:96:3A:8E:17
X509v3 Authority Key Identifier:
keyid:AA:C5:34:99:FF:20:F0:35:CB:8B:1C:0A:A9:B7:7C:3D:7D:28:97:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qsU0mf8g8DXLixwKqbd8PX0ol2w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/618ee0-bcc7-4851-bc2c-fab9bf7a26d8/1/3RChXaGg2mHXT_oEdTM0SpY6jhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/618ee0-bcc7-4851-bc2c-fab9bf7a26d8/1/qsU0mf8g8DXLixwKqbd8PX0ol2w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.214.0/24
Signature Algorithm: sha256WithRSAEncryption
43:d2:b5:05:c9:53:43:90:0e:03:46:2d:8f:a0:3e:e6:10:20:
c6:af:75:e1:6e:b8:80:dd:fd:fa:3f:cf:de:2a:aa:f9:44:ae:
f1:24:e0:37:95:31:7a:fa:b1:86:a4:48:5a:d8:f3:63:19:a1:
55:00:16:96:79:60:66:8a:70:68:36:99:5f:9a:7c:e1:97:d9:
9a:43:83:54:ea:ad:8c:d0:82:24:27:ba:53:50:d2:d2:17:55:
dd:76:d7:ae:8c:a3:6f:dd:72:cd:c5:f6:43:73:02:70:75:12:
02:a6:80:67:c0:ce:04:d3:11:ae:28:04:33:ff:27:1c:d8:fa:
7c:55:15:68:7f:06:19:55:39:ce:89:f2:80:c7:ef:e1:98:f3:
e1:fc:e9:aa:f6:eb:7f:98:80:ea:02:e1:1a:df:37:1b:8b:05:
f4:f4:99:b6:b9:13:27:c9:96:b1:6f:0a:e1:23:bb:d3:f1:1e:
8f:21:79:f3:a2:b5:69:92:00:5d:d1:8e:17:3a:3c:6e:83:f4:
a9:9b:10:ef:0a:e0:9d:97:e2:a7:86:e0:0c:32:be:d9:6d:65:
4e:29:f2:bf:a0:7a:73:19:19:90:ca:9c:c5:02:a6:27:28:51:
14:2e:6f:03:21:ff:33:b7:3a:f0:a4:7e:76:0d:f4:3b:00:1c:
75:e1:1f:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijcwoLl0JzyYU/pn6+TJUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhYzUzNDk5ZmYyMGYwMzVjYjhiMWMwYWE5Yjc3YzNkN2Qy
ODk3NmMwHhcNMjUwMTAxMTU0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDEwYTE1ZGExYTBkYTYxZDc0ZmZhMDQ3NTMzMzQ0YTk2M2E4ZTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5y9/xtF+i7exMIGDXMdnNojHC3YP
Wx0WqcVDSivVcfCu72B/cWGO7WAzg9NHTpsDpfoFGoBvOtW3iideLCeMf5dRu0Xj
ZW8Hib6oXkS5ttTGyVWazrrCk6dq07a9uHUvnhtGbYbUBdZp9xF7o4sBKCks5jsd
msa3m1auqzbz/I/cJwnw1z1fyBmNNNWIdAwFE1rv/xKQKo2sSs3/p2d+I7RJ5L/i
2HL0HPWf3DmsX2WkZLrru8gu5MNxWE0Gqf1N4vA4DUfN3Vtrgfn1XYXzezpXDcDE
p97Xp5rQsWWJj2dC8VHyxrkPMcpiRV7pdd+P3qBqqW2dgJBF7wGXEWtf/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN0QoV2hoNph10/6BHUzNEqWOo4XMB8GA1UdIwQY
MBaAFKrFNJn/IPA1y4scCqm3fD19KJdsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXNVMG1mOGc4RFhMaXh3S3FiZDhQWDBvbDJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi82MThlZTAtYmNjNy00ODUxLWJjMmMt
ZmFiOWJmN2EyNmQ4LzEvM1JDaFhhR2cybUhYVF9vRWRUTTBTcFk2amhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi82MThlZTAtYmNjNy00ODUxLWJjMmMtZmFiOWJmN2EyNmQ4
LzEvcXNVMG1mOGc4RFhMaXh3S3FiZDhQWDBvbDJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuefWMA0G
CSqGSIb3DQEBCwUAA4IBAQBD0rUFyVNDkA4DRi2PoD7mECDGr3XhbriA3f36P8/e
Kqr5RK7xJOA3lTF6+rGGpEha2PNjGaFVABaWeWBminBoNplfmnzhl9maQ4NU6q2M
0IIkJ7pTUNLSF1XddteujKNv3XLNxfZDcwJwdRICpoBnwM4E0xGuKAQz/ycc2Pp8
VRVofwYZVTnOifKAx+/hmPPh/Omq9ut/mIDqAuEa3zcbiwX09Jm2uRMnyZaxbwrh
I7vT8R6PIXnzorVpkgBd0Y4XOjxug/SpmxDvCuCdl+KnhuAMMr7ZbWVOKfK/oHpz
GRmQypzFAqYnKFEULm8DIf8ztzrwpH52DfQ7ABx14R+P
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:51:22 2025 by rpki-client