Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/e7edd1-c79f-4890-a175-12e6a6edd124/1/iTxg6a45pQs6yguLKNzKJpXtu1I.roa
File: iTxg6a45pQs6yguLKNzKJpXtu1I.roa (raw, json)
Hash identifier: IbbuNrBXDC3r/NQaAU8s873gXp019KR8EegJpijUcwo=
Subject key identifier: 89:3C:60:E9:AE:39:A5:0B:3A:CA:0B:8B:28:DC:CA:26:95:ED:BB:52
Certificate issuer: /CN=3c8fe2b19bd3eb7f70a4eedab616b53250011520
Certificate serial: 01942444AFA496CB611CAD2BD34935253414
Authority key identifier: 3C:8F:E2:B1:9B:D3:EB:7F:70:A4:EE:DA:B6:16:B5:32:50:01:15:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PI_isZvT639wpO7atha1MlABFSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/e7edd1-c79f-4890-a175-12e6a6edd124/1/iTxg6a45pQs6yguLKNzKJpXtu1I.roa
Signing time: Wed 01 Jan 2025 23:47:48 +0000
ROA not before: Wed 01 Jan 2025 23:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41050
IP address blocks: 185.254.120.0/24 maxlen: 24
2a10:bb40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:af:a4:96:cb:61:1c:ad:2b:d3:49:35:25:34:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c8fe2b19bd3eb7f70a4eedab616b53250011520
Validity
Not Before: Jan 1 23:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=893c60e9ae39a50b3aca0b8b28dcca2695edbb52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b7:40:1a:54:85:b7:30:c4:00:8d:7c:33:a7:
bd:69:f5:db:f2:9f:40:76:85:68:04:d2:c8:1c:ae:
41:64:2f:ce:fb:27:74:15:44:f6:28:14:fc:b2:a6:
36:83:b9:80:65:9e:d6:82:ce:fb:43:52:f3:b8:be:
6e:6d:64:b3:c6:aa:23:85:4d:27:21:90:70:65:a0:
30:4d:14:5f:8c:57:e0:20:59:3c:6a:c2:19:66:49:
95:ac:b7:a1:40:29:56:c4:3e:39:dd:df:9a:ea:e0:
5f:6e:6f:b6:4c:42:db:06:30:ab:8e:9b:f1:d8:88:
08:a8:90:f6:19:41:37:9f:19:68:e0:73:cb:f2:1f:
6c:fd:f2:bd:3a:42:eb:b9:c1:46:29:4e:c9:05:41:
83:22:2b:94:a0:05:37:b0:ed:ac:58:13:4e:46:bb:
bc:2d:bc:7e:08:b9:6d:34:17:c0:83:1d:fa:47:d4:
36:27:31:0c:d6:aa:a3:4b:d0:5f:9d:99:62:aa:48:
b8:4d:c2:8b:c5:14:44:47:dd:15:8d:7c:4f:f6:2f:
f7:24:8b:08:62:63:da:0c:f4:d8:8b:ad:73:06:07:
45:5f:ad:75:02:65:6e:cd:b0:52:93:8f:96:4f:f2:
6b:9a:82:ce:db:76:6a:8f:bb:21:93:b2:02:9a:51:
12:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:3C:60:E9:AE:39:A5:0B:3A:CA:0B:8B:28:DC:CA:26:95:ED:BB:52
X509v3 Authority Key Identifier:
keyid:3C:8F:E2:B1:9B:D3:EB:7F:70:A4:EE:DA:B6:16:B5:32:50:01:15:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PI_isZvT639wpO7atha1MlABFSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/e7edd1-c79f-4890-a175-12e6a6edd124/1/iTxg6a45pQs6yguLKNzKJpXtu1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/e7edd1-c79f-4890-a175-12e6a6edd124/1/PI_isZvT639wpO7atha1MlABFSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.254.120.0/24
IPv6:
2a10:bb40::/29
Signature Algorithm: sha256WithRSAEncryption
37:76:e1:20:b6:15:cb:fe:84:24:a6:92:15:48:88:17:4c:32:
b2:ed:36:85:5f:fd:2a:57:a5:4b:8d:b3:d9:63:34:34:2e:de:
44:7c:c5:8c:02:93:ea:bc:71:1e:b9:24:d5:3d:17:76:9c:96:
a3:d2:15:2c:5c:a5:83:c9:4d:9d:84:7d:59:1f:e4:99:e3:ef:
0b:0b:15:9f:60:57:c8:c6:14:45:38:b7:19:9c:eb:af:00:fe:
8f:f0:2e:39:cc:30:eb:64:f4:08:75:87:7d:8e:44:2f:85:02:
9a:69:44:71:80:6e:42:c1:0c:80:e4:4d:16:36:ec:63:0f:97:
38:ad:3f:1a:90:78:62:fb:aa:ed:82:e8:82:ac:74:a9:a1:1e:
49:62:b9:43:aa:96:b6:72:fc:4a:41:c1:25:4d:81:9b:fb:d6:
e2:7f:8b:c4:7d:c5:3e:9b:f1:73:9f:fd:fb:a0:5f:16:db:48:
eb:fa:13:b3:e7:63:17:a9:68:56:56:c7:1b:64:3c:dc:39:14:
90:e4:e9:82:38:ab:c9:cc:86:0a:2a:0b:bf:d7:5d:26:39:88:
1e:d5:ef:3f:c2:11:48:5a:ec:38:ab:f1:99:00:97:b7:20:82:
bd:25:bb:a6:61:be:17:09:0e:18:52:d2:fc:d0:76:79:80:9f:
03:f6:87:54
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQkRK+klsthHK0r00k1JTQUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjOGZlMmIxOWJkM2ViN2Y3MGE0ZWVkYWI2MTZiNTMyNTAw
MTE1MjAwHhcNMjUwMTAxMjM0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTNjNjBlOWFlMzlhNTBiM2FjYTBiOGIyOGRjY2EyNjk1ZWRiYjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrdAGlSFtzDEAI18M6e9afXb8p9A
doVoBNLIHK5BZC/O+yd0FUT2KBT8sqY2g7mAZZ7Wgs77Q1LzuL5ubWSzxqojhU0n
IZBwZaAwTRRfjFfgIFk8asIZZkmVrLehQClWxD453d+a6uBfbm+2TELbBjCrjpvx
2IgIqJD2GUE3nxlo4HPL8h9s/fK9OkLrucFGKU7JBUGDIiuUoAU3sO2sWBNORru8
Lbx+CLltNBfAgx36R9Q2JzEM1qqjS9BfnZliqki4TcKLxRRER90VjXxP9i/3JIsI
YmPaDPTYi61zBgdFX611AmVuzbBSk4+WT/JrmoLO23Zqj7shk7ICmlESvQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIk8YOmuOaULOsoLiyjcyiaV7btSMB8GA1UdIwQY
MBaAFDyP4rGb0+t/cKTu2rYWtTJQARUgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUElfaXNadlQ2Mzl3cE83YXRoYTFNbEFCRlNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9lN2VkZDEtYzc5Zi00ODkwLWExNzUt
MTJlNmE2ZWRkMTI0LzEvaVR4ZzZhNDVwUXM2eWd1TEtOektKcFh0dTFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9lN2VkZDEtYzc5Zi00ODkwLWExNzUtMTJlNmE2ZWRkMTI0
LzEvUElfaXNadlQ2Mzl3cE83YXRoYTFNbEFCRlNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuf54MA0E
AgACMAcDBQMqELtAMA0GCSqGSIb3DQEBCwUAA4IBAQA3duEgthXL/oQkppIVSIgX
TDKy7TaFX/0qV6VLjbPZYzQ0Lt5EfMWMApPqvHEeuSTVPRd2nJaj0hUsXKWDyU2d
hH1ZH+SZ4+8LCxWfYFfIxhRFOLcZnOuvAP6P8C45zDDrZPQIdYd9jkQvhQKaaURx
gG5CwQyA5E0WNuxjD5c4rT8akHhi+6rtguiCrHSpoR5JYrlDqpa2cvxKQcElTYGb
+9bif4vEfcU+m/Fzn/37oF8W20jr+hOz52MXqWhWVscbZDzcORSQ5OmCOKvJzIYK
Kgu/110mOYge1e8/whFIWuw4q/GZAJe3IIK9JbumYb4XCQ4YUtL80HZ5gJ8D9odU
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:25 2025 by rpki-client on console.sobornost.net