Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/1aZuizg-lRo742qALLgRSz-FXDY.roa
File: 1aZuizg-lRo742qALLgRSz-FXDY.roa (raw, json)
Hash identifier: B6BxKlQXRzX1Y2KqymluaGehEHPGunuWDIw2khlMdIA=
Subject key identifier: D5:A6:6E:8B:38:3E:95:1A:3B:E3:6A:80:2C:B8:11:4B:3F:85:5C:36
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018D8C2B78853960177C92C7F0AA7A675559
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/1aZuizg-lRo742qALLgRSz-FXDY.roa
Signing time: Fri 09 Feb 2024 04:41:15 +0000
ROA not before: Fri 09 Feb 2024 04:41:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.21.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8c:2b:78:85:39:60:17:7c:92:c7:f0:aa:7a:67:55:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Feb 9 04:41:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5a66e8b383e951a3be36a802cb8114b3f855c36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:03:e0:48:27:60:bd:ef:e8:c7:e8:a5:f8:51:
af:0c:84:32:b4:bf:49:dd:bd:a4:15:c1:ae:1a:9e:
cf:ec:7e:c1:18:6a:6f:ee:ee:97:c9:74:3d:3d:9d:
da:33:a9:cb:6f:dd:85:29:88:8f:5e:4d:a7:e8:75:
ed:e8:89:05:de:8a:b0:d6:e7:4c:61:2a:70:01:6d:
7c:0e:2b:7d:9b:33:21:f5:a5:3d:b1:57:15:2e:bf:
90:b2:01:c0:c8:53:cd:aa:e4:91:b0:8f:a7:86:25:
10:53:56:d5:d5:39:32:05:fc:cb:ab:61:c0:00:47:
35:d0:f2:ea:de:61:18:69:79:38:a8:f7:e4:99:69:
9b:1a:3f:9e:fc:1d:e7:40:9e:43:18:85:9f:75:1a:
ea:6c:70:01:88:fa:5f:0a:55:ee:4c:9b:89:06:61:
9c:c5:f1:b7:9f:3e:fc:32:e8:63:92:f3:c7:66:00:
dd:7c:bc:9c:ad:a2:e2:40:00:55:ce:54:33:3c:9b:
29:e7:02:0a:0f:07:66:b1:dd:68:55:2f:ec:c7:02:
54:19:76:55:f9:58:b5:b9:a8:d1:1a:10:4b:40:93:
d6:c9:20:fe:21:e1:11:bc:64:1e:e6:0f:1a:9c:1b:
ce:67:4c:8e:ba:e6:a0:fa:cf:50:aa:fc:e2:5b:2c:
c1:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:A6:6E:8B:38:3E:95:1A:3B:E3:6A:80:2C:B8:11:4B:3F:85:5C:36
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/1aZuizg-lRo742qALLgRSz-FXDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.253.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:1e:99:4e:94:bd:47:a0:6a:49:28:59:59:fe:b2:c1:55:dc:
49:cc:c9:2b:c3:4b:8d:04:6c:11:0f:0a:ca:fe:c4:09:eb:ab:
0c:a8:37:79:af:c6:5a:b1:1b:4f:93:8e:77:7a:d5:be:a5:a8:
9a:44:49:f1:b8:6a:52:19:01:e2:49:3d:1c:0d:22:60:c0:c1:
b8:55:f4:75:02:1d:d9:b3:b5:b6:bc:e3:15:76:b7:21:88:ca:
8e:3b:59:73:d4:ee:21:1d:dd:24:53:55:b8:22:59:10:a8:98:
6d:9d:5f:17:ab:00:8d:e0:41:c3:9c:ff:61:17:24:e9:aa:d7:
1f:a8:f5:73:6d:cc:91:6f:e6:11:e3:fe:d2:61:ee:92:3a:f6:
fe:3f:c2:f9:f4:fd:f9:62:27:7d:37:82:ea:c2:89:eb:13:30:
ea:21:5c:4b:f2:92:2e:0a:cd:ad:71:77:9a:ce:a0:3d:47:8a:
10:6d:b0:88:74:a7:9c:0e:53:b9:b9:88:43:08:4b:8f:d5:6e:
5d:36:b9:34:b8:a0:39:ef:81:66:0f:85:ef:5e:4f:27:3a:8d:
bc:fb:ac:29:56:45:ea:7c:8f:e0:9a:8d:bd:41:00:63:58:3a:
17:8e:2d:4e:35:10:08:2d:b3:cf:6f:6f:0f:c4:b4:df:85:7b:
36:4f:0c:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2MK3iFOWAXfJLH8Kp6Z1VZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwMjA5MDQ0MTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWE2NmU4YjM4M2U5NTFhM2JlMzZhODAyY2I4MTE0YjNmODU1YzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQPgSCdgve/ox+il+FGvDIQytL9J
3b2kFcGuGp7P7H7BGGpv7u6XyXQ9PZ3aM6nLb92FKYiPXk2n6HXt6IkF3oqw1udM
YSpwAW18Dit9mzMh9aU9sVcVLr+QsgHAyFPNquSRsI+nhiUQU1bV1TkyBfzLq2HA
AEc10PLq3mEYaXk4qPfkmWmbGj+e/B3nQJ5DGIWfdRrqbHABiPpfClXuTJuJBmGc
xfG3nz78MuhjkvPHZgDdfLycraLiQABVzlQzPJsp5wIKDwdmsd1oVS/sxwJUGXZV
+Vi1uajRGhBLQJPWySD+IeERvGQe5g8anBvOZ0yOuuag+s9QqvziWyzBrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNWmbos4PpUaO+NqgCy4EUs/hVw2MB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvMWFadWl6Zy1sUm83NDJxQUxMZ1JTei1GWERZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRX9MA0G
CSqGSIb3DQEBCwUAA4IBAQB9HplOlL1HoGpJKFlZ/rLBVdxJzMkrw0uNBGwRDwrK
/sQJ66sMqDd5r8ZasRtPk453etW+paiaREnxuGpSGQHiST0cDSJgwMG4VfR1Ah3Z
s7W2vOMVdrchiMqOO1lz1O4hHd0kU1W4IlkQqJhtnV8XqwCN4EHDnP9hFyTpqtcf
qPVzbcyRb+YR4/7SYe6SOvb+P8L59P35Yid9N4LqwonrEzDqIVxL8pIuCs2tcXea
zqA9R4oQbbCIdKecDlO5uYhDCEuP1W5dNrk0uKA574FmD4XvXk8nOo28+6wpVkXq
fI/gmo29QQBjWDoXji1ONRAILbPPb28PxLTfhXs2TwzY
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:51 2025 by rpki-client