Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/VbRKF62krl-KA_0dr7N8i46qs_A.roa
File: VbRKF62krl-KA_0dr7N8i46qs_A.roa (raw, json)
Hash identifier: PCEcpmBvUl37S6P9+HKjvTq2SZP3pF9GPHCRb88sRNw=
Subject key identifier: 55:B4:4A:17:AD:A4:AE:5F:8A:03:FD:1D:AF:B3:7C:8B:8E:AA:B3:F0
Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954
Certificate serial: 0194244547D11EFCE563D0D80A96BE8CF6DE
Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/VbRKF62krl-KA_0dr7N8i46qs_A.roa
Signing time: Wed 01 Jan 2025 23:48:27 +0000
ROA not before: Wed 01 Jan 2025 23:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205964
IP address blocks: 185.170.252.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:47:d1:1e:fc:e5:63:d0:d8:0a:96:be:8c:f6:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954
Validity
Not Before: Jan 1 23:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=55b44a17ada4ae5f8a03fd1dafb37c8b8eaab3f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9e:4e:38:b4:85:f8:27:cb:f7:48:cc:74:9b:
e8:09:c4:6e:a5:11:da:c6:9b:36:33:09:f8:07:e1:
09:c0:53:09:ce:e5:47:62:52:b0:f6:b9:bc:c0:de:
0d:c8:22:e2:16:58:ef:f0:47:2c:d0:d9:a0:87:69:
45:96:98:5f:ea:07:8b:54:57:a8:d2:18:c0:96:d9:
ef:af:25:4b:2c:44:08:e8:09:63:d3:3c:f5:bf:c5:
af:71:95:37:b3:7d:b9:c5:aa:b0:be:d3:22:65:94:
b4:41:20:db:8a:bf:59:84:eb:69:fb:2f:ba:63:90:
f3:98:b2:b9:f8:f5:a6:46:bc:a2:ca:c1:1b:0d:1e:
24:36:af:01:d5:55:36:4c:dd:cf:b0:45:38:c5:7a:
40:31:d4:3d:7e:ec:46:5c:16:6a:a2:cf:5e:74:6a:
07:2e:6b:cc:48:29:c6:18:47:dc:9b:5b:d0:aa:90:
96:81:9c:4d:95:80:71:5b:d4:b3:4e:6b:6f:31:65:
c2:ce:2b:76:fb:f3:b9:2b:f3:8f:fe:64:b7:63:8b:
4a:ae:b6:23:d7:bf:fc:1e:7a:97:cc:fb:22:25:b0:
a1:26:4c:d9:00:2a:6e:04:97:e8:99:cf:c8:31:5c:
a5:11:43:57:6e:d6:55:88:12:cd:78:12:0b:f5:18:
fc:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:B4:4A:17:AD:A4:AE:5F:8A:03:FD:1D:AF:B3:7C:8B:8E:AA:B3:F0
X509v3 Authority Key Identifier:
keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/VbRKF62krl-KA_0dr7N8i46qs_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.252.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:07:62:0f:14:c8:71:8c:4d:c0:be:a4:31:4e:60:c2:72:29:
0a:83:e6:fd:c8:f1:14:29:4a:f5:a4:a2:33:11:1b:8f:35:25:
4a:73:00:b0:ca:f7:8f:cb:bb:53:cd:58:c1:28:5b:af:0a:89:
7a:5c:75:43:c0:da:96:0b:c8:67:6c:d9:66:1e:53:28:de:be:
a7:6e:8b:67:dc:a7:a7:3f:e8:b2:80:79:e2:ea:30:49:31:ef:
f0:8b:c9:cc:5c:93:b7:91:4c:88:62:e6:eb:75:4b:84:d5:4f:
fb:cc:85:ea:24:f4:16:82:a6:6f:d1:0b:dc:08:a7:14:b7:70:
13:5d:a5:2e:ec:bb:c6:60:46:0d:f8:93:e7:5d:fa:c0:5e:4d:
9d:8e:d0:49:f5:54:8c:e2:2b:de:15:5c:de:68:f5:d3:78:36:
25:9b:ae:ff:af:02:f8:d9:98:2a:ab:7a:1c:79:e7:9a:b6:df:
30:84:1f:e4:5b:db:d5:41:e9:fe:47:98:9d:f4:74:ca:6a:a8:
2f:97:a2:32:51:b8:87:15:64:c2:85:dd:4e:98:db:a6:34:2a:
3b:28:c6:ea:a7:cc:16:7b:04:91:21:d3:6d:0e:ae:de:47:a5:
4e:9f:71:1e:2e:4a:b4:62:e1:a1:f0:e0:b4:e0:b4:b1:54:f2:
ae:04:b4:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRUfRHvzlY9DYCpa+jPbeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw
Njc5NTQwHhcNMjUwMTAxMjM0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWI0NGExN2FkYTRhZTVmOGEwM2ZkMWRhZmIzN2M4YjhlYWFiM2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq55OOLSF+CfL90jMdJvoCcRupRHa
xps2Mwn4B+EJwFMJzuVHYlKw9rm8wN4NyCLiFljv8Ecs0Nmgh2lFlphf6geLVFeo
0hjAltnvryVLLEQI6Alj0zz1v8WvcZU3s325xaqwvtMiZZS0QSDbir9ZhOtp+y+6
Y5DzmLK5+PWmRryiysEbDR4kNq8B1VU2TN3PsEU4xXpAMdQ9fuxGXBZqos9edGoH
LmvMSCnGGEfcm1vQqpCWgZxNlYBxW9SzTmtvMWXCzit2+/O5K/OP/mS3Y4tKrrYj
17/8HnqXzPsiJbChJkzZACpuBJfomc/IMVylEUNXbtZViBLNeBIL9Rj89wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFW0ShetpK5figP9Ha+zfIuOqrPwMB8GA1UdIwQY
MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt
NmVhYzYyZTYwZGY3LzEvVmJSS0Y2MmtybC1LQV8wZHI3TjhpNDZxc19BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3
LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuar8MA0G
CSqGSIb3DQEBCwUAA4IBAQAuB2IPFMhxjE3AvqQxTmDCcikKg+b9yPEUKUr1pKIz
ERuPNSVKcwCwyvePy7tTzVjBKFuvCol6XHVDwNqWC8hnbNlmHlMo3r6nbotn3Ken
P+iygHni6jBJMe/wi8nMXJO3kUyIYubrdUuE1U/7zIXqJPQWgqZv0QvcCKcUt3AT
XaUu7LvGYEYN+JPnXfrAXk2djtBJ9VSM4iveFVzeaPXTeDYlm67/rwL42Zgqq3oc
eeeatt8whB/kW9vVQen+R5id9HTKaqgvl6IyUbiHFWTChd1OmNumNCo7KMbqp8wW
ewSRIdNtDq7eR6VOn3EeLkq0YuGh8OC04LSxVPKuBLSN
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:31:25 2025 by rpki-client