Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/6db46d-bc2d-45d7-a279-820325f53ccb/1/l7PaOk1ocbrgfH7RkR-EmGKNBYI.roa
File: l7PaOk1ocbrgfH7RkR-EmGKNBYI.roa (raw, json)
Hash identifier: 2MdjtNxo4ObSDeeX352JxmkPKpeMrJB/59RsZtzSS9U=
Subject key identifier: 97:B3:DA:3A:4D:68:71:BA:E0:7C:7E:D1:91:1F:84:98:62:8D:05:82
Certificate issuer: /CN=656cc25012e3a4c8b1626dd757c7b0510e457341
Certificate serial: 019426D95FCAC9EAE0785898AD08F1A02EBF
Authority key identifier: 65:6C:C2:50:12:E3:A4:C8:B1:62:6D:D7:57:C7:B0:51:0E:45:73:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZWzCUBLjpMixYm3XV8ewUQ5Fc0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/6db46d-bc2d-45d7-a279-820325f53ccb/1/l7PaOk1ocbrgfH7RkR-EmGKNBYI.roa
Signing time: Thu 02 Jan 2025 11:49:27 +0000
ROA not before: Thu 02 Jan 2025 11:49:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 185.170.188.0/24 maxlen: 24
185.170.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:5f:ca:c9:ea:e0:78:58:98:ad:08:f1:a0:2e:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=656cc25012e3a4c8b1626dd757c7b0510e457341
Validity
Not Before: Jan 2 11:49:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97b3da3a4d6871bae07c7ed1911f8498628d0582
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:0c:23:10:74:62:66:3a:29:37:6a:a2:49:0f:
cb:03:0a:18:4a:7b:bd:08:34:16:39:ec:69:44:70:
30:76:d6:64:39:ab:0d:5f:c2:eb:e9:44:f0:d6:9a:
90:9d:f5:12:0b:d8:9f:38:5a:4d:c9:0b:84:a8:01:
b7:7d:d1:31:54:01:94:3d:28:38:ff:e0:92:58:a4:
5a:fd:9a:f2:ad:b3:a5:a0:f3:25:1e:63:19:d3:d7:
09:f2:f6:43:9a:5f:c3:1d:a9:ab:f6:ab:85:2c:80:
b7:ee:ac:4c:a8:cd:18:32:0a:01:63:ec:92:2c:9d:
13:06:ea:d9:91:a8:9e:00:22:b1:49:a6:83:eb:ee:
c0:78:68:b1:b3:5d:65:85:db:6b:96:f7:c2:90:50:
07:86:37:8d:45:2c:97:9c:b2:09:3a:dd:30:52:f9:
9e:1e:1a:ce:ed:ce:47:2a:73:d0:d8:47:e5:7d:2b:
9a:54:5d:02:3e:91:06:43:c3:a6:63:19:ef:e3:71:
de:46:be:04:ba:e9:48:e0:76:d4:31:af:a2:43:9e:
80:26:06:e8:ed:e6:25:4d:89:c2:b2:24:f1:5a:dd:
1d:e7:29:50:cb:d7:44:1b:ca:1b:21:4a:70:da:db:
4f:09:e1:d4:f4:96:49:77:61:0b:fb:d6:2b:d9:10:
e2:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:B3:DA:3A:4D:68:71:BA:E0:7C:7E:D1:91:1F:84:98:62:8D:05:82
X509v3 Authority Key Identifier:
keyid:65:6C:C2:50:12:E3:A4:C8:B1:62:6D:D7:57:C7:B0:51:0E:45:73:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZWzCUBLjpMixYm3XV8ewUQ5Fc0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6db46d-bc2d-45d7-a279-820325f53ccb/1/l7PaOk1ocbrgfH7RkR-EmGKNBYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6db46d-bc2d-45d7-a279-820325f53ccb/1/ZWzCUBLjpMixYm3XV8ewUQ5Fc0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.188.0/23
Signature Algorithm: sha256WithRSAEncryption
73:5e:af:e5:0a:f8:1b:87:91:ae:a0:a9:a4:a1:c1:1f:6d:58:
32:c6:c8:62:a9:57:66:25:dc:a5:9c:a8:17:d7:fc:29:5b:b2:
93:7a:a9:d1:71:96:a0:de:97:ae:be:1a:e0:46:a4:a5:02:c7:
f6:b2:ec:28:75:73:cb:a6:ef:2e:90:a9:57:49:42:24:34:95:
f1:f7:c5:0f:61:84:c3:6d:9c:51:dd:ed:9f:21:28:98:2d:e8:
74:6d:a2:81:ff:bf:0c:13:25:af:74:90:f0:d3:9b:94:77:83:
05:9c:8d:54:fa:d7:cd:56:e6:6d:b2:66:d5:36:6f:16:30:e1:
55:96:64:c0:78:2e:58:28:fb:72:65:f1:d9:a0:4a:b2:eb:ab:
fe:c5:11:c2:e5:97:84:9e:0d:de:a9:34:13:bc:4c:c3:97:62:
9f:8f:24:7d:a4:b5:68:ed:9c:14:c5:09:25:d3:db:b3:ce:74:
ba:12:2b:3b:ab:ae:a9:22:f2:ae:de:c1:a0:66:ac:8b:ee:3a:
85:1c:4e:73:21:4f:13:c8:fa:57:fc:93:cf:0f:77:09:ae:78:
f7:84:ed:be:a1:24:37:19:23:d7:e4:37:c6:43:b1:49:34:33:
4b:45:46:56:2c:bd:fb:90:18:c0:ef:1c:70:ec:dc:9f:e5:ac:
ea:00:40:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2V/KyergeFiYrQjxoC6/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NmNjMjUwMTJlM2E0YzhiMTYyNmRkNzU3YzdiMDUxMGU0
NTczNDEwHhcNMjUwMTAyMTE0OTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2IzZGEzYTRkNjg3MWJhZTA3YzdlZDE5MTFmODQ5ODYyOGQwNTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3QwjEHRiZjopN2qiSQ/LAwoYSnu9
CDQWOexpRHAwdtZkOasNX8Lr6UTw1pqQnfUSC9ifOFpNyQuEqAG3fdExVAGUPSg4
/+CSWKRa/ZryrbOloPMlHmMZ09cJ8vZDml/DHamr9quFLIC37qxMqM0YMgoBY+yS
LJ0TBurZkaieACKxSaaD6+7AeGixs11lhdtrlvfCkFAHhjeNRSyXnLIJOt0wUvme
HhrO7c5HKnPQ2EflfSuaVF0CPpEGQ8OmYxnv43HeRr4EuulI4HbUMa+iQ56AJgbo
7eYlTYnCsiTxWt0d5ylQy9dEG8obIUpw2ttPCeHU9JZJd2EL+9Yr2RDiBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJez2jpNaHG64Hx+0ZEfhJhijQWCMB8GA1UdIwQY
MBaAFGVswlAS46TIsWJt11fHsFEORXNBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWld6Q1VCTGpwTWl4WW0zWFY4ZXdVUTVGYzBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi82ZGI0NmQtYmMyZC00NWQ3LWEyNzkt
ODIwMzI1ZjUzY2NiLzEvbDdQYU9rMW9jYnJnZkg3UmtSLUVtR0tOQllJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi82ZGI0NmQtYmMyZC00NWQ3LWEyNzktODIwMzI1ZjUzY2Ni
LzEvWld6Q1VCTGpwTWl4WW0zWFY4ZXdVUTVGYzBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuaq8MA0G
CSqGSIb3DQEBCwUAA4IBAQBzXq/lCvgbh5GuoKmkocEfbVgyxshiqVdmJdylnKgX
1/wpW7KTeqnRcZag3peuvhrgRqSlAsf2suwodXPLpu8ukKlXSUIkNJXx98UPYYTD
bZxR3e2fISiYLeh0baKB/78MEyWvdJDw05uUd4MFnI1U+tfNVuZtsmbVNm8WMOFV
lmTAeC5YKPtyZfHZoEqy66v+xRHC5ZeEng3eqTQTvEzDl2KfjyR9pLVo7ZwUxQkl
09uzznS6Eis7q66pIvKu3sGgZqyL7jqFHE5zIU8TyPpX/JPPD3cJrnj3hO2+oSQ3
GSPX5DfGQ7FJNDNLRUZWLL37kBjA7xxw7Nyf5azqAEBX
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:16:35 2025 by rpki-client