Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/AhTO7WBaZMu_Dr1N8NIiVL9XCpU.roa
File: AhTO7WBaZMu_Dr1N8NIiVL9XCpU.roa (raw, json)
Hash identifier: nT81Q9YgZY4q725cyr+A+UtBMshY9pksRnCCbkN57Ug=
Subject key identifier: 02:14:CE:ED:60:5A:64:CB:BF:0E:BD:4D:F0:D2:22:54:BF:57:0A:95
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 019424B26AAF90189D28CAF6C553CB4E737A
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/AhTO7WBaZMu_Dr1N8NIiVL9XCpU.roa
Signing time: Thu 02 Jan 2025 01:47:39 +0000
ROA not before: Thu 02 Jan 2025 01:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206991
IP address blocks: 185.123.100.0/24 maxlen: 24
185.123.101.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:6a:af:90:18:9d:28:ca:f6:c5:53:cb:4e:73:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Jan 2 01:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0214ceed605a64cbbf0ebd4df0d22254bf570a95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:27:74:02:d5:69:2e:0b:ee:82:f0:59:76:c4:
d1:d5:22:f6:ea:07:b1:a1:12:b3:24:60:63:f0:96:
bd:55:d8:8f:d2:e5:50:ba:a9:ec:b0:20:1f:44:95:
c1:c3:77:c9:8f:e8:ba:fb:ec:5d:ef:df:e3:fd:8e:
8c:c3:b9:2a:52:3e:c7:eb:73:47:21:11:2d:6e:3c:
ac:4d:04:b2:48:df:36:6e:5d:85:07:9c:5c:19:e4:
70:1f:62:54:8e:20:92:d7:2b:cf:5f:47:55:3d:de:
32:66:30:5c:15:3c:30:c2:dc:24:f3:4f:b6:e3:6e:
d0:34:9d:41:0f:b4:a3:c6:81:85:08:42:f7:d5:a5:
c7:27:51:27:df:c3:a7:5f:20:62:2c:cd:8b:fe:23:
3c:b6:87:ef:a3:6b:e6:2e:5f:b2:53:6f:5f:ff:e7:
16:8d:43:9d:79:5a:59:20:5c:41:f6:dc:14:cf:2e:
15:91:28:5c:73:5a:9b:cb:36:ae:80:a0:bf:f5:ad:
3b:18:7b:a2:7f:63:af:bb:0f:a9:f3:48:51:b7:e5:
5c:78:94:1d:a6:96:a5:31:8b:79:d8:87:a7:fb:67:
af:a3:25:cc:99:d0:6a:b0:cf:bc:26:7f:d5:f3:b4:
f1:1c:77:85:09:37:cc:2e:60:5e:dd:4d:05:11:9e:
0e:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:14:CE:ED:60:5A:64:CB:BF:0E:BD:4D:F0:D2:22:54:BF:57:0A:95
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/AhTO7WBaZMu_Dr1N8NIiVL9XCpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.100.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:5e:89:fb:7a:7f:cd:ea:55:64:0c:f5:96:20:ca:30:f0:88:
76:91:f5:f1:cc:fa:97:43:de:49:58:66:10:24:63:1d:7c:29:
87:66:e4:c9:44:a0:7b:31:76:48:66:55:83:5e:5f:19:c9:e6:
d0:e7:ec:a3:49:79:50:3d:1e:18:a1:59:70:5c:cc:08:66:57:
07:26:02:92:ef:06:f2:c1:eb:7c:be:5f:c0:a4:36:88:c8:b7:
28:f2:20:e5:6b:7a:8c:fd:9b:4b:70:92:25:59:87:bb:c1:89:
2b:28:02:27:52:08:71:49:b4:ae:da:98:17:8d:9e:52:7a:78:
15:e9:2b:d7:f3:2c:88:aa:4a:eb:e0:9c:02:1d:18:64:09:1f:
ab:8e:1e:e4:88:01:53:a5:b4:5c:12:be:f1:ad:cc:2a:4e:ae:
ba:e0:e1:3f:7c:89:77:0a:e7:0c:f2:0f:76:13:bb:a1:3a:ef:
d0:01:4c:fa:e9:35:cd:d2:22:7c:34:e6:c3:bc:35:a0:98:3d:
16:84:5b:2e:eb:25:5e:73:bf:2f:5e:0f:6a:c3:1d:cb:53:62:
5d:81:a6:b2:a7:ff:7b:57:03:1e:8e:08:cc:50:d0:6c:67:8c:
bb:f6:31:66:00:a2:20:ba:05:ff:4d:ad:9b:f7:d9:4b:ed:a5:
21:66:b1:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQksmqvkBidKMr2xVPLTnN6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjUwMTAyMDE0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjE0Y2VlZDYwNWE2NGNiYmYwZWJkNGRmMGQyMjI1NGJmNTcwYTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSd0AtVpLgvugvBZdsTR1SL26gex
oRKzJGBj8Ja9VdiP0uVQuqnssCAfRJXBw3fJj+i6++xd79/j/Y6Mw7kqUj7H63NH
IREtbjysTQSySN82bl2FB5xcGeRwH2JUjiCS1yvPX0dVPd4yZjBcFTwwwtwk80+2
427QNJ1BD7SjxoGFCEL31aXHJ1En38OnXyBiLM2L/iM8tofvo2vmLl+yU29f/+cW
jUOdeVpZIFxB9twUzy4VkShcc1qbyzaugKC/9a07GHuif2Ovuw+p80hRt+VceJQd
ppalMYt52Ien+2evoyXMmdBqsM+8Jn/V87TxHHeFCTfMLmBe3U0FEZ4OwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAIUzu1gWmTLvw69TfDSIlS/VwqVMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvQWhUTzdXQmFaTXVfRHIxTjhOSWlWTDlYQ3BVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuXtkMA0G
CSqGSIb3DQEBCwUAA4IBAQBeXon7en/N6lVkDPWWIMow8Ih2kfXxzPqXQ95JWGYQ
JGMdfCmHZuTJRKB7MXZIZlWDXl8ZyebQ5+yjSXlQPR4YoVlwXMwIZlcHJgKS7wby
wet8vl/ApDaIyLco8iDla3qM/ZtLcJIlWYe7wYkrKAInUghxSbSu2pgXjZ5SengV
6SvX8yyIqkrr4JwCHRhkCR+rjh7kiAFTpbRcEr7xrcwqTq664OE/fIl3CucM8g92
E7uhOu/QAUz66TXN0iJ8NObDvDWgmD0WhFsu6yVec78vXg9qwx3LU2Jdgaayp/97
VwMejgjMUNBsZ4y79jFmAKIgugX/Ta2b99lL7aUhZrGj
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:25:55 2025 by rpki-client