Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/5zGonyGbziYUvusSh8Q5DC8llVk.roa
File: 5zGonyGbziYUvusSh8Q5DC8llVk.roa (raw, json)
Hash identifier: S1qJmZBpZMGg2baTrfrvnMFHCPji28boUDCTeMahmcM=
Subject key identifier: E7:31:A8:9F:21:9B:CE:26:14:BE:EB:12:87:C4:39:0C:2F:25:95:59
Certificate issuer: /CN=2995944e84dc37ba6a42d68bb1e2b9a4421e84a4
Certificate serial: 019422FB8849B3C1F97AD09D606296C54669
Authority key identifier: 29:95:94:4E:84:DC:37:BA:6A:42:D6:8B:B1:E2:B9:A4:42:1E:84:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KZWUToTcN7pqQtaLseK5pEIehKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/5zGonyGbziYUvusSh8Q5DC8llVk.roa
Signing time: Wed 01 Jan 2025 17:48:17 +0000
ROA not before: Wed 01 Jan 2025 17:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 185.214.22.0/24 maxlen: 24
185.214.23.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:88:49:b3:c1:f9:7a:d0:9d:60:62:96:c5:46:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2995944e84dc37ba6a42d68bb1e2b9a4421e84a4
Validity
Not Before: Jan 1 17:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e731a89f219bce2614beeb1287c4390c2f259559
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e5:c7:63:28:bb:8e:58:5d:9f:bf:aa:b1:60:
74:0e:10:60:b5:98:45:ec:47:aa:e0:fc:87:bc:96:
63:a2:c2:40:07:3d:af:8b:83:a4:15:2c:6e:2e:59:
3c:2e:78:ea:b3:a7:67:c1:bf:a2:c3:8d:f4:f9:f5:
1f:58:b4:01:e9:12:76:88:47:8e:94:00:ff:80:70:
b0:be:18:c8:df:c7:c3:f2:46:f3:86:88:51:34:c5:
41:78:b1:0c:bb:d3:c8:92:db:2e:8d:7c:a6:89:32:
23:5e:1f:70:01:f0:e5:54:45:7c:34:9a:b7:b8:0a:
5c:96:7e:6d:12:f1:12:16:ac:43:88:9e:ab:b1:74:
f9:52:a4:25:70:c9:78:a3:c0:d4:07:4e:03:89:b3:
15:13:e4:66:97:5c:d2:68:d9:51:f4:6a:c1:51:1b:
bc:bb:14:c5:bb:62:54:ed:e6:18:1a:44:e0:a9:62:
90:30:9b:30:0b:f7:17:7a:e6:1b:66:ca:ba:be:c7:
ac:7e:3d:40:d0:a8:4e:5b:df:19:2f:e9:da:48:26:
69:1a:0c:08:2f:7a:48:72:26:07:08:fc:17:bd:63:
ba:c7:18:6f:54:60:83:2a:e6:88:f7:8a:3e:53:60:
86:ed:ea:59:18:86:86:c8:1f:28:59:0e:2b:da:cb:
e0:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:31:A8:9F:21:9B:CE:26:14:BE:EB:12:87:C4:39:0C:2F:25:95:59
X509v3 Authority Key Identifier:
keyid:29:95:94:4E:84:DC:37:BA:6A:42:D6:8B:B1:E2:B9:A4:42:1E:84:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KZWUToTcN7pqQtaLseK5pEIehKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/5zGonyGbziYUvusSh8Q5DC8llVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/KZWUToTcN7pqQtaLseK5pEIehKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.22.0/23
Signature Algorithm: sha256WithRSAEncryption
12:f4:cd:56:b6:c0:8d:96:62:14:c1:9a:3c:2f:43:4f:c4:a5:
24:f9:bc:bd:47:08:d5:6b:bb:db:30:2d:0a:66:81:6a:6f:a8:
da:e3:3c:c8:0b:70:b5:47:92:6f:82:c2:6f:75:9d:75:d9:93:
2c:c0:12:8f:f8:2d:e1:9b:41:20:94:df:03:7f:94:85:fc:50:
f2:03:0b:56:56:d1:34:0b:8d:94:50:ed:f5:5a:30:d7:86:c5:
2c:45:e8:d6:39:70:8d:c4:de:03:c9:71:40:f2:85:1a:1d:4c:
1b:d9:c1:7c:7c:de:51:a8:12:a0:e6:2e:e8:41:9b:d5:fe:99:
83:55:c8:f2:49:b7:4c:a9:a1:50:4a:89:7d:51:c7:dd:64:36:
58:0c:af:fa:01:c0:0f:33:e7:91:ed:38:14:f4:7b:e6:0c:a6:
37:97:4e:d3:1c:47:bd:0f:84:4b:bc:89:2a:07:84:ea:c3:1a:
2a:3f:1f:13:d3:8d:56:35:3a:51:30:8e:75:c7:56:e1:65:fc:
23:8f:44:10:c4:09:12:eb:55:ba:0e:08:4d:b5:42:e5:97:01:
03:c5:94:7b:ea:04:d8:ad:9e:c3:b5:b1:f1:b5:56:93:e6:e2:
f4:43:43:7b:fc:40:23:3e:a8:64:f5:0f:67:1a:00:b5:07:9d:
05:4c:f4:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+4hJs8H5etCdYGKWxUZpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OTU5NDRlODRkYzM3YmE2YTQyZDY4YmIxZTJiOWE0NDIx
ZTg0YTQwHhcNMjUwMTAxMTc0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzMxYTg5ZjIxOWJjZTI2MTRiZWViMTI4N2M0MzkwYzJmMjU5NTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+XHYyi7jlhdn7+qsWB0DhBgtZhF
7Eeq4PyHvJZjosJABz2vi4OkFSxuLlk8Lnjqs6dnwb+iw430+fUfWLQB6RJ2iEeO
lAD/gHCwvhjI38fD8kbzhohRNMVBeLEMu9PIktsujXymiTIjXh9wAfDlVEV8NJq3
uApcln5tEvESFqxDiJ6rsXT5UqQlcMl4o8DUB04DibMVE+Rml1zSaNlR9GrBURu8
uxTFu2JU7eYYGkTgqWKQMJswC/cXeuYbZsq6vsesfj1A0KhOW98ZL+naSCZpGgwI
L3pIciYHCPwXvWO6xxhvVGCDKuaI94o+U2CG7epZGIaGyB8oWQ4r2svgCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOcxqJ8hm84mFL7rEofEOQwvJZVZMB8GA1UdIwQY
MBaAFCmVlE6E3De6akLWi7HiuaRCHoSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1pXVVRvVGNON3BxUXRhTHNlSzVwRUllaEtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hMTIwNjktYTA2MS00NDJlLTliZmIt
MzM4YmRkNDM5ZWUxLzEvNXpHb255R2J6aVlVdnVzU2g4UTVEQzhsbFZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hMTIwNjktYTA2MS00NDJlLTliZmItMzM4YmRkNDM5ZWUx
LzEvS1pXVVRvVGNON3BxUXRhTHNlSzVwRUllaEtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBudYWMA0G
CSqGSIb3DQEBCwUAA4IBAQAS9M1WtsCNlmIUwZo8L0NPxKUk+by9RwjVa7vbMC0K
ZoFqb6ja4zzIC3C1R5JvgsJvdZ112ZMswBKP+C3hm0EglN8Df5SF/FDyAwtWVtE0
C42UUO31WjDXhsUsRejWOXCNxN4DyXFA8oUaHUwb2cF8fN5RqBKg5i7oQZvV/pmD
VcjySbdMqaFQSol9UcfdZDZYDK/6AcAPM+eR7TgU9HvmDKY3l07THEe9D4RLvIkq
B4TqwxoqPx8T041WNTpRMI51x1bhZfwjj0QQxAkS61W6DghNtULllwEDxZR76gTY
rZ7DtbHxtVaT5uL0Q0N7/EAjPqhk9Q9nGgC1B50FTPRT
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:17:59 2025 by rpki-client