Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/0f18df-26ef-4ec6-8667-7218855646e3/1/VpkCsO4Sj1kfftcY5G5XJmTJEG0.roa
File: VpkCsO4Sj1kfftcY5G5XJmTJEG0.roa (raw, json)
Hash identifier: ETNkYiblCUpkwdU3IL2iumD+BXzDHtOGaGe3dN4NhPg=
Subject key identifier: 56:99:02:B0:EE:12:8F:59:1F:7E:D7:18:E4:6E:57:26:64:C9:10:6D
Certificate issuer: /CN=98e18fadaef7232d3161886acbea8ab323cf3570
Certificate serial: 0194221F83E588A253C3D6370A1067E3CE64
Authority key identifier: 98:E1:8F:AD:AE:F7:23:2D:31:61:88:6A:CB:EA:8A:B3:23:CF:35:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mOGPra73Iy0xYYhqy-qKsyPPNXA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/0f18df-26ef-4ec6-8667-7218855646e3/1/VpkCsO4Sj1kfftcY5G5XJmTJEG0.roa
Signing time: Wed 01 Jan 2025 13:47:58 +0000
ROA not before: Wed 01 Jan 2025 13:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 185.222.249.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:83:e5:88:a2:53:c3:d6:37:0a:10:67:e3:ce:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98e18fadaef7232d3161886acbea8ab323cf3570
Validity
Not Before: Jan 1 13:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=569902b0ee128f591f7ed718e46e572664c9106d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:6a:1d:84:f0:4a:ca:30:ea:41:3f:e1:2b:fb:
82:72:28:2e:d7:91:f5:79:9c:dd:0d:58:14:dd:86:
b7:70:fb:2a:4f:27:61:00:e0:da:95:0f:64:64:97:
be:91:fb:82:94:ed:de:02:d8:52:4c:3d:b8:23:8d:
a2:a1:01:c8:ff:ae:fc:af:82:7e:a0:62:85:2f:1c:
25:a0:62:ff:74:1d:aa:1c:53:75:cb:00:79:4d:1d:
d9:4c:44:6f:e5:ca:96:02:36:b8:9f:26:6f:28:50:
0b:35:03:87:1a:dc:72:f1:8e:69:8f:d9:90:db:7b:
1e:ba:52:3b:98:f2:23:2a:bb:fe:5b:c1:b1:62:98:
9c:d8:ff:c4:71:d5:12:3b:ad:5c:ea:01:56:63:73:
31:30:27:d4:37:26:d1:6b:54:63:d1:76:dd:91:00:
b9:39:10:ba:b5:b4:40:11:6f:48:6d:08:94:8a:04:
04:66:f2:7e:09:f1:a0:b5:4e:c4:e6:e6:75:11:10:
0f:3c:98:96:51:ab:dc:b1:b3:57:21:d0:40:c3:8e:
a3:9e:2c:3b:96:35:92:10:83:e5:3e:e0:ac:f8:c5:
2f:bd:8a:75:b2:19:6c:57:d0:b6:b0:8f:0c:aa:af:
ad:ef:d1:ce:e1:f7:42:e1:ce:7a:12:75:39:dc:e8:
11:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:99:02:B0:EE:12:8F:59:1F:7E:D7:18:E4:6E:57:26:64:C9:10:6D
X509v3 Authority Key Identifier:
keyid:98:E1:8F:AD:AE:F7:23:2D:31:61:88:6A:CB:EA:8A:B3:23:CF:35:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mOGPra73Iy0xYYhqy-qKsyPPNXA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/0f18df-26ef-4ec6-8667-7218855646e3/1/VpkCsO4Sj1kfftcY5G5XJmTJEG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/0f18df-26ef-4ec6-8667-7218855646e3/1/mOGPra73Iy0xYYhqy-qKsyPPNXA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.249.0/24
Signature Algorithm: sha256WithRSAEncryption
14:a3:a4:c6:57:18:d9:be:a0:b5:10:ac:d3:e1:67:b2:ee:94:
a5:54:9a:24:fc:9e:e3:25:41:90:dd:be:ee:c2:b5:8c:67:aa:
f2:0a:0a:73:7d:8d:13:3c:73:69:cd:63:64:d6:89:91:2a:6d:
25:de:4a:c4:e3:15:c8:ef:5a:59:40:84:d4:d1:1b:49:96:ad:
e7:00:c9:d2:06:fc:6f:5f:0c:36:e8:e0:60:6d:22:d6:db:3b:
76:df:df:66:ee:c3:3b:40:c0:14:54:4f:66:3a:5b:2a:0d:b1:
87:5f:07:63:d0:ea:1b:80:90:ae:f2:37:a1:7e:ec:81:ad:78:
73:e3:14:02:5a:03:ce:58:7f:95:4c:1d:cd:eb:e2:d0:5b:6b:
18:99:7f:96:08:78:8a:2d:80:bd:b3:14:53:96:45:54:e9:a0:
e9:38:07:60:05:11:b9:0e:4a:85:d7:ce:e3:31:2c:d0:f7:3f:
ce:ae:1d:67:6e:33:5e:c9:0b:c8:4c:18:4b:f5:8e:dd:14:ba:
1e:ee:53:53:4e:5f:7b:bb:c2:07:25:2b:08:c1:ba:6c:54:7d:
35:a3:24:7b:5e:71:4e:a3:c9:c3:c7:be:01:91:a5:fc:06:9d:
0d:6b:27:2e:16:84:3f:d7:28:98:45:7b:8c:79:71:d1:2d:ac:
84:21:d0:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH4PliKJTw9Y3ChBn485kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4ZTE4ZmFkYWVmNzIzMmQzMTYxODg2YWNiZWE4YWIzMjNj
ZjM1NzAwHhcNMjUwMTAxMTM0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Njk5MDJiMGVlMTI4ZjU5MWY3ZWQ3MThlNDZlNTcyNjY0YzkxMDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGodhPBKyjDqQT/hK/uCcigu15H1
eZzdDVgU3Ya3cPsqTydhAODalQ9kZJe+kfuClO3eAthSTD24I42ioQHI/678r4J+
oGKFLxwloGL/dB2qHFN1ywB5TR3ZTERv5cqWAja4nyZvKFALNQOHGtxy8Y5pj9mQ
23seulI7mPIjKrv+W8GxYpic2P/EcdUSO61c6gFWY3MxMCfUNybRa1Rj0XbdkQC5
ORC6tbRAEW9IbQiUigQEZvJ+CfGgtU7E5uZ1ERAPPJiWUavcsbNXIdBAw46jniw7
ljWSEIPlPuCs+MUvvYp1shlsV9C2sI8Mqq+t79HO4fdC4c56EnU53OgRNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFaZArDuEo9ZH37XGORuVyZkyRBtMB8GA1UdIwQY
MBaAFJjhj62u9yMtMWGIasvqirMjzzVwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbU9HUHJhNzNJeTB4WVlocXktcUtzeVBQTlhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8wZjE4ZGYtMjZlZi00ZWM2LTg2Njct
NzIxODg1NTY0NmUzLzEvVnBrQ3NPNFNqMWtmZnRjWTVHNVhKbVRKRUcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8wZjE4ZGYtMjZlZi00ZWM2LTg2NjctNzIxODg1NTY0NmUz
LzEvbU9HUHJhNzNJeTB4WVlocXktcUtzeVBQTlhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud75MA0G
CSqGSIb3DQEBCwUAA4IBAQAUo6TGVxjZvqC1EKzT4Wey7pSlVJok/J7jJUGQ3b7u
wrWMZ6ryCgpzfY0TPHNpzWNk1omRKm0l3krE4xXI71pZQITU0RtJlq3nAMnSBvxv
Xww26OBgbSLW2zt2399m7sM7QMAUVE9mOlsqDbGHXwdj0OobgJCu8jehfuyBrXhz
4xQCWgPOWH+VTB3N6+LQW2sYmX+WCHiKLYC9sxRTlkVU6aDpOAdgBRG5DkqF187j
MSzQ9z/Orh1nbjNeyQvITBhL9Y7dFLoe7lNTTl97u8IHJSsIwbpsVH01oyR7XnFO
o8nDx74BkaX8Bp0NaycuFoQ/1yiYRXuMeXHRLayEIdAk
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:22:02 2025 by rpki-client