Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/CvGHepAgyhQF29vgwO5RLU27Tig.roa
File: CvGHepAgyhQF29vgwO5RLU27Tig.roa (raw, json)
Hash identifier: MTqSAP2ijcRiLN3/AxskccxaBqUIlze/F2fZZstIpd0=
Subject key identifier: 0A:F1:87:7A:90:20:CA:14:05:DB:DB:E0:C0:EE:51:2D:4D:BB:4E:28
Certificate issuer: /CN=836528e152b6dcba1571241ac55be5bce01118b7
Certificate serial: 01941F8C03760EFA989C957C5ECBF24F8C43
Authority key identifier: 83:65:28:E1:52:B6:DC:BA:15:71:24:1A:C5:5B:E5:BC:E0:11:18:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g2Uo4VK23LoVcSQaxVvlvOARGLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/CvGHepAgyhQF29vgwO5RLU27Tig.roa
Signing time: Wed 01 Jan 2025 01:47:37 +0000
ROA not before: Wed 01 Jan 2025 01:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 265554
IP address blocks: 185.198.100.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:03:76:0e:fa:98:9c:95:7c:5e:cb:f2:4f:8c:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=836528e152b6dcba1571241ac55be5bce01118b7
Validity
Not Before: Jan 1 01:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0af1877a9020ca1405dbdbe0c0ee512d4dbb4e28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:3a:20:a3:8b:81:a8:59:bc:cb:90:ee:15:32:
fe:d9:e5:86:19:94:ae:ac:16:ac:5e:af:b2:88:a8:
8a:c0:ed:f8:92:ef:0d:0b:a9:3a:c3:a7:b9:7c:af:
6c:75:d5:73:78:b5:fc:22:17:ac:e2:ec:e6:ac:c5:
7b:b2:89:f6:a5:8c:68:60:38:1e:ba:4d:6e:3e:d0:
08:1a:39:72:e6:f9:af:69:8c:63:2e:7d:e4:12:ce:
ed:fd:93:fd:e7:3d:a6:a9:e8:c2:63:2b:ae:48:23:
4d:a0:f4:96:45:e6:b1:a9:23:83:73:93:c5:d5:ef:
98:81:91:83:01:e7:1e:12:e2:03:89:18:7a:9d:49:
cc:94:a7:c6:88:f0:d5:a8:09:8d:69:78:68:04:07:
a7:10:a3:ec:ec:22:e0:37:ad:4d:0f:25:16:d9:ce:
5c:df:56:2c:54:6f:7b:7f:37:ad:8c:d7:77:56:e4:
71:af:ea:20:7f:be:5e:97:bf:e2:68:6f:c0:c1:09:
ef:be:6e:30:c7:0d:33:db:39:3b:fc:76:b1:a5:c0:
5c:1f:a5:b5:fd:b4:6f:27:07:e5:ad:c1:a9:14:b2:
c5:49:a5:5d:ad:62:d9:a6:9a:b0:27:0e:b2:86:02:
1e:f6:5b:c1:3d:2d:c2:96:ec:4f:e2:91:34:eb:11:
1f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:F1:87:7A:90:20:CA:14:05:DB:DB:E0:C0:EE:51:2D:4D:BB:4E:28
X509v3 Authority Key Identifier:
keyid:83:65:28:E1:52:B6:DC:BA:15:71:24:1A:C5:5B:E5:BC:E0:11:18:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g2Uo4VK23LoVcSQaxVvlvOARGLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/CvGHepAgyhQF29vgwO5RLU27Tig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/g2Uo4VK23LoVcSQaxVvlvOARGLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.100.0/22
Signature Algorithm: sha256WithRSAEncryption
98:88:8f:75:f3:da:45:a1:90:18:98:a8:8b:d7:30:b8:94:44:
3f:a0:66:d8:01:c3:38:04:8d:ce:8e:d0:21:af:29:d4:98:e5:
7f:bc:42:d4:da:de:aa:c2:aa:34:c4:b9:12:78:3f:f0:04:61:
76:d9:bc:5f:f7:94:14:3a:0d:a0:82:5e:fb:bd:6b:d1:7b:3f:
5a:d6:7d:a6:83:cb:c9:64:89:46:c6:40:34:5a:56:f4:b5:ee:
84:42:6a:36:d0:fb:ad:f6:89:95:f8:9d:32:66:42:d6:41:dd:
0e:5a:0b:7b:7c:12:18:dd:5d:e2:00:9c:6a:e4:16:37:8f:94:
75:d8:83:03:19:3b:c5:76:be:05:7c:ff:68:52:e8:69:42:cb:
22:47:5c:07:9c:fd:e0:33:af:a1:bc:7b:0c:43:9a:cd:f0:19:
cb:85:9c:e0:b7:f0:aa:fc:9d:eb:0f:b9:a9:0a:62:29:cc:fe:
b1:73:7c:39:3f:69:73:b6:2c:b1:a9:64:ad:51:b8:3d:37:e3:
10:32:f4:6e:b0:25:e2:b7:e3:5b:71:55:9e:ac:9a:0c:ea:80:
5a:36:16:17:2b:9d:f9:41:0f:b7:79:cb:45:fb:2e:bc:dd:9b:
4a:67:da:da:e6:9e:e0:9f:09:24:c9:2c:43:f8:c1:37:49:a4:
83:8a:18:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjAN2DvqYnJV8XsvyT4xDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNjUyOGUxNTJiNmRjYmExNTcxMjQxYWM1NWJlNWJjZTAx
MTE4YjcwHhcNMjUwMTAxMDE0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWYxODc3YTkwMjBjYTE0MDVkYmRiZTBjMGVlNTEyZDRkYmI0ZTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjogo4uBqFm8y5DuFTL+2eWGGZSu
rBasXq+yiKiKwO34ku8NC6k6w6e5fK9sddVzeLX8Ihes4uzmrMV7son2pYxoYDge
uk1uPtAIGjly5vmvaYxjLn3kEs7t/ZP95z2mqejCYyuuSCNNoPSWReaxqSODc5PF
1e+YgZGDAeceEuIDiRh6nUnMlKfGiPDVqAmNaXhoBAenEKPs7CLgN61NDyUW2c5c
31YsVG97fzetjNd3VuRxr+ogf75el7/iaG/AwQnvvm4wxw0z2zk7/HaxpcBcH6W1
/bRvJwflrcGpFLLFSaVdrWLZppqwJw6yhgIe9lvBPS3CluxP4pE06xEfLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFArxh3qQIMoUBdvb4MDuUS1Nu04oMB8GA1UdIwQY
MBaAFINlKOFStty6FXEkGsVb5bzgERi3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzJVbzRWSzIzTG9WY1NRYXhWdmx2T0FSR0xjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC83YzcwZjQtNWYzYS00ZmQzLTg4M2Mt
ZWI5NDE1ZWM1NDhhLzEvQ3ZHSGVwQWd5aFFGMjl2Z3dPNVJMVTI3VGlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC83YzcwZjQtNWYzYS00ZmQzLTg4M2MtZWI5NDE1ZWM1NDhh
LzEvZzJVbzRWSzIzTG9WY1NRYXhWdmx2T0FSR0xjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucZkMA0G
CSqGSIb3DQEBCwUAA4IBAQCYiI9189pFoZAYmKiL1zC4lEQ/oGbYAcM4BI3OjtAh
rynUmOV/vELU2t6qwqo0xLkSeD/wBGF22bxf95QUOg2ggl77vWvRez9a1n2mg8vJ
ZIlGxkA0Wlb0te6EQmo20Put9omV+J0yZkLWQd0OWgt7fBIY3V3iAJxq5BY3j5R1
2IMDGTvFdr4FfP9oUuhpQssiR1wHnP3gM6+hvHsMQ5rN8BnLhZzgt/Cq/J3rD7mp
CmIpzP6xc3w5P2lztiyxqWStUbg9N+MQMvRusCXit+NbcVWerJoM6oBaNhYXK535
QQ+3ectF+y683ZtKZ9ra5p7gnwkkySxD+ME3SaSDihjS
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:33:27 2025 by rpki-client