Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/87c3ee-d086-4559-90d4-f3ba9e7ec78f/1/t0XVsW3KhrwczNEOHbRdR3i61oc.roa
File: t0XVsW3KhrwczNEOHbRdR3i61oc.roa (raw, json)
Hash identifier: mBnUis+NV151nsEQMLvZPrLSoA0ZGckWbG0+gCRhZII=
Subject key identifier: B7:45:D5:B1:6D:CA:86:BC:1C:CC:D1:0E:1D:B4:5D:47:78:BA:D6:87
Certificate issuer: /CN=f998035895f95549c2cdaac3f005446cbdd11c02
Certificate serial: 0189FF3117C131BB545D6306A889E47AE0D3
Authority key identifier: F9:98:03:58:95:F9:55:49:C2:CD:AA:C3:F0:05:44:6C:BD:D1:1C:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-ZgDWJX5VUnCzarD8AVEbL3RHAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/87c3ee-d086-4559-90d4-f3ba9e7ec78f/1/t0XVsW3KhrwczNEOHbRdR3i61oc.roa
Signing time: Wed 16 Aug 2023 16:32:34 +0000
ROA not before: Wed 16 Aug 2023 16:32:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.250.43.0/24 maxlen: 24
185.250.42.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ff:31:17:c1:31:bb:54:5d:63:06:a8:89:e4:7a:e0:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f998035895f95549c2cdaac3f005446cbdd11c02
Validity
Not Before: Aug 16 16:32:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b745d5b16dca86bc1cccd10e1db45d4778bad687
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:14:eb:0a:45:8a:29:ee:7e:79:59:2e:60:77:
6c:16:8e:13:5f:cc:65:bb:a0:10:fd:fd:68:a5:82:
19:05:68:72:38:32:7c:63:72:eb:b4:85:c2:9c:0f:
77:7b:f2:95:30:e9:75:33:9f:57:18:a9:13:c5:50:
7a:44:b6:2a:e1:48:28:e3:cd:c8:40:5d:a4:a8:8f:
bc:75:cc:ec:26:20:01:55:30:b2:dd:e8:59:3d:c5:
f0:d6:a0:9d:ad:c8:58:60:ac:b3:80:6c:b2:2c:63:
8e:e3:c4:27:60:47:ce:bd:aa:8e:df:cd:9a:13:d6:
66:fd:23:01:ea:81:ad:5f:68:ef:f8:18:ab:8a:ec:
95:00:97:5a:10:bf:f0:b1:c4:ef:93:85:51:4a:61:
a0:39:78:db:1d:76:f8:89:a0:98:b1:2b:67:b7:aa:
c0:cf:05:c2:6d:c0:7e:b2:96:16:df:04:67:04:92:
c3:7b:84:ac:d4:2e:93:9f:45:6b:cf:a0:92:1f:ef:
a7:8c:06:a4:72:46:86:f2:dc:86:fa:c0:c3:bc:a7:
d3:cc:0c:79:13:14:fe:97:33:e9:ef:d3:f7:05:17:
74:f4:43:f1:27:5c:0a:90:8b:76:7a:fb:59:3d:95:
a9:1b:b0:0e:6a:db:13:9d:3d:f1:d2:af:d6:ac:d5:
e9:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:45:D5:B1:6D:CA:86:BC:1C:CC:D1:0E:1D:B4:5D:47:78:BA:D6:87
X509v3 Authority Key Identifier:
keyid:F9:98:03:58:95:F9:55:49:C2:CD:AA:C3:F0:05:44:6C:BD:D1:1C:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-ZgDWJX5VUnCzarD8AVEbL3RHAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/87c3ee-d086-4559-90d4-f3ba9e7ec78f/1/t0XVsW3KhrwczNEOHbRdR3i61oc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/87c3ee-d086-4559-90d4-f3ba9e7ec78f/1/1-ZgDWJX5VUnCzarD8AVEbL3RHAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.42.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:19:42:9c:bd:4d:49:ac:68:8d:b9:5d:7f:a2:51:a9:04:eb:
63:28:3b:53:8a:39:37:93:90:d3:0b:65:48:b9:4c:3a:f3:51:
9f:26:b4:c2:73:ed:4e:47:ee:bf:b8:12:ae:f2:e9:bc:02:67:
32:61:ef:89:e3:5d:e4:47:54:23:f8:ac:49:a9:88:09:6a:94:
5a:e5:03:7a:dd:8f:43:34:30:b5:f4:a0:78:32:ba:d2:4b:86:
d5:aa:4b:0c:ab:71:8b:ab:bd:07:53:8e:ca:3c:33:63:fb:d5:
ed:00:b6:42:85:55:28:31:c5:bf:4b:5f:2b:b8:19:56:32:8b:
ae:be:68:5a:c5:03:eb:74:bb:a0:53:d7:37:67:7d:39:30:45:
31:ab:22:de:60:a6:d4:e0:3f:10:6e:af:4a:de:30:3b:8c:f6:
6e:39:be:59:cb:61:e6:cf:88:f4:70:e8:e2:c9:60:45:7b:68:
2b:e0:88:5d:e6:b1:70:eb:49:da:1f:01:76:72:1f:ca:26:b0:
03:0f:9a:c3:8a:81:4a:9c:8d:9b:dc:96:85:58:3d:02:a5:42:
99:4b:9c:f3:bb:c1:00:6c:1c:93:c9:46:f6:5e:04:cc:4a:bf:
81:79:c2:eb:6c:01:26:e8:d2:99:01:94:a4:4b:ec:51:b9:52:
70:9f:4c:b2
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYn/MRfBMbtUXWMGqInkeuDTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5OTgwMzU4OTVmOTU1NDljMmNkYWFjM2YwMDU0NDZjYmRk
MTFjMDIwHhcNMjMwODE2MTYzMjM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzQ1ZDViMTZkY2E4NmJjMWNjY2QxMGUxZGI0NWQ0Nzc4YmFkNjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBTrCkWKKe5+eVkuYHdsFo4TX8xl
u6AQ/f1opYIZBWhyODJ8Y3LrtIXCnA93e/KVMOl1M59XGKkTxVB6RLYq4Ugo483I
QF2kqI+8dczsJiABVTCy3ehZPcXw1qCdrchYYKyzgGyyLGOO48QnYEfOvaqO382a
E9Zm/SMB6oGtX2jv+BiriuyVAJdaEL/wscTvk4VRSmGgOXjbHXb4iaCYsStnt6rA
zwXCbcB+spYW3wRnBJLDe4Ss1C6Tn0Vrz6CSH++njAakckaG8tyG+sDDvKfTzAx5
ExT+lzPp79P3BRd09EPxJ1wKkIt2evtZPZWpG7AOatsTnT3x0q/WrNXpJwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFLdF1bFtyoa8HMzRDh20XUd4utaHMB8GA1UdIwQY
MBaAFPmYA1iV+VVJws2qw/AFRGy90RwCMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1aZ0RXSlg1VlVuQ3phckQ4QVZFYkwzUkhBSS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDQvODdjM2VlLWQwODYtNDU1OS05MGQ0
LWYzYmE5ZTdlYzc4Zi8xL3QwWFZzVzNLaHJ3Y3pORU9IYlJkUjNpNjFvYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDQvODdjM2VlLWQwODYtNDU1OS05MGQ0LWYzYmE5ZTdlYzc4
Zi8xLzEtWmdEV0pYNVZVbkN6YXJEOEFWRWJMM1JIQUkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAG5+iow
DQYJKoZIhvcNAQELBQADggEBAD0ZQpy9TUmsaI25XX+iUakE62MoO1OKOTeTkNML
ZUi5TDrzUZ8mtMJz7U5H7r+4Eq7y6bwCZzJh74njXeRHVCP4rEmpiAlqlFrlA3rd
j0M0MLX0oHgyutJLhtWqSwyrcYurvQdTjso8M2P71e0AtkKFVSgxxb9LXyu4GVYy
i66+aFrFA+t0u6BT1zdnfTkwRTGrIt5gptTgPxBur0reMDuM9m45vlnLYebPiPRw
6OLJYEV7aCvgiF3msXDrSdofAXZyH8omsAMPmsOKgUqcjZvcloVYPQKlQplLnPO7
wQBsHJPJRvZeBMxKv4F5wutsASbo0pkBlKRL7FG5UnCfTLI=
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:49:36 2025 by rpki-client