Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9c7aff-d83e-4f51-9b96-5484c39b2d4e/1/ACmM5xMJG5d1YVOZ4RZKGVZYg9k.roa
File: ACmM5xMJG5d1YVOZ4RZKGVZYg9k.roa (raw, json)
Hash identifier: Fvp/3zg9VXW0brdKzJ0fdm3mkA4lR5zaksqsabjZcF4=
Subject key identifier: 00:29:8C:E7:13:09:1B:97:75:61:53:99:E1:16:4A:19:56:58:83:D9
Certificate issuer: /CN=21bfa77b3cd782933e5f255445d428adfbdca0e1
Certificate serial: 019422FC1AD31E5CF8E14ED4448D3C8B6DF6
Authority key identifier: 21:BF:A7:7B:3C:D7:82:93:3E:5F:25:54:45:D4:28:AD:FB:DC:A0:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ib-nezzXgpM-XyVURdQorfvcoOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9c7aff-d83e-4f51-9b96-5484c39b2d4e/1/ACmM5xMJG5d1YVOZ4RZKGVZYg9k.roa
Signing time: Wed 01 Jan 2025 17:48:54 +0000
ROA not before: Wed 01 Jan 2025 17:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13302
IP address blocks: 185.166.16.0/22 maxlen: 24
185.166.17.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:1a:d3:1e:5c:f8:e1:4e:d4:44:8d:3c:8b:6d:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bfa77b3cd782933e5f255445d428adfbdca0e1
Validity
Not Before: Jan 1 17:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00298ce713091b9775615399e1164a19565883d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:dc:44:d6:14:40:06:da:4c:18:45:07:7d:aa:
8e:54:ba:1b:d8:4d:94:8d:66:74:a9:c1:22:81:e1:
c7:1f:bb:dd:2e:6d:dc:88:59:22:3c:1b:0c:28:7d:
30:72:80:43:54:8f:c5:61:36:d4:0f:bf:09:77:6d:
0e:dc:b7:bc:3d:27:82:de:ae:c2:e4:c2:17:4e:2f:
68:9d:26:18:9d:04:43:36:d1:92:c0:ab:5c:9e:bf:
38:85:be:31:a9:19:52:a8:33:0c:df:ee:01:82:c5:
8f:96:25:3f:be:39:ed:0e:28:f5:17:7a:06:92:34:
27:6e:9b:4a:d4:2d:bd:68:d3:51:fd:bd:14:b9:2d:
b4:22:33:a1:eb:a6:dd:3c:74:7e:eb:73:04:30:ce:
b5:93:56:87:65:ee:ee:e3:2b:1d:95:91:39:eb:25:
22:56:62:e3:47:fc:53:51:01:3a:a8:9c:ed:a7:64:
6d:84:8c:d5:fd:27:f2:f7:5d:04:2d:87:f3:12:f8:
f2:c4:f8:ff:6c:1f:6c:13:91:98:9c:8b:d0:16:8d:
ee:aa:ab:12:b0:36:82:65:57:4b:3b:86:44:44:5b:
50:92:8a:ae:90:31:cb:8f:39:09:b8:49:d6:fd:d1:
d0:4d:ab:58:33:d3:42:c7:2b:18:82:36:98:57:4b:
a2:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:29:8C:E7:13:09:1B:97:75:61:53:99:E1:16:4A:19:56:58:83:D9
X509v3 Authority Key Identifier:
keyid:21:BF:A7:7B:3C:D7:82:93:3E:5F:25:54:45:D4:28:AD:FB:DC:A0:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ib-nezzXgpM-XyVURdQorfvcoOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9c7aff-d83e-4f51-9b96-5484c39b2d4e/1/ACmM5xMJG5d1YVOZ4RZKGVZYg9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9c7aff-d83e-4f51-9b96-5484c39b2d4e/1/Ib-nezzXgpM-XyVURdQorfvcoOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.16.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:33:e1:56:c8:62:d9:10:f3:47:41:e3:8d:2c:a6:37:ec:69:
05:4d:da:ef:df:03:8d:6b:34:f2:19:60:9a:f3:56:2a:7f:73:
2c:8f:72:71:a1:d0:a2:d3:c3:39:59:08:a9:e2:33:8d:34:b6:
47:83:bb:0c:21:12:37:be:58:e5:94:ee:0e:bd:f3:7d:56:bf:
25:01:d8:57:8e:6b:3a:27:92:91:0a:b0:6a:2c:49:06:12:43:
84:db:16:57:2d:c1:08:38:8e:51:ab:ea:5e:a1:16:03:cb:e4:
96:5c:3b:e9:e9:a6:ed:6a:7b:91:28:f1:af:2e:ac:5d:62:5b:
12:e0:c5:ef:ef:68:47:53:f9:8a:52:9b:73:9e:50:ea:35:60:
02:8c:f4:54:0f:54:79:d0:3d:dd:9a:90:66:96:61:62:90:1a:
f3:de:6e:a7:3c:7b:ce:6f:79:e9:b8:7c:87:0d:c6:c4:11:f3:
d5:69:58:8f:c7:b3:f4:f5:34:ac:c7:73:dd:3e:22:eb:59:df:
b5:a8:c4:cb:47:04:54:52:8c:32:3b:9c:74:01:b9:f1:6c:91:
9f:d5:4c:ce:ab:08:5d:76:3a:c6:6c:96:98:4d:46:fd:b7:7c:
d5:1c:dd:f6:cc:8b:b6:a9:17:b4:f3:70:00:a9:11:d6:54:03:
7c:c5:8b:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/BrTHlz44U7URI08i232MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmZhNzdiM2NkNzgyOTMzZTVmMjU1NDQ1ZDQyOGFkZmJk
Y2EwZTEwHhcNMjUwMTAxMTc0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDI5OGNlNzEzMDkxYjk3NzU2MTUzOTllMTE2NGExOTU2NTg4M2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9xE1hRABtpMGEUHfaqOVLob2E2U
jWZ0qcEigeHHH7vdLm3ciFkiPBsMKH0wcoBDVI/FYTbUD78Jd20O3Le8PSeC3q7C
5MIXTi9onSYYnQRDNtGSwKtcnr84hb4xqRlSqDMM3+4BgsWPliU/vjntDij1F3oG
kjQnbptK1C29aNNR/b0UuS20IjOh66bdPHR+63MEMM61k1aHZe7u4ysdlZE56yUi
VmLjR/xTUQE6qJztp2RthIzV/Sfy910ELYfzEvjyxPj/bB9sE5GYnIvQFo3uqqsS
sDaCZVdLO4ZERFtQkoqukDHLjzkJuEnW/dHQTatYM9NCxysYgjaYV0ui7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAApjOcTCRuXdWFTmeEWShlWWIPZMB8GA1UdIwQY
MBaAFCG/p3s814KTPl8lVEXUKK373KDhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWItbmV6elhncE0tWHlWVVJkUW9yZnZjb09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85YzdhZmYtZDgzZS00ZjUxLTliOTYt
NTQ4NGMzOWIyZDRlLzEvQUNtTTV4TUpHNWQxWVZPWjRSWktHVlpZZzlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85YzdhZmYtZDgzZS00ZjUxLTliOTYtNTQ4NGMzOWIyZDRl
LzEvSWItbmV6elhncE0tWHlWVVJkUW9yZnZjb09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaYQMA0G
CSqGSIb3DQEBCwUAA4IBAQA6M+FWyGLZEPNHQeONLKY37GkFTdrv3wONazTyGWCa
81Yqf3Msj3JxodCi08M5WQip4jONNLZHg7sMIRI3vljllO4OvfN9Vr8lAdhXjms6
J5KRCrBqLEkGEkOE2xZXLcEIOI5Rq+peoRYDy+SWXDvp6abtanuRKPGvLqxdYlsS
4MXv72hHU/mKUptznlDqNWACjPRUD1R50D3dmpBmlmFikBrz3m6nPHvOb3npuHyH
DcbEEfPVaViPx7P09TSsx3PdPiLrWd+1qMTLRwRUUowyO5x0AbnxbJGf1UzOqwhd
djrGbJaYTUb9t3zVHN32zIu2qRe083AAqRHWVAN8xYvH
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:00:25 2025 by rpki-client