Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/1f75cb-c7b9-4529-bdaf-46c7974bd18a/1/v6sZNB7vHuDSmuOPiFQ5RwhcXZU.roa
File: v6sZNB7vHuDSmuOPiFQ5RwhcXZU.roa (raw, json)
Hash identifier: HNoyOAlUbidKG0QWi+a4Ll+NOheRAU20lbJrFUIG14k=
Subject key identifier: BF:AB:19:34:1E:EF:1E:E0:D2:9A:E3:8F:88:54:39:47:08:5C:5D:95
Certificate issuer: /CN=518aa4993740df8ad38d92cc0c107234e6dfa05c
Certificate serial: 0194258FB88B4EF38B66B98D59FC168B50DC
Authority key identifier: 51:8A:A4:99:37:40:DF:8A:D3:8D:92:CC:0C:10:72:34:E6:DF:A0:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UYqkmTdA34rTjZLMDBByNObfoFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/1f75cb-c7b9-4529-bdaf-46c7974bd18a/1/v6sZNB7vHuDSmuOPiFQ5RwhcXZU.roa
Signing time: Thu 02 Jan 2025 05:49:23 +0000
ROA not before: Thu 02 Jan 2025 05:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50017
IP address blocks: 185.161.128.0/22 maxlen: 22
2a07:c480::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:b8:8b:4e:f3:8b:66:b9:8d:59:fc:16:8b:50:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=518aa4993740df8ad38d92cc0c107234e6dfa05c
Validity
Not Before: Jan 2 05:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bfab19341eef1ee0d29ae38f88543947085c5d95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:f5:c4:d6:f3:da:f6:a9:8f:2c:77:8f:e3:65:
03:07:79:60:da:23:ea:47:45:6e:f1:64:57:bf:d9:
9f:f8:ec:98:c8:5e:61:19:f4:94:8e:ab:6b:d8:c3:
c4:ee:8d:94:19:ec:21:df:a7:c1:55:64:6f:7c:1d:
8e:81:64:6b:22:89:bf:84:c2:cb:cb:d0:91:dd:58:
c8:2e:a6:c0:0b:ca:59:f6:95:46:d7:ab:5e:d9:15:
c4:52:cf:0e:b2:93:28:ac:7e:45:35:c7:9b:ff:1b:
1b:5f:4e:5a:64:66:e3:c9:cc:be:b3:20:8b:94:c6:
f5:c5:10:70:05:40:44:91:3a:6c:a1:f7:83:08:e2:
41:c4:12:11:08:bb:89:6f:15:00:16:7b:ed:ee:9a:
2f:26:20:b5:2c:68:85:df:2d:bf:5c:f1:b3:97:e1:
25:19:1e:c2:e1:c7:77:5f:70:53:54:08:21:43:e4:
ad:15:61:82:88:75:92:9c:a3:78:e5:9a:cd:dc:94:
c0:8e:b5:f6:86:12:fe:0a:da:5d:f3:f3:e7:9c:12:
a0:60:75:19:a7:64:29:a7:27:5c:2f:71:fd:8c:3c:
d3:b5:7e:d9:e0:b6:77:08:f9:6a:ba:c4:cc:4f:bd:
28:e3:57:22:dc:c2:0a:79:fa:1e:32:5a:08:8b:77:
c6:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:AB:19:34:1E:EF:1E:E0:D2:9A:E3:8F:88:54:39:47:08:5C:5D:95
X509v3 Authority Key Identifier:
keyid:51:8A:A4:99:37:40:DF:8A:D3:8D:92:CC:0C:10:72:34:E6:DF:A0:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UYqkmTdA34rTjZLMDBByNObfoFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/1f75cb-c7b9-4529-bdaf-46c7974bd18a/1/v6sZNB7vHuDSmuOPiFQ5RwhcXZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/1f75cb-c7b9-4529-bdaf-46c7974bd18a/1/UYqkmTdA34rTjZLMDBByNObfoFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.128.0/22
IPv6:
2a07:c480::/29
Signature Algorithm: sha256WithRSAEncryption
1a:40:a6:0d:25:88:c3:cb:ca:76:5b:c5:95:4c:ed:18:3c:8b:
07:47:42:82:68:ed:43:8f:c9:fd:31:78:b0:be:09:07:d8:03:
8a:b4:82:ee:a2:ca:3b:1c:0d:05:f7:34:cf:65:67:6b:bb:89:
90:6f:bd:a6:de:43:b3:39:03:1d:98:39:ec:02:ed:a8:0b:52:
c1:47:9e:b2:68:71:37:6b:c9:93:66:fb:9f:98:75:b7:e5:45:
1f:7a:cf:b0:50:3f:2f:ca:e6:90:11:6e:58:68:43:5d:a1:a4:
10:d2:68:b2:a9:76:cb:8d:18:20:c7:64:3f:53:97:33:e4:fd:
d7:ab:c0:40:49:f9:c1:c5:8a:50:f9:7d:75:bc:61:64:82:1b:
30:2f:88:9e:e6:c8:51:11:8e:8a:ce:03:da:5b:ca:34:80:24:
05:62:ff:b2:b6:8e:58:3f:5e:b3:7b:b1:43:91:a4:8c:91:f1:
bf:66:09:d5:92:d4:17:c9:3b:55:57:00:ec:56:1e:c9:a8:a6:
64:55:ac:b7:70:ad:40:86:4b:13:98:3b:1e:a0:d7:9c:f7:57:
13:c9:47:26:39:94:7b:48:bf:17:bf:a7:4e:b5:8a:8a:28:ac:
47:04:97:bf:1c:79:72:97:8b:e6:84:da:1f:ba:c0:5b:b5:4e:
be:2f:72:80
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlj7iLTvOLZrmNWfwWi1DcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxOGFhNDk5Mzc0MGRmOGFkMzhkOTJjYzBjMTA3MjM0ZTZk
ZmEwNWMwHhcNMjUwMTAyMDU0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmFiMTkzNDFlZWYxZWUwZDI5YWUzOGY4ODU0Mzk0NzA4NWM1ZDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvXE1vPa9qmPLHeP42UDB3lg2iPq
R0Vu8WRXv9mf+OyYyF5hGfSUjqtr2MPE7o2UGewh36fBVWRvfB2OgWRrIom/hMLL
y9CR3VjILqbAC8pZ9pVG16te2RXEUs8OspMorH5FNceb/xsbX05aZGbjycy+syCL
lMb1xRBwBUBEkTpsofeDCOJBxBIRCLuJbxUAFnvt7povJiC1LGiF3y2/XPGzl+El
GR7C4cd3X3BTVAghQ+StFWGCiHWSnKN45ZrN3JTAjrX2hhL+Ctpd8/PnnBKgYHUZ
p2QppydcL3H9jDzTtX7Z4LZ3CPlqusTMT70o41ci3MIKefoeMloIi3fG2wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL+rGTQe7x7g0prjj4hUOUcIXF2VMB8GA1UdIwQY
MBaAFFGKpJk3QN+K042SzAwQcjTm36BcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVlxa21UZEEzNHJUalpMTURCQnlOT2Jmb0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS8xZjc1Y2ItYzdiOS00NTI5LWJkYWYt
NDZjNzk3NGJkMThhLzEvdjZzWk5CN3ZIdURTbXVPUGlGUTVSd2hjWFpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS8xZjc1Y2ItYzdiOS00NTI5LWJkYWYtNDZjNzk3NGJkMThh
LzEvVVlxa21UZEEzNHJUalpMTURCQnlOT2Jmb0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaGAMA0E
AgACMAcDBQMqB8SAMA0GCSqGSIb3DQEBCwUAA4IBAQAaQKYNJYjDy8p2W8WVTO0Y
PIsHR0KCaO1Dj8n9MXiwvgkH2AOKtILuoso7HA0F9zTPZWdru4mQb72m3kOzOQMd
mDnsAu2oC1LBR56yaHE3a8mTZvufmHW35UUfes+wUD8vyuaQEW5YaENdoaQQ0miy
qXbLjRggx2Q/U5cz5P3Xq8BASfnBxYpQ+X11vGFkghswL4ie5shREY6KzgPaW8o0
gCQFYv+yto5YP16ze7FDkaSMkfG/ZgnVktQXyTtVVwDsVh7JqKZkVay3cK1AhksT
mDseoNec91cTyUcmOZR7SL8Xv6dOtYqKKKxHBJe/HHlyl4vmhNofusBbtU6+L3KA
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:03:10 2025 by rpki-client