Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/4a839e-c86a-49ee-989e-7c42c494ef8d/1/pONh1xk9wpuoFXK75syfKuoFq_M.roa
File: pONh1xk9wpuoFXK75syfKuoFq_M.roa (raw, json)
Hash identifier: oDyYUEQ5jvscirpZy9vZHGqAU0dVcasjiTfOVg84/2o=
Subject key identifier: A4:E3:61:D7:19:3D:C2:9B:A8:15:72:BB:E6:CC:9F:2A:EA:05:AB:F3
Certificate issuer: /CN=b754992ba488a872c89cbdf42ca4df895e609c53
Certificate serial: 018BCE9E394F1C8C847FF24F3D7356CC7893
Authority key identifier: B7:54:99:2B:A4:88:A8:72:C8:9C:BD:F4:2C:A4:DF:89:5E:60:9C:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t1SZK6SIqHLInL30LKTfiV5gnFM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/4a839e-c86a-49ee-989e-7c42c494ef8d/1/pONh1xk9wpuoFXK75syfKuoFq_M.roa
Signing time: Tue 14 Nov 2023 16:15:57 +0000
ROA not before: Tue 14 Nov 2023 16:15:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 185.130.30.0/24 maxlen: 24
185.130.29.0/24 maxlen: 24
185.130.28.0/22 maxlen: 24
193.163.126.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ce:9e:39:4f:1c:8c:84:7f:f2:4f:3d:73:56:cc:78:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b754992ba488a872c89cbdf42ca4df895e609c53
Validity
Not Before: Nov 14 16:15:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4e361d7193dc29ba81572bbe6cc9f2aea05abf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:03:4b:de:f1:3b:f4:c1:ed:1d:be:df:21:a3:
a3:bb:b2:11:a2:e8:5c:a1:62:1d:ca:80:c0:a8:3a:
aa:35:2f:69:df:0e:27:b2:4d:0f:b5:c8:ca:d9:f6:
5a:c5:fa:c2:73:11:4d:19:13:92:f6:b3:8a:1f:57:
b3:5b:72:00:35:b5:df:fa:52:0d:09:92:14:29:04:
62:09:90:d2:8d:07:7f:5e:ab:69:7d:ee:c0:af:02:
7f:ef:10:ed:e7:d5:2d:4b:3f:8d:98:8e:c5:67:6c:
66:c5:10:ec:f4:2b:86:09:c3:b3:6b:42:3b:8c:c4:
7c:0b:09:43:f3:ce:7a:f1:f8:eb:30:c3:58:9d:ae:
e6:82:ae:fb:f8:ef:8e:58:f4:16:51:a0:2c:9c:80:
15:87:60:20:73:06:83:4d:54:d2:34:09:2d:7c:87:
88:af:99:38:e1:58:d1:3d:44:e4:aa:1a:d5:19:9f:
ca:17:77:7e:b8:12:7d:e2:41:11:87:18:40:c9:7f:
10:22:a2:ef:18:50:b1:72:a1:6d:d8:a2:63:a3:fe:
2a:e6:8b:ff:b6:04:ce:ec:05:d3:a0:ab:03:73:5e:
06:2b:a8:d4:a1:54:ef:f7:32:d1:df:a9:0d:a8:d3:
73:80:d7:fc:e3:00:74:6c:7f:64:0e:76:fc:70:04:
47:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:E3:61:D7:19:3D:C2:9B:A8:15:72:BB:E6:CC:9F:2A:EA:05:AB:F3
X509v3 Authority Key Identifier:
keyid:B7:54:99:2B:A4:88:A8:72:C8:9C:BD:F4:2C:A4:DF:89:5E:60:9C:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t1SZK6SIqHLInL30LKTfiV5gnFM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/4a839e-c86a-49ee-989e-7c42c494ef8d/1/pONh1xk9wpuoFXK75syfKuoFq_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/4a839e-c86a-49ee-989e-7c42c494ef8d/1/t1SZK6SIqHLInL30LKTfiV5gnFM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.130.28.0/22
193.163.126.0/24
Signature Algorithm: sha256WithRSAEncryption
60:92:0d:a1:ea:a0:ee:02:6c:92:62:8f:32:0a:d8:80:9b:67:
39:26:83:3b:54:dd:74:f1:84:29:57:9c:ec:ed:2b:78:d5:d7:
7c:ae:b6:a7:e2:71:be:fb:92:94:74:b7:b0:1e:45:4f:8b:29:
d4:13:4d:b3:18:c0:28:af:ca:c1:da:44:1a:fa:08:76:54:12:
6a:86:aa:b1:52:81:68:33:6d:11:80:29:dd:7a:eb:9e:2f:5e:
d2:7d:80:53:36:d1:e0:b9:1d:17:92:f0:56:ec:22:f8:a6:f5:
7e:c4:4e:d8:53:17:74:47:58:89:7e:e8:62:55:fc:f8:f9:38:
56:20:2e:d5:fc:de:fc:1d:16:b1:f3:33:5a:ab:4c:6a:49:ac:
9d:29:ea:4a:36:e1:0d:29:f0:ce:5a:8a:7a:7e:d2:cc:05:de:
34:97:1e:0d:1d:75:5e:77:90:da:96:bd:be:07:e5:fe:43:83:
57:b3:a1:7f:85:a2:5d:61:bc:a0:91:79:15:aa:f3:aa:95:fb:
f1:85:93:2c:94:2f:e6:fe:62:8e:88:54:a3:bb:36:cf:e9:f8:
ae:51:fd:9c:c3:09:a1:6a:17:d0:9a:60:c0:70:8e:5b:96:26:
db:02:f0:be:f3:ad:70:88:c6:85:d1:5f:5b:92:0d:21:54:4f:
03:b4:3b:28
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvOnjlPHIyEf/JPPXNWzHiTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NTQ5OTJiYTQ4OGE4NzJjODljYmRmNDJjYTRkZjg5NWU2
MDljNTMwHhcNMjMxMTE0MTYxNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGUzNjFkNzE5M2RjMjliYTgxNTcyYmJlNmNjOWYyYWVhMDVhYmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgNL3vE79MHtHb7fIaOju7IRouhc
oWIdyoDAqDqqNS9p3w4nsk0PtcjK2fZaxfrCcxFNGROS9rOKH1ezW3IANbXf+lIN
CZIUKQRiCZDSjQd/Xqtpfe7ArwJ/7xDt59UtSz+NmI7FZ2xmxRDs9CuGCcOza0I7
jMR8CwlD88568fjrMMNYna7mgq77+O+OWPQWUaAsnIAVh2AgcwaDTVTSNAktfIeI
r5k44VjRPUTkqhrVGZ/KF3d+uBJ94kERhxhAyX8QIqLvGFCxcqFt2KJjo/4q5ov/
tgTO7AXToKsDc14GK6jUoVTv9zLR36kNqNNzgNf84wB0bH9kDnb8cARH7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKTjYdcZPcKbqBVyu+bMnyrqBavzMB8GA1UdIwQY
MBaAFLdUmSukiKhyyJy99Cyk34leYJxTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDFTWks2U0lxSExJbkwzMExLVGZpVjVnbkZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi80YTgzOWUtYzg2YS00OWVlLTk4OWUt
N2M0MmM0OTRlZjhkLzEvcE9OaDF4azl3cHVvRlhLNzVzeWZLdW9GcV9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi80YTgzOWUtYzg2YS00OWVlLTk4OWUtN2M0MmM0OTRlZjhk
LzEvdDFTWks2U0lxSExJbkwzMExLVGZpVjVnbkZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuYIcAwQA
waN+MA0GCSqGSIb3DQEBCwUAA4IBAQBgkg2h6qDuAmySYo8yCtiAm2c5JoM7VN10
8YQpV5zs7St41dd8rran4nG++5KUdLewHkVPiynUE02zGMAor8rB2kQa+gh2VBJq
hqqxUoFoM20RgCndeuueL17SfYBTNtHguR0XkvBW7CL4pvV+xE7YUxd0R1iJfuhi
Vfz4+ThWIC7V/N78HRax8zNaq0xqSaydKepKNuENKfDOWop6ftLMBd40lx4NHXVe
d5Dalr2+B+X+Q4NXs6F/haJdYbygkXkVqvOqlfvxhZMslC/m/mKOiFSjuzbP6fiu
Uf2cwwmhahfQmmDAcI5blibbAvC+861wiMaF0V9bkg0hVE8DtDso
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:55:26 2025 by rpki-client