Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/cWGszmobGgkTRu82roBLKR9vgkE.roa
File: cWGszmobGgkTRu82roBLKR9vgkE.roa (raw, json)
Hash identifier: bXFzT/7+8yagPIwyKl0fdIxc7uJ/wfFRRzbV8w0a7yI=
Subject key identifier: 71:61:AC:CE:6A:1B:1A:09:13:46:EF:36:AE:80:4B:29:1F:6F:82:41
Certificate issuer: /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial: 019421B256FEBE7CA9765B13D4D6DDAD0C42
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/cWGszmobGgkTRu82roBLKR9vgkE.roa
Signing time: Wed 01 Jan 2025 11:48:43 +0000
ROA not before: Wed 01 Jan 2025 11:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 185.126.156.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:56:fe:be:7c:a9:76:5b:13:d4:d6:dd:ad:0c:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Validity
Not Before: Jan 1 11:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7161acce6a1b1a091346ef36ae804b291f6f8241
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:60:c9:d1:c6:7d:83:82:7c:e0:d9:6b:65:26:
45:c9:63:0e:36:43:42:2d:79:a6:3d:f4:0a:d7:fd:
00:04:03:ed:99:79:55:8b:45:6f:ec:62:4f:56:db:
5a:0d:fb:7b:27:43:32:0e:e8:a0:54:9f:f8:a3:29:
df:bd:dc:81:92:d0:d3:f6:2f:3d:c7:34:d1:cb:d2:
97:1f:a3:11:7a:c3:e1:a0:b5:0d:f0:42:01:76:d6:
ae:dc:6b:66:d5:e9:ea:e3:81:8d:58:4a:56:6e:11:
ad:0b:17:42:1b:dd:35:52:09:81:07:a8:5c:8a:49:
49:9e:a7:6b:2e:11:bf:45:1e:7f:f0:27:9d:a8:73:
4e:08:a5:4d:c6:a9:da:89:13:37:09:48:e0:fb:8b:
05:36:9d:82:8a:b7:d9:fa:65:45:2d:63:5d:e1:df:
7d:a6:36:8f:1f:c7:8a:d6:66:ab:ff:10:ea:48:24:
ca:45:b0:9c:86:0d:bd:70:38:78:ac:f0:5e:d3:f5:
84:18:f9:f0:53:15:91:a9:e6:88:08:82:c4:c8:39:
ee:bf:b3:fc:d2:34:73:1b:d0:b0:54:6c:0d:cb:e1:
5b:7f:a3:94:7e:8d:0a:79:5b:80:b7:eb:8b:72:08:
c7:e0:cc:10:56:b7:9c:2c:73:d5:d2:a6:86:a4:6c:
d5:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:61:AC:CE:6A:1B:1A:09:13:46:EF:36:AE:80:4B:29:1F:6F:82:41
X509v3 Authority Key Identifier:
keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/cWGszmobGgkTRu82roBLKR9vgkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.156.0/23
Signature Algorithm: sha256WithRSAEncryption
49:ad:3e:62:a5:fc:dd:c6:6c:65:45:a6:62:bd:45:d0:d1:99:
03:5f:52:07:99:a0:0a:1c:30:ef:53:a1:d6:74:00:14:b5:aa:
c1:b8:8a:e9:0d:83:5b:ea:c2:bc:a3:39:ab:87:ef:c0:c4:51:
44:fc:e8:35:10:54:1d:85:b4:a9:5e:8a:0d:8a:c5:65:c9:a0:
0b:a4:b6:4b:64:f7:43:b9:92:e3:20:60:78:a0:37:ed:50:1a:
0b:55:03:19:9f:7e:4c:a4:a2:b3:06:d6:84:97:d9:72:9b:32:
7f:10:2c:d9:aa:6b:c5:1e:ec:23:b6:7d:32:77:36:ed:e5:ac:
b0:8b:31:93:73:f0:25:c9:85:9f:a8:6c:2f:87:11:39:6e:10:
c5:ab:c3:cb:f9:3a:60:b4:fa:41:f9:d2:d1:71:9d:6e:7f:61:
9c:36:a4:49:94:8b:64:db:d7:cb:08:ce:4e:01:3a:9f:4f:a0:
5b:ff:4d:bf:c2:00:ea:2c:cc:90:b8:cf:1e:c8:76:8f:08:7f:
0e:ec:10:52:ff:34:9a:56:8f:ba:13:21:7d:53:b7:9f:40:b7:
d9:fe:33:ff:60:16:af:04:c4:de:8a:2f:a9:3e:12:9a:94:39:
e5:da:aa:f7:78:23:90:90:f8:cb:79:6b:eb:39:ad:9f:fa:01:
40:62:95:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhslb+vnypdlsT1NbdrQxCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjUwMTAxMTE0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTYxYWNjZTZhMWIxYTA5MTM0NmVmMzZhZTgwNGIyOTFmNmY4MjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWDJ0cZ9g4J84NlrZSZFyWMONkNC
LXmmPfQK1/0ABAPtmXlVi0Vv7GJPVttaDft7J0MyDuigVJ/4oynfvdyBktDT9i89
xzTRy9KXH6MResPhoLUN8EIBdtau3Gtm1enq44GNWEpWbhGtCxdCG901UgmBB6hc
iklJnqdrLhG/RR5/8CedqHNOCKVNxqnaiRM3CUjg+4sFNp2CirfZ+mVFLWNd4d99
pjaPH8eK1mar/xDqSCTKRbCchg29cDh4rPBe0/WEGPnwUxWRqeaICILEyDnuv7P8
0jRzG9CwVGwNy+Fbf6OUfo0KeVuAt+uLcgjH4MwQVrecLHPV0qaGpGzVRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHFhrM5qGxoJE0bvNq6ASykfb4JBMB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEvY1dHc3ptb2JHZ2tUUnU4MnJvQkxLUjl2Z2tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuX6cMA0G
CSqGSIb3DQEBCwUAA4IBAQBJrT5ipfzdxmxlRaZivUXQ0ZkDX1IHmaAKHDDvU6HW
dAAUtarBuIrpDYNb6sK8ozmrh+/AxFFE/Og1EFQdhbSpXooNisVlyaALpLZLZPdD
uZLjIGB4oDftUBoLVQMZn35MpKKzBtaEl9lymzJ/ECzZqmvFHuwjtn0ydzbt5ayw
izGTc/AlyYWfqGwvhxE5bhDFq8PL+TpgtPpB+dLRcZ1uf2GcNqRJlItk29fLCM5O
ATqfT6Bb/02/wgDqLMyQuM8eyHaPCH8O7BBS/zSaVo+6EyF9U7efQLfZ/jP/YBav
BMTeii+pPhKalDnl2qr3eCOQkPjLeWvrOa2f+gFAYpWD
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:52:44 2025 by rpki-client