Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/943585-c124-4bac-888a-3e59cf1aec44/1/SO24tpPthK5q9lD3uGIUvacvXy8.roa
File: SO24tpPthK5q9lD3uGIUvacvXy8.roa (raw, json)
Hash identifier: f4Oze2yaIkjBwoznu8y8CDrlDvrVekswL+6EqtMBFOs=
Subject key identifier: 48:ED:B8:B6:93:ED:84:AE:6A:F6:50:F7:B8:62:14:BD:A7:2F:5F:2F
Certificate issuer: /CN=b67dd6f5bce98f7bc3169b1db9fa0e5b9cef2ebb
Certificate serial: 0184116FD534DB1A366CD62A6A0BBFB188F3
Authority key identifier: B6:7D:D6:F5:BC:E9:8F:7B:C3:16:9B:1D:B9:FA:0E:5B:9C:EF:2E:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tn3W9bzpj3vDFpsdufoOW5zvLrs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/943585-c124-4bac-888a-3e59cf1aec44/1/SO24tpPthK5q9lD3uGIUvacvXy8.roa
Signing time: Tue 25 Oct 2022 23:17:32 +0000
ROA not before: Tue 25 Oct 2022 23:17:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 185.251.23.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:11:6f:d5:34:db:1a:36:6c:d6:2a:6a:0b:bf:b1:88:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b67dd6f5bce98f7bc3169b1db9fa0e5b9cef2ebb
Validity
Not Before: Oct 25 23:17:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=48edb8b693ed84ae6af650f7b86214bda72f5f2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d0:a6:06:08:dd:7a:9d:30:4f:d5:4f:dd:80:
00:8b:7b:14:d4:a0:51:4e:30:7a:e6:6a:af:86:dc:
c9:06:92:25:5d:69:45:bd:9e:67:34:52:12:6a:0d:
fe:5a:93:94:f8:b3:3f:69:10:fd:c9:68:f4:b6:e6:
5c:f8:ea:84:b5:cd:4c:79:1c:49:b6:77:bd:2e:9e:
ed:80:65:78:06:18:bf:ff:61:f0:fa:de:d8:88:29:
ef:db:10:7a:02:ca:54:ad:26:87:9f:58:a2:dc:95:
4d:b1:ec:47:8a:bd:5c:ba:0b:6b:60:1e:09:18:8b:
4a:0a:79:f5:e2:ee:0e:b9:99:15:8b:19:02:37:b1:
d0:a4:b7:d7:bf:32:58:e4:39:56:5f:ce:15:0c:fa:
1e:2d:0a:ae:ac:13:24:ef:d7:d2:5d:11:15:d3:5e:
24:6d:76:42:bb:83:d5:94:b4:19:00:ed:17:45:55:
9b:f8:01:a1:66:34:8c:82:ce:98:ec:a8:fe:3c:70:
23:c2:75:75:9f:a2:bc:e8:52:dc:db:74:c8:7a:a5:
9e:1f:9b:e3:01:7c:d4:ee:9b:37:8f:70:3e:88:42:
9d:4f:b5:66:d4:ba:74:75:a5:30:0c:95:4b:f4:a6:
3c:d3:46:8f:50:fe:77:7e:33:b3:c3:22:cb:5a:6c:
04:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:ED:B8:B6:93:ED:84:AE:6A:F6:50:F7:B8:62:14:BD:A7:2F:5F:2F
X509v3 Authority Key Identifier:
keyid:B6:7D:D6:F5:BC:E9:8F:7B:C3:16:9B:1D:B9:FA:0E:5B:9C:EF:2E:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tn3W9bzpj3vDFpsdufoOW5zvLrs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/943585-c124-4bac-888a-3e59cf1aec44/1/SO24tpPthK5q9lD3uGIUvacvXy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/943585-c124-4bac-888a-3e59cf1aec44/1/tn3W9bzpj3vDFpsdufoOW5zvLrs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.251.23.0/24
Signature Algorithm: sha256WithRSAEncryption
76:d4:83:79:3c:fd:82:96:f2:ab:ad:92:ea:fb:b2:21:69:2d:
aa:10:db:b6:27:90:f3:ad:61:3c:d6:fe:bd:67:26:61:d8:6d:
1e:fe:f4:8b:64:27:2e:4a:1b:bb:e1:e4:fc:d0:f4:ee:6c:44:
06:1d:a1:dc:26:2f:f7:42:e4:b2:5c:9f:30:fd:68:fd:43:88:
22:6e:b9:eb:ff:cc:37:20:62:19:fe:2a:8c:b2:b7:5a:87:a5:
d3:76:f1:ae:fc:f2:16:2d:9a:e7:01:eb:cb:8c:df:fb:1c:bf:
3e:9d:f8:38:67:f7:e3:b0:45:cb:5e:19:18:ac:26:92:8d:77:
bc:73:ee:05:95:e9:6c:fc:90:dc:c8:30:60:d9:a1:40:48:7b:
a4:fa:af:dd:75:60:d9:d2:7e:31:43:32:74:7d:8f:ef:9f:22:
09:4f:ff:31:1a:34:18:53:a4:12:6d:81:c6:19:b4:98:ac:12:
42:d8:cd:e8:d3:c9:92:a9:fd:68:3b:c2:ad:f2:9a:94:28:bd:
f6:7b:da:6f:b2:4e:b5:d0:00:46:03:75:60:ca:34:77:27:19:
e6:82:23:75:fa:8a:1e:74:c2:6c:4d:a0:be:d6:d1:59:a0:46:
f3:32:d4:28:e4:ed:93:55:aa:45:cf:91:4a:c4:0e:8a:fc:b7:
72:8c:b9:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQRb9U02xo2bNYqagu/sYjzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2N2RkNmY1YmNlOThmN2JjMzE2OWIxZGI5ZmEwZTViOWNl
ZjJlYmIwHhcNMjIxMDI1MjMxNzMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGVkYjhiNjkzZWQ4NGFlNmFmNjUwZjdiODYyMTRiZGE3MmY1ZjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNCmBgjdep0wT9VP3YAAi3sU1KBR
TjB65mqvhtzJBpIlXWlFvZ5nNFISag3+WpOU+LM/aRD9yWj0tuZc+OqEtc1MeRxJ
tne9Lp7tgGV4Bhi//2Hw+t7YiCnv2xB6AspUrSaHn1ii3JVNsexHir1cugtrYB4J
GItKCnn14u4OuZkVixkCN7HQpLfXvzJY5DlWX84VDPoeLQqurBMk79fSXREV014k
bXZCu4PVlLQZAO0XRVWb+AGhZjSMgs6Y7Kj+PHAjwnV1n6K86FLc23TIeqWeH5vj
AXzU7ps3j3A+iEKdT7Vm1Lp0daUwDJVL9KY800aPUP53fjOzwyLLWmwEKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEjtuLaT7YSuavZQ97hiFL2nL18vMB8GA1UdIwQY
MBaAFLZ91vW86Y97wxabHbn6Dluc7y67MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG4zVzlienBqM3ZERnBzZHVmb09XNXp2THJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy85NDM1ODUtYzEyNC00YmFjLTg4OGEt
M2U1OWNmMWFlYzQ0LzEvU08yNHRwUHRoSzVxOWxEM3VHSVV2YWN2WHk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy85NDM1ODUtYzEyNC00YmFjLTg4OGEtM2U1OWNmMWFlYzQ0
LzEvdG4zVzlienBqM3ZERnBzZHVmb09XNXp2THJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufsXMA0G
CSqGSIb3DQEBCwUAA4IBAQB21IN5PP2ClvKrrZLq+7IhaS2qENu2J5DzrWE81v69
ZyZh2G0e/vSLZCcuShu74eT80PTubEQGHaHcJi/3QuSyXJ8w/Wj9Q4gibrnr/8w3
IGIZ/iqMsrdah6XTdvGu/PIWLZrnAevLjN/7HL8+nfg4Z/fjsEXLXhkYrCaSjXe8
c+4Flels/JDcyDBg2aFASHuk+q/ddWDZ0n4xQzJ0fY/vnyIJT/8xGjQYU6QSbYHG
GbSYrBJC2M3o08mSqf1oO8Kt8pqUKL32e9pvsk610ABGA3VgyjR3JxnmgiN1+ooe
dMJsTaC+1tFZoEbzMtQo5O2TVapFz5FKxA6K/LdyjLmj
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:24:12 2025 by rpki-client