Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/G8CSmYfNYEUpgaZJMXjNKwLCldA.roa
File: G8CSmYfNYEUpgaZJMXjNKwLCldA.roa (raw, json)
Hash identifier: Yuu5hUuvifstfVCRuLWU+r4+/uWTbuYyABHOqGGSlMg=
Subject key identifier: 1B:C0:92:99:87:CD:60:45:29:81:A6:49:31:78:CD:2B:02:C2:95:D0
Certificate issuer: /CN=23259da3b1b38ca0939f490fb9043fcd89cfd062
Certificate serial: 019427B572DDB59C255D62D20C16EC055A95
Authority key identifier: 23:25:9D:A3:B1:B3:8C:A0:93:9F:49:0F:B9:04:3F:CD:89:CF:D0:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/G8CSmYfNYEUpgaZJMXjNKwLCldA.roa
Signing time: Thu 02 Jan 2025 15:49:50 +0000
ROA not before: Thu 02 Jan 2025 15:49:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201654
IP address blocks: 185.67.188.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:72:dd:b5:9c:25:5d:62:d2:0c:16:ec:05:5a:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23259da3b1b38ca0939f490fb9043fcd89cfd062
Validity
Not Before: Jan 2 15:49:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1bc0929987cd60452981a6493178cd2b02c295d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:72:ba:da:51:5d:55:fa:95:40:0b:b3:4e:9d:
21:03:01:82:e6:98:dd:46:88:76:f9:71:93:35:a5:
83:22:ab:53:ea:df:92:75:f1:68:8b:d6:ef:d6:0e:
0e:d1:ef:91:b4:67:f7:76:1a:40:f6:01:18:6c:a8:
5f:e8:2a:b4:74:84:36:c7:f6:50:84:e1:b8:cc:9a:
dc:10:f6:ff:2e:3d:0f:d7:7e:c1:6e:2f:d2:ee:3b:
b9:31:8d:8b:a1:e5:67:52:4f:92:91:f3:df:14:95:
6e:7e:68:bd:ce:74:d5:32:0b:6a:40:2d:4b:18:b2:
29:3a:41:a2:c4:20:80:eb:35:0d:b3:72:d5:e8:46:
aa:d2:50:a5:a1:a5:8c:a0:a1:a8:53:28:09:ca:c4:
d6:fd:c3:84:f3:4b:80:96:1b:a6:6f:d5:7f:4d:ec:
b4:0b:16:f0:fe:02:51:8e:68:e1:93:5e:81:fe:3b:
f3:2b:30:52:2a:e3:af:4b:69:eb:3f:ae:a2:62:02:
d5:e9:0c:35:8d:d4:f0:f7:8a:d0:5e:c2:09:aa:c6:
bf:a4:d3:52:69:78:76:87:c1:30:c7:9e:d9:33:6f:
34:12:1a:a1:85:63:51:07:6c:5a:0c:3a:e9:6d:8f:
b0:cc:2e:25:74:7b:71:ec:e9:20:a7:d0:ee:c4:c8:
53:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:C0:92:99:87:CD:60:45:29:81:A6:49:31:78:CD:2B:02:C2:95:D0
X509v3 Authority Key Identifier:
keyid:23:25:9D:A3:B1:B3:8C:A0:93:9F:49:0F:B9:04:3F:CD:89:CF:D0:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/G8CSmYfNYEUpgaZJMXjNKwLCldA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.188.0/22
Signature Algorithm: sha256WithRSAEncryption
81:b7:22:3f:7b:82:04:e0:84:61:d6:ee:92:37:5f:41:45:5a:
42:28:91:28:a8:83:ef:c3:3a:00:ec:ec:db:d9:88:56:23:df:
c0:c7:17:7d:95:fc:f4:31:35:23:d2:8c:b6:1c:c2:bf:0d:e2:
8a:8e:10:36:c3:61:39:41:28:bf:87:00:55:f7:dd:20:69:d0:
cf:d6:40:94:94:1a:eb:66:c7:15:a4:4a:28:b4:13:7d:8f:24:
d9:51:71:a1:6c:a4:b1:c3:ec:5b:24:38:0a:37:b5:c4:44:33:
5f:0f:bf:18:3f:bb:6d:88:63:8e:f6:30:01:f5:1e:7b:15:ee:
38:37:3d:6a:92:38:55:e7:f1:02:9a:20:b0:9f:77:df:ac:6e:
8b:dd:74:7d:20:16:e2:c0:0f:cc:ea:37:e0:48:22:7c:2c:bf:
90:f4:bd:3d:b6:da:30:d6:20:25:2b:e1:11:fc:82:f0:b8:2e:
81:fe:db:c5:12:17:de:87:40:28:9c:dd:f4:76:1d:f3:02:3f:
cf:57:80:44:53:ca:f6:ee:00:3f:69:ea:f5:66:69:3d:ea:00:
9b:0a:36:a2:2b:38:78:81:36:b1:f2:18:3d:d2:1d:1d:9a:ba:
8e:89:c0:28:69:2e:bf:20:82:2d:8a:65:0c:1e:83:0d:0d:82:
2a:d4:27:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntXLdtZwlXWLSDBbsBVqVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMjU5ZGEzYjFiMzhjYTA5MzlmNDkwZmI5MDQzZmNkODlj
ZmQwNjIwHhcNMjUwMTAyMTU0OTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmMwOTI5OTg3Y2Q2MDQ1Mjk4MWE2NDkzMTc4Y2QyYjAyYzI5NWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13K62lFdVfqVQAuzTp0hAwGC5pjd
Roh2+XGTNaWDIqtT6t+SdfFoi9bv1g4O0e+RtGf3dhpA9gEYbKhf6Cq0dIQ2x/ZQ
hOG4zJrcEPb/Lj0P137Bbi/S7ju5MY2LoeVnUk+SkfPfFJVufmi9znTVMgtqQC1L
GLIpOkGixCCA6zUNs3LV6Eaq0lCloaWMoKGoUygJysTW/cOE80uAlhumb9V/Tey0
Cxbw/gJRjmjhk16B/jvzKzBSKuOvS2nrP66iYgLV6Qw1jdTw94rQXsIJqsa/pNNS
aXh2h8Ewx57ZM280EhqhhWNRB2xaDDrpbY+wzC4ldHtx7Okgp9DuxMhTVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBvAkpmHzWBFKYGmSTF4zSsCwpXQMB8GA1UdIwQY
MBaAFCMlnaOxs4ygk59JD7kEP82Jz9BiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXlXZG83R3pqS0NUbjBrUHVRUV96WW5QMEdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy85MWE1ZmQtZTU2Yy00ZDg3LWJkNzUt
NjU0ZGQ2NDQyY2U0LzEvRzhDU21ZZk5ZRVVwZ2FaSk1Yak5Ld0xDbGRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy85MWE1ZmQtZTU2Yy00ZDg3LWJkNzUtNjU0ZGQ2NDQyY2U0
LzEvSXlXZG83R3pqS0NUbjBrUHVRUV96WW5QMEdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUO8MA0G
CSqGSIb3DQEBCwUAA4IBAQCBtyI/e4IE4IRh1u6SN19BRVpCKJEoqIPvwzoA7Ozb
2YhWI9/Axxd9lfz0MTUj0oy2HMK/DeKKjhA2w2E5QSi/hwBV990gadDP1kCUlBrr
ZscVpEootBN9jyTZUXGhbKSxw+xbJDgKN7XERDNfD78YP7ttiGOO9jAB9R57Fe44
Nz1qkjhV5/ECmiCwn3ffrG6L3XR9IBbiwA/M6jfgSCJ8LL+Q9L09ttow1iAlK+ER
/ILwuC6B/tvFEhfeh0AonN30dh3zAj/PV4BEU8r27gA/aer1Zmk96gCbCjaiKzh4
gTax8hg90h0dmrqOicAoaS6/IIItimUMHoMNDYIq1CdC
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:16:52 2025 by rpki-client