Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/005c5d-a0f7-46d0-818c-9b2371770df5/1/VuFkwCa7FMLei1zg85W2eyVPXss.roa
File: VuFkwCa7FMLei1zg85W2eyVPXss.roa (raw, json)
Hash identifier: kWWG9y1qAOHRkh+lgduzsCeVCuT+/fIIhkH8J/AWmT0=
Subject key identifier: 56:E1:64:C0:26:BB:14:C2:DE:8B:5C:E0:F3:95:B6:7B:25:4F:5E:CB
Certificate issuer: /CN=09fb3bc0f4626e188cc5836dcf9f4921dda1921e
Certificate serial: 018CC8013B5C2DC8FCBD002E311FDE005189
Authority key identifier: 09:FB:3B:C0:F4:62:6E:18:8C:C5:83:6D:CF:9F:49:21:DD:A1:92:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cfs7wPRibhiMxYNtz59JId2hkh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/005c5d-a0f7-46d0-818c-9b2371770df5/1/VuFkwCa7FMLei1zg85W2eyVPXss.roa
Signing time: Tue 02 Jan 2024 02:29:33 +0000
ROA not before: Tue 02 Jan 2024 02:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201654
IP address blocks: 185.67.188.0/22 maxlen: 32
185.151.168.0/22 maxlen: 32
2a05:1200::/30 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:3b:5c:2d:c8:fc:bd:00:2e:31:1f:de:00:51:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09fb3bc0f4626e188cc5836dcf9f4921dda1921e
Validity
Not Before: Jan 2 02:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=56e164c026bb14c2de8b5ce0f395b67b254f5ecb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c8:20:14:1f:9d:ac:b1:33:bc:ff:d1:2a:e4:
03:74:98:c1:da:aa:3a:55:58:6b:67:21:64:91:8f:
ef:3a:dd:14:cc:4b:1a:42:a1:86:ba:0e:7f:23:9e:
31:14:ca:4c:0c:57:79:3e:8c:72:2d:a6:34:7f:75:
15:8f:41:71:ef:32:05:bb:4d:aa:ff:fc:8e:37:06:
2e:23:74:ae:6a:73:96:f1:fa:0c:a2:8c:75:ca:95:
72:2e:07:c9:d1:cc:4c:3e:60:d6:79:9a:fd:18:53:
73:72:1b:f0:a3:0a:bb:63:fc:6c:66:fd:4b:c5:8f:
14:23:e0:d0:e1:d7:72:8e:de:28:f8:6a:46:12:72:
11:c9:66:a8:ff:4c:32:a8:b9:3a:4b:e5:49:73:63:
60:00:d6:1e:0e:7b:d5:21:32:1c:86:1e:d7:59:54:
80:e2:a9:52:94:e8:e5:c5:d8:e3:4a:dc:8f:26:1d:
21:3a:80:b4:69:1f:d7:f5:00:81:c2:5d:e7:fc:01:
bd:e7:42:88:de:1a:16:4c:1f:e1:c0:a6:a6:c5:c7:
2a:df:fd:2a:36:a3:22:96:9c:5f:ba:0a:76:78:81:
91:aa:77:9c:34:5c:58:9e:9d:cd:24:c2:2f:73:bf:
f3:c7:07:fd:7e:a5:bb:a2:78:34:aa:fa:16:ac:a7:
f2:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:E1:64:C0:26:BB:14:C2:DE:8B:5C:E0:F3:95:B6:7B:25:4F:5E:CB
X509v3 Authority Key Identifier:
keyid:09:FB:3B:C0:F4:62:6E:18:8C:C5:83:6D:CF:9F:49:21:DD:A1:92:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cfs7wPRibhiMxYNtz59JId2hkh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/005c5d-a0f7-46d0-818c-9b2371770df5/1/VuFkwCa7FMLei1zg85W2eyVPXss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/005c5d-a0f7-46d0-818c-9b2371770df5/1/Cfs7wPRibhiMxYNtz59JId2hkh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.188.0/22
185.151.168.0/22
IPv6:
2a05:1200::/30
Signature Algorithm: sha256WithRSAEncryption
7a:17:14:75:4c:17:28:a1:6e:4e:b4:5b:5f:3d:ea:2a:47:10:
27:db:e5:8c:01:d6:8f:6e:93:7b:64:fe:a6:7b:49:5b:55:ab:
60:27:29:50:ed:a5:47:b7:62:9d:42:c5:55:0a:10:b3:5d:69:
85:31:c7:89:90:76:97:75:1e:5c:a9:08:79:8a:6b:12:cd:f6:
4c:d3:c4:48:8f:1a:7a:18:3f:bd:12:0b:93:07:2c:6f:21:e0:
9f:9b:18:94:eb:c2:5b:6e:dc:84:67:fd:8f:08:7c:5d:86:a7:
45:65:7e:79:e9:af:ae:38:42:8b:92:21:ef:61:dd:cb:e8:0d:
4f:56:ce:de:d7:dc:40:56:04:dd:5e:dc:9d:21:74:a1:d8:dc:
2b:d3:bd:9c:4d:05:2a:ce:fd:9f:44:18:8d:5b:5a:05:de:34:
26:fb:bf:9a:c7:d8:2a:85:83:1a:fe:7f:43:8a:02:21:a6:08:
98:4e:69:c8:32:47:27:11:21:6b:7d:a1:92:a3:a9:99:52:98:
c9:0c:9d:99:28:51:91:89:12:d9:69:d6:63:79:4a:ea:84:32:
a0:b8:bf:0d:0f:27:d8:16:b0:6e:59:c9:56:e2:c2:ee:7e:0f:
7b:bf:99:f9:f2:49:cf:87:57:67:da:6d:df:e6:6d:84:c0:19:
45:45:a3:36
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIATtcLcj8vQAuMR/eAFGJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZmIzYmMwZjQ2MjZlMTg4Y2M1ODM2ZGNmOWY0OTIxZGRh
MTkyMWUwHhcNMjQwMTAyMDIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmUxNjRjMDI2YmIxNGMyZGU4YjVjZTBmMzk1YjY3YjI1NGY1ZWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocggFB+drLEzvP/RKuQDdJjB2qo6
VVhrZyFkkY/vOt0UzEsaQqGGug5/I54xFMpMDFd5PoxyLaY0f3UVj0Fx7zIFu02q
//yONwYuI3SuanOW8foMoox1ypVyLgfJ0cxMPmDWeZr9GFNzchvwowq7Y/xsZv1L
xY8UI+DQ4ddyjt4o+GpGEnIRyWao/0wyqLk6S+VJc2NgANYeDnvVITIchh7XWVSA
4qlSlOjlxdjjStyPJh0hOoC0aR/X9QCBwl3n/AG950KI3hoWTB/hwKamxccq3/0q
NqMilpxfugp2eIGRqnecNFxYnp3NJMIvc7/zxwf9fqW7ong0qvoWrKfy6QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFbhZMAmuxTC3otc4POVtnslT17LMB8GA1UdIwQY
MBaAFAn7O8D0Ym4YjMWDbc+fSSHdoZIeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2ZzN3dQUmliaGlNeFlOdHo1OUpJZDJoa2g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wMDVjNWQtYTBmNy00NmQwLTgxOGMt
OWIyMzcxNzcwZGY1LzEvVnVGa3dDYTdGTUxlaTF6Zzg1VzJleVZQWHNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8wMDVjNWQtYTBmNy00NmQwLTgxOGMtOWIyMzcxNzcwZGY1
LzEvQ2ZzN3dQUmliaGlNeFlOdHo1OUpJZDJoa2g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuUO8AwQC
uZeoMA0EAgACMAcDBQIqBRIAMA0GCSqGSIb3DQEBCwUAA4IBAQB6FxR1TBcooW5O
tFtfPeoqRxAn2+WMAdaPbpN7ZP6me0lbVatgJylQ7aVHt2KdQsVVChCzXWmFMceJ
kHaXdR5cqQh5imsSzfZM08RIjxp6GD+9EguTByxvIeCfmxiU68JbbtyEZ/2PCHxd
hqdFZX556a+uOEKLkiHvYd3L6A1PVs7e19xAVgTdXtydIXSh2Nwr072cTQUqzv2f
RBiNW1oF3jQm+7+ax9gqhYMa/n9DigIhpgiYTmnIMkcnESFrfaGSo6mZUpjJDJ2Z
KFGRiRLZadZjeUrqhDKguL8NDyfYFrBuWclW4sLufg97v5n58knPh1dn2m3f5m2E
wBlFRaM2
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:45 2025 by rpki-client