Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/c4f144-6e68-46b8-858d-53a672d14b7a/1/oYfn-XKrvi8qPxxQpXw6G0ZQv_I.roa
File: oYfn-XKrvi8qPxxQpXw6G0ZQv_I.roa (raw, json)
Hash identifier: XlHaPnUqiYpT0LQiKW0OJf8RSsswldbENWW7FfjNUtc=
Subject key identifier: A1:87:E7:F9:72:AB:BE:2F:2A:3F:1C:50:A5:7C:3A:1B:46:50:BF:F2
Certificate issuer: /CN=d18c2030a5971c4a54096a8edbb21211e54216a7
Certificate serial: 019425218F7A74A88E5947C07434F983C072
Authority key identifier: D1:8C:20:30:A5:97:1C:4A:54:09:6A:8E:DB:B2:12:11:E5:42:16:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0YwgMKWXHEpUCWqO27ISEeVCFqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/c4f144-6e68-46b8-858d-53a672d14b7a/1/oYfn-XKrvi8qPxxQpXw6G0ZQv_I.roa
Signing time: Thu 02 Jan 2025 03:49:03 +0000
ROA not before: Thu 02 Jan 2025 03:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35758
IP address blocks: 185.191.204.0/24 maxlen: 24
185.191.205.0/24 maxlen: 24
185.191.206.0/24 maxlen: 24
185.191.207.0/24 maxlen: 24
2a0a:1dc0::/30 maxlen: 30
2a0a:1dc4::/30 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:8f:7a:74:a8:8e:59:47:c0:74:34:f9:83:c0:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d18c2030a5971c4a54096a8edbb21211e54216a7
Validity
Not Before: Jan 2 03:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a187e7f972abbe2f2a3f1c50a57c3a1b4650bff2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:67:81:1b:69:e9:48:b1:3a:60:58:80:15:b6:
45:ab:3b:fa:f3:5b:5e:61:48:8a:51:a3:4b:a9:1b:
ad:33:7e:5c:55:27:19:48:32:01:50:20:ed:df:e3:
e3:7d:e2:13:2a:a5:0b:87:54:fb:e0:4e:ae:8d:44:
a8:80:fa:07:57:5c:b9:8a:b7:cc:f9:08:47:b2:f3:
0a:93:4e:e9:ba:39:3a:7b:61:4d:e8:e5:6e:ba:96:
5a:7a:41:60:99:eb:8c:63:77:9f:31:12:7a:da:71:
89:94:c5:9e:2e:bd:35:5a:16:9f:3c:f9:db:9c:96:
83:5a:3a:20:7b:9e:31:38:31:e7:25:0c:87:2f:54:
d2:74:22:16:aa:86:13:ec:3e:9d:c3:8f:da:f1:75:
eb:34:bb:b6:25:7b:67:0e:e1:d0:c9:f1:0a:34:b9:
b8:e7:51:59:14:29:06:c0:9e:68:99:a4:89:1a:bb:
5e:61:e6:70:0f:06:e3:55:aa:6b:db:ea:bf:d2:68:
5a:2c:4f:93:f8:1b:30:71:3c:67:c5:a2:06:9e:60:
69:de:57:ee:c6:fd:56:0a:11:fe:36:2e:a9:5c:d5:
5c:1f:8b:d3:cd:42:52:8b:30:e0:00:89:87:d7:30:
3b:27:ea:1d:58:d4:04:10:2f:89:5d:dd:50:d9:41:
f8:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:87:E7:F9:72:AB:BE:2F:2A:3F:1C:50:A5:7C:3A:1B:46:50:BF:F2
X509v3 Authority Key Identifier:
keyid:D1:8C:20:30:A5:97:1C:4A:54:09:6A:8E:DB:B2:12:11:E5:42:16:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0YwgMKWXHEpUCWqO27ISEeVCFqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c4f144-6e68-46b8-858d-53a672d14b7a/1/oYfn-XKrvi8qPxxQpXw6G0ZQv_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c4f144-6e68-46b8-858d-53a672d14b7a/1/0YwgMKWXHEpUCWqO27ISEeVCFqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.204.0/22
IPv6:
2a0a:1dc0::/29
Signature Algorithm: sha256WithRSAEncryption
5c:1f:cc:58:27:11:c1:c7:e6:d1:fb:8b:56:1d:6a:8b:ed:1f:
7c:2c:16:1a:1b:cd:37:62:1f:0c:cc:70:ce:61:e4:17:f1:e9:
d2:54:95:79:d8:b4:ae:fd:d8:09:57:2a:fe:2f:ec:6a:79:39:
fc:e3:88:e5:5b:55:67:95:d8:94:77:88:29:0f:9f:e0:8a:c7:
54:5f:3a:70:6a:06:82:f6:1a:01:52:86:1b:87:39:16:be:52:
ba:37:bf:aa:f4:2c:dd:8a:a5:19:9b:19:20:58:89:75:07:0e:
be:ba:29:bc:93:be:a9:b1:f5:a5:ab:9c:d7:a8:2e:33:31:1a:
aa:54:d6:40:3d:4b:f3:cb:82:d8:87:c0:91:ce:9e:f5:50:93:
83:c5:43:64:fc:16:21:57:b8:77:bf:4a:4b:f4:92:96:42:8d:
c0:d6:5b:2c:a8:60:92:83:2b:94:1d:de:8a:d1:4f:c3:ee:4c:
cf:cb:a3:d6:22:61:09:79:34:55:74:4f:49:77:b9:dd:81:d4:
4f:15:ac:fd:f6:09:d0:5e:95:63:c3:ae:10:f1:c4:01:15:5a:
e4:1f:5b:7a:06:81:5d:67:53:2a:08:05:4d:c5:7c:60:97:05:
19:be:dc:22:56:70:b6:0f:9f:f6:ce:d9:24:a5:01:c1:27:0d:
25:dc:37:ea
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlIY96dKiOWUfAdDT5g8ByMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxOGMyMDMwYTU5NzFjNGE1NDA5NmE4ZWRiYjIxMjExZTU0
MjE2YTcwHhcNMjUwMTAyMDM0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTg3ZTdmOTcyYWJiZTJmMmEzZjFjNTBhNTdjM2ExYjQ2NTBiZmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWeBG2npSLE6YFiAFbZFqzv681te
YUiKUaNLqRutM35cVScZSDIBUCDt3+PjfeITKqULh1T74E6ujUSogPoHV1y5irfM
+QhHsvMKk07pujk6e2FN6OVuupZaekFgmeuMY3efMRJ62nGJlMWeLr01WhafPPnb
nJaDWjoge54xODHnJQyHL1TSdCIWqoYT7D6dw4/a8XXrNLu2JXtnDuHQyfEKNLm4
51FZFCkGwJ5omaSJGrteYeZwDwbjVapr2+q/0mhaLE+T+BswcTxnxaIGnmBp3lfu
xv1WChH+Ni6pXNVcH4vTzUJSizDgAImH1zA7J+odWNQEEC+JXd1Q2UH4LQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKGH5/lyq74vKj8cUKV8OhtGUL/yMB8GA1UdIwQY
MBaAFNGMIDCllxxKVAlqjtuyEhHlQhanMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFl3Z01LV1hIRXBVQ1dxTzI3SVNFZVZDRnFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9jNGYxNDQtNmU2OC00NmI4LTg1OGQt
NTNhNjcyZDE0YjdhLzEvb1lmbi1YS3J2aThxUHh4UXBYdzZHMFpRdl9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9jNGYxNDQtNmU2OC00NmI4LTg1OGQtNTNhNjcyZDE0Yjdh
LzEvMFl3Z01LV1hIRXBVQ1dxTzI3SVNFZVZDRnFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCub/MMA0E
AgACMAcDBQMqCh3AMA0GCSqGSIb3DQEBCwUAA4IBAQBcH8xYJxHBx+bR+4tWHWqL
7R98LBYaG803Yh8MzHDOYeQX8enSVJV52LSu/dgJVyr+L+xqeTn844jlW1VnldiU
d4gpD5/gisdUXzpwagaC9hoBUoYbhzkWvlK6N7+q9CzdiqUZmxkgWIl1Bw6+uim8
k76psfWlq5zXqC4zMRqqVNZAPUvzy4LYh8CRzp71UJODxUNk/BYhV7h3v0pL9JKW
Qo3A1lssqGCSgyuUHd6K0U/D7kzPy6PWImEJeTRVdE9Jd7ndgdRPFaz99gnQXpVj
w64Q8cQBFVrkH1t6BoFdZ1MqCAVNxXxglwUZvtwiVnC2D5/2ztkkpQHBJw0l3Dfq
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:11:59 2025 by rpki-client