Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/606ea9-4834-4b63-9e0a-f25604c4be82/1/H91ljrtEOQ88LobyOBXsYKfsM_I.roa
File: H91ljrtEOQ88LobyOBXsYKfsM_I.roa (raw, json)
Hash identifier: OrACEmPH7XE22MmlMeWAN/5nVKUIlnVGt10JM2JOUl8=
Subject key identifier: 1F:DD:65:8E:BB:44:39:0F:3C:2E:86:F2:38:15:EC:60:A7:EC:33:F2
Certificate issuer: /CN=dbd7fc50548287deaea7ce92099e47a04a70d451
Certificate serial: 019425218F98F35A9AC52D0DFFDA2989B05C
Authority key identifier: DB:D7:FC:50:54:82:87:DE:AE:A7:CE:92:09:9E:47:A0:4A:70:D4:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/29f8UFSCh96up86SCZ5HoEpw1FE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/606ea9-4834-4b63-9e0a-f25604c4be82/1/H91ljrtEOQ88LobyOBXsYKfsM_I.roa
Signing time: Thu 02 Jan 2025 03:49:03 +0000
ROA not before: Thu 02 Jan 2025 03:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 185.73.224.0/24 maxlen: 24
2a10:f80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:8f:98:f3:5a:9a:c5:2d:0d:ff:da:29:89:b0:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbd7fc50548287deaea7ce92099e47a04a70d451
Validity
Not Before: Jan 2 03:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1fdd658ebb44390f3c2e86f23815ec60a7ec33f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3f:b6:cc:d1:0d:86:52:ed:ae:11:45:2f:d3:
4a:43:ba:79:3a:7c:db:b3:b6:d7:9d:2e:9a:1f:da:
e4:8e:09:9d:33:dd:80:fc:de:f6:6b:5e:ef:d5:a7:
56:b1:b7:e6:df:5a:89:7c:f0:84:47:92:cc:8b:f2:
d7:26:f9:e5:12:1d:7c:aa:80:99:aa:ae:93:3c:14:
dc:fa:0e:72:72:01:3b:4f:9c:a8:ad:28:60:4b:51:
92:c7:0e:a7:a6:01:6c:a6:04:91:03:c9:91:6a:2d:
4b:88:4b:56:00:88:ea:98:5f:3e:62:54:19:71:b1:
4c:d0:2b:3c:f0:d4:51:2e:a6:c7:77:b0:ac:8a:f8:
b2:4a:23:26:c9:74:1d:c5:55:b8:a5:73:83:d7:61:
41:46:b8:56:cf:59:03:f5:5a:74:2c:91:3d:ec:86:
fd:ad:5e:e5:9b:16:2e:7e:fc:86:48:64:ac:62:d4:
f9:85:cc:65:f4:01:3f:70:52:4a:31:3b:1c:5c:24:
84:5f:c7:df:a3:16:f5:8a:cc:b7:e4:12:71:2f:14:
d7:5c:6d:80:62:d6:fb:ae:ed:5e:75:42:93:f9:d8:
a3:2d:cc:a6:d6:9c:16:5b:ca:c2:cd:38:db:e0:fe:
59:a1:74:ba:bf:10:b8:96:bc:0d:bb:4d:a8:89:e4:
23:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:DD:65:8E:BB:44:39:0F:3C:2E:86:F2:38:15:EC:60:A7:EC:33:F2
X509v3 Authority Key Identifier:
keyid:DB:D7:FC:50:54:82:87:DE:AE:A7:CE:92:09:9E:47:A0:4A:70:D4:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29f8UFSCh96up86SCZ5HoEpw1FE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/606ea9-4834-4b63-9e0a-f25604c4be82/1/H91ljrtEOQ88LobyOBXsYKfsM_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/606ea9-4834-4b63-9e0a-f25604c4be82/1/29f8UFSCh96up86SCZ5HoEpw1FE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.224.0/24
IPv6:
2a10:f80::/32
Signature Algorithm: sha256WithRSAEncryption
2d:32:3e:b6:22:0d:20:6e:47:24:b7:03:e0:a2:ed:34:55:c6:
58:c5:02:46:28:fd:de:78:81:71:52:f2:3c:b6:bb:f3:23:90:
a8:7e:9f:bb:ce:99:04:a4:d9:b1:3d:a8:ea:80:83:05:ee:a4:
d0:08:34:9e:a6:9b:cc:c2:a4:1d:b0:94:f4:34:71:04:10:64:
84:bd:10:15:0e:4c:9c:db:a0:55:4a:8b:29:15:8f:a2:16:71:
4e:1d:4d:26:07:dd:70:5e:e9:1c:85:33:9c:d9:56:13:eb:c9:
a7:51:88:95:59:78:7c:52:7b:1d:88:ca:1a:dd:c5:b9:ba:74:
b6:11:76:d6:6a:96:31:48:59:1e:93:11:f7:a1:0c:4b:5a:48:
fc:33:8b:6e:45:3e:fd:7a:07:ad:05:37:02:65:e3:9a:6b:e8:
2b:e9:03:ca:1b:69:14:62:7e:7a:89:a2:ce:2b:1d:f9:07:3d:
3e:a8:67:05:da:22:30:1e:56:d2:3c:c0:1c:4e:6f:cf:3d:c9:
91:46:1d:72:63:13:ce:8e:b9:a5:fd:ca:5d:2a:b5:97:a5:49:
c1:de:1a:73:6e:97:9d:72:39:2a:c8:9a:a8:78:5e:af:fc:10:
b0:5f:a4:f3:ba:ef:4e:cb:bb:f6:26:19:48:20:07:b2:07:00:
19:5b:88:70
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlIY+Y81qaxS0N/9opibBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDdmYzUwNTQ4Mjg3ZGVhZWE3Y2U5MjA5OWU0N2EwNGE3
MGQ0NTEwHhcNMjUwMTAyMDM0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmRkNjU4ZWJiNDQzOTBmM2MyZTg2ZjIzODE1ZWM2MGE3ZWMzM2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuj+2zNENhlLtrhFFL9NKQ7p5Onzb
s7bXnS6aH9rkjgmdM92A/N72a17v1adWsbfm31qJfPCER5LMi/LXJvnlEh18qoCZ
qq6TPBTc+g5ycgE7T5yorShgS1GSxw6npgFspgSRA8mRai1LiEtWAIjqmF8+YlQZ
cbFM0Cs88NRRLqbHd7CsiviySiMmyXQdxVW4pXOD12FBRrhWz1kD9Vp0LJE97Ib9
rV7lmxYufvyGSGSsYtT5hcxl9AE/cFJKMTscXCSEX8ffoxb1isy35BJxLxTXXG2A
Ytb7ru1edUKT+dijLcym1pwWW8rCzTjb4P5ZoXS6vxC4lrwNu02oieQjXQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB/dZY67RDkPPC6G8jgV7GCn7DPyMB8GA1UdIwQY
MBaAFNvX/FBUgoferqfOkgmeR6BKcNRRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlmOFVGU0NoOTZ1cDg2U0NaNUhvRXB3MUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS82MDZlYTktNDgzNC00YjYzLTllMGEt
ZjI1NjA0YzRiZTgyLzEvSDkxbGpydEVPUTg4TG9ieU9CWHNZS2ZzTV9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS82MDZlYTktNDgzNC00YjYzLTllMGEtZjI1NjA0YzRiZTgy
LzEvMjlmOFVGU0NoOTZ1cDg2U0NaNUhvRXB3MUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuUngMA0E
AgACMAcDBQAqEA+AMA0GCSqGSIb3DQEBCwUAA4IBAQAtMj62Ig0gbkcktwPgou00
VcZYxQJGKP3eeIFxUvI8trvzI5Cofp+7zpkEpNmxPajqgIMF7qTQCDSeppvMwqQd
sJT0NHEEEGSEvRAVDkyc26BVSospFY+iFnFOHU0mB91wXukchTOc2VYT68mnUYiV
WXh8UnsdiMoa3cW5unS2EXbWapYxSFkekxH3oQxLWkj8M4tuRT79egetBTcCZeOa
a+gr6QPKG2kUYn56iaLOKx35Bz0+qGcF2iIwHlbSPMAcTm/PPcmRRh1yYxPOjrml
/cpdKrWXpUnB3hpzbpedcjkqyJqoeF6v/BCwX6Tzuu9Oy7v2JhlIIAeyBwAZW4hw
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:50 2025 by rpki-client