Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/460f8a-6c39-4622-b40a-bf9c79149462/1/IMYt28KGsc1J7qdCJ8FZoivbBms.roa
File: IMYt28KGsc1J7qdCJ8FZoivbBms.roa (raw, json)
Hash identifier: Lt2Qrrojs7l5TEl9OlYCV0+zE4iekqC1xALJxPDqCnQ=
Subject key identifier: 20:C6:2D:DB:C2:86:B1:CD:49:EE:A7:42:27:C1:59:A2:2B:DB:06:6B
Certificate issuer: /CN=0c053554c818674cd546b799dd44785a564c56cb
Certificate serial: 0194221F2FDCA54CBD495518ADB4674B576E
Authority key identifier: 0C:05:35:54:C8:18:67:4C:D5:46:B7:99:DD:44:78:5A:56:4C:56:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DAU1VMgYZ0zVRreZ3UR4WlZMVss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/460f8a-6c39-4622-b40a-bf9c79149462/1/IMYt28KGsc1J7qdCJ8FZoivbBms.roa
Signing time: Wed 01 Jan 2025 13:47:36 +0000
ROA not before: Wed 01 Jan 2025 13:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202496
IP address blocks: 185.19.200.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:2f:dc:a5:4c:bd:49:55:18:ad:b4:67:4b:57:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c053554c818674cd546b799dd44785a564c56cb
Validity
Not Before: Jan 1 13:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20c62ddbc286b1cd49eea74227c159a22bdb066b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:0d:24:22:d2:08:fd:50:25:b8:1d:c8:d0:4b:
eb:1e:eb:42:30:b3:24:f6:2a:55:f8:11:c4:fc:5d:
25:48:7d:bf:9b:1a:a3:a9:fa:9c:9a:2e:30:5d:09:
fb:10:1a:a4:21:97:ad:b1:4a:41:df:4b:ff:91:bb:
5a:9a:4d:c8:95:a9:8a:7a:77:94:12:2c:9c:80:7a:
b5:66:3a:d0:f6:8b:20:53:bc:c4:f6:09:06:cf:2a:
a0:13:15:d7:e7:4c:bf:14:90:ab:f5:ca:57:3c:c6:
dd:ff:24:a2:c6:21:d6:ba:b5:8d:93:4f:7a:6f:aa:
19:86:36:17:dd:be:b9:0d:8a:96:03:89:70:dc:70:
fa:fd:04:28:95:02:f3:5a:5d:dc:bf:86:fc:04:fc:
7e:83:29:1b:b8:9b:d0:60:e0:24:0b:08:64:3e:3f:
9a:38:24:a9:cb:ea:ea:46:57:3e:5b:0e:c9:83:7e:
f7:87:0b:4d:20:3e:55:d2:ad:8b:4b:79:30:ca:2d:
34:7e:2a:7c:fd:34:3b:e1:62:6b:ed:27:43:32:7d:
2a:ea:d9:58:e0:de:5b:cd:0f:f7:03:37:f4:08:18:
fe:bd:be:9a:de:41:f0:cf:45:4d:2b:da:a1:40:3a:
a7:67:56:15:ce:73:ce:d4:b3:f9:f7:19:90:5e:e6:
1a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:C6:2D:DB:C2:86:B1:CD:49:EE:A7:42:27:C1:59:A2:2B:DB:06:6B
X509v3 Authority Key Identifier:
keyid:0C:05:35:54:C8:18:67:4C:D5:46:B7:99:DD:44:78:5A:56:4C:56:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DAU1VMgYZ0zVRreZ3UR4WlZMVss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/460f8a-6c39-4622-b40a-bf9c79149462/1/IMYt28KGsc1J7qdCJ8FZoivbBms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/460f8a-6c39-4622-b40a-bf9c79149462/1/DAU1VMgYZ0zVRreZ3UR4WlZMVss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.19.200.0/24
Signature Algorithm: sha256WithRSAEncryption
87:67:a7:cf:99:6b:19:bd:da:13:27:cc:2a:a9:7d:96:90:33:
9a:b9:ec:f1:b8:76:bf:f7:0a:c2:7a:b8:19:8b:bd:e5:bc:95:
41:88:90:11:a8:42:1b:c7:c2:ca:1f:08:04:f4:24:a9:33:5c:
76:75:6e:ab:5b:9f:1e:18:89:3d:3b:47:b5:b8:8c:4f:d7:15:
fe:3d:0b:79:a7:28:20:a3:17:1d:c8:34:4a:7a:d3:d3:94:85:
2d:7c:fa:af:c0:77:5c:23:2f:c7:7d:b0:77:da:6c:23:f6:3f:
6c:6e:de:09:fe:c3:91:00:18:5b:6a:dc:1f:98:37:1b:f4:bc:
94:ab:8d:d1:a6:ed:57:bf:ab:64:bd:fd:f1:31:2c:4a:6e:fb:
cc:7e:ca:d7:b4:eb:58:1f:a7:44:65:54:2e:2b:7b:e3:3c:57:
e3:24:6c:65:15:dc:57:92:f9:41:51:ac:7e:c1:ca:42:8f:62:
39:64:9d:f9:3e:bd:24:95:7e:70:31:07:bb:a9:e5:91:17:f8:
f6:c6:61:4a:1f:84:1b:0b:23:b9:6d:74:76:1e:54:82:d7:f2:
88:1d:58:c3:78:07:fa:4c:94:67:6e:bb:23:5a:16:29:01:ca:
92:19:46:f4:ac:54:8e:ae:08:db:6a:57:75:cb:ee:f4:a4:7d:
1e:94:51:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiHy/cpUy9SVUYrbRnS1duMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMDUzNTU0YzgxODY3NGNkNTQ2Yjc5OWRkNDQ3ODVhNTY0
YzU2Y2IwHhcNMjUwMTAxMTM0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGM2MmRkYmMyODZiMWNkNDllZWE3NDIyN2MxNTlhMjJiZGIwNjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Q0kItII/VAluB3I0EvrHutCMLMk
9ipV+BHE/F0lSH2/mxqjqfqcmi4wXQn7EBqkIZetsUpB30v/kbtamk3IlamKeneU
EiycgHq1ZjrQ9osgU7zE9gkGzyqgExXX50y/FJCr9cpXPMbd/ySixiHWurWNk096
b6oZhjYX3b65DYqWA4lw3HD6/QQolQLzWl3cv4b8BPx+gykbuJvQYOAkCwhkPj+a
OCSpy+rqRlc+Ww7Jg373hwtNID5V0q2LS3kwyi00fip8/TQ74WJr7SdDMn0q6tlY
4N5bzQ/3Azf0CBj+vb6a3kHwz0VNK9qhQDqnZ1YVznPO1LP59xmQXuYaeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCDGLdvChrHNSe6nQifBWaIr2wZrMB8GA1UdIwQY
MBaAFAwFNVTIGGdM1Ua3md1EeFpWTFbLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREFVMVZNZ1laMHpWUnJlWjNVUjRXbFpNVnNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy80NjBmOGEtNmMzOS00NjIyLWI0MGEt
YmY5Yzc5MTQ5NDYyLzEvSU1ZdDI4S0dzYzFKN3FkQ0o4RlpvaXZiQm1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy80NjBmOGEtNmMzOS00NjIyLWI0MGEtYmY5Yzc5MTQ5NDYy
LzEvREFVMVZNZ1laMHpWUnJlWjNVUjRXbFpNVnNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRPIMA0G
CSqGSIb3DQEBCwUAA4IBAQCHZ6fPmWsZvdoTJ8wqqX2WkDOauezxuHa/9wrCergZ
i73lvJVBiJARqEIbx8LKHwgE9CSpM1x2dW6rW58eGIk9O0e1uIxP1xX+PQt5pygg
oxcdyDRKetPTlIUtfPqvwHdcIy/HfbB32mwj9j9sbt4J/sORABhbatwfmDcb9LyU
q43Rpu1Xv6tkvf3xMSxKbvvMfsrXtOtYH6dEZVQuK3vjPFfjJGxlFdxXkvlBUax+
wcpCj2I5ZJ35Pr0klX5wMQe7qeWRF/j2xmFKH4QbCyO5bXR2HlSC1/KIHVjDeAf6
TJRnbrsjWhYpAcqSGUb0rFSOrgjbald1y+70pH0elFF2
-----END CERTIFICATE-----
Generated at Wed Apr 9 22:24:32 2025 by rpki-client