Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/b487ab-5e31-4117-ada8-a5d3cb918206/1/gPmJ919io92zLM0qUcMa5dmkecM.roa
File: gPmJ919io92zLM0qUcMa5dmkecM.roa (raw, json)
Hash identifier: m1AiD3SH7JRse/Y0z+yKore/EQyRkJUXQ2NtfWymxSY=
Subject key identifier: 80:F9:89:F7:5F:62:A3:DD:B3:2C:CD:2A:51:C3:1A:E5:D9:A4:79:C3
Certificate issuer: /CN=a2893a4b284acb5d8a4164289045492109511688
Certificate serial: 019423D7DB3221D19EA47B71D82A08A2A35A
Authority key identifier: A2:89:3A:4B:28:4A:CB:5D:8A:41:64:28:90:45:49:21:09:51:16:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ook6SyhKy12KQWQokEVJIQlRFog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/b487ab-5e31-4117-ada8-a5d3cb918206/1/gPmJ919io92zLM0qUcMa5dmkecM.roa
Signing time: Wed 01 Jan 2025 21:48:56 +0000
ROA not before: Wed 01 Jan 2025 21:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397451
IP address blocks: 185.25.156.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:db:32:21:d1:9e:a4:7b:71:d8:2a:08:a2:a3:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2893a4b284acb5d8a4164289045492109511688
Validity
Not Before: Jan 1 21:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=80f989f75f62a3ddb32ccd2a51c31ae5d9a479c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:c3:af:f3:0c:37:c4:46:da:91:71:44:ed:0c:
a3:e8:d7:fc:09:df:c2:91:a1:29:41:6b:b3:35:33:
91:8e:82:63:e2:78:f8:df:cf:e6:5a:00:00:b7:f8:
a8:92:de:76:01:38:c3:7b:da:70:57:02:4a:61:59:
f5:e0:1a:b8:bd:f7:d7:b1:cd:9c:fa:bc:48:e5:75:
ba:7d:2a:c1:da:c1:de:9f:b5:0e:23:04:4d:1f:30:
19:c6:bf:61:7c:44:8b:de:f3:16:19:0e:5a:51:ce:
27:5e:7b:ee:f1:2b:f7:34:58:ab:ee:e3:f4:d7:a2:
d9:6a:bf:66:12:eb:21:86:8d:59:c7:65:7e:0c:b3:
64:6a:76:f4:c8:78:37:c4:a7:e6:0a:bb:cc:95:f0:
aa:14:70:36:eb:a8:50:74:c3:fd:b6:67:af:d9:98:
bf:24:5a:d1:41:a1:26:98:c3:c0:81:3e:3e:80:5f:
8f:d5:d4:4c:fa:9a:c0:b7:dc:7e:25:4f:f5:04:49:
88:47:18:71:6c:ad:5e:e1:08:12:1c:7d:37:16:2d:
26:2c:85:3e:b0:fd:76:43:bf:3a:6c:cf:e9:48:9d:
0c:12:79:b9:48:90:e3:09:e1:a0:17:b2:fe:56:dc:
3f:22:58:b7:f9:1d:68:5c:13:b8:2e:7c:a9:06:20:
5b:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:F9:89:F7:5F:62:A3:DD:B3:2C:CD:2A:51:C3:1A:E5:D9:A4:79:C3
X509v3 Authority Key Identifier:
keyid:A2:89:3A:4B:28:4A:CB:5D:8A:41:64:28:90:45:49:21:09:51:16:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ook6SyhKy12KQWQokEVJIQlRFog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b487ab-5e31-4117-ada8-a5d3cb918206/1/gPmJ919io92zLM0qUcMa5dmkecM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b487ab-5e31-4117-ada8-a5d3cb918206/1/ook6SyhKy12KQWQokEVJIQlRFog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.156.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:bb:ff:d7:88:05:11:54:d2:59:10:28:64:91:cb:af:03:bf:
40:a2:1f:3b:a9:d0:8b:bf:29:fe:11:47:f5:a8:42:3e:20:64:
97:49:25:b0:82:0c:68:b4:41:ac:ee:3c:5d:9f:81:d2:e0:0e:
e1:c8:8d:79:f6:96:ef:6e:f6:26:5a:c6:cd:08:ad:48:bd:f2:
db:e9:94:96:ac:ce:58:41:19:03:61:22:97:52:8a:f8:d9:df:
6e:72:bb:de:cf:c1:9f:54:65:64:2b:3b:21:b6:87:5b:37:ad:
42:da:24:c3:76:18:16:ef:a2:d1:e4:23:a6:ce:e4:8c:67:93:
8f:01:5f:d3:ce:4d:2f:a2:27:4e:0a:61:09:78:5c:c4:7e:bc:
00:0c:5f:08:ee:90:43:13:d5:6b:86:75:43:eb:af:0a:2d:60:
66:4d:62:50:ce:c7:fe:f7:57:ba:a2:a4:50:0b:b0:51:94:6d:
d3:91:cd:d1:91:bb:33:30:0c:b9:37:eb:35:fb:3a:e1:23:c4:
07:52:f8:b0:b0:b6:ad:f3:e9:e2:39:10:48:c3:4a:6d:cf:8d:
c6:b9:b5:6f:dc:38:ab:8e:b4:07:ba:c6:ae:c4:24:50:d2:7b:
ad:63:6c:5e:d1:b5:05:12:f5:96:23:1e:2a:2c:6e:de:b4:08:
33:87:7c:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj19syIdGepHtx2CoIoqNaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyODkzYTRiMjg0YWNiNWQ4YTQxNjQyODkwNDU0OTIxMDk1
MTE2ODgwHhcNMjUwMTAxMjE0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGY5ODlmNzVmNjJhM2RkYjMyY2NkMmE1MWMzMWFlNWQ5YTQ3OWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcOv8ww3xEbakXFE7Qyj6Nf8Cd/C
kaEpQWuzNTORjoJj4nj438/mWgAAt/iokt52ATjDe9pwVwJKYVn14Bq4vffXsc2c
+rxI5XW6fSrB2sHen7UOIwRNHzAZxr9hfESL3vMWGQ5aUc4nXnvu8Sv3NFir7uP0
16LZar9mEushho1Zx2V+DLNkanb0yHg3xKfmCrvMlfCqFHA266hQdMP9tmev2Zi/
JFrRQaEmmMPAgT4+gF+P1dRM+prAt9x+JU/1BEmIRxhxbK1e4QgSHH03Fi0mLIU+
sP12Q786bM/pSJ0MEnm5SJDjCeGgF7L+Vtw/Ili3+R1oXBO4LnypBiBb3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFID5ifdfYqPdsyzNKlHDGuXZpHnDMB8GA1UdIwQY
MBaAFKKJOksoSstdikFkKJBFSSEJURaIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb29rNlN5aEt5MTJLUVdRb2tFVkpJUWxSRm9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iNDg3YWItNWUzMS00MTE3LWFkYTgt
YTVkM2NiOTE4MjA2LzEvZ1BtSjkxOWlvOTJ6TE0wcVVjTWE1ZG1rZWNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9iNDg3YWItNWUzMS00MTE3LWFkYTgtYTVkM2NiOTE4MjA2
LzEvb29rNlN5aEt5MTJLUVdRb2tFVkpJUWxSRm9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRmcMA0G
CSqGSIb3DQEBCwUAA4IBAQC4u//XiAURVNJZEChkkcuvA79Aoh87qdCLvyn+EUf1
qEI+IGSXSSWwggxotEGs7jxdn4HS4A7hyI159pbvbvYmWsbNCK1IvfLb6ZSWrM5Y
QRkDYSKXUor42d9ucrvez8GfVGVkKzshtodbN61C2iTDdhgW76LR5COmzuSMZ5OP
AV/Tzk0voidOCmEJeFzEfrwADF8I7pBDE9VrhnVD668KLWBmTWJQzsf+91e6oqRQ
C7BRlG3Tkc3RkbszMAy5N+s1+zrhI8QHUviwsLat8+niORBIw0ptz43GubVv3Dir
jrQHusauxCRQ0nutY2xe0bUFEvWWIx4qLG7etAgzh3wh
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:32 2025 by rpki-client