Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/d1f390-4ec5-4c42-8e54-01fb46a433e1/1/vcKt0zOQQ6an75BQh7z38HORZ2w.roa
File: vcKt0zOQQ6an75BQh7z38HORZ2w.roa (raw, json)
Hash identifier: 0chDeDV60oI3Dqsiz81D+oiboZjN2X2iRmyvKaEriO4=
Subject key identifier: BD:C2:AD:D3:33:90:43:A6:A7:EF:90:50:87:BC:F7:F0:73:91:67:6C
Certificate issuer: /CN=1230cd8e13c86d8ef835c1aac7d5f953455c035c
Certificate serial: 01942369F01A21EB55FD99B1B3DB5E0B2C35
Authority key identifier: 12:30:CD:8E:13:C8:6D:8E:F8:35:C1:AA:C7:D5:F9:53:45:5C:03:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EjDNjhPIbY74NcGqx9X5U0VcA1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/d1f390-4ec5-4c42-8e54-01fb46a433e1/1/vcKt0zOQQ6an75BQh7z38HORZ2w.roa
Signing time: Wed 01 Jan 2025 19:48:52 +0000
ROA not before: Wed 01 Jan 2025 19:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20857
IP address blocks: 185.88.148.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:f0:1a:21:eb:55:fd:99:b1:b3:db:5e:0b:2c:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1230cd8e13c86d8ef835c1aac7d5f953455c035c
Validity
Not Before: Jan 1 19:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bdc2add3339043a6a7ef905087bcf7f07391676c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:9f:03:65:5c:9e:15:53:bc:f5:57:88:05:f9:
4f:86:94:ec:5c:2d:ae:5c:2d:7a:3a:6b:51:53:6d:
5a:73:a9:22:f2:89:65:00:2c:e8:0e:f9:8f:78:f0:
a0:54:d1:be:26:d9:8e:b4:fc:84:84:dc:13:76:4d:
6a:5a:d0:7c:3d:e1:81:94:dc:d2:00:21:00:64:cd:
bb:3d:43:bc:7a:07:0b:04:7a:e5:80:28:41:cc:9b:
ca:4d:df:75:b7:7e:63:75:d8:48:d4:19:44:0f:64:
1a:98:1d:5a:e8:8d:5f:d8:12:9c:cb:91:7c:aa:00:
9c:05:af:83:04:d3:06:93:f6:53:ff:f8:b5:84:b3:
d1:41:d2:23:3d:2d:7a:ed:49:72:79:a0:ae:3e:6c:
0a:6b:76:8e:52:9f:d0:32:4c:c5:15:6e:c4:87:42:
d7:43:3a:a7:8f:cd:3a:95:2e:bb:7e:d5:78:87:ab:
f3:1d:f3:e1:84:ea:38:1a:16:fc:b9:56:0c:62:8e:
c9:d5:5a:97:c8:9d:7c:d0:b3:f0:e9:42:b4:c4:fb:
65:09:17:c9:63:66:5d:c1:36:e2:ca:90:b7:43:34:
93:ef:17:7d:49:63:b5:0b:2b:ea:b7:20:70:66:13:
6f:4b:f3:08:6f:35:c0:04:45:02:33:10:b5:2f:8a:
13:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:C2:AD:D3:33:90:43:A6:A7:EF:90:50:87:BC:F7:F0:73:91:67:6C
X509v3 Authority Key Identifier:
keyid:12:30:CD:8E:13:C8:6D:8E:F8:35:C1:AA:C7:D5:F9:53:45:5C:03:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EjDNjhPIbY74NcGqx9X5U0VcA1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d1f390-4ec5-4c42-8e54-01fb46a433e1/1/vcKt0zOQQ6an75BQh7z38HORZ2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d1f390-4ec5-4c42-8e54-01fb46a433e1/1/EjDNjhPIbY74NcGqx9X5U0VcA1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.148.0/22
Signature Algorithm: sha256WithRSAEncryption
85:44:68:52:e0:d7:0d:5e:34:4f:5e:6f:af:8a:40:d5:ec:72:
96:7d:78:d1:2b:0f:8d:ff:0e:c7:a5:79:7b:5e:ae:aa:59:68:
2d:2b:de:48:0f:51:e5:ce:60:e3:b0:2d:34:b9:b6:c3:0c:37:
29:cc:04:6d:bf:10:96:64:55:82:dd:59:b9:b4:dc:d2:4d:1e:
3d:38:26:ac:07:6e:65:53:06:7b:1b:bd:5b:04:29:86:b7:6e:
96:4d:14:96:04:db:4f:52:61:17:c4:dc:42:af:69:c4:22:38:
58:2e:18:dc:29:94:a1:a8:57:3b:a9:c9:05:d8:e5:b6:3a:27:
62:05:21:e3:7c:e7:66:64:cd:27:09:1e:b1:23:3c:22:92:58:
5f:4f:db:7b:5e:0f:3e:4b:13:2f:a0:c3:f9:ad:87:77:b1:dc:
a1:87:46:94:61:f1:7b:be:6c:a1:c0:07:6c:8a:65:17:47:41:
bc:5c:c8:83:1b:92:6a:5b:23:2f:5b:0f:0a:80:87:7c:5b:c0:
c3:40:92:2e:e0:be:16:9d:de:4e:47:b5:1d:4e:eb:e4:b7:af:
6e:c7:34:fe:cb:51:f0:30:07:e9:13:d0:74:50:19:61:eb:99:
c3:3f:dd:05:aa:42:92:7a:a8:16:a0:21:66:08:0b:d9:fc:7d:
fc:c4:53:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjafAaIetV/Zmxs9teCyw1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMzBjZDhlMTNjODZkOGVmODM1YzFhYWM3ZDVmOTUzNDU1
YzAzNWMwHhcNMjUwMTAxMTk0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGMyYWRkMzMzOTA0M2E2YTdlZjkwNTA4N2JjZjdmMDczOTE2NzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJ8DZVyeFVO89VeIBflPhpTsXC2u
XC16OmtRU21ac6ki8ollACzoDvmPePCgVNG+JtmOtPyEhNwTdk1qWtB8PeGBlNzS
ACEAZM27PUO8egcLBHrlgChBzJvKTd91t35jddhI1BlED2QamB1a6I1f2BKcy5F8
qgCcBa+DBNMGk/ZT//i1hLPRQdIjPS167UlyeaCuPmwKa3aOUp/QMkzFFW7Eh0LX
Qzqnj806lS67ftV4h6vzHfPhhOo4Ghb8uVYMYo7J1VqXyJ180LPw6UK0xPtlCRfJ
Y2ZdwTbiypC3QzST7xd9SWO1CyvqtyBwZhNvS/MIbzXABEUCMxC1L4oTxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL3CrdMzkEOmp++QUIe89/BzkWdsMB8GA1UdIwQY
MBaAFBIwzY4TyG2O+DXBqsfV+VNFXANcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWpETmpoUEliWTc0TmNHcXg5WDVVMFZjQTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9kMWYzOTAtNGVjNS00YzQyLThlNTQt
MDFmYjQ2YTQzM2UxLzEvdmNLdDB6T1FRNmFuNzVCUWg3ejM4SE9SWjJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9kMWYzOTAtNGVjNS00YzQyLThlNTQtMDFmYjQ2YTQzM2Ux
LzEvRWpETmpoUEliWTc0TmNHcXg5WDVVMFZjQTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuViUMA0G
CSqGSIb3DQEBCwUAA4IBAQCFRGhS4NcNXjRPXm+vikDV7HKWfXjRKw+N/w7HpXl7
Xq6qWWgtK95ID1HlzmDjsC00ubbDDDcpzARtvxCWZFWC3Vm5tNzSTR49OCasB25l
UwZ7G71bBCmGt26WTRSWBNtPUmEXxNxCr2nEIjhYLhjcKZShqFc7qckF2OW2Oidi
BSHjfOdmZM0nCR6xIzwiklhfT9t7Xg8+SxMvoMP5rYd3sdyhh0aUYfF7vmyhwAds
imUXR0G8XMiDG5JqWyMvWw8KgId8W8DDQJIu4L4Wnd5OR7UdTuvkt69uxzT+y1Hw
MAfpE9B0UBlh65nDP90FqkKSeqgWoCFmCAvZ/H38xFO1
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:37:14 2025 by rpki-client