Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/05CufssDJG0pTAbK0ZW527iD2UU.roa
File: 05CufssDJG0pTAbK0ZW527iD2UU.roa (raw, json)
Hash identifier: BGjazq+URRQ8AjeY79SbxnXbTrLwkTMUsC+q970r9fs=
Subject key identifier: D3:90:AE:7E:CB:03:24:6D:29:4C:06:CA:D1:95:B9:DB:B8:83:D9:45
Certificate issuer: /CN=74e3c336972094b1a8c13d41816857d197a3aae9
Certificate serial: 019422FB62BF49E43D23B4FBAE0FF25C50E4
Authority key identifier: 74:E3:C3:36:97:20:94:B1:A8:C1:3D:41:81:68:57:D1:97:A3:AA:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/05CufssDJG0pTAbK0ZW527iD2UU.roa
Signing time: Wed 01 Jan 2025 17:48:07 +0000
ROA not before: Wed 01 Jan 2025 17:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214096
IP address blocks: 185.192.218.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:62:bf:49:e4:3d:23:b4:fb:ae:0f:f2:5c:50:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74e3c336972094b1a8c13d41816857d197a3aae9
Validity
Not Before: Jan 1 17:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d390ae7ecb03246d294c06cad195b9dbb883d945
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:1e:a6:9b:c0:1e:54:44:5d:83:33:e5:a4:4c:
1e:54:0d:01:4d:4f:0d:4b:60:fd:b1:fc:b9:a3:d0:
1f:d8:88:8d:24:71:a1:0c:65:c9:fc:98:32:46:15:
9d:4c:09:6d:c8:ec:54:3f:f2:1d:1c:aa:78:4b:5f:
80:5e:be:3e:1f:d5:2c:36:51:d5:10:cc:3a:77:35:
dc:25:13:d0:f7:b5:19:3e:7e:c3:08:bf:79:77:0f:
fe:ac:40:5a:f9:d4:76:85:52:77:e0:9e:a5:b0:39:
b4:61:ec:db:a3:2b:a4:ad:02:59:38:93:a6:5c:66:
1a:f3:75:b7:70:08:4e:60:89:fe:1e:b0:e4:e6:84:
bb:c9:09:18:43:ae:72:f7:e5:9b:68:ae:e4:13:c9:
96:c5:27:60:0a:2b:54:49:0c:29:ce:d6:1f:20:4b:
4f:40:3f:a3:48:bb:9f:86:57:cc:d5:a5:67:2f:2e:
17:75:ff:86:d8:14:ab:97:01:ab:f8:39:d0:a9:24:
7b:a4:5c:5a:58:cc:b4:85:c2:2f:0f:19:ca:39:2e:
04:49:50:ae:21:6e:84:56:d1:82:a2:ec:61:cb:3f:
cf:ce:0c:9f:2a:67:f1:c2:ac:4f:7a:2b:c1:5e:28:
ea:a7:ae:55:71:cc:ab:45:00:02:99:c8:51:77:6b:
10:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:90:AE:7E:CB:03:24:6D:29:4C:06:CA:D1:95:B9:DB:B8:83:D9:45
X509v3 Authority Key Identifier:
keyid:74:E3:C3:36:97:20:94:B1:A8:C1:3D:41:81:68:57:D1:97:A3:AA:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/05CufssDJG0pTAbK0ZW527iD2UU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/dOPDNpcglLGowT1BgWhX0Zejquk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.192.218.0/23
Signature Algorithm: sha256WithRSAEncryption
39:49:39:c3:fe:a3:51:27:ff:2c:df:49:98:88:91:d8:17:68:
06:d1:80:05:ac:56:76:a2:64:c0:20:de:05:10:68:80:7d:a8:
6a:b3:0f:dd:8c:52:b2:4c:f9:df:20:f0:8f:0a:70:c7:d0:42:
6d:04:b7:57:d7:ba:e4:9c:e1:33:f8:79:e0:bd:ea:04:85:42:
76:dd:cc:26:18:fd:0c:9a:45:9a:ae:e7:f5:95:5f:c9:cb:ff:
cb:58:29:0e:f1:8f:fb:50:f2:54:1b:08:37:dd:bf:9a:38:9e:
9e:f3:e5:39:fb:4a:a5:d8:e9:de:1e:4a:c9:27:a5:3d:fe:08:
b7:d1:b2:5a:e7:a9:82:94:ee:33:e8:b1:ba:7b:ee:b3:62:28:
76:32:df:15:8b:a3:4e:05:ea:12:f0:d8:5e:91:c7:67:70:c7:
e5:30:0e:f4:44:bf:b7:58:bc:0b:dd:9b:77:ca:7d:bc:1b:49:
db:b2:6e:f0:68:91:ed:f8:33:fb:dd:d6:63:8a:42:4e:5c:fe:
95:bc:f8:a9:98:e9:ce:dc:84:53:bf:61:a9:29:86:fe:15:b5:
e5:9f:a0:4b:80:c7:20:1f:70:ef:b7:70:ef:af:d9:df:b2:ec:
36:d5:14:16:18:e6:d0:df:d9:14:c0:3c:e6:b7:b7:74:0d:0c:
ff:6f:23:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+2K/SeQ9I7T7rg/yXFDkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZTNjMzM2OTcyMDk0YjFhOGMxM2Q0MTgxNjg1N2QxOTdh
M2FhZTkwHhcNMjUwMTAxMTc0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzkwYWU3ZWNiMDMyNDZkMjk0YzA2Y2FkMTk1YjlkYmI4ODNkOTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjR6mm8AeVERdgzPlpEweVA0BTU8N
S2D9sfy5o9Af2IiNJHGhDGXJ/JgyRhWdTAltyOxUP/IdHKp4S1+AXr4+H9UsNlHV
EMw6dzXcJRPQ97UZPn7DCL95dw/+rEBa+dR2hVJ34J6lsDm0YezboyukrQJZOJOm
XGYa83W3cAhOYIn+HrDk5oS7yQkYQ65y9+WbaK7kE8mWxSdgCitUSQwpztYfIEtP
QD+jSLufhlfM1aVnLy4Xdf+G2BSrlwGr+DnQqSR7pFxaWMy0hcIvDxnKOS4ESVCu
IW6EVtGCouxhyz/PzgyfKmfxwqxPeivBXijqp65VccyrRQACmchRd2sQQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNOQrn7LAyRtKUwGytGVudu4g9lFMB8GA1UdIwQY
MBaAFHTjwzaXIJSxqME9QYFoV9GXo6rpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE9QRE5wY2dsTEdvd1QxQmdXaFgwWmVqcXVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8xOGM0OTgtMjE3MS00ZTFjLThkODAt
YTZjNDllYjI4Mjg3LzEvMDVDdWZzc0RKRzBwVEFiSzBaVzUyN2lEMlVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8xOGM0OTgtMjE3MS00ZTFjLThkODAtYTZjNDllYjI4Mjg3
LzEvZE9QRE5wY2dsTEdvd1QxQmdXaFgwWmVqcXVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBucDaMA0G
CSqGSIb3DQEBCwUAA4IBAQA5STnD/qNRJ/8s30mYiJHYF2gG0YAFrFZ2omTAIN4F
EGiAfahqsw/djFKyTPnfIPCPCnDH0EJtBLdX17rknOEz+HngveoEhUJ23cwmGP0M
mkWaruf1lV/Jy//LWCkO8Y/7UPJUGwg33b+aOJ6e8+U5+0ql2OneHkrJJ6U9/gi3
0bJa56mClO4z6LG6e+6zYih2Mt8Vi6NOBeoS8NhekcdncMflMA70RL+3WLwL3Zt3
yn28G0nbsm7waJHt+DP73dZjikJOXP6VvPipmOnO3IRTv2GpKYb+FbXln6BLgMcg
H3Dvt3Dvr9nfsuw21RQWGObQ39kUwDzmt7d0DQz/byPd
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:51:10 2025 by rpki-client