Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/5893f7-b4f1-4961-9426-fd73b80833b7/1/0Yi_JnLw94TXhrC5nYi7nz8aE9Q.roa
File: 0Yi_JnLw94TXhrC5nYi7nz8aE9Q.roa (raw, json)
Hash identifier: PcfAm6zv9EFMWgISV3l4XmKFXD7W1Vvh/DKcICx2Ck4=
Subject key identifier: D1:88:BF:26:72:F0:F7:84:D7:86:B0:B9:9D:88:BB:9F:3F:1A:13:D4
Certificate issuer: /CN=ac21a113d1ba01d107fdf791308c0a51f3d06dda
Certificate serial: 0194221FABD48A20EF6AAD1666F46F00D3AF
Authority key identifier: AC:21:A1:13:D1:BA:01:D1:07:FD:F7:91:30:8C:0A:51:F3:D0:6D:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rCGhE9G6AdEH_feRMIwKUfPQbdo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/5893f7-b4f1-4961-9426-fd73b80833b7/1/0Yi_JnLw94TXhrC5nYi7nz8aE9Q.roa
Signing time: Wed 01 Jan 2025 13:48:08 +0000
ROA not before: Wed 01 Jan 2025 13:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29119
IP address blocks: 185.137.165.0/24 maxlen: 24
185.226.188.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ab:d4:8a:20:ef:6a:ad:16:66:f4:6f:00:d3:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac21a113d1ba01d107fdf791308c0a51f3d06dda
Validity
Not Before: Jan 1 13:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d188bf2672f0f784d786b0b99d88bb9f3f1a13d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:56:7b:08:6b:90:74:3d:5f:9e:f1:39:7c:c4:
88:5a:66:30:e5:f5:15:80:3c:f1:bc:f4:76:6c:bd:
6f:c6:0c:71:50:ac:52:3b:57:4a:6b:61:81:bf:b8:
1e:2c:f5:c6:d1:91:59:72:e0:7d:a9:47:78:3a:5d:
69:17:56:5f:75:e7:4c:62:02:c6:18:90:26:4c:40:
84:f0:3e:2a:4b:f0:f2:45:b3:d7:3f:bd:cb:db:6c:
7f:a9:6b:3b:c3:b8:44:ec:d9:ac:41:f4:03:3d:7f:
7b:05:66:15:06:7b:12:05:d1:1f:75:3a:59:06:db:
da:d7:9a:41:87:15:ce:3e:a0:57:7c:f9:df:1c:cd:
e9:48:ea:c4:55:c6:56:67:d1:03:87:8f:c2:b9:a0:
75:01:be:1f:b4:92:dc:98:3d:fb:32:4e:b6:f8:de:
19:fc:e5:a6:4c:15:be:45:fd:0f:9f:85:59:33:c9:
95:72:a5:91:2e:4a:eb:e5:97:e0:9f:8d:1a:78:52:
0d:e6:e1:aa:15:1c:6b:39:5a:f6:27:39:50:2b:93:
66:6e:8a:ac:7d:10:e0:b6:02:b0:f9:3f:a3:73:8e:
0e:e6:39:a7:c9:e6:93:2a:e7:0a:b0:e7:c6:d9:c4:
17:93:4a:f1:a8:c6:24:9d:84:a6:a0:73:2e:92:60:
a8:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:88:BF:26:72:F0:F7:84:D7:86:B0:B9:9D:88:BB:9F:3F:1A:13:D4
X509v3 Authority Key Identifier:
keyid:AC:21:A1:13:D1:BA:01:D1:07:FD:F7:91:30:8C:0A:51:F3:D0:6D:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rCGhE9G6AdEH_feRMIwKUfPQbdo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/5893f7-b4f1-4961-9426-fd73b80833b7/1/0Yi_JnLw94TXhrC5nYi7nz8aE9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/5893f7-b4f1-4961-9426-fd73b80833b7/1/rCGhE9G6AdEH_feRMIwKUfPQbdo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.165.0/24
185.226.188.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:8e:1a:d1:87:97:ca:2c:a4:85:e1:5c:36:0b:32:7c:2f:6f:
f6:92:36:68:1b:74:90:99:58:1b:9f:5f:01:17:e3:13:2d:07:
aa:39:87:6a:f5:b5:ae:a8:00:ce:e1:06:eb:a2:a7:ae:ec:82:
59:89:fa:7b:d1:e2:9f:17:05:ce:ef:73:11:b1:41:e7:8f:e1:
c9:e3:3a:25:a0:6e:bd:c0:a2:27:4e:8c:3b:13:e3:5c:7d:e0:
11:0a:d4:21:a5:3c:92:26:10:4a:a5:fc:91:dc:cc:b9:24:be:
2c:97:0b:e9:2b:c6:98:85:3b:f2:cc:7d:58:dc:96:75:47:5f:
e2:20:a5:96:b2:6a:73:70:dc:13:a7:98:1a:ea:e9:ff:67:ea:
d7:13:76:f2:a3:3a:39:f8:de:ad:f4:90:13:71:e7:4c:43:4e:
af:74:39:ac:c9:56:ba:32:f0:e9:42:aa:89:69:11:e5:52:c1:
c8:d7:3d:87:77:ef:28:3c:b7:08:3b:33:8c:f0:c5:6b:d2:d6:
d7:d3:fc:dc:97:10:d9:74:6b:17:bf:ca:19:f9:1b:0a:6f:ea:
d9:1c:32:ed:07:0a:d0:81:92:c9:2c:8f:0e:cb:a9:f3:08:e4:
1b:6c:f8:fd:fc:de:c4:82:41:79:e9:35:01:8f:78:16:5c:57:
88:d0:eb:47
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiH6vUiiDvaq0WZvRvANOvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMjFhMTEzZDFiYTAxZDEwN2ZkZjc5MTMwOGMwYTUxZjNk
MDZkZGEwHhcNMjUwMTAxMTM0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTg4YmYyNjcyZjBmNzg0ZDc4NmIwYjk5ZDg4YmI5ZjNmMWExM2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVZ7CGuQdD1fnvE5fMSIWmYw5fUV
gDzxvPR2bL1vxgxxUKxSO1dKa2GBv7geLPXG0ZFZcuB9qUd4Ol1pF1ZfdedMYgLG
GJAmTECE8D4qS/DyRbPXP73L22x/qWs7w7hE7NmsQfQDPX97BWYVBnsSBdEfdTpZ
Btva15pBhxXOPqBXfPnfHM3pSOrEVcZWZ9EDh4/CuaB1Ab4ftJLcmD37Mk62+N4Z
/OWmTBW+Rf0Pn4VZM8mVcqWRLkrr5Zfgn40aeFIN5uGqFRxrOVr2JzlQK5Nmboqs
fRDgtgKw+T+jc44O5jmnyeaTKucKsOfG2cQXk0rxqMYknYSmoHMukmCo4QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNGIvyZy8PeE14awuZ2Iu58/GhPUMB8GA1UdIwQY
MBaAFKwhoRPRugHRB/33kTCMClHz0G3aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckNHaEU5RzZBZEVIX2ZlUk1Jd0tVZlBRYmRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My81ODkzZjctYjRmMS00OTYxLTk0MjYt
ZmQ3M2I4MDgzM2I3LzEvMFlpX0puTHc5NFRYaHJDNW5ZaTduejhhRTlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My81ODkzZjctYjRmMS00OTYxLTk0MjYtZmQ3M2I4MDgzM2I3
LzEvckNHaEU5RzZBZEVIX2ZlUk1Jd0tVZlBRYmRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuYmlAwQC
ueK8MA0GCSqGSIb3DQEBCwUAA4IBAQBLjhrRh5fKLKSF4Vw2CzJ8L2/2kjZoG3SQ
mVgbn18BF+MTLQeqOYdq9bWuqADO4Qbroqeu7IJZifp70eKfFwXO73MRsUHnj+HJ
4zoloG69wKInTow7E+NcfeARCtQhpTySJhBKpfyR3My5JL4slwvpK8aYhTvyzH1Y
3JZ1R1/iIKWWsmpzcNwTp5ga6un/Z+rXE3byozo5+N6t9JATcedMQ06vdDmsyVa6
MvDpQqqJaRHlUsHI1z2Hd+8oPLcIOzOM8MVr0tbX0/zclxDZdGsXv8oZ+RsKb+rZ
HDLtBwrQgZLJLI8Oy6nzCOQbbPj9/N7EgkF56TUBj3gWXFeI0OtH
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:05:38 2025 by rpki-client