Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/8e206b-e987-461a-ad00-fbbc76ea96d5/1/gX33RndK-vfUB8vyVKm6SlYQRYQ.roa
File: gX33RndK-vfUB8vyVKm6SlYQRYQ.roa (raw, json)
Hash identifier: zQZdZkQE0fWrtIb5Wrm+JOKQkirwQvGsHtspHPipPJM=
Subject key identifier: 81:7D:F7:46:77:4A:FA:F7:D4:07:CB:F2:54:A9:BA:4A:56:10:45:84
Certificate issuer: /CN=b3d307a986092cd65fc93419863e03d98944011a
Certificate serial: 018CC425628D13EC1E5656B53AC556356C13
Authority key identifier: B3:D3:07:A9:86:09:2C:D6:5F:C9:34:19:86:3E:03:D9:89:44:01:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s9MHqYYJLNZfyTQZhj4D2YlEARo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/8e206b-e987-461a-ad00-fbbc76ea96d5/1/gX33RndK-vfUB8vyVKm6SlYQRYQ.roa
Signing time: Mon 01 Jan 2024 08:30:33 +0000
ROA not before: Mon 01 Jan 2024 08:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48551
IP address blocks: 185.74.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:62:8d:13:ec:1e:56:56:b5:3a:c5:56:35:6c:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3d307a986092cd65fc93419863e03d98944011a
Validity
Not Before: Jan 1 08:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=817df746774afaf7d407cbf254a9ba4a56104584
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:8c:04:0f:19:df:65:03:13:2b:49:3c:84:fe:
00:94:53:1e:7f:0d:51:13:40:79:89:e4:4b:9f:7f:
88:a9:cd:bc:5f:f4:86:ad:ea:71:5c:d3:61:1d:04:
08:4d:b5:f8:ac:53:71:8a:3a:76:d9:b5:12:cc:ba:
52:22:bd:d2:77:96:08:0f:f0:fa:15:60:c5:fd:7a:
f9:18:eb:9c:dc:73:7b:05:c3:fd:64:1c:86:4c:3b:
4f:7e:9b:db:2f:2f:1e:bc:fe:12:86:e3:ea:9e:7d:
3f:d6:81:fc:81:dd:31:e9:3b:d7:14:de:13:6c:80:
56:f7:a0:9c:e3:48:18:7d:a9:3b:f2:6c:fe:24:3d:
2b:04:7a:d7:98:ef:1f:e5:b8:25:06:41:07:91:9b:
e6:fb:df:b6:c2:f4:52:c9:18:a3:8f:50:7a:b6:ab:
8f:d7:89:12:07:13:f0:71:eb:de:58:ed:a0:1e:d9:
31:1f:32:ac:32:eb:20:d8:82:8b:e5:6b:90:e7:fb:
9d:57:ed:1b:1b:5c:fd:98:eb:de:11:23:67:57:23:
d1:70:1e:7b:17:89:2d:3e:e7:d2:aa:13:3f:23:40:
c0:9d:02:8d:f9:8a:c5:76:0d:ca:e3:4a:3e:51:85:
f4:a5:80:21:0f:06:7b:fe:2c:93:05:8e:7b:78:d9:
88:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:7D:F7:46:77:4A:FA:F7:D4:07:CB:F2:54:A9:BA:4A:56:10:45:84
X509v3 Authority Key Identifier:
keyid:B3:D3:07:A9:86:09:2C:D6:5F:C9:34:19:86:3E:03:D9:89:44:01:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9MHqYYJLNZfyTQZhj4D2YlEARo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/8e206b-e987-461a-ad00-fbbc76ea96d5/1/gX33RndK-vfUB8vyVKm6SlYQRYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/8e206b-e987-461a-ad00-fbbc76ea96d5/1/s9MHqYYJLNZfyTQZhj4D2YlEARo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.74.221.0/24
Signature Algorithm: sha256WithRSAEncryption
01:ce:c9:f7:42:d2:78:17:6b:33:38:3e:3a:e3:4b:b1:27:55:
c4:f2:70:4e:69:99:b3:e5:44:36:16:97:02:49:51:5e:57:84:
22:46:2c:98:63:73:a1:44:02:98:8e:f8:0d:5f:9b:ed:b8:31:
8a:12:a2:2a:46:a1:eb:40:17:45:43:b4:40:8a:c6:5e:8e:8b:
c7:8f:ef:8a:b2:0c:b1:17:9a:82:55:8a:7b:57:b8:0b:da:cc:
24:88:d7:84:eb:ad:b7:a8:71:c8:0f:66:12:33:19:5c:1f:d4:
c4:b9:9b:dd:65:68:04:9f:fb:d5:29:15:58:eb:db:98:df:d4:
4e:0a:09:7d:2e:a2:3b:d8:44:b8:a2:b9:c1:6d:17:1d:7c:ea:
cd:db:8a:ce:92:f4:04:e9:fb:fe:b2:3a:02:44:3c:cd:57:31:
64:e2:14:5d:70:f0:b1:5b:13:0a:0f:23:30:5f:ec:56:d6:76:
c4:38:3d:30:7e:66:49:32:5b:a3:f3:48:07:2d:b7:aa:fc:4a:
98:04:cf:f5:84:17:42:31:e0:00:e7:05:7f:9f:e5:21:ea:88:
aa:8b:0d:ef:02:a5:a4:80:79:ad:4f:22:f5:50:9e:1a:ce:d9:
e2:de:2f:f8:06:4b:76:ca:ff:86:e6:eb:a8:23:0a:1a:11:64:
ef:1a:34:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJWKNE+weVla1OsVWNWwTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZDMwN2E5ODYwOTJjZDY1ZmM5MzQxOTg2M2UwM2Q5ODk0
NDAxMWEwHhcNMjQwMTAxMDgzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTdkZjc0Njc3NGFmYWY3ZDQwN2NiZjI1NGE5YmE0YTU2MTA0NTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYwEDxnfZQMTK0k8hP4AlFMefw1R
E0B5ieRLn3+Iqc28X/SGrepxXNNhHQQITbX4rFNxijp22bUSzLpSIr3Sd5YID/D6
FWDF/Xr5GOuc3HN7BcP9ZByGTDtPfpvbLy8evP4ShuPqnn0/1oH8gd0x6TvXFN4T
bIBW96Cc40gYfak78mz+JD0rBHrXmO8f5bglBkEHkZvm+9+2wvRSyRijj1B6tquP
14kSBxPwceveWO2gHtkxHzKsMusg2IKL5WuQ5/udV+0bG1z9mOveESNnVyPRcB57
F4ktPufSqhM/I0DAnQKN+YrFdg3K40o+UYX0pYAhDwZ7/iyTBY57eNmI/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIF990Z3Svr31AfL8lSpukpWEEWEMB8GA1UdIwQY
MBaAFLPTB6mGCSzWX8k0GYY+A9mJRAEaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczlNSHFZWUpMTlpmeVRRWmhqNEQyWWxFQVJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC84ZTIwNmItZTk4Ny00NjFhLWFkMDAt
ZmJiYzc2ZWE5NmQ1LzEvZ1gzM1JuZEstdmZVQjh2eVZLbTZTbFlRUllRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC84ZTIwNmItZTk4Ny00NjFhLWFkMDAtZmJiYzc2ZWE5NmQ1
LzEvczlNSHFZWUpMTlpmeVRRWmhqNEQyWWxFQVJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUrdMA0G
CSqGSIb3DQEBCwUAA4IBAQABzsn3QtJ4F2szOD4640uxJ1XE8nBOaZmz5UQ2FpcC
SVFeV4QiRiyYY3OhRAKYjvgNX5vtuDGKEqIqRqHrQBdFQ7RAisZejovHj++Ksgyx
F5qCVYp7V7gL2swkiNeE6623qHHID2YSMxlcH9TEuZvdZWgEn/vVKRVY69uY39RO
Cgl9LqI72ES4ornBbRcdfOrN24rOkvQE6fv+sjoCRDzNVzFk4hRdcPCxWxMKDyMw
X+xW1nbEOD0wfmZJMluj80gHLbeq/EqYBM/1hBdCMeAA5wV/n+Uh6oiqiw3vAqWk
gHmtTyL1UJ4aztni3i/4Bkt2yv+G5uuoIwoaEWTvGjS4
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:33:38 2025 by rpki-client