Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/Kso4uOv5AFO41n_4RP8mOxt5Ipk.roa
File: Kso4uOv5AFO41n_4RP8mOxt5Ipk.roa (raw, json)
Hash identifier: lEq/e9yedyGwj2U0k3YPznkAO+jjieRiT0/qd3kF3VY=
Subject key identifier: 2A:CA:38:B8:EB:F9:00:53:B8:D6:7F:F8:44:FF:26:3B:1B:79:22:99
Certificate issuer: /CN=54914541fd1b95e7c0afc875fbef78794f55386b
Certificate serial: 01821B92D502DF5EE35586E7874C96599EDC
Authority key identifier: 54:91:45:41:FD:1B:95:E7:C0:AF:C8:75:FB:EF:78:79:4F:55:38:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VJFFQf0blefAr8h1--94eU9VOGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/Kso4uOv5AFO41n_4RP8mOxt5Ipk.roa
Signing time: Wed 20 Jul 2022 12:26:23 +0000
ROA not before: Wed 20 Jul 2022 12:26:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203061
IP address blocks: 185.214.172.0/24 maxlen: 24
185.214.174.0/24 maxlen: 24
185.214.173.0/24 maxlen: 24
185.214.175.0/24 maxlen: 24
185.121.171.0/24 maxlen: 24
185.147.33.0/24 maxlen: 24
185.147.32.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:1b:92:d5:02:df:5e:e3:55:86:e7:87:4c:96:59:9e:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54914541fd1b95e7c0afc875fbef78794f55386b
Validity
Not Before: Jul 20 12:26:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2aca38b8ebf90053b8d67ff844ff263b1b792299
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:af:75:cc:bb:2d:53:aa:19:de:2f:17:b1:45:
17:a8:4f:28:17:2c:24:51:a1:e5:8d:9a:d0:cc:69:
ae:d2:a3:4c:bd:13:5a:d5:f8:2a:a0:2d:0c:bb:6a:
ab:16:f2:73:fd:a8:a3:a5:fd:98:10:1a:c6:21:42:
38:12:af:70:5c:bc:f6:84:85:76:28:01:a3:f4:1e:
00:82:77:8a:81:16:3f:cb:28:e1:a5:e7:f7:91:98:
9f:1e:2b:93:6a:8b:d7:c6:d0:15:fe:3d:89:82:a0:
4f:97:35:a9:03:43:a7:52:46:f4:ba:04:d7:c0:5d:
5c:b3:8e:ce:bd:77:70:9d:d0:f1:ba:09:3c:ed:57:
ec:96:e2:82:60:ff:3d:e2:63:32:8e:b9:16:7c:33:
1e:04:8e:1e:21:3d:59:1d:5d:41:04:36:bd:60:2f:
fd:f6:17:2f:7d:c1:89:d0:9a:12:01:5c:11:fe:e6:
7e:9a:7a:a1:e3:96:be:60:cb:6d:7f:a3:67:36:ab:
65:04:66:0f:3c:98:80:6b:54:3d:68:34:25:9c:3e:
8c:d6:78:4c:de:f7:5a:a0:1f:30:93:18:ba:a5:a3:
a6:cb:3f:d2:47:17:3b:91:70:fa:7f:4c:6d:1e:13:
cd:82:c8:60:a2:70:3e:f4:ca:62:52:05:4f:f6:da:
4a:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:CA:38:B8:EB:F9:00:53:B8:D6:7F:F8:44:FF:26:3B:1B:79:22:99
X509v3 Authority Key Identifier:
keyid:54:91:45:41:FD:1B:95:E7:C0:AF:C8:75:FB:EF:78:79:4F:55:38:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VJFFQf0blefAr8h1--94eU9VOGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/Kso4uOv5AFO41n_4RP8mOxt5Ipk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/VJFFQf0blefAr8h1--94eU9VOGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.171.0/24
185.147.32.0/23
185.214.172.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:fd:d8:49:06:6e:fa:26:cb:10:17:5a:4a:3f:3a:c8:70:57:
9e:ad:16:be:b6:25:cf:58:e4:fe:14:e5:38:b7:ed:f9:93:ca:
99:10:2d:b6:dd:4f:30:90:7a:a6:2a:77:19:43:d4:9d:85:ee:
55:cd:8c:56:e9:0f:50:10:a2:52:03:5e:f1:6d:d3:d3:a5:d6:
bd:6c:22:38:5e:c0:d9:ec:d5:3b:59:3b:ff:fe:54:4f:32:9c:
0e:1f:f5:c6:69:07:00:2c:66:ee:f2:de:c4:b5:c2:1a:15:43:
5c:68:86:9a:62:ea:77:f0:cd:0f:33:36:34:cd:11:6d:6e:4c:
56:80:fd:48:11:cd:c2:af:6d:8e:6b:32:3e:e6:44:95:33:ab:
29:25:cc:3c:ef:a0:c4:46:69:c9:04:30:a8:fe:16:5b:c5:f6:
7b:bf:de:87:ea:86:d4:2b:b9:fd:7d:84:93:a2:d0:fa:41:cb:
ab:b2:9b:b0:04:4e:1f:27:d1:7c:eb:2b:8a:9e:80:15:fd:dc:
12:73:30:bf:41:e9:e8:9a:b4:dd:b9:81:6b:3a:42:8d:0d:21:
34:bc:fd:52:58:a5:39:6f:74:64:f3:55:91:cc:f8:2f:6c:3f:
35:2c:21:80:17:4e:a5:8f:5d:28:2c:cf:26:9a:53:64:62:2e:
af:04:3a:d5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYIbktUC317jVYbnh0yWWZ7cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0OTE0NTQxZmQxYjk1ZTdjMGFmYzg3NWZiZWY3ODc5NGY1
NTM4NmIwHhcNMjIwNzIwMTIyNjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWNhMzhiOGViZjkwMDUzYjhkNjdmZjg0NGZmMjYzYjFiNzkyMjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp691zLstU6oZ3i8XsUUXqE8oFywk
UaHljZrQzGmu0qNMvRNa1fgqoC0Mu2qrFvJz/aijpf2YEBrGIUI4Eq9wXLz2hIV2
KAGj9B4AgneKgRY/yyjhpef3kZifHiuTaovXxtAV/j2JgqBPlzWpA0OnUkb0ugTX
wF1cs47OvXdwndDxugk87VfsluKCYP894mMyjrkWfDMeBI4eIT1ZHV1BBDa9YC/9
9hcvfcGJ0JoSAVwR/uZ+mnqh45a+YMttf6NnNqtlBGYPPJiAa1Q9aDQlnD6M1nhM
3vdaoB8wkxi6paOmyz/SRxc7kXD6f0xtHhPNgshgonA+9MpiUgVP9tpK1wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCrKOLjr+QBTuNZ/+ET/JjsbeSKZMB8GA1UdIwQY
MBaAFFSRRUH9G5XnwK/IdfvveHlPVThrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkpGRlFmMGJsZWZBcjhoMS0tOTRlVTlWT0dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80NjQ2MzEtY2E4ZS00YzZhLWIwOTEt
ZDlmNmQ5NjQyNTM3LzEvS3NvNHVPdjVBRk80MW5fNFJQOG1PeHQ1SXBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80NjQ2MzEtY2E4ZS00YzZhLWIwOTEtZDlmNmQ5NjQyNTM3
LzEvVkpGRlFmMGJsZWZBcjhoMS0tOTRlVTlWT0dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuXmrAwQB
uZMgAwQCudasMA0GCSqGSIb3DQEBCwUAA4IBAQBt/dhJBm76JssQF1pKPzrIcFee
rRa+tiXPWOT+FOU4t+35k8qZEC223U8wkHqmKncZQ9Sdhe5VzYxW6Q9QEKJSA17x
bdPTpda9bCI4XsDZ7NU7WTv//lRPMpwOH/XGaQcALGbu8t7EtcIaFUNcaIaaYup3
8M0PMzY0zRFtbkxWgP1IEc3Cr22OazI+5kSVM6spJcw876DERmnJBDCo/hZbxfZ7
v96H6obUK7n9fYSTotD6QcurspuwBE4fJ9F86yuKnoAV/dwSczC/QenomrTduYFr
OkKNDSE0vP1SWKU5b3Rk81WRzPgvbD81LCGAF06lj10oLM8mmlNkYi6vBDrV
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:59:41 2025 by rpki-client