Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/iFJ0uGzzS5ull-um1Y9-psL34Nc.roa
File: iFJ0uGzzS5ull-um1Y9-psL34Nc.roa (raw, json)
Hash identifier: IkIsdzcs+QIsGrmFv96xBBDRxrTZWo1HUsvPl5A28lk=
Subject key identifier: 88:52:74:B8:6C:F3:4B:9B:A5:97:EB:A6:D5:8F:7E:A6:C2:F7:E0:D7
Certificate issuer: /CN=a865bae25778beed8880c08df2d3f37fc37abc1e
Certificate serial: 018B4F4493D61BDB7707BA40C909FCFD9AA3
Authority key identifier: A8:65:BA:E2:57:78:BE:ED:88:80:C0:8D:F2:D3:F3:7F:C3:7A:BC:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/iFJ0uGzzS5ull-um1Y9-psL34Nc.roa
Signing time: Fri 20 Oct 2023 22:46:16 +0000
ROA not before: Fri 20 Oct 2023 22:46:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52180
IP address blocks: 185.126.253.0/24 maxlen: 24
141.105.129.0/24 maxlen: 24
141.105.139.0/24 maxlen: 24
212.79.123.0/24 maxlen: 24
212.79.124.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4f:44:93:d6:1b:db:77:07:ba:40:c9:09:fc:fd:9a:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a865bae25778beed8880c08df2d3f37fc37abc1e
Validity
Not Before: Oct 20 22:46:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=885274b86cf34b9ba597eba6d58f7ea6c2f7e0d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:36:28:0d:6a:c7:5a:7d:0e:f9:8d:7e:94:65:
c5:62:4b:6f:e1:d9:2a:3c:32:f5:f4:88:a2:a2:06:
10:82:e1:f9:a5:64:73:bc:d6:7e:38:72:84:f0:ea:
5a:61:c3:30:05:a3:be:91:87:d9:60:78:3e:26:0f:
92:d7:4c:c1:3c:a2:b3:a3:59:d7:a5:61:4e:c8:a2:
e0:c6:28:67:fd:e5:1a:d7:0d:97:18:b7:c5:56:37:
03:53:ce:5c:c7:d6:b5:83:7d:79:c3:47:2a:f7:84:
76:cd:1d:01:2a:af:21:7c:ac:8b:a7:ca:c9:e1:91:
80:73:05:9d:25:f9:76:fa:24:db:c8:8b:58:ee:7f:
1d:5e:82:c6:20:3d:0e:60:9e:ea:ce:eb:48:0b:5d:
8f:15:08:b2:19:63:e3:11:7e:a7:b9:9c:cb:17:ad:
de:ef:df:38:62:d9:42:1d:d8:ed:0e:1a:bb:3c:1c:
ba:1d:7d:99:54:c1:15:6e:fe:3b:49:77:13:dd:fb:
67:a9:b3:2d:10:89:34:26:72:bd:39:cb:39:11:94:
ee:3f:ab:41:b4:4b:0a:02:36:8f:d1:28:f8:b6:dc:
f3:21:5e:5e:d3:3c:7a:8c:67:a4:f6:4d:ff:57:b1:
3b:a0:94:70:67:a7:7e:17:e8:82:16:e9:d6:f0:f9:
b9:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:52:74:B8:6C:F3:4B:9B:A5:97:EB:A6:D5:8F:7E:A6:C2:F7:E0:D7
X509v3 Authority Key Identifier:
keyid:A8:65:BA:E2:57:78:BE:ED:88:80:C0:8D:F2:D3:F3:7F:C3:7A:BC:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/iFJ0uGzzS5ull-um1Y9-psL34Nc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/qGW64ld4vu2IgMCN8tPzf8N6vB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.105.129.0/24
141.105.139.0/24
185.126.253.0/24
212.79.123.0-212.79.124.255
Signature Algorithm: sha256WithRSAEncryption
5c:d2:12:19:c1:a3:2b:4e:78:13:f7:d3:31:90:81:63:87:e7:
a0:1c:85:19:fb:c2:da:3c:b2:3e:01:64:4d:24:89:8f:c5:a0:
8d:11:1b:61:db:6f:b4:dc:56:c6:a3:64:53:78:9b:69:6f:a8:
d9:18:c5:68:8a:02:49:e1:ad:42:63:ec:fa:29:6e:49:b3:21:
da:c9:8b:06:6b:7e:59:23:1c:8e:f4:23:79:87:08:20:d0:9e:
1a:56:60:4e:b1:5b:51:b3:86:f2:7d:1f:ca:b8:82:b2:63:43:
80:23:70:6a:f5:0a:55:40:a5:9c:00:2b:cc:56:f9:6b:fe:a0:
13:ff:f0:ae:b3:3e:43:17:2a:ca:ae:d5:88:81:34:2f:13:1f:
58:7f:64:01:ec:8b:b6:54:e2:5e:fb:9b:1b:3e:0a:66:77:4f:
b1:4c:0a:27:60:1f:5c:a2:7a:1d:a6:2e:f7:c6:a2:21:13:61:
61:1b:ca:0f:7d:81:87:ff:fc:04:f6:53:ba:29:75:60:97:7f:
49:9e:d2:92:8b:f1:ff:2c:3a:be:1e:ac:43:b5:38:d3:3c:3d:
26:d4:02:18:e1:21:97:fe:c6:b1:4e:44:a1:5c:ed:9a:cd:8c:
10:01:71:4b:a6:53:9c:47:d1:73:97:f2:b4:08:54:a7:a0:ae:
9d:f2:f1:32
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYtPRJPWG9t3B7pAyQn8/ZqjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NjViYWUyNTc3OGJlZWQ4ODgwYzA4ZGYyZDNmMzdmYzM3
YWJjMWUwHhcNMjMxMDIwMjI0NjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODUyNzRiODZjZjM0YjliYTU5N2ViYTZkNThmN2VhNmMyZjdlMGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzYoDWrHWn0O+Y1+lGXFYktv4dkq
PDL19IiiogYQguH5pWRzvNZ+OHKE8OpaYcMwBaO+kYfZYHg+Jg+S10zBPKKzo1nX
pWFOyKLgxihn/eUa1w2XGLfFVjcDU85cx9a1g315w0cq94R2zR0BKq8hfKyLp8rJ
4ZGAcwWdJfl2+iTbyItY7n8dXoLGID0OYJ7qzutIC12PFQiyGWPjEX6nuZzLF63e
7984YtlCHdjtDhq7PBy6HX2ZVMEVbv47SXcT3ftnqbMtEIk0JnK9Ocs5EZTuP6tB
tEsKAjaP0Sj4ttzzIV5e0zx6jGek9k3/V7E7oJRwZ6d+F+iCFunW8Pm5uwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIhSdLhs80ubpZfrptWPfqbC9+DXMB8GA1UdIwQY
MBaAFKhluuJXeL7tiIDAjfLT83/DerweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUdXNjRsZDR2dTJJZ01DTjh0UHpmOE42dkI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi82NDQ0ZDEtNWYwMC00ZTUwLTgwMTkt
MWI2Zjc1MGNmOWEyLzEvaUZKMHVHenpTNXVsbC11bTFZOS1wc0wzNE5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi82NDQ0ZDEtNWYwMC00ZTUwLTgwMTktMWI2Zjc1MGNmOWEy
LzEvcUdXNjRsZDR2dTJJZ01DTjh0UHpmOE42dkI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAjWmBAwQA
jWmLAwQAuX79MAwDBADUT3sDBADUT3wwDQYJKoZIhvcNAQELBQADggEBAFzSEhnB
oytOeBP30zGQgWOH56AchRn7wto8sj4BZE0kiY/FoI0RG2Hbb7TcVsajZFN4m2lv
qNkYxWiKAknhrUJj7PopbkmzIdrJiwZrflkjHI70I3mHCCDQnhpWYE6xW1GzhvJ9
H8q4grJjQ4AjcGr1ClVApZwAK8xW+Wv+oBP/8K6zPkMXKsqu1YiBNC8TH1h/ZAHs
i7ZU4l77mxs+CmZ3T7FMCidgH1yieh2mLvfGoiETYWEbyg99gYf//AT2U7opdWCX
f0me0pKL8f8sOr4erEO1ONM8PSbUAhjhIZf+xrFORKFc7ZrNjBABcUumU5xH0XOX
8rQIVKegrp3y8TI=
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:58:32 2025 by rpki-client