Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/0cee19-af0f-4e93-8010-d953f4854757/1/iA-R6MvKiO2KGX3TDBYr9y6CrrY.roa
File: iA-R6MvKiO2KGX3TDBYr9y6CrrY.roa (raw, json)
Hash identifier: 6ESf6+qQijHxJ/aR5LxiBT1mSFdRreQchWcCwlb/jhI=
Subject key identifier: 88:0F:91:E8:CB:CA:88:ED:8A:19:7D:D3:0C:16:2B:F7:2E:82:AE:B6
Certificate issuer: /CN=d188a88d595dc2ed8c2f9239645c4e8c5e737d31
Certificate serial: 019420D5F0FD9D3CE8D61FF882BD1C51953F
Authority key identifier: D1:88:A8:8D:59:5D:C2:ED:8C:2F:92:39:64:5C:4E:8C:5E:73:7D:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0YiojVldwu2ML5I5ZFxOjF5zfTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/0cee19-af0f-4e93-8010-d953f4854757/1/iA-R6MvKiO2KGX3TDBYr9y6CrrY.roa
Signing time: Wed 01 Jan 2025 07:47:59 +0000
ROA not before: Wed 01 Jan 2025 07:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206238
IP address blocks: 185.232.98.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:f0:fd:9d:3c:e8:d6:1f:f8:82:bd:1c:51:95:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d188a88d595dc2ed8c2f9239645c4e8c5e737d31
Validity
Not Before: Jan 1 07:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=880f91e8cbca88ed8a197dd30c162bf72e82aeb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a7:ea:26:d2:6c:fa:46:af:15:79:ab:b8:19:
c5:69:3f:50:02:d4:44:1f:fd:ba:db:b5:85:82:46:
6e:6e:5b:fd:39:27:99:2f:e6:08:c6:fb:4e:50:07:
7d:c1:94:d1:b0:b9:9e:f5:6d:a9:29:4d:57:d9:98:
62:62:c9:c6:15:2a:1b:fd:cf:8e:68:c0:8f:66:8c:
28:c6:dd:ea:71:3c:ad:65:6c:e2:8c:c6:1a:ca:46:
bd:f4:27:35:11:44:0c:45:51:96:e4:e2:41:34:16:
06:65:6e:41:17:cb:c7:67:ed:03:2c:54:cd:fa:a1:
3b:f7:8a:ff:a0:fe:5d:4a:9b:0a:70:03:67:9b:3c:
9d:46:b7:ed:f6:6b:f4:53:ee:c5:c5:a8:e9:4f:e2:
d3:c6:ff:ca:82:b8:66:fa:54:65:63:ee:b4:1c:6b:
25:b7:21:7b:45:51:ce:fb:d5:21:74:28:2e:45:4e:
78:10:43:1c:2e:17:9c:5a:5f:43:63:60:b9:89:33:
15:2e:2a:42:71:cc:2a:1d:5c:de:cc:b0:da:3b:a1:
9e:7a:91:90:dc:b7:4f:0b:0d:3c:56:b9:a5:a6:58:
c4:16:c4:13:61:0e:b3:7e:fa:f9:76:6e:9b:67:ad:
97:7e:9b:f4:cc:7a:d3:86:33:3e:8f:a0:6a:a2:6c:
d9:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:0F:91:E8:CB:CA:88:ED:8A:19:7D:D3:0C:16:2B:F7:2E:82:AE:B6
X509v3 Authority Key Identifier:
keyid:D1:88:A8:8D:59:5D:C2:ED:8C:2F:92:39:64:5C:4E:8C:5E:73:7D:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0YiojVldwu2ML5I5ZFxOjF5zfTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/0cee19-af0f-4e93-8010-d953f4854757/1/iA-R6MvKiO2KGX3TDBYr9y6CrrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/0cee19-af0f-4e93-8010-d953f4854757/1/0YiojVldwu2ML5I5ZFxOjF5zfTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.98.0/24
Signature Algorithm: sha256WithRSAEncryption
80:d3:a5:d2:cc:a9:1d:60:71:30:d1:e7:f2:c2:77:47:7a:c5:
69:eb:5d:a3:0f:fc:2d:cd:a0:86:cd:66:a3:8f:ec:fa:91:6d:
8e:77:70:f2:df:85:bd:0f:5c:e0:d6:2e:40:51:ed:c3:3c:83:
1b:26:9b:b3:6b:02:e7:df:8a:19:a9:e4:b3:a4:4a:04:a3:14:
21:8e:36:5d:7b:12:63:68:8f:68:6b:49:4a:65:54:31:e0:b2:
1e:8a:0d:47:e6:60:c7:a5:0a:b1:d6:9f:96:77:78:c7:bc:a8:
74:16:77:21:2d:1e:0a:cb:70:a6:78:f7:7c:ac:d5:0f:6a:6a:
11:20:17:ef:f5:ae:a5:b5:8e:64:ed:37:59:3c:10:74:9d:84:
0c:83:fb:15:5c:4b:bd:cf:88:7e:f9:d8:f3:31:dc:bd:a5:f0:
2b:c8:0e:3a:da:b2:36:b1:45:0f:6f:aa:94:ca:44:9c:64:ca:
fe:1c:e1:2f:46:0e:62:ea:02:17:95:20:7f:3a:fd:26:e1:59:
cf:98:1f:83:b4:73:d8:e9:ad:0c:91:2c:cf:be:85:be:40:7d:
0f:5b:99:4a:98:15:c1:21:93:f0:5a:1b:75:4a:17:8c:22:88:
0c:da:21:87:2e:a1:5d:81:ff:73:8b:b3:75:3e:03:a4:6f:28:
de:32:e1:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1fD9nTzo1h/4gr0cUZU/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxODhhODhkNTk1ZGMyZWQ4YzJmOTIzOTY0NWM0ZThjNWU3
MzdkMzEwHhcNMjUwMTAxMDc0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODBmOTFlOGNiY2E4OGVkOGExOTdkZDMwYzE2MmJmNzJlODJhZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6fqJtJs+kavFXmruBnFaT9QAtRE
H/2627WFgkZublv9OSeZL+YIxvtOUAd9wZTRsLme9W2pKU1X2ZhiYsnGFSob/c+O
aMCPZowoxt3qcTytZWzijMYayka99Cc1EUQMRVGW5OJBNBYGZW5BF8vHZ+0DLFTN
+qE794r/oP5dSpsKcANnmzydRrft9mv0U+7FxajpT+LTxv/Kgrhm+lRlY+60HGsl
tyF7RVHO+9UhdCguRU54EEMcLhecWl9DY2C5iTMVLipCccwqHVzezLDaO6GeepGQ
3LdPCw08VrmlpljEFsQTYQ6zfvr5dm6bZ62Xfpv0zHrThjM+j6BqomzZZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIgPkejLyojtihl90wwWK/cugq62MB8GA1UdIwQY
MBaAFNGIqI1ZXcLtjC+SOWRcToxec30xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFlpb2pWbGR3dTJNTDVJNVpGeE9qRjV6ZlRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8wY2VlMTktYWYwZi00ZTkzLTgwMTAt
ZDk1M2Y0ODU0NzU3LzEvaUEtUjZNdktpTzJLR1gzVERCWXI5eTZDcnJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8wY2VlMTktYWYwZi00ZTkzLTgwMTAtZDk1M2Y0ODU0NzU3
LzEvMFlpb2pWbGR3dTJNTDVJNVpGeE9qRjV6ZlRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuehiMA0G
CSqGSIb3DQEBCwUAA4IBAQCA06XSzKkdYHEw0efywndHesVp612jD/wtzaCGzWaj
j+z6kW2Od3Dy34W9D1zg1i5AUe3DPIMbJpuzawLn34oZqeSzpEoEoxQhjjZdexJj
aI9oa0lKZVQx4LIeig1H5mDHpQqx1p+Wd3jHvKh0FnchLR4Ky3CmePd8rNUPamoR
IBfv9a6ltY5k7TdZPBB0nYQMg/sVXEu9z4h++djzMdy9pfAryA462rI2sUUPb6qU
ykScZMr+HOEvRg5i6gIXlSB/Ov0m4VnPmB+DtHPY6a0MkSzPvoW+QH0PW5lKmBXB
IZPwWht1SheMIogM2iGHLqFdgf9zi7N1PgOkbyjeMuH0
-----END CERTIFICATE-----
Generated at Fri Apr 11 15:12:04 2025 by rpki-client