Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/0iKiDzWWxSntVrrXCmhrJjOH6aw.roa
File: 0iKiDzWWxSntVrrXCmhrJjOH6aw.roa (raw, json)
Hash identifier: av0mGR/5BFLwU8N3c2ijOxp9aJ3xR9cZmKrH0YmTzMA=
Subject key identifier: D2:22:A2:0F:35:96:C5:29:ED:56:BA:D7:0A:68:6B:26:33:87:E9:AC
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 019424455D3267F3CF810F7E5534BB231F7B
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/0iKiDzWWxSntVrrXCmhrJjOH6aw.roa
Signing time: Wed 01 Jan 2025 23:48:33 +0000
ROA not before: Wed 01 Jan 2025 23:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198193
IP address blocks: 185.223.219.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:5d:32:67:f3:cf:81:0f:7e:55:34:bb:23:1f:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Jan 1 23:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d222a20f3596c529ed56bad70a686b263387e9ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:1b:5c:9c:91:4d:ba:73:7c:0e:7c:10:e2:d6:
03:77:70:0b:aa:23:1c:4b:f7:bc:b6:47:be:a8:9a:
a5:21:75:47:9c:78:ee:55:0e:ba:e6:91:f3:94:81:
43:90:4f:1d:20:44:36:a9:d1:32:46:5d:11:e1:b2:
ff:12:3a:b8:82:1c:cb:88:fb:b0:57:4f:e6:5d:09:
ac:62:69:f3:01:67:4d:d7:eb:c0:7f:f6:ab:4d:04:
90:57:88:42:47:63:59:56:16:9f:0f:eb:a9:ed:c8:
b1:5e:70:dd:04:c4:b8:13:22:4b:50:04:0d:c1:64:
67:00:29:df:9a:a3:99:7d:2e:5b:70:7d:52:dc:eb:
22:02:58:a6:08:95:92:19:42:3a:40:8f:dd:b3:04:
ae:b8:a1:6b:2e:f0:c9:87:a5:b3:32:08:ea:71:70:
5c:cb:d1:17:ba:e0:a6:76:3e:d7:7c:4e:cd:83:6a:
1e:bd:24:76:29:b2:96:bc:0a:06:a5:9e:9c:e5:d5:
7c:0f:e4:b4:e4:7c:16:1a:20:76:91:cd:f1:eb:dc:
4b:73:ee:90:40:16:09:4a:c7:fd:5a:36:85:b9:26:
65:d9:3e:84:61:cc:a9:8b:68:ba:80:87:48:90:9a:
66:45:72:b0:cf:1d:c3:8e:de:df:a3:1b:c1:8b:0c:
1f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:22:A2:0F:35:96:C5:29:ED:56:BA:D7:0A:68:6B:26:33:87:E9:AC
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/0iKiDzWWxSntVrrXCmhrJjOH6aw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.223.219.0/24
Signature Algorithm: sha256WithRSAEncryption
30:50:53:4d:28:e3:b2:73:24:82:6c:08:27:97:c5:0f:cd:4f:
14:07:fb:f5:31:eb:46:29:01:b7:3f:9a:8a:23:9e:fe:64:fa:
91:b7:6c:07:d1:2c:16:98:58:ad:d9:01:9b:42:a3:db:47:4b:
6f:22:c0:53:c6:78:f7:12:15:53:47:e9:e9:b3:e6:c7:42:fc:
6c:cf:4c:0a:38:3e:7c:86:bb:cc:ff:3e:95:9d:8a:e6:06:74:
f0:59:c9:df:3f:9f:ec:67:65:3e:a2:05:51:fa:33:de:97:19:
8b:95:d2:27:4c:a6:a4:d7:f9:de:c7:c1:8a:85:06:4a:54:62:
83:bf:f3:3b:36:ae:d7:df:46:d3:c1:d4:b9:98:8a:b0:6d:ac:
b3:28:39:7f:0d:0c:ac:7b:a7:c3:44:ef:df:b8:8c:38:27:a7:
75:30:ee:c6:1e:5a:4f:46:b1:1e:5e:77:31:c3:dd:b0:ad:76:
56:00:a0:62:e7:3e:2a:67:c8:90:5e:f4:42:df:02:d1:24:97:
41:ab:c1:5b:3c:bb:19:a0:88:89:53:41:2d:79:1e:88:3f:c6:
10:31:54:6a:90:b7:1e:d1:65:9e:e6:59:57:6b:0f:85:b5:a2:
44:8e:36:13:97:aa:b9:49:b3:60:c9:bf:84:26:f6:6d:0d:f7:
a2:e1:df:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRV0yZ/PPgQ9+VTS7Ix97MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjUwMTAxMjM0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjIyYTIwZjM1OTZjNTI5ZWQ1NmJhZDcwYTY4NmIyNjMzODdlOWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhtcnJFNunN8DnwQ4tYDd3ALqiMc
S/e8tke+qJqlIXVHnHjuVQ665pHzlIFDkE8dIEQ2qdEyRl0R4bL/Ejq4ghzLiPuw
V0/mXQmsYmnzAWdN1+vAf/arTQSQV4hCR2NZVhafD+up7cixXnDdBMS4EyJLUAQN
wWRnACnfmqOZfS5bcH1S3OsiAlimCJWSGUI6QI/dswSuuKFrLvDJh6WzMgjqcXBc
y9EXuuCmdj7XfE7Ng2oevSR2KbKWvAoGpZ6c5dV8D+S05HwWGiB2kc3x69xLc+6Q
QBYJSsf9WjaFuSZl2T6EYcypi2i6gIdIkJpmRXKwzx3Djt7foxvBiwwfbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNIiog81lsUp7Va61wpoayYzh+msMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvMGlLaUR6V1d4U250VnJyWENtaHJKak9INmF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud/bMA0G
CSqGSIb3DQEBCwUAA4IBAQAwUFNNKOOycySCbAgnl8UPzU8UB/v1MetGKQG3P5qK
I57+ZPqRt2wH0SwWmFit2QGbQqPbR0tvIsBTxnj3EhVTR+nps+bHQvxsz0wKOD58
hrvM/z6VnYrmBnTwWcnfP5/sZ2U+ogVR+jPelxmLldInTKak1/nex8GKhQZKVGKD
v/M7Nq7X30bTwdS5mIqwbayzKDl/DQyse6fDRO/fuIw4J6d1MO7GHlpPRrEeXncx
w92wrXZWAKBi5z4qZ8iQXvRC3wLRJJdBq8FbPLsZoIiJU0EteR6IP8YQMVRqkLce
0WWe5llXaw+FtaJEjjYTl6q5SbNgyb+EJvZtDfei4d+n
-----END CERTIFICATE-----
Generated at Wed Apr 9 00:25:21 2025 by rpki-client