Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f59aa0-1fb3-4dda-9e5e-43202c7a5001/1/S25kZ6al-ctwb8BPTOUFZUwkye0.roa
File: S25kZ6al-ctwb8BPTOUFZUwkye0.roa (raw, json)
Hash identifier: yeFPo6DxiHCXYF9YQ1UuN4S//oeWU2z9m/NapFi5Irg=
Subject key identifier: 4B:6E:64:67:A6:A5:F9:CB:70:6F:C0:4F:4C:E5:05:65:4C:24:C9:ED
Certificate issuer: /CN=8e7a92cc4b9bd8de378f7e2218a62517d9ac56bc
Certificate serial: 018CC793326ACEAD81F8D12B35C31109A57F
Authority key identifier: 8E:7A:92:CC:4B:9B:D8:DE:37:8F:7E:22:18:A6:25:17:D9:AC:56:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jnqSzEub2N43j34iGKYlF9msVrw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/f59aa0-1fb3-4dda-9e5e-43202c7a5001/1/S25kZ6al-ctwb8BPTOUFZUwkye0.roa
Signing time: Tue 02 Jan 2024 00:29:21 +0000
ROA not before: Tue 02 Jan 2024 00:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49603
IP address blocks: 185.65.140.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:32:6a:ce:ad:81:f8:d1:2b:35:c3:11:09:a5:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e7a92cc4b9bd8de378f7e2218a62517d9ac56bc
Validity
Not Before: Jan 2 00:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b6e6467a6a5f9cb706fc04f4ce505654c24c9ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ff:6c:ce:5d:3d:53:99:a5:9d:92:19:71:dc:
f8:1e:0c:3e:9f:14:4d:95:28:06:80:fd:5c:99:75:
a9:a8:0b:44:69:a9:d5:db:f2:02:0a:13:36:12:63:
e0:b5:a4:56:7a:f1:4b:be:15:85:32:8c:97:7b:b2:
92:c5:2d:14:59:ba:24:d5:78:73:8e:57:d2:bf:27:
e5:bf:47:02:0d:1b:92:f3:be:51:29:91:e0:28:a1:
e2:d0:b9:d0:dc:d1:90:be:7b:a8:39:f2:f7:ab:2c:
72:d7:cd:c8:f9:62:d3:ba:ba:ef:32:59:d2:0c:06:
46:5e:4d:30:d6:a5:ae:38:93:f0:f9:1b:d7:34:5c:
e4:93:a9:ef:d9:d0:ac:27:fe:ed:6a:c7:52:87:bb:
26:e5:66:b9:64:a8:5e:33:6f:b5:4c:9d:85:f6:b6:
2d:9f:23:74:9e:d9:d1:ed:ff:87:59:66:f2:b2:b7:
36:25:b5:9a:11:f8:c1:e2:30:53:66:2d:12:14:9d:
84:61:68:4d:30:72:9e:ff:46:03:dc:39:d6:76:a8:
5b:c7:d6:42:d1:f1:f9:0e:f1:c8:c3:02:ec:22:0e:
01:3f:54:16:09:f4:fc:8f:11:96:d5:0d:7b:9c:c8:
7a:29:09:8e:24:26:28:28:73:c0:a8:7a:d9:63:42:
ce:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:6E:64:67:A6:A5:F9:CB:70:6F:C0:4F:4C:E5:05:65:4C:24:C9:ED
X509v3 Authority Key Identifier:
keyid:8E:7A:92:CC:4B:9B:D8:DE:37:8F:7E:22:18:A6:25:17:D9:AC:56:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jnqSzEub2N43j34iGKYlF9msVrw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f59aa0-1fb3-4dda-9e5e-43202c7a5001/1/S25kZ6al-ctwb8BPTOUFZUwkye0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f59aa0-1fb3-4dda-9e5e-43202c7a5001/1/jnqSzEub2N43j34iGKYlF9msVrw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.140.0/24
Signature Algorithm: sha256WithRSAEncryption
02:19:49:dc:7c:fb:37:b6:64:e6:22:e0:e4:ee:df:d1:0f:3d:
fa:c8:04:3a:67:84:cb:54:d4:13:ea:ac:a2:7d:16:70:d4:b4:
0c:ac:0c:33:cd:91:01:3c:a0:44:fa:a1:20:39:33:8c:26:e1:
9a:ca:c8:ed:82:f9:d9:e5:5d:c4:de:fc:12:6a:f5:e3:66:64:
8f:31:e5:87:cf:26:3e:8b:8c:98:af:0c:9f:26:30:31:e1:ce:
88:b7:e4:13:7d:c4:d9:86:4d:86:05:c6:05:49:71:e7:66:aa:
d2:26:bc:dc:57:2a:3b:d4:b0:fd:04:73:bb:2a:dd:a0:97:de:
ea:01:00:a7:92:c3:df:89:ad:95:22:db:e2:2f:a2:09:94:ff:
4e:9f:e8:89:59:ee:de:e0:33:c7:a1:41:97:65:30:29:2a:d5:
be:4a:bc:f4:91:5c:b5:f5:04:0f:11:4f:02:55:7b:b5:39:0f:
bf:e9:a0:31:81:97:3b:6b:c9:ee:36:d7:bc:93:c4:d2:af:de:
88:6d:e0:40:d2:87:76:90:d5:ca:ad:0b:c2:70:8b:81:8e:4d:
9c:3b:44:42:22:77:26:3e:a3:70:5f:be:20:f6:bc:1e:9b:6f:
81:28:07:0e:d1:ba:69:9f:12:22:37:7d:4e:f0:9a:d5:bb:16:
a3:0c:19:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHkzJqzq2B+NErNcMRCaV/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlN2E5MmNjNGI5YmQ4ZGUzNzhmN2UyMjE4YTYyNTE3ZDlh
YzU2YmMwHhcNMjQwMTAyMDAyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjZlNjQ2N2E2YTVmOWNiNzA2ZmMwNGY0Y2U1MDU2NTRjMjRjOWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArP9szl09U5mlnZIZcdz4Hgw+nxRN
lSgGgP1cmXWpqAtEaanV2/ICChM2EmPgtaRWevFLvhWFMoyXe7KSxS0UWbok1Xhz
jlfSvyflv0cCDRuS875RKZHgKKHi0LnQ3NGQvnuoOfL3qyxy183I+WLTurrvMlnS
DAZGXk0w1qWuOJPw+RvXNFzkk6nv2dCsJ/7tasdSh7sm5Wa5ZKheM2+1TJ2F9rYt
nyN0ntnR7f+HWWbysrc2JbWaEfjB4jBTZi0SFJ2EYWhNMHKe/0YD3DnWdqhbx9ZC
0fH5DvHIwwLsIg4BP1QWCfT8jxGW1Q17nMh6KQmOJCYoKHPAqHrZY0LO9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEtuZGempfnLcG/AT0zlBWVMJMntMB8GA1UdIwQY
MBaAFI56ksxLm9jeN49+IhimJRfZrFa8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam5xU3pFdWIyTjQzajM0aUdLWWxGOW1zVnJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mNTlhYTAtMWZiMy00ZGRhLTllNWUt
NDMyMDJjN2E1MDAxLzEvUzI1a1o2YWwtY3R3YjhCUFRPVUZaVXdreWUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mNTlhYTAtMWZiMy00ZGRhLTllNWUtNDMyMDJjN2E1MDAx
LzEvam5xU3pFdWIyTjQzajM0aUdLWWxGOW1zVnJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUGMMA0G
CSqGSIb3DQEBCwUAA4IBAQACGUncfPs3tmTmIuDk7t/RDz36yAQ6Z4TLVNQT6qyi
fRZw1LQMrAwzzZEBPKBE+qEgOTOMJuGaysjtgvnZ5V3E3vwSavXjZmSPMeWHzyY+
i4yYrwyfJjAx4c6It+QTfcTZhk2GBcYFSXHnZqrSJrzcVyo71LD9BHO7Kt2gl97q
AQCnksPfia2VItviL6IJlP9On+iJWe7e4DPHoUGXZTApKtW+Srz0kVy19QQPEU8C
VXu1OQ+/6aAxgZc7a8nuNte8k8TSr96IbeBA0od2kNXKrQvCcIuBjk2cO0RCIncm
PqNwX74g9rwem2+BKAcO0bppnxIiN31O8JrVuxajDBmb
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:04 2025 by rpki-client