Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/iYv84Kf7mxrgWB1PF99X_HAzK1g.roa
File: iYv84Kf7mxrgWB1PF99X_HAzK1g.roa (raw, json)
Hash identifier: vTkUWm9KJCG22LjZUPTibNVs4Tjo6OFt68QDdI6BP4s=
Subject key identifier: 89:8B:FC:E0:A7:FB:9B:1A:E0:58:1D:4F:17:DF:57:FC:70:33:2B:58
Certificate issuer: /CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Certificate serial: 01856C012083C4D0A320887A34E990F884D6
Authority key identifier: 1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/iYv84Kf7mxrgWB1PF99X_HAzK1g.roa
Signing time: Sun 01 Jan 2023 06:24:51 +0000
ROA not before: Sun 01 Jan 2023 06:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210993
IP address blocks: 185.221.196.0/24 maxlen: 24
185.232.17.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:01:20:83:c4:d0:a3:20:88:7a:34:e9:90:f8:84:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Validity
Not Before: Jan 1 06:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=898bfce0a7fb9b1ae0581d4f17df57fc70332b58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:0b:74:a9:32:2c:09:86:39:a1:7c:3a:a3:8e:
2f:d1:83:d9:64:48:86:bf:17:a9:18:2f:8f:8b:5d:
bb:5d:cf:c6:c9:9a:a9:bd:1b:74:bf:05:45:8b:e9:
da:4b:46:28:76:bb:40:0d:95:4d:a8:c2:a7:19:66:
83:d1:a4:24:b9:4c:e0:61:69:df:6a:d6:ff:d8:43:
05:96:d0:a9:fd:9b:c9:00:ab:ef:1a:39:c2:76:9a:
d3:ba:79:86:ed:e6:5b:fc:53:ed:9f:c7:de:6d:60:
f4:cd:be:cd:29:53:ca:10:46:4d:fa:87:6a:24:da:
51:33:bf:29:f9:b3:63:71:34:6f:87:d6:9b:d9:25:
2e:27:74:6d:64:97:67:fa:4e:aa:ee:12:2b:69:70:
7c:fc:47:74:15:fe:f1:56:1e:53:e2:5c:d4:5c:a8:
0b:2c:27:d7:8c:39:60:59:b2:c3:66:9a:f3:83:35:
51:b5:2c:ec:9b:38:34:97:cd:c0:c8:e7:3f:a8:80:
60:17:47:9b:47:fb:df:e9:1e:18:33:bb:d3:37:bd:
9e:c9:36:1a:62:20:1f:3b:e5:13:29:70:fc:c1:a3:
4f:12:15:29:2e:33:f7:c3:03:bf:b8:8f:c1:fb:e6:
79:a2:54:d2:06:93:b5:45:03:a0:dc:db:32:44:a5:
83:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:8B:FC:E0:A7:FB:9B:1A:E0:58:1D:4F:17:DF:57:FC:70:33:2B:58
X509v3 Authority Key Identifier:
keyid:1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/iYv84Kf7mxrgWB1PF99X_HAzK1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.196.0/24
185.232.17.0/24
Signature Algorithm: sha256WithRSAEncryption
58:d7:6b:bc:99:3d:1e:d3:2b:f8:2f:00:6a:74:4b:24:23:53:
4f:28:7b:75:a7:2d:fb:3d:48:1b:92:0c:22:9c:6d:aa:c6:eb:
84:15:0b:d6:00:89:44:8b:f1:6b:c2:cd:46:f7:79:b7:f7:ba:
d8:d1:01:1e:aa:01:e0:84:3d:e2:8f:b2:d5:aa:31:8e:5f:c7:
39:69:57:e5:b2:58:6a:42:67:e7:9f:ae:b8:a7:14:df:aa:cf:
7a:74:bd:07:b1:8f:08:d8:8b:f1:61:60:3b:b2:3a:df:66:28:
91:ca:f3:81:11:f0:4b:1f:3d:02:35:c5:47:ea:36:4e:05:3d:
32:ae:71:f1:b2:82:bd:d6:50:bf:27:5b:50:b0:0f:06:35:f5:
12:02:ed:67:db:cc:d8:63:2f:ab:d8:d0:46:f9:fe:f1:a7:2a:
fe:f7:00:c9:c0:20:81:10:5f:90:16:de:53:80:30:23:53:3c:
9d:e4:a9:2c:d3:d6:d6:bc:f3:11:74:e4:f9:df:eb:fd:24:b6:
3b:40:39:ec:7c:7c:bb:3b:a0:b9:f8:11:06:41:ef:12:2a:51:
0e:c6:30:84:e5:43:5a:4a:c0:75:a6:02:e2:91:c2:ba:1c:54:
77:c6:53:b5:7b:62:f2:88:99:6f:8a:d9:d0:60:9a:54:e0:8e:
c8:f3:91:7b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsASCDxNCjIIh6NOmQ+ITWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOWZkYzdmYjM5ZWJiYmVkNGVlNTRmNzAzZDNhYzYxNTNk
ZGVlNjkwHhcNMjMwMTAxMDYyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OThiZmNlMGE3ZmI5YjFhZTA1ODFkNGYxN2RmNTdmYzcwMzMyYjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgt0qTIsCYY5oXw6o44v0YPZZEiG
vxepGC+Pi127Xc/GyZqpvRt0vwVFi+naS0YodrtADZVNqMKnGWaD0aQkuUzgYWnf
atb/2EMFltCp/ZvJAKvvGjnCdprTunmG7eZb/FPtn8febWD0zb7NKVPKEEZN+odq
JNpRM78p+bNjcTRvh9ab2SUuJ3RtZJdn+k6q7hIraXB8/Ed0Ff7xVh5T4lzUXKgL
LCfXjDlgWbLDZprzgzVRtSzsmzg0l83AyOc/qIBgF0ebR/vf6R4YM7vTN72eyTYa
YiAfO+UTKXD8waNPEhUpLjP3wwO/uI/B++Z5olTSBpO1RQOg3NsyRKWD4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFImL/OCn+5sa4FgdTxffV/xwMytYMB8GA1UdIwQY
MBaAFB6f3H+znru+1O5U9wPTrGFT3e5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgt
NjkxZmY1YjQ0YjAxLzEvaVl2ODRLZjdteHJnV0IxUEY5OVhfSEF6SzFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgtNjkxZmY1YjQ0YjAx
LzEvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAud3EAwQA
uegRMA0GCSqGSIb3DQEBCwUAA4IBAQBY12u8mT0e0yv4LwBqdEskI1NPKHt1py37
PUgbkgwinG2qxuuEFQvWAIlEi/Frws1G93m397rY0QEeqgHghD3ij7LVqjGOX8c5
aVflslhqQmfnn664pxTfqs96dL0HsY8I2IvxYWA7sjrfZiiRyvOBEfBLHz0CNcVH
6jZOBT0yrnHxsoK91lC/J1tQsA8GNfUSAu1n28zYYy+r2NBG+f7xpyr+9wDJwCCB
EF+QFt5TgDAjUzyd5Kks09bWvPMRdOT53+v9JLY7QDnsfHy7O6C5+BEGQe8SKlEO
xjCE5UNaSsB1pgLikcK6HFR3xlO1e2LyiJlvitnQYJpU4I7I85F7
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:49 2025 by rpki-client