Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/w5dYOa54vKNEPegbP1ILAe4B70k.roa
File: w5dYOa54vKNEPegbP1ILAe4B70k.roa (raw, json)
Hash identifier: UG3Pt6aB2V/te9hBV8WZU509/953v6ZJ4S6EVvmx5A0=
Subject key identifier: C3:97:58:39:AE:78:BC:A3:44:3D:E8:1B:3F:52:0B:01:EE:01:EF:49
Certificate issuer: /CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Certificate serial: 019421B1B05FFEE346614C978FE8277B4709
Authority key identifier: 1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/w5dYOa54vKNEPegbP1ILAe4B70k.roa
Signing time: Wed 01 Jan 2025 11:48:00 +0000
ROA not before: Wed 01 Jan 2025 11:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210993
IP address blocks: 185.221.196.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:b0:5f:fe:e3:46:61:4c:97:8f:e8:27:7b:47:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Validity
Not Before: Jan 1 11:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c3975839ae78bca3443de81b3f520b01ee01ef49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d0:dc:e7:a4:b6:9a:68:66:da:15:30:0a:e6:
86:10:65:05:7c:c9:06:f4:fa:7a:16:66:77:3e:95:
ab:0e:26:cb:46:d1:1e:bd:32:89:7f:d2:d3:df:35:
c6:5a:34:f2:b5:0a:b8:e2:08:cc:06:a4:f5:bc:af:
6d:26:a6:af:37:7e:6f:86:3c:2d:45:66:28:fe:53:
d8:8d:e0:60:32:38:c0:ba:a0:83:b8:ee:c8:a5:d0:
d5:12:36:b6:49:a4:46:57:8b:c8:5d:f3:22:1e:73:
d3:a9:76:7f:7e:04:b1:bc:03:ed:20:0f:e9:48:25:
f4:1c:2d:08:39:2f:14:83:91:7a:f8:e8:f7:9b:be:
cb:55:22:41:61:81:92:34:b9:95:77:f5:83:fc:14:
85:66:1c:d5:0b:68:b9:af:93:a1:29:5d:85:f7:f5:
a0:a0:68:66:c5:f1:2d:e8:73:d0:b4:f8:dd:29:12:
4f:5a:79:3b:21:f5:8f:02:a9:f3:65:78:05:17:35:
fe:bf:85:85:8b:b6:c4:01:c1:e0:1e:87:6f:10:02:
35:13:de:72:3a:70:76:40:4d:29:7d:39:b9:3a:cc:
8f:6d:5a:a2:67:1d:15:0f:bb:41:56:ff:6b:75:16:
0e:98:06:3e:e1:db:25:a9:ef:78:4b:34:19:5d:a8:
2d:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:97:58:39:AE:78:BC:A3:44:3D:E8:1B:3F:52:0B:01:EE:01:EF:49
X509v3 Authority Key Identifier:
keyid:1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/w5dYOa54vKNEPegbP1ILAe4B70k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.196.0/24
Signature Algorithm: sha256WithRSAEncryption
61:fd:fc:fe:67:c2:2d:8b:7f:8c:e6:ac:63:7a:ec:e5:bd:a2:
08:61:77:97:e1:7f:d8:6e:f3:ee:1d:91:46:a4:45:0a:76:ad:
46:2a:e5:e8:be:3b:89:32:79:7c:8c:41:3d:d4:b1:64:06:62:
d8:9f:2e:99:68:f2:9c:33:f6:8c:7b:4b:55:9f:63:dc:92:42:
35:b3:55:7b:ed:f9:8d:48:49:5c:51:44:91:dd:6c:fe:a5:2e:
ca:ab:63:63:8f:44:fd:cc:f0:11:0d:25:cc:ac:66:8a:de:de:
1f:0f:6e:3c:f7:a4:80:5e:56:32:99:bb:e7:34:46:8f:89:36:
8e:c1:d0:fd:bc:f0:b4:78:e6:c3:52:74:7a:6d:f4:ac:09:a4:
8c:59:57:e8:2a:a6:fd:81:d4:04:cb:aa:4e:d6:5d:06:d0:99:
87:7d:7b:3d:10:e3:ad:f7:fc:8c:0d:40:db:42:c5:83:10:f5:
86:7c:22:ee:ac:fb:73:9e:c1:24:e9:2d:68:79:a9:fe:5f:de:
a5:c8:6b:21:8c:bd:2d:c5:8b:3c:c5:8f:e3:a4:0d:3c:85:0d:
80:34:dd:cd:8e:44:5e:c2:c6:4e:6c:f6:be:ce:85:c5:eb:f5:
73:ad:30:25:5c:7c:15:9c:89:d7:28:f9:2f:43:87:9e:97:11:
3a:6f:66:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsbBf/uNGYUyXj+gne0cJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOWZkYzdmYjM5ZWJiYmVkNGVlNTRmNzAzZDNhYzYxNTNk
ZGVlNjkwHhcNMjUwMTAxMTE0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzk3NTgzOWFlNzhiY2EzNDQzZGU4MWIzZjUyMGIwMWVlMDFlZjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytDc56S2mmhm2hUwCuaGEGUFfMkG
9Pp6FmZ3PpWrDibLRtEevTKJf9LT3zXGWjTytQq44gjMBqT1vK9tJqavN35vhjwt
RWYo/lPYjeBgMjjAuqCDuO7IpdDVEja2SaRGV4vIXfMiHnPTqXZ/fgSxvAPtIA/p
SCX0HC0IOS8Ug5F6+Oj3m77LVSJBYYGSNLmVd/WD/BSFZhzVC2i5r5OhKV2F9/Wg
oGhmxfEt6HPQtPjdKRJPWnk7IfWPAqnzZXgFFzX+v4WFi7bEAcHgHodvEAI1E95y
OnB2QE0pfTm5OsyPbVqiZx0VD7tBVv9rdRYOmAY+4dslqe94SzQZXagtAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMOXWDmueLyjRD3oGz9SCwHuAe9JMB8GA1UdIwQY
MBaAFB6f3H+znru+1O5U9wPTrGFT3e5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgt
NjkxZmY1YjQ0YjAxLzEvdzVkWU9hNTR2S05FUGVnYlAxSUxBZTRCNzBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgtNjkxZmY1YjQ0YjAx
LzEvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud3EMA0G
CSqGSIb3DQEBCwUAA4IBAQBh/fz+Z8Iti3+M5qxjeuzlvaIIYXeX4X/YbvPuHZFG
pEUKdq1GKuXovjuJMnl8jEE91LFkBmLYny6ZaPKcM/aMe0tVn2PckkI1s1V77fmN
SElcUUSR3Wz+pS7Kq2Njj0T9zPARDSXMrGaK3t4fD24896SAXlYymbvnNEaPiTaO
wdD9vPC0eObDUnR6bfSsCaSMWVfoKqb9gdQEy6pO1l0G0JmHfXs9EOOt9/yMDUDb
QsWDEPWGfCLurPtznsEk6S1oean+X96lyGshjL0txYs8xY/jpA08hQ2ANN3NjkRe
wsZObPa+zoXF6/VzrTAlXHwVnInXKPkvQ4eelxE6b2as
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:08 2025 by rpki-client