Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/9fe49f-9ed0-4db3-9be5-5c690447ba89/1/1-R53mn60mfPO-u9ytNS9sF0TLSo.roa
File: 1-R53mn60mfPO-u9ytNS9sF0TLSo.roa (raw, json)
Hash identifier: hjhxCMJ1jfwhmqAtl0YKwQAHdXKCM1yF5oO2syQVRSw=
Subject key identifier: F9:1E:77:9A:7E:B4:99:F3:CE:FA:EF:72:B4:D4:BD:B0:5D:13:2D:2A
Certificate issuer: /CN=1f0565865a533402c2f4343fe1af541a006d9d6e
Certificate serial: 019427487452C65F5299DDF8E521F5474E8B
Authority key identifier: 1F:05:65:86:5A:53:34:02:C2:F4:34:3F:E1:AF:54:1A:00:6D:9D:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HwVlhlpTNALC9DQ_4a9UGgBtnW4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/9fe49f-9ed0-4db3-9be5-5c690447ba89/1/1-R53mn60mfPO-u9ytNS9sF0TLSo.roa
Signing time: Thu 02 Jan 2025 13:50:47 +0000
ROA not before: Thu 02 Jan 2025 13:50:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 185.190.37.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:74:52:c6:5f:52:99:dd:f8:e5:21:f5:47:4e:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f0565865a533402c2f4343fe1af541a006d9d6e
Validity
Not Before: Jan 2 13:50:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f91e779a7eb499f3cefaef72b4d4bdb05d132d2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ab:d1:04:95:3d:63:65:75:c3:1b:7e:39:04:
14:ba:6a:af:0c:57:2e:13:f5:35:12:bb:c9:84:f0:
c4:6a:22:95:47:b4:52:8a:51:fe:d3:4d:93:1e:75:
90:be:54:15:ed:31:b0:90:36:82:c5:09:fe:ec:58:
0d:d8:7d:a3:6c:cd:d1:4c:c5:3f:a0:e9:73:09:b2:
3c:3d:90:5f:bc:c6:db:33:bb:55:76:a7:81:16:c6:
87:c9:34:4e:a9:46:19:8e:22:16:1d:02:7a:ac:34:
d4:12:c3:fd:07:94:0f:01:34:aa:77:d9:7a:0f:73:
a5:55:18:e3:78:aa:c9:e3:7a:6e:c2:9e:6c:3e:0e:
37:a3:10:50:af:d9:e6:3f:58:3f:39:2b:13:8c:fa:
72:9c:f3:78:d6:9a:c7:02:f1:04:52:e1:e5:55:eb:
e2:82:b6:66:45:2c:96:a3:e5:32:f7:c8:5a:c1:72:
54:8c:e4:fd:a1:1d:d9:3c:c4:ea:0d:39:ca:36:bb:
9c:94:33:a3:23:33:8e:cb:0c:df:6d:35:b8:41:d7:
63:ce:7d:ea:e6:25:9d:75:8e:87:18:3c:cd:81:df:
de:14:a0:50:32:71:59:a2:1b:f1:32:8f:39:56:e0:
d6:96:13:c9:d3:04:6e:6e:17:08:d9:60:8a:db:17:
1d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:1E:77:9A:7E:B4:99:F3:CE:FA:EF:72:B4:D4:BD:B0:5D:13:2D:2A
X509v3 Authority Key Identifier:
keyid:1F:05:65:86:5A:53:34:02:C2:F4:34:3F:E1:AF:54:1A:00:6D:9D:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HwVlhlpTNALC9DQ_4a9UGgBtnW4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/9fe49f-9ed0-4db3-9be5-5c690447ba89/1/1-R53mn60mfPO-u9ytNS9sF0TLSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/9fe49f-9ed0-4db3-9be5-5c690447ba89/1/HwVlhlpTNALC9DQ_4a9UGgBtnW4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.37.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:d2:20:04:1c:f4:a5:4e:80:98:d8:70:5d:6e:c6:0b:2c:28:
80:66:4e:ac:8b:72:1c:8c:32:99:87:9e:6a:ac:8a:98:e4:8f:
70:8e:10:0c:04:44:e2:d0:e0:0a:50:a6:23:af:92:bc:7d:56:
7b:8b:29:1d:1d:e3:36:b6:bb:00:fb:c9:fa:63:0c:bf:6e:d2:
81:a6:46:13:c0:83:ef:59:3e:f6:f6:0e:58:a6:1b:3d:52:da:
75:26:0f:ef:e7:47:d7:d5:e3:25:79:e5:91:85:18:66:9c:8b:
07:5c:06:b4:0f:32:dd:cb:2d:68:dd:b4:1d:bd:74:96:f8:a1:
ea:73:49:46:da:79:20:8f:90:e3:de:36:d0:1c:c7:ae:01:50:
7f:0b:9a:5d:18:f2:4f:39:dd:3a:52:1c:83:86:08:39:f2:af:
a2:8c:60:56:8a:23:e8:79:ae:3b:98:20:37:fc:66:0e:82:a4:
ce:23:0d:20:c3:45:2c:e9:15:b2:72:09:39:f0:43:7b:ea:54:
2c:26:28:47:cd:c0:3d:66:fe:b5:2d:01:45:2d:70:12:b0:af:
8e:ad:d3:eb:33:78:c2:00:c6:23:50:17:e9:02:99:f7:a0:19:
4a:cd:23:6b:32:5d:28:cc:3f:ed:1f:3b:19:ee:4e:bd:df:9e:
81:46:ff:73
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQnSHRSxl9Smd345SH1R06LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMDU2NTg2NWE1MzM0MDJjMmY0MzQzZmUxYWY1NDFhMDA2
ZDlkNmUwHhcNMjUwMTAyMTM1MDQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTFlNzc5YTdlYjQ5OWYzY2VmYWVmNzJiNGQ0YmRiMDVkMTMyZDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6vRBJU9Y2V1wxt+OQQUumqvDFcu
E/U1ErvJhPDEaiKVR7RSilH+002THnWQvlQV7TGwkDaCxQn+7FgN2H2jbM3RTMU/
oOlzCbI8PZBfvMbbM7tVdqeBFsaHyTROqUYZjiIWHQJ6rDTUEsP9B5QPATSqd9l6
D3OlVRjjeKrJ43puwp5sPg43oxBQr9nmP1g/OSsTjPpynPN41prHAvEEUuHlVevi
grZmRSyWo+Uy98hawXJUjOT9oR3ZPMTqDTnKNruclDOjIzOOywzfbTW4Qddjzn3q
5iWddY6HGDzNgd/eFKBQMnFZohvxMo85VuDWlhPJ0wRubhcI2WCK2xcdgQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPked5p+tJnzzvrvcrTUvbBdEy0qMB8GA1UdIwQY
MBaAFB8FZYZaUzQCwvQ0P+GvVBoAbZ1uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHdWbGhscFROQUxDOURRXzRhOVVHZ0J0blc0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85ZmU0OWYtOWVkMC00ZGIzLTliZTUt
NWM2OTA0NDdiYTg5LzEvMS1SNTNtbjYwbWZQTy11OXl0TlM5c0YwVExTby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWYvOWZlNDlmLTllZDAtNGRiMy05YmU1LTVjNjkwNDQ3YmE4
OS8xL0h3VmxobHBUTkFMQzlEUV80YTlVR2dCdG5XNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALm+JTAN
BgkqhkiG9w0BAQsFAAOCAQEAjdIgBBz0pU6AmNhwXW7GCywogGZOrItyHIwymYee
aqyKmOSPcI4QDARE4tDgClCmI6+SvH1We4spHR3jNra7APvJ+mMMv27SgaZGE8CD
71k+9vYOWKYbPVLadSYP7+dH19XjJXnlkYUYZpyLB1wGtA8y3cstaN20Hb10lvih
6nNJRtp5II+Q49420BzHrgFQfwuaXRjyTzndOlIcg4YIOfKvooxgVooj6HmuO5gg
N/xmDoKkziMNIMNFLOkVsnIJOfBDe+pULCYoR83APWb+tS0BRS1wErCvjq3T6zN4
wgDGI1AX6QKZ96AZSs0jazJdKMw/7R87Ge5Ovd+egUb/cw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:57 2025 by rpki-client