Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/bfa07b-87c2-452a-bd0c-8aae43063bca/1/ha1GFGgyrmpD4R8KeDnEZpxuKqs.roa
File: ha1GFGgyrmpD4R8KeDnEZpxuKqs.roa (raw, json)
Hash identifier: nTt2LcLEhACSb9mIP1F5UH8NEmx1EFCAvtQLB71m5zc=
Subject key identifier: 85:AD:46:14:68:32:AE:6A:43:E1:1F:0A:78:39:C4:66:9C:6E:2A:AB
Certificate issuer: /CN=699bb10a5572175b03a3c7cbfbe938b7b1441ac0
Certificate serial: 019423D7F43F98638A2D5FA188C9F7C2371F
Authority key identifier: 69:9B:B1:0A:55:72:17:5B:03:A3:C7:CB:FB:E9:38:B7:B1:44:1A:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aZuxClVyF1sDo8fL--k4t7FEGsA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/bfa07b-87c2-452a-bd0c-8aae43063bca/1/ha1GFGgyrmpD4R8KeDnEZpxuKqs.roa
Signing time: Wed 01 Jan 2025 21:49:02 +0000
ROA not before: Wed 01 Jan 2025 21:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61024
IP address blocks: 185.124.160.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:f4:3f:98:63:8a:2d:5f:a1:88:c9:f7:c2:37:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=699bb10a5572175b03a3c7cbfbe938b7b1441ac0
Validity
Not Before: Jan 1 21:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85ad46146832ae6a43e11f0a7839c4669c6e2aab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:7e:c8:c3:33:49:23:15:ad:22:d2:25:c9:eb:
da:a8:8a:5f:08:19:aa:16:6a:84:fc:ea:74:02:38:
8c:b9:97:57:7f:83:37:de:70:a0:50:fb:c7:df:29:
87:ed:8e:89:68:d7:0d:5e:e9:d8:71:2f:2e:9f:2d:
4f:10:43:8d:bb:6b:1b:d2:dc:c1:12:ed:65:34:b1:
d6:4f:43:7d:33:ca:a8:04:00:3f:98:7a:bc:bd:a0:
7b:8b:2d:9d:b4:ef:af:40:e8:dc:74:29:a9:41:6e:
ef:d0:ee:6f:cd:11:f7:67:97:d9:a3:74:42:8c:20:
f5:3a:24:6f:cd:ff:94:ee:41:ff:c7:6a:27:98:79:
5d:b4:de:d1:d5:c8:35:db:61:13:46:61:00:97:72:
d0:27:7e:71:3d:9d:32:d1:6f:bc:77:d8:1b:2d:c3:
f1:18:3d:d0:63:95:14:cf:15:2e:92:0f:b9:4d:94:
cd:ca:a7:84:7c:d6:7d:03:35:a0:99:67:40:41:f6:
f4:47:b2:8d:e6:f3:b0:cb:ec:8c:9f:21:c3:57:b8:
c6:25:f2:41:46:ce:64:dc:05:cb:54:a0:a2:0e:29:
a2:4a:98:ba:0a:9f:d1:a0:27:3b:ba:db:49:ae:69:
57:24:b6:28:fc:4e:55:f4:85:a0:06:ae:c5:dc:96:
01:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:AD:46:14:68:32:AE:6A:43:E1:1F:0A:78:39:C4:66:9C:6E:2A:AB
X509v3 Authority Key Identifier:
keyid:69:9B:B1:0A:55:72:17:5B:03:A3:C7:CB:FB:E9:38:B7:B1:44:1A:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aZuxClVyF1sDo8fL--k4t7FEGsA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/bfa07b-87c2-452a-bd0c-8aae43063bca/1/ha1GFGgyrmpD4R8KeDnEZpxuKqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/bfa07b-87c2-452a-bd0c-8aae43063bca/1/aZuxClVyF1sDo8fL--k4t7FEGsA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.160.0/22
Signature Algorithm: sha256WithRSAEncryption
af:96:18:29:49:ce:b4:57:1b:f2:61:9e:3c:02:fb:a8:b0:37:
80:c8:0e:13:37:c2:fe:21:17:dc:8a:99:04:a8:6c:8f:6d:b8:
87:e4:30:0d:62:b2:1b:eb:ae:ac:ee:05:04:1b:0c:6e:b0:ff:
b5:aa:94:54:48:da:36:c7:16:36:92:49:8b:0d:89:8e:12:d5:
56:84:a6:1a:e4:ce:db:24:d0:ac:0d:40:43:65:87:3b:c7:ab:
c6:6a:10:d5:aa:e0:3c:fd:44:59:a8:74:da:88:6d:8d:e2:73:
b2:7b:2a:45:eb:4e:4a:7b:16:a0:15:87:c3:d4:9f:4a:c9:f0:
d1:bb:37:29:8c:3a:a4:92:a5:7f:7c:06:f1:3a:33:e7:75:20:
ec:e3:7d:80:d8:38:69:7b:a6:f0:7a:fe:db:3d:7a:68:97:4b:
58:54:51:30:3f:66:a7:3b:0f:f3:3a:19:d0:5a:f8:14:99:4c:
8c:77:02:41:a9:ee:a7:2d:67:63:95:cc:fa:a7:07:f8:30:0b:
8a:00:93:38:af:55:ae:48:e6:de:f8:fe:92:18:78:ba:c1:28:
ff:6a:87:39:51:3c:23:e4:1c:2c:66:fe:48:02:73:a0:83:8d:
69:e5:e9:43:db:d5:d7:f3:0c:01:ac:2d:04:d2:b1:27:15:a3:
59:2d:00:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1/Q/mGOKLV+hiMn3wjcfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5OWJiMTBhNTU3MjE3NWIwM2EzYzdjYmZiZTkzOGI3YjE0
NDFhYzAwHhcNMjUwMTAxMjE0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWFkNDYxNDY4MzJhZTZhNDNlMTFmMGE3ODM5YzQ2NjljNmUyYWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0X7IwzNJIxWtItIlyevaqIpfCBmq
FmqE/Op0AjiMuZdXf4M33nCgUPvH3ymH7Y6JaNcNXunYcS8uny1PEEONu2sb0tzB
Eu1lNLHWT0N9M8qoBAA/mHq8vaB7iy2dtO+vQOjcdCmpQW7v0O5vzRH3Z5fZo3RC
jCD1OiRvzf+U7kH/x2onmHldtN7R1cg122ETRmEAl3LQJ35xPZ0y0W+8d9gbLcPx
GD3QY5UUzxUukg+5TZTNyqeEfNZ9AzWgmWdAQfb0R7KN5vOwy+yMnyHDV7jGJfJB
Rs5k3AXLVKCiDimiSpi6Cp/RoCc7uttJrmlXJLYo/E5V9IWgBq7F3JYBkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIWtRhRoMq5qQ+EfCng5xGacbiqrMB8GA1UdIwQY
MBaAFGmbsQpVchdbA6PHy/vpOLexRBrAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVp1eENsVnlGMXNEbzhmTC0tazR0N0ZFR3NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iZmEwN2ItODdjMi00NTJhLWJkMGMt
OGFhZTQzMDYzYmNhLzEvaGExR0ZHZ3lybXBENFI4S2VEbkVacHh1S3FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iZmEwN2ItODdjMi00NTJhLWJkMGMtOGFhZTQzMDYzYmNh
LzEvYVp1eENsVnlGMXNEbzhmTC0tazR0N0ZFR3NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXygMA0G
CSqGSIb3DQEBCwUAA4IBAQCvlhgpSc60VxvyYZ48AvuosDeAyA4TN8L+IRfcipkE
qGyPbbiH5DANYrIb666s7gUEGwxusP+1qpRUSNo2xxY2kkmLDYmOEtVWhKYa5M7b
JNCsDUBDZYc7x6vGahDVquA8/URZqHTaiG2N4nOyeypF605KexagFYfD1J9KyfDR
uzcpjDqkkqV/fAbxOjPndSDs432A2Dhpe6bwev7bPXpol0tYVFEwP2anOw/zOhnQ
WvgUmUyMdwJBqe6nLWdjlcz6pwf4MAuKAJM4r1WuSObe+P6SGHi6wSj/aoc5UTwj
5BwsZv5IAnOgg41p5elD29XX8wwBrC0E0rEnFaNZLQDj
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:12 2025 by rpki-client