Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/708b4d-a63f-439d-9cce-148abff919ad/1/N616yZd6KpZ7FCmhWXd9GTMbXiw.roa
File: N616yZd6KpZ7FCmhWXd9GTMbXiw.roa (raw, json)
Hash identifier: pEP+kSuRExvCx0Gbw9icz5csHCatgC9aRzaZc+gDuCs=
Subject key identifier: 37:AD:7A:C9:97:7A:2A:96:7B:14:29:A1:59:77:7D:19:33:1B:5E:2C
Certificate issuer: /CN=1bfc7738cd0fd0e0447f9d749ce6a39047fdcbac
Certificate serial: 01856DD3FE6C57386D52DCC037C478BDE062
Authority key identifier: 1B:FC:77:38:CD:0F:D0:E0:44:7F:9D:74:9C:E6:A3:90:47:FD:CB:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G_x3OM0P0OBEf510nOajkEf9y6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/708b4d-a63f-439d-9cce-148abff919ad/1/N616yZd6KpZ7FCmhWXd9GTMbXiw.roa
Signing time: Sun 01 Jan 2023 14:54:47 +0000
ROA not before: Sun 01 Jan 2023 14:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204694
IP address blocks: 185.243.74.0/24 maxlen: 24
185.243.73.0/24 maxlen: 24
185.243.72.0/24 maxlen: 24
185.243.72.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d3:fe:6c:57:38:6d:52:dc:c0:37:c4:78:bd:e0:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bfc7738cd0fd0e0447f9d749ce6a39047fdcbac
Validity
Not Before: Jan 1 14:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37ad7ac9977a2a967b1429a159777d19331b5e2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:c6:21:7d:10:34:d9:78:49:c8:87:e9:b6:e4:
a6:69:05:dd:4c:e5:88:0f:36:9d:aa:37:66:eb:7b:
17:fa:fe:eb:2b:08:03:e1:0f:44:51:87:78:27:a3:
09:4d:3c:d7:a7:b8:3b:36:0f:91:23:20:69:4a:e5:
ef:03:af:61:fd:85:ab:39:a4:c1:c1:a6:51:ad:2d:
0f:cc:14:8d:d4:29:d1:80:8e:1f:0f:6b:60:67:5a:
df:5c:67:46:b8:23:b5:30:87:e1:63:41:a8:2e:3f:
70:d0:66:89:1c:4e:1a:5c:1c:a2:7d:bb:9d:5a:5f:
d7:ec:d9:88:d8:75:1f:90:8e:4c:72:d6:be:69:24:
99:64:5e:2a:cc:a5:74:b2:f3:24:41:ec:28:a6:ab:
0b:da:9d:b5:08:b5:35:c7:d5:bc:8d:34:0d:42:95:
86:89:e2:ed:02:61:f6:0a:08:c5:15:58:24:3e:a5:
10:d6:52:c1:ac:a5:e0:fb:bf:5d:c5:03:79:e4:59:
0b:d8:98:dd:7f:95:1a:2c:1a:83:12:ad:95:7e:ac:
8e:7a:19:0a:53:ff:a0:fa:7c:e9:87:b9:82:b6:6e:
2e:ad:f1:61:1e:14:6c:13:a5:3b:e8:86:67:58:69:
40:98:53:8f:65:14:97:e5:05:e8:99:54:2b:12:66:
23:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:AD:7A:C9:97:7A:2A:96:7B:14:29:A1:59:77:7D:19:33:1B:5E:2C
X509v3 Authority Key Identifier:
keyid:1B:FC:77:38:CD:0F:D0:E0:44:7F:9D:74:9C:E6:A3:90:47:FD:CB:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_x3OM0P0OBEf510nOajkEf9y6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/708b4d-a63f-439d-9cce-148abff919ad/1/N616yZd6KpZ7FCmhWXd9GTMbXiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/708b4d-a63f-439d-9cce-148abff919ad/1/G_x3OM0P0OBEf510nOajkEf9y6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.72.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:be:9a:15:49:d2:8c:b4:99:37:8d:e7:3e:d7:f0:65:d0:c7:
f1:79:47:32:c4:a8:d8:86:80:a8:fd:02:d9:58:ef:f1:90:22:
91:cc:b4:69:48:b1:18:f9:d6:51:25:45:22:c4:c5:43:c0:d9:
f4:41:ac:25:e5:6a:d8:03:73:c6:0e:9c:51:d3:01:4e:6a:8d:
5d:70:c3:d6:d0:b5:77:37:56:a6:4b:87:1b:a6:39:14:02:2b:
2a:f1:7c:d0:e7:94:62:3c:20:06:af:da:ed:c1:b2:e3:6b:95:
3d:9e:e3:62:e7:8c:2e:97:6e:92:20:36:fe:9c:fa:ed:fa:97:
72:db:64:84:86:68:54:77:fb:d4:ef:a5:e4:37:c5:12:d5:8c:
d7:8e:9e:ae:5e:14:04:fb:54:74:7f:92:a6:30:72:a0:1d:98:
98:0e:32:14:2e:52:f1:fa:f3:aa:30:4b:f9:03:31:bb:5e:eb:
72:62:b1:e3:d3:63:88:f8:72:b1:19:70:02:f0:ca:67:e2:52:
71:fa:71:dc:ef:bd:df:de:1f:9a:72:17:d3:52:45:b6:fd:a3:
89:9d:7c:bf:33:23:0e:9f:c0:c2:24:1f:d1:fb:4e:67:04:df:
67:bf:87:a4:d9:ac:9a:3b:6b:4f:4b:c4:49:8a:19:bd:fe:5b:
30:ad:f9:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt0/5sVzhtUtzAN8R4veBiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZmM3NzM4Y2QwZmQwZTA0NDdmOWQ3NDljZTZhMzkwNDdm
ZGNiYWMwHhcNMjMwMTAxMTQ1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2FkN2FjOTk3N2EyYTk2N2IxNDI5YTE1OTc3N2QxOTMzMWI1ZTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsYhfRA02XhJyIfptuSmaQXdTOWI
Dzadqjdm63sX+v7rKwgD4Q9EUYd4J6MJTTzXp7g7Ng+RIyBpSuXvA69h/YWrOaTB
waZRrS0PzBSN1CnRgI4fD2tgZ1rfXGdGuCO1MIfhY0GoLj9w0GaJHE4aXByifbud
Wl/X7NmI2HUfkI5Mcta+aSSZZF4qzKV0svMkQewopqsL2p21CLU1x9W8jTQNQpWG
ieLtAmH2CgjFFVgkPqUQ1lLBrKXg+79dxQN55FkL2Jjdf5UaLBqDEq2VfqyOehkK
U/+g+nzph7mCtm4urfFhHhRsE6U76IZnWGlAmFOPZRSX5QXomVQrEmYj8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDetesmXeiqWexQpoVl3fRkzG14sMB8GA1UdIwQY
MBaAFBv8dzjND9DgRH+ddJzmo5BH/cusMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR194M09NMFAwT0JFZjUxMG5PYWprRWY5eTZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS83MDhiNGQtYTYzZi00MzlkLTljY2Ut
MTQ4YWJmZjkxOWFkLzEvTjYxNnlaZDZLcFo3RkNtaFdYZDlHVE1iWGl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS83MDhiNGQtYTYzZi00MzlkLTljY2UtMTQ4YWJmZjkxOWFk
LzEvR194M09NMFAwT0JFZjUxMG5PYWprRWY5eTZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufNIMA0G
CSqGSIb3DQEBCwUAA4IBAQCevpoVSdKMtJk3jec+1/Bl0MfxeUcyxKjYhoCo/QLZ
WO/xkCKRzLRpSLEY+dZRJUUixMVDwNn0Qawl5WrYA3PGDpxR0wFOao1dcMPW0LV3
N1amS4cbpjkUAisq8XzQ55RiPCAGr9rtwbLja5U9nuNi54wul26SIDb+nPrt+pdy
22SEhmhUd/vU76XkN8US1YzXjp6uXhQE+1R0f5KmMHKgHZiYDjIULlLx+vOqMEv5
AzG7XutyYrHj02OI+HKxGXAC8Mpn4lJx+nHc773f3h+achfTUkW2/aOJnXy/MyMO
n8DCJB/R+05nBN9nv4ek2ayaO2tPS8RJihm9/lswrfnt
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:21:28 2025 by rpki-client