Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/449c02-f262-45d3-8f8f-d4b723ed781c/1/khAk69GaviX3ISVPskdgmXYxHg0.roa
File: khAk69GaviX3ISVPskdgmXYxHg0.roa (raw, json)
Hash identifier: iZg+JNU8yAUj+GbVfYYrGDVbFREqgvj716gjoOSNlMU=
Subject key identifier: 92:10:24:EB:D1:9A:BE:25:F7:21:25:4F:B2:47:60:99:76:31:1E:0D
Certificate issuer: /CN=f65419e3700a36ba2b03906c9f8f4d2dfd848070
Certificate serial: 01942144592CADC0E701B66D16DF61134FF8
Authority key identifier: F6:54:19:E3:70:0A:36:BA:2B:03:90:6C:9F:8F:4D:2D:FD:84:80:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9lQZ43AKNrorA5Bsn49NLf2EgHA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/449c02-f262-45d3-8f8f-d4b723ed781c/1/khAk69GaviX3ISVPskdgmXYxHg0.roa
Signing time: Wed 01 Jan 2025 09:48:34 +0000
ROA not before: Wed 01 Jan 2025 09:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206078
IP address blocks: 185.180.32.0/23 maxlen: 23
185.180.32.0/24 maxlen: 24
185.180.33.0/24 maxlen: 24
185.180.34.0/23 maxlen: 23
185.180.34.0/24 maxlen: 24
185.180.35.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:59:2c:ad:c0:e7:01:b6:6d:16:df:61:13:4f:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f65419e3700a36ba2b03906c9f8f4d2dfd848070
Validity
Not Before: Jan 1 09:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=921024ebd19abe25f721254fb247609976311e0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:d0:b4:39:8b:7c:bd:20:4e:6f:73:5a:20:29:
c3:26:ec:62:0f:e8:be:a4:81:1f:9f:94:b0:d1:80:
8b:e3:a3:96:09:9d:03:38:6f:f0:e2:6f:d9:28:c2:
09:4e:dd:1a:3c:53:bf:32:70:8f:6c:f5:4f:de:58:
35:fd:f1:fd:4e:1d:b0:9c:75:86:03:d5:f3:0f:0a:
a1:29:93:0a:2d:35:55:cf:25:35:5d:50:a6:9d:46:
7c:a9:a3:31:52:16:67:19:b1:b6:38:b5:63:a6:8f:
ed:8c:e9:24:ca:01:e8:26:f1:21:62:d4:67:c9:b8:
50:88:e6:c7:95:ed:ff:a9:91:58:83:46:cf:a3:f0:
b6:7c:46:19:b3:b2:1c:a7:22:00:bf:32:16:fa:56:
4b:14:a1:56:96:b6:c0:51:30:04:48:7e:65:56:9b:
cc:14:af:2e:d6:c9:4a:3d:cb:74:8b:6d:0e:4d:7f:
6c:b0:9c:65:bf:68:fe:a3:f5:84:76:f9:e3:55:73:
97:7d:bb:6d:50:50:86:af:04:d2:dd:7e:b0:e9:7a:
9a:de:fb:2c:3c:74:e9:15:33:5d:f5:38:23:30:9c:
d6:eb:c3:90:c8:ce:98:85:63:21:89:7a:c8:4f:8b:
79:b1:fb:4f:4a:56:6e:e2:68:4c:40:46:a4:24:31:
63:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:10:24:EB:D1:9A:BE:25:F7:21:25:4F:B2:47:60:99:76:31:1E:0D
X509v3 Authority Key Identifier:
keyid:F6:54:19:E3:70:0A:36:BA:2B:03:90:6C:9F:8F:4D:2D:FD:84:80:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9lQZ43AKNrorA5Bsn49NLf2EgHA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/449c02-f262-45d3-8f8f-d4b723ed781c/1/khAk69GaviX3ISVPskdgmXYxHg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/449c02-f262-45d3-8f8f-d4b723ed781c/1/9lQZ43AKNrorA5Bsn49NLf2EgHA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.180.32.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:38:7f:a2:3a:21:9a:8d:0e:1f:0a:e3:f1:8f:a1:2f:66:85:
33:1c:be:52:23:77:f3:7a:b8:be:c2:87:d5:5f:a8:7e:9f:8f:
1c:35:95:57:fc:17:53:26:bd:a4:83:e5:ae:11:3d:00:07:55:
b6:62:60:99:40:73:d6:f4:93:12:1c:9c:d7:c0:7e:8f:cb:f2:
38:72:9e:75:b8:7e:5d:72:18:4c:93:e5:a5:5d:09:34:9d:54:
ca:93:78:03:29:12:39:2e:0b:9f:00:49:38:ca:4c:92:5c:10:
2e:42:f1:2f:7b:73:4d:e5:31:8a:7f:53:68:f1:36:cd:f7:a8:
30:c3:9c:5e:51:44:68:39:c0:7d:49:2d:c9:71:53:ac:57:ce:
76:c3:b4:bb:d1:18:48:62:c9:fa:e3:f8:bf:2c:a2:ff:31:09:
97:72:47:b0:db:ae:3f:9f:cd:4a:fd:f3:b9:df:36:9d:60:80:
92:0b:e4:8f:94:ce:6c:35:db:36:ec:8d:ea:93:e1:84:68:fb:
a7:0c:46:1b:bb:f6:1f:60:29:c0:40:53:87:e2:1e:2a:04:0c:
21:d2:94:32:3d:01:9c:cd:bb:bf:28:b4:dd:15:64:6c:b9:8b:
5c:a5:7b:5c:6e:98:33:bf:5b:10:49:a9:6d:a8:43:31:ba:21:
5a:45:68:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRFksrcDnAbZtFt9hE0/4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2NTQxOWUzNzAwYTM2YmEyYjAzOTA2YzlmOGY0ZDJkZmQ4
NDgwNzAwHhcNMjUwMTAxMDk0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjEwMjRlYmQxOWFiZTI1ZjcyMTI1NGZiMjQ3NjA5OTc2MzExZTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9dC0OYt8vSBOb3NaICnDJuxiD+i+
pIEfn5Sw0YCL46OWCZ0DOG/w4m/ZKMIJTt0aPFO/MnCPbPVP3lg1/fH9Th2wnHWG
A9XzDwqhKZMKLTVVzyU1XVCmnUZ8qaMxUhZnGbG2OLVjpo/tjOkkygHoJvEhYtRn
ybhQiObHle3/qZFYg0bPo/C2fEYZs7IcpyIAvzIW+lZLFKFWlrbAUTAESH5lVpvM
FK8u1slKPct0i20OTX9ssJxlv2j+o/WEdvnjVXOXfbttUFCGrwTS3X6w6Xqa3vss
PHTpFTNd9TgjMJzW68OQyM6YhWMhiXrIT4t5sftPSlZu4mhMQEakJDFjHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJIQJOvRmr4l9yElT7JHYJl2MR4NMB8GA1UdIwQY
MBaAFPZUGeNwCja6KwOQbJ+PTS39hIBwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWxRWjQzQUtOcm9yQTVCc240OU5MZjJFZ0hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny80NDljMDItZjI2Mi00NWQzLThmOGYt
ZDRiNzIzZWQ3ODFjLzEva2hBazY5R2F2aVgzSVNWUHNrZGdtWFl4SGcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny80NDljMDItZjI2Mi00NWQzLThmOGYtZDRiNzIzZWQ3ODFj
LzEvOWxRWjQzQUtOcm9yQTVCc240OU5MZjJFZ0hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubQgMA0G
CSqGSIb3DQEBCwUAA4IBAQCoOH+iOiGajQ4fCuPxj6EvZoUzHL5SI3fzeri+wofV
X6h+n48cNZVX/BdTJr2kg+WuET0AB1W2YmCZQHPW9JMSHJzXwH6Py/I4cp51uH5d
chhMk+WlXQk0nVTKk3gDKRI5LgufAEk4ykySXBAuQvEve3NN5TGKf1No8TbN96gw
w5xeUURoOcB9SS3JcVOsV852w7S70RhIYsn64/i/LKL/MQmXckew264/n81K/fO5
3zadYICSC+SPlM5sNds27I3qk+GEaPunDEYbu/YfYCnAQFOH4h4qBAwh0pQyPQGc
zbu/KLTdFWRsuYtcpXtcbpgzv1sQSaltqEMxuiFaRWi9
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:12:07 2025 by rpki-client