Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/117ca3-b603-4db8-9626-0405234ab3f1/1/VgtVij8ms3heAMG_ByMc5qz1e3Y.roa
File: VgtVij8ms3heAMG_ByMc5qz1e3Y.roa (raw, json)
Hash identifier: gqT8/xv7HmB1Zz+w3WVt5DV8UaJwZNnGrJydl4tGvFU=
Subject key identifier: 56:0B:55:8A:3F:26:B3:78:5E:00:C1:BF:07:23:1C:E6:AC:F5:7B:76
Certificate issuer: /CN=ca34b13387fab1dcf8b67f16a0a437608600c4c2
Certificate serial: 0194F43D68AC92D7B7EB2537ACA76F8D9A87
Authority key identifier: CA:34:B1:33:87:FA:B1:DC:F8:B6:7F:16:A0:A4:37:60:86:00:C4:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yjSxM4f6sdz4tn8WoKQ3YIYAxMI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/117ca3-b603-4db8-9626-0405234ab3f1/1/VgtVij8ms3heAMG_ByMc5qz1e3Y.roa
Signing time: Tue 11 Feb 2025 09:00:52 +0000
ROA not before: Tue 11 Feb 2025 09:00:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 185.112.132.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f4:3d:68:ac:92:d7:b7:eb:25:37:ac:a7:6f:8d:9a:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca34b13387fab1dcf8b67f16a0a437608600c4c2
Validity
Not Before: Feb 11 09:00:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=560b558a3f26b3785e00c1bf07231ce6acf57b76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:52:13:ec:16:d1:fd:86:28:d2:db:83:89:c3:
e2:e2:1d:36:f7:47:4a:f1:94:78:85:41:04:f6:88:
68:6e:a8:c6:ff:4e:de:77:2f:40:51:89:85:54:8d:
06:1b:dc:eb:1a:d4:1a:67:26:28:ea:30:32:2f:3d:
1a:19:74:e9:25:f2:ac:ce:d0:ad:b8:f1:9e:03:fb:
02:80:b3:df:35:c4:f0:44:a6:2f:6c:e6:a6:b8:d5:
ce:ac:1a:13:96:42:7f:1f:6b:ca:ee:f9:10:5d:67:
d5:c5:d1:dc:e6:6e:3c:34:de:34:ea:17:73:8a:70:
8b:c9:6a:1a:6b:f9:7f:3a:e7:44:8b:f9:92:ce:6a:
c2:db:72:a0:b6:a5:ef:03:b6:6e:81:33:32:35:6b:
12:f5:41:63:00:c9:a1:b1:37:1d:ed:42:91:d7:6b:
26:db:7a:45:13:db:94:e0:1b:62:69:28:2a:6d:e3:
c5:5e:e8:6a:17:38:eb:80:ba:8b:3c:aa:62:b0:92:
ad:f1:13:4c:91:dc:7f:42:54:98:5a:e3:d4:1d:9b:
f5:9a:10:4e:9d:32:71:d4:91:92:84:10:c1:71:99:
65:0e:7d:de:eb:e1:73:7e:38:cc:ca:cc:b7:79:7a:
d1:c0:54:4c:58:cf:8c:d7:bd:3d:3a:f1:98:e4:31:
60:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:0B:55:8A:3F:26:B3:78:5E:00:C1:BF:07:23:1C:E6:AC:F5:7B:76
X509v3 Authority Key Identifier:
keyid:CA:34:B1:33:87:FA:B1:DC:F8:B6:7F:16:A0:A4:37:60:86:00:C4:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjSxM4f6sdz4tn8WoKQ3YIYAxMI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/117ca3-b603-4db8-9626-0405234ab3f1/1/VgtVij8ms3heAMG_ByMc5qz1e3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/117ca3-b603-4db8-9626-0405234ab3f1/1/yjSxM4f6sdz4tn8WoKQ3YIYAxMI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.132.0/24
Signature Algorithm: sha256WithRSAEncryption
60:47:3d:af:00:5a:d5:2e:e3:a6:b3:a9:8c:7d:ea:96:88:59:
2b:55:8d:56:e9:0f:24:6d:1d:6d:f8:69:b6:23:02:d0:ab:e7:
d2:71:fe:d0:e7:d4:af:f8:e3:1b:61:a6:04:f0:95:29:2e:d5:
87:33:1c:c3:1a:21:58:86:03:ee:2f:c2:a2:6f:e0:b2:7f:1e:
a1:e7:8b:be:e7:07:e0:1c:d3:db:7d:ba:1d:d8:1a:fb:91:43:
e6:9f:7a:25:7c:fd:68:4a:85:fe:4b:fc:c3:e6:79:57:ac:9d:
07:d9:78:92:52:72:93:42:a9:1a:28:ca:53:cf:92:63:01:c4:
43:d0:ce:6d:c1:45:c7:9d:22:80:4f:2c:a6:9b:29:05:97:98:
57:ff:51:77:8d:3e:c9:61:71:73:50:2b:72:29:22:d7:2c:e9:
b6:8a:ec:57:31:d2:cd:65:5c:57:8b:48:c2:b3:41:f1:4b:92:
c9:94:8b:17:5d:4f:34:d9:f5:06:2a:3a:ed:02:b8:0f:fc:0a:
35:ee:3d:f8:ee:a8:be:d2:14:76:1d:07:cc:8d:53:22:44:24:
55:6b:c3:13:61:9d:c3:4d:d2:5c:31:87:0e:2e:5b:f3:4f:cb:
bf:6d:04:49:23:93:5a:66:76:97:30:36:80:58:e8:02:fe:44:
1b:2b:c4:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZT0PWiskte36yU3rKdvjZqHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMzRiMTMzODdmYWIxZGNmOGI2N2YxNmEwYTQzNzYwODYw
MGM0YzIwHhcNMjUwMjExMDkwMDUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjBiNTU4YTNmMjZiMzc4NWUwMGMxYmYwNzIzMWNlNmFjZjU3Yjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1IT7BbR/YYo0tuDicPi4h0290dK
8ZR4hUEE9ohobqjG/07edy9AUYmFVI0GG9zrGtQaZyYo6jAyLz0aGXTpJfKsztCt
uPGeA/sCgLPfNcTwRKYvbOamuNXOrBoTlkJ/H2vK7vkQXWfVxdHc5m48NN406hdz
inCLyWoaa/l/OudEi/mSzmrC23KgtqXvA7ZugTMyNWsS9UFjAMmhsTcd7UKR12sm
23pFE9uU4BtiaSgqbePFXuhqFzjrgLqLPKpisJKt8RNMkdx/QlSYWuPUHZv1mhBO
nTJx1JGShBDBcZllDn3e6+FzfjjMysy3eXrRwFRMWM+M1709OvGY5DFgHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFYLVYo/JrN4XgDBvwcjHOas9Xt2MB8GA1UdIwQY
MBaAFMo0sTOH+rHc+LZ/FqCkN2CGAMTCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWpTeE00ZjZzZHo0dG44V29LUTNZSVlBeE1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8xMTdjYTMtYjYwMy00ZGI4LTk2MjYt
MDQwNTIzNGFiM2YxLzEvVmd0VmlqOG1zM2hlQU1HX0J5TWM1cXoxZTNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8xMTdjYTMtYjYwMy00ZGI4LTk2MjYtMDQwNTIzNGFiM2Yx
LzEveWpTeE00ZjZzZHo0dG44V29LUTNZSVlBeE1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXCEMA0G
CSqGSIb3DQEBCwUAA4IBAQBgRz2vAFrVLuOms6mMfeqWiFkrVY1W6Q8kbR1t+Gm2
IwLQq+fScf7Q59Sv+OMbYaYE8JUpLtWHMxzDGiFYhgPuL8Kib+Cyfx6h54u+5wfg
HNPbfbod2Br7kUPmn3olfP1oSoX+S/zD5nlXrJ0H2XiSUnKTQqkaKMpTz5JjAcRD
0M5twUXHnSKATyymmykFl5hX/1F3jT7JYXFzUCtyKSLXLOm2iuxXMdLNZVxXi0jC
s0HxS5LJlIsXXU802fUGKjrtArgP/Ao17j347qi+0hR2HQfMjVMiRCRVa8MTYZ3D
TdJcMYcOLlvzT8u/bQRJI5NaZnaXMDaAWOgC/kQbK8TH
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:50:09 2025 by rpki-client