Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/067630-306e-4c37-8bcc-4f021c73ef74/1/GHI5fKOLnVPTORGJ-8HvgMn5I8g.roa
File: GHI5fKOLnVPTORGJ-8HvgMn5I8g.roa (raw, json)
Hash identifier: tTyvweQSG7PSV/1T7+CqEyju3wttfhrfn44tpkM7ENI=
Subject key identifier: 18:72:39:7C:A3:8B:9D:53:D3:39:11:89:FB:C1:EF:80:C9:F9:23:C8
Certificate issuer: /CN=344fdad10ee55b3282a64246a41dc61a8922d25d
Certificate serial: 01952DB26C223BC94CA45E76D32C120BF5CD
Authority key identifier: 34:4F:DA:D1:0E:E5:5B:32:82:A6:42:46:A4:1D:C6:1A:89:22:D2:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NE_a0Q7lWzKCpkJGpB3GGoki0l0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/067630-306e-4c37-8bcc-4f021c73ef74/1/GHI5fKOLnVPTORGJ-8HvgMn5I8g.roa
Signing time: Sat 22 Feb 2025 12:47:02 +0000
ROA not before: Sat 22 Feb 2025 12:47:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215655
IP address blocks: 185.145.184.0/22 maxlen: 22
185.186.50.0/24 maxlen: 24
185.186.51.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:2d:b2:6c:22:3b:c9:4c:a4:5e:76:d3:2c:12:0b:f5:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=344fdad10ee55b3282a64246a41dc61a8922d25d
Validity
Not Before: Feb 22 12:47:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1872397ca38b9d53d3391189fbc1ef80c9f923c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:33:48:37:a3:0a:83:dc:63:37:b6:31:4a:db:
87:a3:a7:47:ac:d3:0b:ec:60:32:cd:a8:c6:32:26:
dd:3e:35:c3:17:34:0b:a3:34:d1:8a:6f:ef:db:28:
ad:8f:d5:9c:d2:7f:43:09:24:40:3d:c5:f9:75:6f:
c3:63:dc:18:93:f8:80:5d:7e:b6:15:30:ba:a5:4b:
39:f5:00:4a:98:11:91:89:0d:2a:42:3a:c9:17:48:
e4:10:91:ef:c9:e2:5d:c0:a1:2b:8a:82:d2:12:40:
ce:20:c2:b2:24:80:ec:41:b9:6a:75:31:dd:b0:39:
0a:a5:94:c0:7c:6d:2c:1f:26:f9:05:05:33:71:34:
94:f9:52:31:38:f3:a9:7f:5b:ac:b7:5f:84:14:63:
bf:23:08:16:ed:bf:b1:73:ec:98:6e:09:e7:1a:4b:
4a:7a:9c:63:d0:b2:48:9c:a8:73:77:e9:6a:b2:42:
53:48:8e:e4:fa:a4:bc:7c:56:b8:11:1c:5d:81:21:
e8:ae:e1:53:e1:37:0f:3e:a8:37:af:16:fc:5a:67:
f5:32:4e:6b:fa:67:85:85:6d:37:4e:35:77:f1:a7:
ef:66:9b:40:c9:11:17:97:d9:69:4b:3f:bc:85:dc:
ba:92:93:9d:72:1e:6e:c7:03:2c:74:38:55:04:aa:
6f:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:72:39:7C:A3:8B:9D:53:D3:39:11:89:FB:C1:EF:80:C9:F9:23:C8
X509v3 Authority Key Identifier:
keyid:34:4F:DA:D1:0E:E5:5B:32:82:A6:42:46:A4:1D:C6:1A:89:22:D2:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NE_a0Q7lWzKCpkJGpB3GGoki0l0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/067630-306e-4c37-8bcc-4f021c73ef74/1/GHI5fKOLnVPTORGJ-8HvgMn5I8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/067630-306e-4c37-8bcc-4f021c73ef74/1/NE_a0Q7lWzKCpkJGpB3GGoki0l0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.145.184.0/22
185.186.50.0/23
Signature Algorithm: sha256WithRSAEncryption
86:71:36:cc:1b:38:0f:5e:98:36:50:f7:d1:ad:84:1f:89:b8:
f9:ba:2b:48:77:dc:38:81:e7:25:0c:89:4f:c2:c5:05:ca:d2:
50:7f:49:4a:bb:f9:ae:a6:30:13:c8:f1:3b:5d:34:0f:d2:89:
e1:7b:c1:66:2e:c2:7d:f8:30:56:44:b7:e8:68:41:93:91:c7:
c3:ba:da:70:d1:6c:47:51:eb:af:1b:0d:7b:c6:e0:81:28:60:
0f:0b:9b:ca:51:6e:2b:45:9d:42:b3:51:80:19:58:f8:f6:07:
56:25:66:0a:99:46:85:b7:98:4f:ce:c9:83:cd:16:b8:84:99:
12:58:04:97:e8:53:15:8e:ae:45:18:5d:ec:42:dc:72:15:16:
4b:b6:d5:8d:da:55:58:f9:30:8f:3b:7e:44:a4:af:9d:4f:aa:
c3:1a:4c:d7:dd:8d:82:b9:6d:84:e7:9f:8e:a4:25:de:32:72:
73:e7:d2:70:ad:43:3d:6b:78:9d:76:cc:7a:a9:1c:09:b4:6c:
e5:d1:b6:9e:c2:15:6e:d6:20:f6:ba:59:f5:88:ac:65:f4:27:
7d:b9:e8:12:1a:a4:db:ef:63:a5:d5:56:4b:d0:3d:da:a2:1f:
62:cc:d5:46:a6:60:1f:5c:f2:79:d9:52:04:6e:92:f3:f4:1a:
f2:7a:5d:bd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZUtsmwiO8lMpF520ywSC/XNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NGZkYWQxMGVlNTViMzI4MmE2NDI0NmE0MWRjNjFhODky
MmQyNWQwHhcNMjUwMjIyMTI0NzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODcyMzk3Y2EzOGI5ZDUzZDMzOTExODlmYmMxZWY4MGM5ZjkyM2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0DNIN6MKg9xjN7YxStuHo6dHrNML
7GAyzajGMibdPjXDFzQLozTRim/v2yitj9Wc0n9DCSRAPcX5dW/DY9wYk/iAXX62
FTC6pUs59QBKmBGRiQ0qQjrJF0jkEJHvyeJdwKErioLSEkDOIMKyJIDsQblqdTHd
sDkKpZTAfG0sHyb5BQUzcTSU+VIxOPOpf1ust1+EFGO/IwgW7b+xc+yYbgnnGktK
epxj0LJInKhzd+lqskJTSI7k+qS8fFa4ERxdgSHoruFT4TcPPqg3rxb8Wmf1Mk5r
+meFhW03TjV38afvZptAyREXl9lpSz+8hdy6kpOdch5uxwMsdDhVBKpv3wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBhyOXyji51T0zkRifvB74DJ+SPIMB8GA1UdIwQY
MBaAFDRP2tEO5VsygqZCRqQdxhqJItJdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkVfYTBRN2xXektDcGtKR3BCM0dHb2tpMGwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS8wNjc2MzAtMzA2ZS00YzM3LThiY2Mt
NGYwMjFjNzNlZjc0LzEvR0hJNWZLT0xuVlBUT1JHSi04SHZnTW41SThnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS8wNjc2MzAtMzA2ZS00YzM3LThiY2MtNGYwMjFjNzNlZjc0
LzEvTkVfYTBRN2xXektDcGtKR3BCM0dHb2tpMGwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuZG4AwQB
uboyMA0GCSqGSIb3DQEBCwUAA4IBAQCGcTbMGzgPXpg2UPfRrYQfibj5uitId9w4
geclDIlPwsUFytJQf0lKu/mupjATyPE7XTQP0onhe8FmLsJ9+DBWRLfoaEGTkcfD
utpw0WxHUeuvGw17xuCBKGAPC5vKUW4rRZ1Cs1GAGVj49gdWJWYKmUaFt5hPzsmD
zRa4hJkSWASX6FMVjq5FGF3sQtxyFRZLttWN2lVY+TCPO35EpK+dT6rDGkzX3Y2C
uW2E55+OpCXeMnJz59JwrUM9a3iddsx6qRwJtGzl0baewhVu1iD2uln1iKxl9Cd9
uegSGqTb72Ol1VZL0D3aoh9izNVGpmAfXPJ52VIEbpLz9Bryel29
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:33:31 2025 by rpki-client