Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/c12020-a1a1-400e-91f3-835599260ff6/1/5-ifbkzxAVenbOTh7xnTmSmBRII.roa
File: 5-ifbkzxAVenbOTh7xnTmSmBRII.roa (raw, json)
Hash identifier: FOnnytfJcY5VsaO7IU74ZEnL9Ku9T/H6aGG9jNy1XD4=
Subject key identifier: E7:E8:9F:6E:4C:F1:01:57:A7:6C:E4:E1:EF:19:D3:99:29:81:44:82
Certificate issuer: /CN=3a5ec28e841f29f380a7ce2cb5cd5673700821fd
Certificate serial: 019424454071DC510AB3EEAE85AE54652BDE
Authority key identifier: 3A:5E:C2:8E:84:1F:29:F3:80:A7:CE:2C:B5:CD:56:73:70:08:21:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ol7CjoQfKfOAp84stc1Wc3AIIf0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/c12020-a1a1-400e-91f3-835599260ff6/1/5-ifbkzxAVenbOTh7xnTmSmBRII.roa
Signing time: Wed 01 Jan 2025 23:48:25 +0000
ROA not before: Wed 01 Jan 2025 23:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40676
IP address blocks: 185.161.148.0/24 maxlen: 24
185.180.192.0/24 maxlen: 24
185.180.194.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:40:71:dc:51:0a:b3:ee:ae:85:ae:54:65:2b:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a5ec28e841f29f380a7ce2cb5cd5673700821fd
Validity
Not Before: Jan 1 23:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e7e89f6e4cf10157a76ce4e1ef19d39929814482
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:33:6a:73:76:1f:23:09:64:4c:67:e9:c8:8a:
f8:a7:7b:e6:41:71:47:29:f7:9d:69:db:03:a2:50:
2a:17:10:5a:7f:51:9a:aa:85:d3:68:4e:d8:fd:02:
37:26:fb:51:f1:49:ec:2c:b8:e0:a4:1c:61:d8:69:
81:22:5a:90:0a:4c:72:20:31:b2:63:5a:66:84:ff:
e8:fd:c0:a7:3b:de:9f:3c:a4:d6:87:18:b1:85:d9:
16:98:6e:f5:78:ba:1e:c4:8d:9c:60:7d:fb:6d:0b:
48:51:e4:1e:98:dc:50:37:82:8c:1c:3d:ff:fa:7a:
2c:1e:4c:d7:f1:e9:cd:18:79:1a:81:f2:9f:b7:ba:
77:d1:39:b9:c6:30:73:3a:4a:4e:93:4f:cc:f6:42:
39:53:c3:31:18:7f:b8:3c:56:99:c1:f3:45:65:0b:
8f:ef:c3:76:a1:b6:3c:62:95:1d:ba:c6:cb:9c:b2:
83:9b:39:ab:e7:36:0b:25:38:5f:50:5a:71:e1:11:
4c:3f:e0:00:17:61:03:af:4b:38:35:00:a7:9b:66:
5f:01:6b:28:04:8c:66:de:82:23:3d:d4:94:09:92:
5b:50:21:66:b0:a5:85:4e:e4:c8:97:c2:41:d6:e3:
e6:5c:57:9d:eb:c2:c0:9d:cc:0b:43:e1:1f:84:d2:
ea:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:E8:9F:6E:4C:F1:01:57:A7:6C:E4:E1:EF:19:D3:99:29:81:44:82
X509v3 Authority Key Identifier:
keyid:3A:5E:C2:8E:84:1F:29:F3:80:A7:CE:2C:B5:CD:56:73:70:08:21:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ol7CjoQfKfOAp84stc1Wc3AIIf0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/c12020-a1a1-400e-91f3-835599260ff6/1/5-ifbkzxAVenbOTh7xnTmSmBRII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/c12020-a1a1-400e-91f3-835599260ff6/1/Ol7CjoQfKfOAp84stc1Wc3AIIf0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.148.0/24
185.180.192.0/24
185.180.194.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:48:ae:c5:99:c1:2f:f3:93:54:47:8f:8c:7d:0a:5e:3a:64:
7c:3c:cd:76:91:76:69:1a:12:a7:c2:43:2b:4e:7c:e8:06:f7:
39:b8:44:17:82:99:a1:75:ce:3f:b5:86:83:e3:f5:0b:6e:76:
36:df:cc:89:3b:eb:ff:a0:f8:e9:4b:ea:ad:82:65:d0:1e:b7:
ff:48:e3:0b:6e:4a:ca:e1:a7:29:80:15:da:82:53:cd:ba:6f:
cb:ad:a4:72:49:4c:0c:69:ca:46:94:d1:c5:4d:db:b1:4f:e5:
e4:4c:0e:dd:83:af:e9:73:42:ac:33:00:d5:97:be:bc:60:2b:
cf:9c:a9:76:e1:79:d1:c3:6e:06:6f:eb:07:91:aa:a6:58:f1:
55:21:44:c0:d8:9c:5f:36:81:db:9f:b0:e2:0e:bc:96:c4:66:
15:34:da:bf:ca:38:47:e4:10:d7:4e:13:1e:89:27:eb:24:1b:
01:75:1f:b9:96:5f:94:97:ee:4f:e1:3d:7a:db:55:a8:b0:04:
b1:41:1b:cd:2c:b0:95:86:91:58:05:4a:30:1d:00:88:02:97:
6e:72:12:4c:0a:20:b6:da:c7:ce:7c:77:b2:0a:c2:4e:f7:4b:
0a:3a:a7:66:81:cd:4b:b6:4c:c2:a7:99:af:55:55:f3:de:ad:
f8:fc:0f:85
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQkRUBx3FEKs+6uha5UZSveMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNWVjMjhlODQxZjI5ZjM4MGE3Y2UyY2I1Y2Q1NjczNzAw
ODIxZmQwHhcNMjUwMTAxMjM0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2U4OWY2ZTRjZjEwMTU3YTc2Y2U0ZTFlZjE5ZDM5OTI5ODE0NDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2TNqc3YfIwlkTGfpyIr4p3vmQXFH
KfedadsDolAqFxBaf1GaqoXTaE7Y/QI3JvtR8UnsLLjgpBxh2GmBIlqQCkxyIDGy
Y1pmhP/o/cCnO96fPKTWhxixhdkWmG71eLoexI2cYH37bQtIUeQemNxQN4KMHD3/
+nosHkzX8enNGHkagfKft7p30Tm5xjBzOkpOk0/M9kI5U8MxGH+4PFaZwfNFZQuP
78N2obY8YpUdusbLnLKDmzmr5zYLJThfUFpx4RFMP+AAF2EDr0s4NQCnm2ZfAWso
BIxm3oIjPdSUCZJbUCFmsKWFTuTIl8JB1uPmXFed68LAncwLQ+EfhNLqfQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOfon25M8QFXp2zk4e8Z05kpgUSCMB8GA1UdIwQY
MBaAFDpewo6EHynzgKfOLLXNVnNwCCH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2w3Q2pvUWZLZk9BcDg0c3RjMVdjM0FJSWYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9jMTIwMjAtYTFhMS00MDBlLTkxZjMt
ODM1NTk5MjYwZmY2LzEvNS1pZmJrenhBVmVuYk9UaDd4blRtU21CUklJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9jMTIwMjAtYTFhMS00MDBlLTkxZjMtODM1NTk5MjYwZmY2
LzEvT2w3Q2pvUWZLZk9BcDg0c3RjMVdjM0FJSWYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuaGUAwQA
ubTAAwQAubTCMA0GCSqGSIb3DQEBCwUAA4IBAQBrSK7FmcEv85NUR4+MfQpeOmR8
PM12kXZpGhKnwkMrTnzoBvc5uEQXgpmhdc4/tYaD4/ULbnY238yJO+v/oPjpS+qt
gmXQHrf/SOMLbkrK4acpgBXaglPNum/LraRySUwMacpGlNHFTduxT+XkTA7dg6/p
c0KsMwDVl768YCvPnKl24XnRw24Gb+sHkaqmWPFVIUTA2JxfNoHbn7DiDryWxGYV
NNq/yjhH5BDXThMeiSfrJBsBdR+5ll+Ul+5P4T1621WosASxQRvNLLCVhpFYBUow
HQCIApduchJMCiC22sfOfHeyCsJO90sKOqdmgc1LtkzCp5mvVVXz3q34/A+F
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:34:41 2025 by rpki-client