Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/53f252-f3fe-467a-bccf-b291f97b7096/1/1G_BWf-F8T8J8X8N9NNB4K_YYMY.roa
File: 1G_BWf-F8T8J8X8N9NNB4K_YYMY.roa (raw, json)
Hash identifier: kKD9/wMia+gnqXI1OLYz+C+9k0a7eBZ1ba1nm7Hyp0A=
Subject key identifier: D4:6F:C1:59:FF:85:F1:3F:09:F1:7F:0D:F4:D3:41:E0:AF:D8:60:C6
Certificate issuer: /CN=c47a84061671603ddc2ae8eea9cad51ee75aaec6
Certificate serial: 0194258F50550D29620AE48C7E3D9DA800F2
Authority key identifier: C4:7A:84:06:16:71:60:3D:DC:2A:E8:EE:A9:CA:D5:1E:E7:5A:AE:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xHqEBhZxYD3cKujuqcrVHudarsY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/53f252-f3fe-467a-bccf-b291f97b7096/1/1G_BWf-F8T8J8X8N9NNB4K_YYMY.roa
Signing time: Thu 02 Jan 2025 05:48:56 +0000
ROA not before: Thu 02 Jan 2025 05:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204226
IP address blocks: 185.89.8.0/24 maxlen: 24
185.89.9.0/24 maxlen: 24
185.89.10.0/24 maxlen: 24
185.89.11.0/24 maxlen: 24
194.105.148.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:50:55:0d:29:62:0a:e4:8c:7e:3d:9d:a8:00:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c47a84061671603ddc2ae8eea9cad51ee75aaec6
Validity
Not Before: Jan 2 05:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d46fc159ff85f13f09f17f0df4d341e0afd860c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:bf:7b:db:79:68:38:da:da:c7:2d:0a:7a:ab:
11:dd:23:3d:5b:83:08:fa:0f:02:41:18:c8:7f:fd:
6c:b2:2b:43:5c:03:29:a1:6f:d4:e9:01:83:aa:12:
a8:8a:f7:f8:d1:7a:92:ea:b9:04:ef:3a:77:6c:44:
42:93:3f:a6:a6:95:94:55:82:93:d9:6c:8b:00:e9:
0b:c9:78:51:88:0a:b1:16:f1:97:07:5a:fd:45:75:
c8:cd:dd:1a:f1:68:17:41:82:3e:4b:db:4f:de:55:
52:51:eb:7e:34:80:1c:07:64:40:4a:56:6c:80:e4:
ec:5a:ff:d0:62:50:b2:ea:65:b2:fd:c4:e7:e8:74:
ee:8d:61:0c:ad:01:2a:a8:86:81:f6:ce:17:2f:bf:
6c:2c:a7:0c:ee:d5:df:8d:70:94:78:10:e7:33:da:
8d:36:0e:b8:12:d6:4b:5e:30:4f:28:dc:74:a5:02:
13:02:d7:1b:6e:9e:7c:69:e8:0f:54:00:51:e7:73:
15:e6:49:60:bf:d8:af:ef:ce:52:32:0f:ee:e9:ba:
88:e3:8a:ae:9e:85:06:f6:18:ac:ee:8c:ab:a2:9a:
c1:65:de:8f:16:59:eb:0a:a1:54:5e:e4:6a:0d:92:
96:00:a0:59:46:15:44:e7:0a:24:b8:aa:cf:21:c0:
e7:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:6F:C1:59:FF:85:F1:3F:09:F1:7F:0D:F4:D3:41:E0:AF:D8:60:C6
X509v3 Authority Key Identifier:
keyid:C4:7A:84:06:16:71:60:3D:DC:2A:E8:EE:A9:CA:D5:1E:E7:5A:AE:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xHqEBhZxYD3cKujuqcrVHudarsY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/53f252-f3fe-467a-bccf-b291f97b7096/1/1G_BWf-F8T8J8X8N9NNB4K_YYMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/53f252-f3fe-467a-bccf-b291f97b7096/1/xHqEBhZxYD3cKujuqcrVHudarsY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.8.0/22
194.105.148.0/24
Signature Algorithm: sha256WithRSAEncryption
eb:05:c0:02:fa:2c:1c:6e:d8:9d:d3:80:83:6d:26:9b:26:71:
c4:f7:6d:52:6e:1c:dd:f3:9b:32:33:4b:d0:5e:5d:7f:bd:92:
0d:33:a9:22:fb:1b:ad:80:49:a2:24:61:0b:75:ad:40:d2:38:
a5:a3:c0:87:4d:c2:46:2e:cf:1d:55:46:d7:98:59:ca:3a:cc:
9f:c2:e8:f6:b7:c4:a1:de:a6:63:fc:af:1f:c2:ba:03:21:34:
5a:a7:fd:13:ef:de:db:41:71:0c:a1:b9:88:1e:68:1c:82:66:
b5:35:51:1e:71:59:9a:06:b3:16:54:72:24:50:cf:60:86:fb:
3b:0c:a8:74:57:79:8d:51:94:ca:51:14:48:7d:f0:d3:0f:e8:
80:4c:38:24:cd:88:b9:06:7f:51:39:f6:8f:8f:4f:92:bc:b7:
47:f0:b8:0e:e8:43:63:35:73:ae:86:64:83:69:b6:03:89:20:
9b:70:28:f0:e7:fc:a0:78:ef:ee:ce:a3:79:99:9d:98:16:6d:
29:e2:44:44:38:88:42:56:51:08:c4:a9:ce:0b:35:a7:11:e8:
31:6c:9d:c1:02:71:28:23:25:38:fd:1a:f1:84:eb:9e:f4:1b:
40:a2:1d:66:e4:cd:89:cc:b7:fa:6c:0b:87:d4:73:57:bf:82:
8a:d4:9f:7f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlj1BVDSliCuSMfj2dqADyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0N2E4NDA2MTY3MTYwM2RkYzJhZThlZWE5Y2FkNTFlZTc1
YWFlYzYwHhcNMjUwMTAyMDU0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDZmYzE1OWZmODVmMTNmMDlmMTdmMGRmNGQzNDFlMGFmZDg2MGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoL9723loONraxy0KeqsR3SM9W4MI
+g8CQRjIf/1ssitDXAMpoW/U6QGDqhKoivf40XqS6rkE7zp3bERCkz+mppWUVYKT
2WyLAOkLyXhRiAqxFvGXB1r9RXXIzd0a8WgXQYI+S9tP3lVSUet+NIAcB2RASlZs
gOTsWv/QYlCy6mWy/cTn6HTujWEMrQEqqIaB9s4XL79sLKcM7tXfjXCUeBDnM9qN
Ng64EtZLXjBPKNx0pQITAtcbbp58aegPVABR53MV5klgv9iv785SMg/u6bqI44qu
noUG9his7oyroprBZd6PFlnrCqFUXuRqDZKWAKBZRhVE5wokuKrPIcDnNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNRvwVn/hfE/CfF/DfTTQeCv2GDGMB8GA1UdIwQY
MBaAFMR6hAYWcWA93Cro7qnK1R7nWq7GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEhxRUJoWnhZRDNjS3VqdXFjclZIdWRhcnNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC81M2YyNTItZjNmZS00NjdhLWJjY2Yt
YjI5MWY5N2I3MDk2LzEvMUdfQldmLUY4VDhKOFg4TjlOTkI0S19ZWU1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC81M2YyNTItZjNmZS00NjdhLWJjY2YtYjI5MWY5N2I3MDk2
LzEveEhxRUJoWnhZRDNjS3VqdXFjclZIdWRhcnNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuVkIAwQA
wmmUMA0GCSqGSIb3DQEBCwUAA4IBAQDrBcAC+iwcbtid04CDbSabJnHE921Sbhzd
85syM0vQXl1/vZINM6ki+xutgEmiJGELda1A0jilo8CHTcJGLs8dVUbXmFnKOsyf
wuj2t8Sh3qZj/K8fwroDITRap/0T797bQXEMobmIHmgcgma1NVEecVmaBrMWVHIk
UM9ghvs7DKh0V3mNUZTKURRIffDTD+iATDgkzYi5Bn9ROfaPj0+SvLdH8LgO6ENj
NXOuhmSDabYDiSCbcCjw5/ygeO/uzqN5mZ2YFm0p4kREOIhCVlEIxKnOCzWnEegx
bJ3BAnEoIyU4/RrxhOue9BtAoh1m5M2JzLf6bAuH1HNXv4KK1J9/
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:46 2025 by rpki-client