Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/yGvOgFMZISJsfSPqCjNlOqtAHMM.roa
File: yGvOgFMZISJsfSPqCjNlOqtAHMM.roa (raw, json)
Hash identifier: Y4gEqzV+We8lCW3rGQRh7ia7nliYhdhTWgBtjF9WRdk=
Subject key identifier: C8:6B:CE:80:53:19:21:22:6C:7D:23:EA:0A:33:65:3A:AB:40:1C:C3
Certificate issuer: /CN=2dc81d24c45ddaa345f9064de29fbca7b129a52c
Certificate serial: 019424B3BD64C5709D67451A2F382522194A
Authority key identifier: 2D:C8:1D:24:C4:5D:DA:A3:45:F9:06:4D:E2:9F:BC:A7:B1:29:A5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LcgdJMRd2qNF-QZN4p-8p7EppSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/yGvOgFMZISJsfSPqCjNlOqtAHMM.roa
Signing time: Thu 02 Jan 2025 01:49:06 +0000
ROA not before: Thu 02 Jan 2025 01:49:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1239
IP address blocks: 185.14.237.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:bd:64:c5:70:9d:67:45:1a:2f:38:25:22:19:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dc81d24c45ddaa345f9064de29fbca7b129a52c
Validity
Not Before: Jan 2 01:49:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c86bce80531921226c7d23ea0a33653aab401cc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d0:2f:52:2b:36:fc:c8:e8:22:74:27:b8:a9:
3b:56:5e:4f:eb:e6:69:bf:db:9b:54:fd:70:97:be:
85:5b:3c:25:94:17:f7:f3:b1:6b:cb:3e:d2:ad:97:
62:3e:09:9f:aa:25:0e:d4:66:cf:2d:a8:e3:f7:b1:
8e:6c:62:e7:28:83:94:32:ee:08:6c:57:5f:51:5c:
9f:ed:fb:43:c5:e1:64:d5:d2:15:d6:c1:99:63:e4:
d8:d9:f7:03:fb:af:87:e1:10:ec:07:39:9b:94:b6:
cc:07:70:b4:6e:be:48:90:77:c9:4a:2a:33:dd:7b:
4a:41:9b:3d:37:36:ae:1e:81:54:7b:90:29:21:39:
42:20:e1:2b:9b:fc:72:4f:16:7d:f9:8d:4c:ff:62:
bf:28:fb:ce:94:8a:c7:9d:27:68:4e:85:4c:13:e1:
aa:12:90:1b:38:d1:9b:ed:0e:4d:92:ee:e7:45:86:
f0:ac:9f:ca:39:bc:9a:d3:65:68:a4:42:c9:35:eb:
c8:2d:c9:14:76:91:15:b7:f3:4c:e9:3c:ee:4e:90:
ae:a5:aa:a2:59:81:ba:b0:7c:f5:5d:83:d5:9e:1d:
57:8f:4a:f7:6c:c8:86:ac:2e:c2:11:31:59:f5:e6:
88:f2:c2:31:78:5b:2c:6a:c8:83:a3:c0:51:bd:bb:
22:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:6B:CE:80:53:19:21:22:6C:7D:23:EA:0A:33:65:3A:AB:40:1C:C3
X509v3 Authority Key Identifier:
keyid:2D:C8:1D:24:C4:5D:DA:A3:45:F9:06:4D:E2:9F:BC:A7:B1:29:A5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LcgdJMRd2qNF-QZN4p-8p7EppSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/yGvOgFMZISJsfSPqCjNlOqtAHMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/LcgdJMRd2qNF-QZN4p-8p7EppSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.237.0/24
Signature Algorithm: sha256WithRSAEncryption
43:9e:9b:5a:75:e0:52:66:65:12:4d:03:4b:0f:73:54:36:a9:
6f:28:d6:a4:88:d7:4d:5b:f1:e2:6f:62:54:f4:b9:1f:21:02:
34:1e:87:ce:f9:f7:fb:92:3d:5b:15:10:00:e7:e6:ff:8d:1c:
d1:69:5c:24:96:0f:ca:ca:3a:e0:52:53:27:3e:d3:8d:4b:c0:
7a:3b:e5:94:1e:b6:8e:88:f4:5b:70:db:14:8c:a6:ae:e4:24:
f2:a4:0a:e1:53:84:3e:ce:eb:7a:3c:69:f2:7b:4d:29:b4:4b:
cb:d1:5a:41:cd:3e:b9:98:f9:10:90:3e:26:97:7e:0f:af:8e:
50:09:36:6a:91:79:bc:fc:f9:ff:d7:e0:ff:85:3f:b8:9d:eb:
9a:b5:4a:a6:a6:47:1f:e3:a1:fc:e3:1d:b7:fa:26:cf:59:32:
d5:d2:f3:61:7c:90:f8:25:07:17:44:e5:d7:c0:1d:4f:7f:b6:
0e:05:f9:4d:60:84:a1:9b:71:89:57:fa:73:1e:16:7e:2e:11:
98:3a:56:b1:c0:b2:4b:a8:75:6d:db:d5:49:b3:44:71:ea:f0:
f8:47:ed:14:51:8d:a9:30:03:70:86:b6:9e:5e:fc:a4:58:65:
3d:29:d1:41:20:c2:27:6f:40:19:9d:c9:05:e3:a2:f4:04:0e:
dd:91:14:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks71kxXCdZ0UaLzglIhlKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkYzgxZDI0YzQ1ZGRhYTM0NWY5MDY0ZGUyOWZiY2E3YjEy
OWE1MmMwHhcNMjUwMTAyMDE0OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODZiY2U4MDUzMTkyMTIyNmM3ZDIzZWEwYTMzNjUzYWFiNDAxY2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9AvUis2/MjoInQnuKk7Vl5P6+Zp
v9ubVP1wl76FWzwllBf387Fryz7SrZdiPgmfqiUO1GbPLajj97GObGLnKIOUMu4I
bFdfUVyf7ftDxeFk1dIV1sGZY+TY2fcD+6+H4RDsBzmblLbMB3C0br5IkHfJSioz
3XtKQZs9NzauHoFUe5ApITlCIOErm/xyTxZ9+Y1M/2K/KPvOlIrHnSdoToVME+Gq
EpAbONGb7Q5Nku7nRYbwrJ/KObya02VopELJNevILckUdpEVt/NM6TzuTpCupaqi
WYG6sHz1XYPVnh1Xj0r3bMiGrC7CETFZ9eaI8sIxeFssasiDo8BRvbsiBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMhrzoBTGSEibH0j6gozZTqrQBzDMB8GA1UdIwQY
MBaAFC3IHSTEXdqjRfkGTeKfvKexKaUsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGNnZEpNUmQycU5GLVFaTjRwLThwN0VwcFN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iZjNkYjUtYTMzZi00MzExLWFjZDkt
MmZjYzBiNzQ5YjMyLzEveUd2T2dGTVpJU0pzZlNQcUNqTmxPcXRBSE1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iZjNkYjUtYTMzZi00MzExLWFjZDktMmZjYzBiNzQ5YjMy
LzEvTGNnZEpNUmQycU5GLVFaTjRwLThwN0VwcFN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQ7tMA0G
CSqGSIb3DQEBCwUAA4IBAQBDnptadeBSZmUSTQNLD3NUNqlvKNakiNdNW/Hib2JU
9LkfIQI0HofO+ff7kj1bFRAA5+b/jRzRaVwklg/KyjrgUlMnPtONS8B6O+WUHraO
iPRbcNsUjKau5CTypArhU4Q+zut6PGnye00ptEvL0VpBzT65mPkQkD4ml34Pr45Q
CTZqkXm8/Pn/1+D/hT+4neuatUqmpkcf46H84x23+ibPWTLV0vNhfJD4JQcXROXX
wB1Pf7YOBflNYIShm3GJV/pzHhZ+LhGYOlaxwLJLqHVt29VJs0Rx6vD4R+0UUY2p
MANwhraeXvykWGU9KdFBIMInb0AZnckF46L0BA7dkRQO
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:41:22 2025 by rpki-client