Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/dc13c1-de56-449f-9c29-c81266b7c49e/1/iOo8WZeBs16BOwEjC7IsPMOtPO0.roa
File: iOo8WZeBs16BOwEjC7IsPMOtPO0.roa (raw, json)
Hash identifier: FC5R1Hrtvnbfsyec/XOyQavDbuFW5mY0wSOTHI+QutE=
Subject key identifier: 88:EA:3C:59:97:81:B3:5E:81:3B:01:23:0B:B2:2C:3C:C3:AD:3C:ED
Certificate issuer: /CN=b6ed62055a5191c02ec5112e95181a89ac060ceb
Certificate serial: 019423D6FA4EBC70A2BE6486A78FED0E7F3D
Authority key identifier: B6:ED:62:05:5A:51:91:C0:2E:C5:11:2E:95:18:1A:89:AC:06:0C:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tu1iBVpRkcAuxREulRgaiawGDOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/dc13c1-de56-449f-9c29-c81266b7c49e/1/iOo8WZeBs16BOwEjC7IsPMOtPO0.roa
Signing time: Wed 01 Jan 2025 21:47:58 +0000
ROA not before: Wed 01 Jan 2025 21:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47242
IP address blocks: 185.73.136.0/24 maxlen: 24
185.73.137.0/24 maxlen: 24
185.73.138.0/24 maxlen: 24
185.73.139.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:fa:4e:bc:70:a2:be:64:86:a7:8f:ed:0e:7f:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6ed62055a5191c02ec5112e95181a89ac060ceb
Validity
Not Before: Jan 1 21:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=88ea3c599781b35e813b01230bb22c3cc3ad3ced
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b6:53:32:8c:94:e9:7c:53:87:d8:41:a6:f4:
d3:13:d6:67:3f:54:c2:25:31:35:fa:3a:89:06:4a:
06:1a:41:2a:e8:e0:d1:fe:5f:af:b6:95:f8:ca:88:
cb:dc:c0:a2:01:d1:a5:84:30:72:29:38:14:e3:f4:
df:df:c3:00:27:85:7d:d9:9d:e9:2d:d4:fe:93:ab:
60:fb:b5:ac:45:72:20:ca:47:16:aa:c1:cb:3b:aa:
cf:2e:29:f3:df:22:ee:44:38:4f:ab:b3:e3:a7:41:
b6:f7:47:c2:94:9b:50:47:de:ac:53:26:98:e9:14:
03:db:2e:30:ba:72:d1:8b:1c:19:2c:dd:06:ca:04:
36:c5:00:b8:a8:a4:11:9f:62:9d:12:d0:4c:56:7a:
a4:ee:f3:76:f3:97:fe:69:4c:f2:0e:57:65:60:03:
36:57:6e:d5:0b:03:d3:7d:28:7d:ed:3c:a2:47:b4:
f8:e7:1a:3a:5c:34:48:d8:21:b2:aa:73:c7:ee:16:
8f:13:89:f3:ef:44:db:92:ad:68:95:dd:9f:11:fa:
7e:53:1a:01:53:36:49:91:e0:3a:56:02:41:e3:a0:
5d:ed:5f:10:73:29:52:3f:51:aa:96:e5:dc:29:7d:
0d:21:69:46:fa:e2:9f:df:93:5c:c7:de:88:30:ff:
83:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:EA:3C:59:97:81:B3:5E:81:3B:01:23:0B:B2:2C:3C:C3:AD:3C:ED
X509v3 Authority Key Identifier:
keyid:B6:ED:62:05:5A:51:91:C0:2E:C5:11:2E:95:18:1A:89:AC:06:0C:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tu1iBVpRkcAuxREulRgaiawGDOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/dc13c1-de56-449f-9c29-c81266b7c49e/1/iOo8WZeBs16BOwEjC7IsPMOtPO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/dc13c1-de56-449f-9c29-c81266b7c49e/1/tu1iBVpRkcAuxREulRgaiawGDOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.136.0/22
Signature Algorithm: sha256WithRSAEncryption
34:fd:35:c6:ee:ca:c5:9e:e9:95:23:02:05:43:b1:e2:4a:45:
e8:f7:28:2d:14:19:bc:b6:bc:5b:51:f4:6e:d5:4e:1e:7d:e4:
60:39:c9:65:e4:1d:75:1a:2a:d2:09:cf:2d:92:ca:9f:a3:71:
fc:90:0f:5a:5b:b7:11:83:06:81:5d:7a:3d:15:3a:a5:92:63:
1e:df:59:fe:29:37:99:0a:1c:74:e9:d0:6a:5b:65:37:f9:c5:
f5:17:29:2c:99:ec:53:e7:12:ab:34:eb:a9:8d:57:ba:72:02:
9d:08:51:c5:a0:91:90:5f:1b:ce:27:38:78:78:27:7d:72:5b:
07:51:a7:62:3a:60:b9:5a:e7:f1:9c:44:4c:f7:ff:1d:6b:d1:
55:15:38:33:c9:ee:88:92:17:ca:15:1f:51:4c:3d:23:c8:12:
d8:e1:46:5e:cb:32:43:ec:da:86:01:b7:47:ad:b1:34:80:b6:
85:f8:d6:f0:f3:65:a4:20:a9:32:93:93:f3:aa:55:fe:bb:32:
7e:8e:9b:41:12:2f:b0:02:f1:f3:f4:ca:a0:a0:54:e3:d0:c3:
f5:78:39:83:65:13:03:da:7d:83:60:b8:fb:f0:14:55:3b:9d:
fa:0d:c9:63:a6:af:b9:af:14:e8:c3:03:6f:c0:23:0e:fd:7d:
63:84:84:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1vpOvHCivmSGp4/tDn89MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZWQ2MjA1NWE1MTkxYzAyZWM1MTEyZTk1MTgxYTg5YWMw
NjBjZWIwHhcNMjUwMTAxMjE0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGVhM2M1OTk3ODFiMzVlODEzYjAxMjMwYmIyMmMzY2MzYWQzY2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLZTMoyU6XxTh9hBpvTTE9ZnP1TC
JTE1+jqJBkoGGkEq6ODR/l+vtpX4yojL3MCiAdGlhDByKTgU4/Tf38MAJ4V92Z3p
LdT+k6tg+7WsRXIgykcWqsHLO6rPLinz3yLuRDhPq7Pjp0G290fClJtQR96sUyaY
6RQD2y4wunLRixwZLN0GygQ2xQC4qKQRn2KdEtBMVnqk7vN285f+aUzyDldlYAM2
V27VCwPTfSh97TyiR7T45xo6XDRI2CGyqnPH7haPE4nz70Tbkq1old2fEfp+UxoB
UzZJkeA6VgJB46Bd7V8QcylSP1GqluXcKX0NIWlG+uKf35Ncx96IMP+DAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIjqPFmXgbNegTsBIwuyLDzDrTztMB8GA1UdIwQY
MBaAFLbtYgVaUZHALsURLpUYGomsBgzrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHUxaUJWcFJrY0F1eFJFdWxSZ2FpYXdHRE9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9kYzEzYzEtZGU1Ni00NDlmLTljMjkt
YzgxMjY2YjdjNDllLzEvaU9vOFdaZUJzMTZCT3dFakM3SXNQTU90UE8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9kYzEzYzEtZGU1Ni00NDlmLTljMjktYzgxMjY2YjdjNDll
LzEvdHUxaUJWcFJrY0F1eFJFdWxSZ2FpYXdHRE9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUmIMA0G
CSqGSIb3DQEBCwUAA4IBAQA0/TXG7srFnumVIwIFQ7HiSkXo9ygtFBm8trxbUfRu
1U4efeRgOcll5B11GirSCc8tksqfo3H8kA9aW7cRgwaBXXo9FTqlkmMe31n+KTeZ
Chx06dBqW2U3+cX1FyksmexT5xKrNOupjVe6cgKdCFHFoJGQXxvOJzh4eCd9clsH
UadiOmC5WufxnERM9/8da9FVFTgzye6IkhfKFR9RTD0jyBLY4UZeyzJD7NqGAbdH
rbE0gLaF+Nbw82WkIKkyk5PzqlX+uzJ+jptBEi+wAvHz9MqgoFTj0MP1eDmDZRMD
2n2DYLj78BRVO536Dcljpq+5rxTowwNvwCMO/X1jhIR4
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:07 2025 by rpki-client