Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/dq0H0ptfWVeMI5pzuDVutGRIMbA.roa
File: dq0H0ptfWVeMI5pzuDVutGRIMbA.roa (raw, json)
Hash identifier: 0F5Hp24nVBW+EaqkAlTh8XGSno4s2M0R/Zi5bowUmQE=
Subject key identifier: 76:AD:07:D2:9B:5F:59:57:8C:23:9A:73:B8:35:6E:B4:64:48:31:B0
Certificate issuer: /CN=1ddf5951c9ae79976d97e1d28e466a615119898b
Certificate serial: 018CC64B5C3BF77FC787F74AE8230A0E2BE2
Authority key identifier: 1D:DF:59:51:C9:AE:79:97:6D:97:E1:D2:8E:46:6A:61:51:19:89:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hd9ZUcmueZdtl-HSjkZqYVEZiYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/dq0H0ptfWVeMI5pzuDVutGRIMbA.roa
Signing time: Mon 01 Jan 2024 18:31:16 +0000
ROA not before: Mon 01 Jan 2024 18:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200290
IP address blocks: 185.171.104.0/22 maxlen: 24
185.171.104.0/24 maxlen: 24
185.171.104.0/23 maxlen: 23
185.171.105.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:5c:3b:f7:7f:c7:87:f7:4a:e8:23:0a:0e:2b:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ddf5951c9ae79976d97e1d28e466a615119898b
Validity
Not Before: Jan 1 18:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76ad07d29b5f59578c239a73b8356eb4644831b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:32:b7:37:cf:8c:54:40:a5:e9:7c:3a:fb:33:
02:f6:71:82:4e:de:10:7a:38:14:5e:67:d9:01:1d:
e8:70:e1:53:54:be:a5:37:1c:6f:22:82:f2:38:40:
3c:b5:55:33:14:bc:1f:4b:5b:3c:bc:a7:bf:90:d9:
a0:69:20:c6:f1:85:61:85:8d:7f:96:3f:a6:22:93:
08:d9:4c:e7:7a:25:1e:72:c8:26:7f:14:d0:3d:c8:
04:59:51:e5:f0:25:48:0d:4f:1e:90:db:3d:69:80:
ac:69:aa:a4:f5:fd:31:41:15:02:9b:a7:01:23:c8:
59:93:f5:12:ee:b6:18:c4:e6:11:4f:d4:1b:7c:25:
99:6e:62:7f:62:3e:05:16:6e:55:9a:8d:b6:67:8d:
74:4b:12:96:0c:04:9f:b4:73:23:79:1a:7f:32:b3:
9b:cd:18:59:93:59:be:78:e0:56:0f:b3:77:d1:f3:
98:9a:34:6b:53:48:c9:32:69:19:0a:c1:7e:a5:e7:
24:0a:c0:96:af:91:d5:ed:4f:4f:5e:00:03:6e:4c:
9f:e9:e4:56:7c:09:23:fc:aa:94:cb:fb:0a:c8:ac:
bb:33:52:c9:b2:67:c5:78:86:15:06:e1:4f:c2:31:
f1:60:c8:35:03:1c:5f:5d:9e:ad:62:24:7c:57:03:
7e:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:AD:07:D2:9B:5F:59:57:8C:23:9A:73:B8:35:6E:B4:64:48:31:B0
X509v3 Authority Key Identifier:
keyid:1D:DF:59:51:C9:AE:79:97:6D:97:E1:D2:8E:46:6A:61:51:19:89:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hd9ZUcmueZdtl-HSjkZqYVEZiYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/dq0H0ptfWVeMI5pzuDVutGRIMbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/Hd9ZUcmueZdtl-HSjkZqYVEZiYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.104.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:41:db:11:88:66:d1:46:5c:b3:04:88:ee:ed:1e:68:ed:5b:
a3:ef:9a:ba:a2:71:88:76:0c:91:ae:cf:1d:71:a1:2a:2b:f8:
90:e5:2c:ce:79:56:c0:7b:cc:e6:2c:2d:10:aa:89:38:56:d3:
f9:11:c6:e9:94:7a:5b:69:68:33:36:ee:db:9e:34:8c:40:e0:
83:06:e7:ea:7d:3c:8b:31:79:32:4b:b2:60:7e:15:75:b5:b7:
61:85:a9:d3:0e:d5:06:44:5d:2c:c6:12:fd:3a:af:c0:64:e0:
ef:31:bc:08:c9:9d:c6:79:6e:6a:bb:c4:e9:a8:a5:e7:cf:4a:
93:e1:c0:8d:79:13:76:ce:88:af:2f:6a:70:0e:ba:21:2d:b2:
43:25:17:47:19:10:f2:fe:dd:18:db:62:13:0a:5c:6a:46:d5:
e9:08:79:99:fc:1f:e5:df:1f:4e:ed:96:a7:80:cd:44:ae:31:
b0:83:7b:d7:34:53:1b:61:bb:ca:51:e1:4d:e8:43:01:52:e5:
0a:92:ef:9e:af:14:e5:6c:83:38:15:7e:53:64:41:a7:92:ec:
60:69:fd:07:96:c8:32:6b:82:b0:76:9b:83:cb:dc:88:fc:34:
b4:06:aa:9f:9d:e6:cf:fe:d3:3c:a0:8b:3a:ae:6f:a6:b4:48:
1e:1e:61:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGS1w793/Hh/dK6CMKDiviMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZGY1OTUxYzlhZTc5OTc2ZDk3ZTFkMjhlNDY2YTYxNTEx
OTg5OGIwHhcNMjQwMTAxMTgzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmFkMDdkMjliNWY1OTU3OGMyMzlhNzNiODM1NmViNDY0NDgzMWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujK3N8+MVECl6Xw6+zMC9nGCTt4Q
ejgUXmfZAR3ocOFTVL6lNxxvIoLyOEA8tVUzFLwfS1s8vKe/kNmgaSDG8YVhhY1/
lj+mIpMI2UzneiUecsgmfxTQPcgEWVHl8CVIDU8ekNs9aYCsaaqk9f0xQRUCm6cB
I8hZk/US7rYYxOYRT9QbfCWZbmJ/Yj4FFm5Vmo22Z410SxKWDASftHMjeRp/MrOb
zRhZk1m+eOBWD7N30fOYmjRrU0jJMmkZCsF+peckCsCWr5HV7U9PXgADbkyf6eRW
fAkj/KqUy/sKyKy7M1LJsmfFeIYVBuFPwjHxYMg1AxxfXZ6tYiR8VwN+LwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHatB9KbX1lXjCOac7g1brRkSDGwMB8GA1UdIwQY
MBaAFB3fWVHJrnmXbZfh0o5GamFRGYmLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGQ5WlVjbXVlWmR0bC1IU2prWnFZVkVaaVlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8yZGY3ODYtNTJkNS00MzhiLThiNTYt
MGU5NmIxZmZiMjQ3LzEvZHEwSDBwdGZXVmVNSTVwenVEVnV0R1JJTWJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8yZGY3ODYtNTJkNS00MzhiLThiNTYtMGU5NmIxZmZiMjQ3
LzEvSGQ5WlVjbXVlWmR0bC1IU2prWnFZVkVaaVlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuatoMA0G
CSqGSIb3DQEBCwUAA4IBAQAPQdsRiGbRRlyzBIju7R5o7Vuj75q6onGIdgyRrs8d
caEqK/iQ5SzOeVbAe8zmLC0Qqok4VtP5EcbplHpbaWgzNu7bnjSMQOCDBufqfTyL
MXkyS7JgfhV1tbdhhanTDtUGRF0sxhL9Oq/AZODvMbwIyZ3GeW5qu8TpqKXnz0qT
4cCNeRN2zoivL2pwDrohLbJDJRdHGRDy/t0Y22ITClxqRtXpCHmZ/B/l3x9O7Zan
gM1ErjGwg3vXNFMbYbvKUeFN6EMBUuUKku+erxTlbIM4FX5TZEGnkuxgaf0Hlsgy
a4KwdpuDy9yI/DS0BqqfnebP/tM8oIs6rm+mtEgeHmHb
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:36:07 2025 by rpki-client