Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/08d44c-f102-4b70-8db0-72abeefeda4a/1/gf0Xy6qbBLzQzsLjIlFfh_7JZjk.roa
File: gf0Xy6qbBLzQzsLjIlFfh_7JZjk.roa (raw, json)
Hash identifier: Ah/uhPrNkgzcI+es99gluPPaRScN93x4JTQmt+pb9V0=
Subject key identifier: 81:FD:17:CB:AA:9B:04:BC:D0:CE:C2:E3:22:51:5F:87:FE:C9:66:39
Certificate issuer: /CN=708029a674177efd99252275094618c0c9cfbd1d
Certificate serial: 0194258F86E4B48029A8673AF8CD58E78212
Authority key identifier: 70:80:29:A6:74:17:7E:FD:99:25:22:75:09:46:18:C0:C9:CF:BD:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cIAppnQXfv2ZJSJ1CUYYwMnPvR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/08d44c-f102-4b70-8db0-72abeefeda4a/1/gf0Xy6qbBLzQzsLjIlFfh_7JZjk.roa
Signing time: Thu 02 Jan 2025 05:49:10 +0000
ROA not before: Thu 02 Jan 2025 05:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25369
IP address blocks: 185.167.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:86:e4:b4:80:29:a8:67:3a:f8:cd:58:e7:82:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=708029a674177efd99252275094618c0c9cfbd1d
Validity
Not Before: Jan 2 05:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81fd17cbaa9b04bcd0cec2e322515f87fec96639
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:1b:e6:29:d3:7d:02:77:d5:bc:ed:67:8f:37:
c3:f8:6a:b0:58:de:58:8c:f1:78:86:b1:c5:30:02:
07:c3:da:b8:0b:8b:a0:6a:88:64:44:2a:34:5b:a2:
d6:02:9d:c8:c9:c3:5a:d5:5d:e9:23:4f:fa:85:0b:
da:1e:6c:20:85:5e:1a:a8:2d:e5:d0:76:ac:44:4b:
11:34:5d:06:10:c6:dc:10:d6:39:41:09:63:7e:86:
98:71:c3:87:c2:c3:79:81:41:f8:cd:84:75:ba:86:
2b:fc:74:4b:e5:df:85:f3:75:9b:c9:0b:11:3e:2a:
ed:9d:c9:70:af:6d:ff:fa:2b:9c:75:42:c6:ed:3b:
18:94:cd:df:21:b0:e0:ca:07:be:a8:1d:2d:66:85:
3c:76:ca:18:fe:cf:a8:b2:b3:93:2c:8c:9a:74:c7:
36:6e:fd:94:96:f3:0a:5f:d2:98:9f:66:55:d4:51:
e8:da:34:14:65:d0:d2:26:85:31:5c:63:d6:f1:f6:
d8:63:5a:d7:fa:22:b7:a7:c2:33:ee:f2:4e:4b:20:
46:f9:6d:51:cc:89:e4:fa:02:a1:4e:a3:1f:12:7e:
9c:33:d5:41:17:aa:c7:97:fe:d3:fe:32:a3:94:a6:
82:ed:1a:a0:7e:77:b8:c9:17:e1:da:07:d7:4c:89:
e9:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:FD:17:CB:AA:9B:04:BC:D0:CE:C2:E3:22:51:5F:87:FE:C9:66:39
X509v3 Authority Key Identifier:
keyid:70:80:29:A6:74:17:7E:FD:99:25:22:75:09:46:18:C0:C9:CF:BD:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cIAppnQXfv2ZJSJ1CUYYwMnPvR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/08d44c-f102-4b70-8db0-72abeefeda4a/1/gf0Xy6qbBLzQzsLjIlFfh_7JZjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/08d44c-f102-4b70-8db0-72abeefeda4a/1/cIAppnQXfv2ZJSJ1CUYYwMnPvR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.253.0/24
Signature Algorithm: sha256WithRSAEncryption
60:04:52:0d:be:d5:1e:6f:9a:85:2d:23:ce:bb:6c:8e:85:e9:
ca:87:99:ff:e2:d6:87:f6:41:49:df:c3:21:47:3d:c2:58:1c:
4e:c2:f1:2d:44:a8:24:17:14:dc:da:23:2c:6c:76:e1:dd:bc:
60:a1:f2:1b:cb:23:5b:a6:01:7b:0a:28:44:ef:7b:6a:e2:3e:
6b:58:37:2a:5d:f7:a7:5e:09:21:d0:c2:14:e2:71:18:a6:a8:
91:d1:d7:9f:bc:f9:30:40:a1:1f:be:59:b0:b5:7d:14:b4:94:
49:66:6c:30:0c:83:2b:0e:e5:3e:17:c9:f9:2d:06:c7:5c:1e:
27:b7:89:4b:79:a5:d7:4c:94:6f:7d:7f:1b:22:18:a0:7c:e9:
25:c3:5b:1a:b5:8d:5d:72:73:79:7f:c9:fd:c8:9d:5d:48:df:
e0:16:5a:a0:93:aa:91:56:fa:64:42:5c:cb:06:0f:a2:4c:1d:
74:2e:4c:fc:f3:91:a3:8c:dc:aa:f8:6d:77:8b:aa:0f:cc:6f:
c4:85:18:0b:54:4e:70:66:ae:df:dd:c6:72:d6:77:67:92:8f:
b6:e5:94:cb:7c:9b:40:6a:ef:d1:6d:28:44:fa:14:c0:b1:46:
93:fa:0c:16:5f:ba:e3:ec:e7:75:98:35:09:b6:2d:cf:ca:95:
9a:37:b5:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj4bktIApqGc6+M1Y54ISMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwODAyOWE2NzQxNzdlZmQ5OTI1MjI3NTA5NDYxOGMwYzlj
ZmJkMWQwHhcNMjUwMTAyMDU0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWZkMTdjYmFhOWIwNGJjZDBjZWMyZTMyMjUxNWY4N2ZlYzk2NjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRvmKdN9AnfVvO1njzfD+GqwWN5Y
jPF4hrHFMAIHw9q4C4ugaohkRCo0W6LWAp3IycNa1V3pI0/6hQvaHmwghV4aqC3l
0HasREsRNF0GEMbcENY5QQljfoaYccOHwsN5gUH4zYR1uoYr/HRL5d+F83WbyQsR
Pirtnclwr23/+iucdULG7TsYlM3fIbDgyge+qB0tZoU8dsoY/s+osrOTLIyadMc2
bv2UlvMKX9KYn2ZV1FHo2jQUZdDSJoUxXGPW8fbYY1rX+iK3p8Iz7vJOSyBG+W1R
zInk+gKhTqMfEn6cM9VBF6rHl/7T/jKjlKaC7Rqgfne4yRfh2gfXTInpwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIH9F8uqmwS80M7C4yJRX4f+yWY5MB8GA1UdIwQY
MBaAFHCAKaZ0F379mSUidQlGGMDJz70dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0lBcHBuUVhmdjJaSlNKMUNVWVl3TW5QdlIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8wOGQ0NGMtZjEwMi00YjcwLThkYjAt
NzJhYmVlZmVkYTRhLzEvZ2YwWHk2cWJCTHpRenNMaklsRmZoXzdKWmprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8wOGQ0NGMtZjEwMi00YjcwLThkYjAtNzJhYmVlZmVkYTRh
LzEvY0lBcHBuUVhmdjJaSlNKMUNVWVl3TW5QdlIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaf9MA0G
CSqGSIb3DQEBCwUAA4IBAQBgBFINvtUeb5qFLSPOu2yOhenKh5n/4taH9kFJ38Mh
Rz3CWBxOwvEtRKgkFxTc2iMsbHbh3bxgofIbyyNbpgF7CihE73tq4j5rWDcqXfen
Xgkh0MIU4nEYpqiR0defvPkwQKEfvlmwtX0UtJRJZmwwDIMrDuU+F8n5LQbHXB4n
t4lLeaXXTJRvfX8bIhigfOklw1satY1dcnN5f8n9yJ1dSN/gFlqgk6qRVvpkQlzL
Bg+iTB10Lkz885GjjNyq+G13i6oPzG/EhRgLVE5wZq7f3cZy1ndnko+25ZTLfJtA
au/RbShE+hTAsUaT+gwWX7rj7Od1mDUJti3PypWaN7UF
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:11:05 2025 by rpki-client