Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/4f3d1b-8361-411e-a148-8858a559f251/1/1-Xy6pqZOQ7SjHrrXQN1iMN1opqw.roa
File: 1-Xy6pqZOQ7SjHrrXQN1iMN1opqw.roa (raw, json)
Hash identifier: bSmdA7O0MkRJMlJtwybknrSmjK6+hMoSgroH7t4Rrzw=
Subject key identifier: F9:7C:BA:A6:A6:4E:43:B4:A3:1E:BA:D7:40:DD:62:30:DD:68:A6:AC
Certificate issuer: /CN=99dcbdf0632a101613a8f6c9449b29ed45c1a872
Certificate serial: 01856C0133080B2C3EEC67F6DA3EB2861710
Authority key identifier: 99:DC:BD:F0:63:2A:10:16:13:A8:F6:C9:44:9B:29:ED:45:C1:A8:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mdy98GMqEBYTqPbJRJsp7UXBqHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/4f3d1b-8361-411e-a148-8858a559f251/1/1-Xy6pqZOQ7SjHrrXQN1iMN1opqw.roa
Signing time: Sun 01 Jan 2023 06:24:55 +0000
ROA not before: Sun 01 Jan 2023 06:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 185.188.252.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:01:33:08:0b:2c:3e:ec:67:f6:da:3e:b2:86:17:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99dcbdf0632a101613a8f6c9449b29ed45c1a872
Validity
Not Before: Jan 1 06:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f97cbaa6a64e43b4a31ebad740dd6230dd68a6ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8f:f1:a2:a0:de:51:bd:fe:1d:84:4d:b7:e6:
a0:0e:ec:b3:70:d7:f4:5a:e3:a6:d1:3a:00:70:61:
0b:fd:f6:21:01:98:40:9f:6c:bb:4c:4b:16:e2:6f:
b8:cb:c8:6f:a2:33:ac:51:4c:d9:eb:55:71:d2:a7:
94:11:81:d1:04:63:b5:12:de:42:8c:14:f5:7b:a0:
cf:6f:5d:37:e7:5a:ab:04:5e:7a:36:fa:bf:dc:b6:
32:38:b9:09:54:91:04:97:f5:ec:13:95:4b:ef:2f:
20:87:35:bb:b4:3e:b7:2b:e4:7b:35:fd:7f:49:94:
c7:06:df:1d:d3:26:c0:7e:41:82:65:27:83:0e:11:
40:c4:6f:b6:6e:d3:22:85:9e:9b:d0:32:8f:8c:aa:
f9:a7:28:70:b4:00:cc:69:52:59:cf:0c:ef:d9:17:
ea:b1:ad:28:14:f6:8c:d9:36:f4:5f:6c:1f:ba:43:
53:91:9a:62:39:a9:5a:8f:58:02:ab:5a:23:69:8b:
23:eb:30:46:38:f7:c1:22:6d:22:84:0a:35:7f:2f:
fc:51:38:3c:d5:08:b6:53:cb:0c:ca:af:61:1c:f3:
45:12:be:c8:0b:6a:40:9a:ef:7e:ea:e9:c2:d2:4c:
f7:c3:79:4e:6c:0c:48:91:18:84:fc:0b:c5:69:be:
9a:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:7C:BA:A6:A6:4E:43:B4:A3:1E:BA:D7:40:DD:62:30:DD:68:A6:AC
X509v3 Authority Key Identifier:
keyid:99:DC:BD:F0:63:2A:10:16:13:A8:F6:C9:44:9B:29:ED:45:C1:A8:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdy98GMqEBYTqPbJRJsp7UXBqHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/4f3d1b-8361-411e-a148-8858a559f251/1/1-Xy6pqZOQ7SjHrrXQN1iMN1opqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/4f3d1b-8361-411e-a148-8858a559f251/1/mdy98GMqEBYTqPbJRJsp7UXBqHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.252.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:a8:54:b8:e9:68:40:61:00:55:46:8d:13:19:a6:5a:84:37:
0d:10:45:2a:ec:96:db:f6:a3:04:1b:a4:e7:18:db:f5:89:d4:
b4:b2:d4:26:26:fb:8c:d3:85:10:55:3e:11:fa:52:e5:5b:a5:
d4:79:fd:10:2a:a7:8a:2a:2c:06:93:60:f1:9c:08:16:63:ee:
3a:e0:22:a3:d8:f0:e1:f2:d4:e6:20:a6:86:97:b0:9f:5f:8d:
0e:a0:a7:bf:3a:db:f3:8c:1f:6b:f8:d4:c3:ff:57:e6:d2:47:
a3:93:20:b7:31:e3:75:4c:e8:24:e8:e8:32:44:67:2b:18:bb:
f2:a3:d2:45:fe:95:a9:b1:0c:53:4c:c5:13:68:a6:96:d8:41:
fc:95:b0:bc:97:c8:3b:0d:da:39:4a:fb:89:26:67:71:a6:db:
55:a7:b9:89:1c:0a:cd:03:0a:bb:c1:bd:44:19:d3:2d:32:d6:
06:e9:5b:a8:19:9d:f1:2c:45:8d:e6:c1:f3:d5:1b:9f:10:bf:
dc:dc:57:d3:c9:15:13:eb:92:77:0f:35:55:67:28:4a:27:29:
b3:39:bf:ff:7a:a0:18:24:51:25:64:bc:ee:c2:d3:23:87:d4:
7f:c4:fb:e3:b2:24:1b:96:b4:e1:66:36:ec:33:de:e5:e7:24:
e5:a4:28:0e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVsATMICyw+7Gf22j6yhhcQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZGNiZGYwNjMyYTEwMTYxM2E4ZjZjOTQ0OWIyOWVkNDVj
MWE4NzIwHhcNMjMwMTAxMDYyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTdjYmFhNmE2NGU0M2I0YTMxZWJhZDc0MGRkNjIzMGRkNjhhNmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvo/xoqDeUb3+HYRNt+agDuyzcNf0
WuOm0ToAcGEL/fYhAZhAn2y7TEsW4m+4y8hvojOsUUzZ61Vx0qeUEYHRBGO1Et5C
jBT1e6DPb10351qrBF56Nvq/3LYyOLkJVJEEl/XsE5VL7y8ghzW7tD63K+R7Nf1/
SZTHBt8d0ybAfkGCZSeDDhFAxG+2btMihZ6b0DKPjKr5pyhwtADMaVJZzwzv2Rfq
sa0oFPaM2Tb0X2wfukNTkZpiOalaj1gCq1ojaYsj6zBGOPfBIm0ihAo1fy/8UTg8
1Qi2U8sMyq9hHPNFEr7IC2pAmu9+6unC0kz3w3lObAxIkRiE/AvFab6a0QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPl8uqamTkO0ox6610DdYjDdaKasMB8GA1UdIwQY
MBaAFJncvfBjKhAWE6j2yUSbKe1FwahyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWR5OThHTXFFQllUcVBiSlJKc3A3VVhCcUhJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My80ZjNkMWItODM2MS00MTFlLWExNDgt
ODg1OGE1NTlmMjUxLzEvMS1YeTZwcVpPUTdTakhyclhRTjFpTU4xb3Bxdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTMvNGYzZDFiLTgzNjEtNDExZS1hMTQ4LTg4NThhNTU5ZjI1
MS8xL21keTk4R01xRUJZVHFQYkpSSnNwN1VYQnFISS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALm8/DAN
BgkqhkiG9w0BAQsFAAOCAQEAn6hUuOloQGEAVUaNExmmWoQ3DRBFKuyW2/ajBBuk
5xjb9YnUtLLUJib7jNOFEFU+EfpS5Vul1Hn9ECqniiosBpNg8ZwIFmPuOuAio9jw
4fLU5iCmhpewn1+NDqCnvzrb84wfa/jUw/9X5tJHo5MgtzHjdUzoJOjoMkRnKxi7
8qPSRf6VqbEMU0zFE2imlthB/JWwvJfIOw3aOUr7iSZncabbVae5iRwKzQMKu8G9
RBnTLTLWBulbqBmd8SxFjebB89UbnxC/3NxX08kVE+uSdw81VWcoSicpszm//3qg
GCRRJWS87sLTI4fUf8T747IkG5a04WY27DPe5eck5aQoDg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:04:46 2025 by rpki-client