Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/7d2cb5-bddf-4201-baf8-1b24484e55ec/1/kVbSHrAHHzDssRXONUlwJ1GWoHU.roa
File: kVbSHrAHHzDssRXONUlwJ1GWoHU.roa (raw, json)
Hash identifier: mu0OOdtXupXjhLysliKeG+XZYEBhpCYVNN9APqeB6iQ=
Subject key identifier: 91:56:D2:1E:B0:07:1F:30:EC:B1:15:CE:35:49:70:27:51:96:A0:75
Certificate issuer: /CN=54404da602dab0625be7223d09320b1cd7aafced
Certificate serial: 0194214464CAE9ADE1085E4030FBF382350A
Authority key identifier: 54:40:4D:A6:02:DA:B0:62:5B:E7:22:3D:09:32:0B:1C:D7:AA:FC:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VEBNpgLasGJb5yI9CTILHNeq_O0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/7d2cb5-bddf-4201-baf8-1b24484e55ec/1/kVbSHrAHHzDssRXONUlwJ1GWoHU.roa
Signing time: Wed 01 Jan 2025 09:48:37 +0000
ROA not before: Wed 01 Jan 2025 09:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205247
IP address blocks: 185.224.108.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:64:ca:e9:ad:e1:08:5e:40:30:fb:f3:82:35:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54404da602dab0625be7223d09320b1cd7aafced
Validity
Not Before: Jan 1 09:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9156d21eb0071f30ecb115ce354970275196a075
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:59:7e:0b:be:e9:07:c2:a2:43:70:10:50:3b:
3d:10:f6:f7:6a:46:72:40:00:b4:da:7d:89:23:34:
80:ce:8a:8a:8a:7c:f9:d3:41:7c:cd:cf:f2:a1:5b:
29:ac:ca:c4:50:02:5a:86:6a:56:a1:53:ca:90:85:
c8:11:d5:be:3c:79:8a:c9:cc:0e:d9:44:37:1b:96:
5f:ca:dc:6f:ca:74:48:22:d2:b9:b5:bc:5e:da:94:
7f:e3:66:8f:51:c8:e3:c1:b5:7c:0b:39:9a:3e:35:
80:9d:82:50:cc:67:93:77:9a:6b:eb:8f:e3:e1:2b:
ee:c0:b8:63:8d:fa:7d:a3:3a:ce:1a:c2:40:67:76:
a8:5c:af:e0:e1:16:e5:d8:34:48:14:96:90:8b:c0:
1e:0e:53:42:d9:44:9a:9e:bb:eb:a7:9c:57:4d:36:
05:ef:bf:83:d9:ff:e3:26:91:7f:f7:0d:dc:13:03:
2a:84:ac:b2:b6:93:dc:cf:c8:70:1c:f7:c8:d7:18:
84:63:a0:d0:4b:62:65:99:fc:cc:36:ad:5f:01:b6:
a9:e6:88:2a:86:3e:c9:8d:05:37:c9:a8:a5:aa:7e:
85:2a:38:fe:d1:e1:a7:25:73:64:e7:ba:75:f4:35:
26:d3:2f:bc:57:2b:2b:10:67:5a:fe:1a:3c:04:8b:
12:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:56:D2:1E:B0:07:1F:30:EC:B1:15:CE:35:49:70:27:51:96:A0:75
X509v3 Authority Key Identifier:
keyid:54:40:4D:A6:02:DA:B0:62:5B:E7:22:3D:09:32:0B:1C:D7:AA:FC:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VEBNpgLasGJb5yI9CTILHNeq_O0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/7d2cb5-bddf-4201-baf8-1b24484e55ec/1/kVbSHrAHHzDssRXONUlwJ1GWoHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/7d2cb5-bddf-4201-baf8-1b24484e55ec/1/VEBNpgLasGJb5yI9CTILHNeq_O0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.224.108.0/22
Signature Algorithm: sha256WithRSAEncryption
27:1d:dd:0e:96:a1:82:b2:39:f9:fa:94:ab:68:a6:45:ed:75:
1f:1e:24:d8:be:2b:80:d8:c3:43:d5:19:42:33:35:f0:19:68:
42:03:8e:36:5f:f8:b8:49:e7:47:41:c1:63:22:b2:ee:d7:00:
23:ce:f1:08:ed:ee:2c:f5:b2:ff:bf:94:59:93:6b:68:b4:52:
79:1d:ff:20:a3:8c:11:53:4a:1c:62:11:a5:87:c9:e9:12:7a:
c6:fe:b3:57:99:64:8c:82:6f:69:49:77:72:72:9c:3b:98:1b:
71:34:74:11:fd:c5:72:ef:52:9e:63:c4:03:62:ae:28:54:c0:
f3:3b:99:d0:d2:28:6b:f2:8a:92:fe:5f:fe:68:93:55:cb:73:
db:11:b7:73:1e:3a:c4:db:c7:d5:46:25:e6:49:c6:1a:3a:38:
69:da:14:6d:39:a5:26:3e:bb:c0:9f:21:5e:4b:08:f0:d3:ba:
0a:7b:17:c5:d0:49:b7:1f:12:8a:42:37:50:0e:eb:0f:63:a2:
4c:a0:2c:86:4a:0e:22:fa:67:63:98:c5:88:31:43:18:a0:8f:
70:ac:98:a0:bc:08:97:f1:44:9b:da:9d:4f:2a:0b:14:6c:3c:
e1:22:a1:11:cd:77:79:82:43:b3:7f:0f:d0:b1:e7:f4:ab:de:
4e:40:c3:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRGTK6a3hCF5AMPvzgjUKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NDA0ZGE2MDJkYWIwNjI1YmU3MjIzZDA5MzIwYjFjZDdh
YWZjZWQwHhcNMjUwMTAxMDk0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTU2ZDIxZWIwMDcxZjMwZWNiMTE1Y2UzNTQ5NzAyNzUxOTZhMDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtll+C77pB8KiQ3AQUDs9EPb3akZy
QAC02n2JIzSAzoqKinz500F8zc/yoVsprMrEUAJahmpWoVPKkIXIEdW+PHmKycwO
2UQ3G5ZfytxvynRIItK5tbxe2pR/42aPUcjjwbV8CzmaPjWAnYJQzGeTd5pr64/j
4SvuwLhjjfp9ozrOGsJAZ3aoXK/g4Rbl2DRIFJaQi8AeDlNC2USanrvrp5xXTTYF
77+D2f/jJpF/9w3cEwMqhKyytpPcz8hwHPfI1xiEY6DQS2JlmfzMNq1fAbap5ogq
hj7JjQU3yailqn6FKjj+0eGnJXNk57p19DUm0y+8VysrEGda/ho8BIsS8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJFW0h6wBx8w7LEVzjVJcCdRlqB1MB8GA1UdIwQY
MBaAFFRATaYC2rBiW+ciPQkyCxzXqvztMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkVCTnBnTGFzR0piNXlJOUNUSUxITmVxX08wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny83ZDJjYjUtYmRkZi00MjAxLWJhZjgt
MWIyNDQ4NGU1NWVjLzEva1ZiU0hyQUhIekRzc1JYT05VbHdKMUdXb0hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny83ZDJjYjUtYmRkZi00MjAxLWJhZjgtMWIyNDQ4NGU1NWVj
LzEvVkVCTnBnTGFzR0piNXlJOUNUSUxITmVxX08wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueBsMA0G
CSqGSIb3DQEBCwUAA4IBAQAnHd0OlqGCsjn5+pSraKZF7XUfHiTYviuA2MND1RlC
MzXwGWhCA442X/i4SedHQcFjIrLu1wAjzvEI7e4s9bL/v5RZk2totFJ5Hf8go4wR
U0ocYhGlh8npEnrG/rNXmWSMgm9pSXdycpw7mBtxNHQR/cVy71KeY8QDYq4oVMDz
O5nQ0ihr8oqS/l/+aJNVy3PbEbdzHjrE28fVRiXmScYaOjhp2hRtOaUmPrvAnyFe
Swjw07oKexfF0Em3HxKKQjdQDusPY6JMoCyGSg4i+mdjmMWIMUMYoI9wrJigvAiX
8USb2p1PKgsUbDzhIqERzXd5gkOzfw/Qsef0q95OQMMO
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:11:39 2025 by rpki-client