Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/f097b6-7a7f-4f16-a60e-3699707b8631/1/GhKyxk0esCL4fUxr4Hd_mjj8-tw.roa
File: GhKyxk0esCL4fUxr4Hd_mjj8-tw.roa (raw, json)
Hash identifier: eC4wknSrkqEp5k8cYsdHH8bnYrKRlcRo+U4nTCEVfDo=
Subject key identifier: 1A:12:B2:C6:4D:1E:B0:22:F8:7D:4C:6B:E0:77:7F:9A:38:FC:FA:DC
Certificate issuer: /CN=ff32cec606fb6f6fd6ae7be874826c302b695ef3
Certificate serial: 018CC3488E7AECC4C1399E5400DDB62CD836
Authority key identifier: FF:32:CE:C6:06:FB:6F:6F:D6:AE:7B:E8:74:82:6C:30:2B:69:5E:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_zLOxgb7b2_WrnvodIJsMCtpXvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/f097b6-7a7f-4f16-a60e-3699707b8631/1/GhKyxk0esCL4fUxr4Hd_mjj8-tw.roa
Signing time: Mon 01 Jan 2024 04:29:21 +0000
ROA not before: Mon 01 Jan 2024 04:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 185.140.174.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:8e:7a:ec:c4:c1:39:9e:54:00:dd:b6:2c:d8:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff32cec606fb6f6fd6ae7be874826c302b695ef3
Validity
Not Before: Jan 1 04:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a12b2c64d1eb022f87d4c6be0777f9a38fcfadc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:fe:4e:6c:1e:4b:3a:54:06:01:3e:40:1f:61:
53:d0:03:13:cc:9f:ba:a9:cf:67:42:89:d5:4d:5f:
3a:2b:9b:d0:6d:9e:6c:a2:70:42:4f:61:25:40:08:
ba:1c:0b:60:d6:3f:f7:09:bf:62:e9:ca:6f:fb:4a:
c6:34:ef:5a:d7:25:64:7d:96:5b:68:72:bb:2f:de:
a2:a3:e9:3b:ed:f9:32:48:f3:83:6d:16:36:7c:eb:
9c:fa:ca:b0:c3:bf:46:62:5f:76:b1:27:c9:57:df:
57:fd:54:c6:ed:07:eb:5e:81:f6:fc:d3:80:8b:a4:
e6:ed:79:d8:1f:84:9e:30:31:52:9a:5a:b5:6f:c5:
3d:d6:4c:cf:6e:d3:de:01:63:f6:12:1c:69:cb:93:
9a:d2:7b:91:cf:4b:ab:03:26:56:54:21:47:e8:c8:
72:88:e4:3e:9b:79:07:66:8f:a2:28:43:10:ed:90:
65:29:87:8d:fd:3b:ae:75:c6:70:6e:87:59:1e:6e:
5e:3e:62:96:20:7e:76:27:9c:3d:d3:71:72:42:8b:
af:22:22:29:3d:6d:96:60:10:2c:96:4c:ac:b1:63:
24:44:ac:57:1d:a3:4d:8b:f2:a6:7b:e5:09:12:91:
e5:5e:6c:b7:90:eb:67:0e:33:4f:d6:e9:cb:6a:4d:
81:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:12:B2:C6:4D:1E:B0:22:F8:7D:4C:6B:E0:77:7F:9A:38:FC:FA:DC
X509v3 Authority Key Identifier:
keyid:FF:32:CE:C6:06:FB:6F:6F:D6:AE:7B:E8:74:82:6C:30:2B:69:5E:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_zLOxgb7b2_WrnvodIJsMCtpXvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/f097b6-7a7f-4f16-a60e-3699707b8631/1/GhKyxk0esCL4fUxr4Hd_mjj8-tw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/f097b6-7a7f-4f16-a60e-3699707b8631/1/_zLOxgb7b2_WrnvodIJsMCtpXvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.174.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:33:15:ee:0c:65:7f:e2:c3:55:53:e0:3d:c9:be:6c:79:c5:
a5:a5:a5:d0:d4:61:a0:77:4b:59:a4:9c:ea:e5:92:b8:89:24:
15:91:2c:d6:f7:fa:84:e1:b9:81:a7:fd:36:8f:f4:54:78:b9:
8b:21:2f:00:e0:10:e9:c1:b7:36:d7:3a:6f:12:d1:d9:16:5c:
e0:f9:4c:e5:66:53:a1:52:e2:4e:73:35:a6:87:08:20:63:af:
f8:57:c1:c9:14:59:7f:cd:10:84:05:aa:ee:c2:c0:58:6d:a7:
a0:26:1e:f7:15:21:7b:89:09:14:59:93:36:c1:21:3c:dc:f4:
cf:c4:9c:e9:ca:c3:89:f9:29:6f:0e:2d:df:fd:98:76:0a:16:
dc:05:bf:4c:70:80:a9:03:9f:2e:d4:a9:7c:b5:f3:69:ec:a6:
bc:dd:28:01:92:01:e4:a3:01:3d:34:55:64:b3:24:2a:91:dd:
22:fd:81:cb:db:2a:0e:87:98:31:b8:58:60:6d:50:6c:75:38:
8e:c8:f3:da:e1:4e:eb:2c:e2:b1:e6:d9:71:c9:80:f7:5e:db:
9d:c9:45:4d:5a:b4:1d:cb:e0:4f:97:50:af:cd:a4:38:ca:47:
2f:cc:2e:7b:73:f4:53:2e:fd:80:10:2e:1d:42:d9:6b:72:91:
9b:58:2b:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSI567MTBOZ5UAN22LNg2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMzJjZWM2MDZmYjZmNmZkNmFlN2JlODc0ODI2YzMwMmI2
OTVlZjMwHhcNMjQwMTAxMDQyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTEyYjJjNjRkMWViMDIyZjg3ZDRjNmJlMDc3N2Y5YTM4ZmNmYWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqP5ObB5LOlQGAT5AH2FT0AMTzJ+6
qc9nQonVTV86K5vQbZ5sonBCT2ElQAi6HAtg1j/3Cb9i6cpv+0rGNO9a1yVkfZZb
aHK7L96io+k77fkySPODbRY2fOuc+sqww79GYl92sSfJV99X/VTG7QfrXoH2/NOA
i6Tm7XnYH4SeMDFSmlq1b8U91kzPbtPeAWP2Ehxpy5Oa0nuRz0urAyZWVCFH6Mhy
iOQ+m3kHZo+iKEMQ7ZBlKYeN/TuudcZwbodZHm5ePmKWIH52J5w903FyQouvIiIp
PW2WYBAslkyssWMkRKxXHaNNi/Kme+UJEpHlXmy3kOtnDjNP1unLak2BTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBoSssZNHrAi+H1Ma+B3f5o4/PrcMB8GA1UdIwQY
MBaAFP8yzsYG+29v1q576HSCbDAraV7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3pMT3hnYjdiMl9Xcm52b2RJSnNNQ3RwWHZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9mMDk3YjYtN2E3Zi00ZjE2LWE2MGUt
MzY5OTcwN2I4NjMxLzEvR2hLeXhrMGVzQ0w0ZlV4cjRIZF9tamo4LXR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9mMDk3YjYtN2E3Zi00ZjE2LWE2MGUtMzY5OTcwN2I4NjMx
LzEvX3pMT3hnYjdiMl9Xcm52b2RJSnNNQ3RwWHZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYyuMA0G
CSqGSIb3DQEBCwUAA4IBAQC1MxXuDGV/4sNVU+A9yb5secWlpaXQ1GGgd0tZpJzq
5ZK4iSQVkSzW9/qE4bmBp/02j/RUeLmLIS8A4BDpwbc21zpvEtHZFlzg+UzlZlOh
UuJOczWmhwggY6/4V8HJFFl/zRCEBaruwsBYbaegJh73FSF7iQkUWZM2wSE83PTP
xJzpysOJ+SlvDi3f/Zh2ChbcBb9McICpA58u1Kl8tfNp7Ka83SgBkgHkowE9NFVk
syQqkd0i/YHL2yoOh5gxuFhgbVBsdTiOyPPa4U7rLOKx5tlxyYD3XtudyUVNWrQd
y+BPl1CvzaQ4ykcvzC57c/RTLv2AEC4dQtlrcpGbWCvN
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:25:18 2025 by rpki-client