Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/8659cf-f824-4f93-8604-b812bd594739/1/1-y3mku53CxfcZTDAjLzjGLNjKug.roa
File: 1-y3mku53CxfcZTDAjLzjGLNjKug.roa (raw, json)
Hash identifier: tkrqALFJZS9oKOrZg8mNnpPdOdg26RzEKwv9Z2r59k4=
Subject key identifier: FB:2D:E6:92:EE:77:0B:17:DC:65:30:C0:8C:BC:E3:18:B3:63:2A:E8
Certificate issuer: /CN=a433e32ac0c6fa735a6c7be144cfa3fc297c0b98
Certificate serial: 019427B64EBF7701DE72A5DA07CD61DE028F
Authority key identifier: A4:33:E3:2A:C0:C6:FA:73:5A:6C:7B:E1:44:CF:A3:FC:29:7C:0B:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pDPjKsDG-nNabHvhRM-j_Cl8C5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/8659cf-f824-4f93-8604-b812bd594739/1/1-y3mku53CxfcZTDAjLzjGLNjKug.roa
Signing time: Thu 02 Jan 2025 15:50:46 +0000
ROA not before: Thu 02 Jan 2025 15:50:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28883
IP address blocks: 185.251.48.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:4e:bf:77:01:de:72:a5:da:07:cd:61:de:02:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a433e32ac0c6fa735a6c7be144cfa3fc297c0b98
Validity
Not Before: Jan 2 15:50:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fb2de692ee770b17dc6530c08cbce318b3632ae8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:31:28:ed:5b:c7:4d:12:84:8c:be:b2:71:81:
45:33:ce:79:0f:a0:bb:a5:39:7d:a0:f8:c3:84:71:
33:e6:ce:38:0b:31:86:87:57:31:1e:1b:d2:45:c1:
f2:59:24:7d:96:73:d9:99:c6:0d:35:4a:9a:a7:f6:
0d:df:1a:93:7f:35:7b:8a:4b:6f:9e:9a:22:b5:cb:
59:77:20:c2:82:f1:b7:09:9b:e0:01:65:d6:76:33:
0e:a3:81:16:5c:bc:fd:32:bf:02:5e:ad:26:f8:46:
23:0b:cd:e1:9e:c7:ad:1f:03:09:f7:de:c6:70:81:
bc:a3:1b:ae:bc:43:91:3a:7e:5c:63:a2:5d:83:84:
3c:4b:17:7d:d0:bb:8f:36:c7:59:78:50:25:77:fa:
e6:22:ee:64:4e:a2:00:db:d0:b9:6c:44:65:a0:6d:
8a:3d:f8:5e:3c:1d:13:e0:71:b4:bd:ab:38:e2:70:
ea:8c:84:f9:f3:c1:e9:d0:b4:0f:88:6e:0c:89:72:
69:a5:46:5d:e7:22:94:6d:ce:42:fd:86:6a:8e:c8:
ac:24:6b:6e:7c:21:e6:01:c8:a2:05:b7:a8:1c:c8:
2f:45:d2:cc:cf:73:cf:da:dd:dc:c6:f1:a3:18:73:
bf:d8:e8:13:49:70:dd:11:d4:70:26:bb:63:60:17:
43:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:2D:E6:92:EE:77:0B:17:DC:65:30:C0:8C:BC:E3:18:B3:63:2A:E8
X509v3 Authority Key Identifier:
keyid:A4:33:E3:2A:C0:C6:FA:73:5A:6C:7B:E1:44:CF:A3:FC:29:7C:0B:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pDPjKsDG-nNabHvhRM-j_Cl8C5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/8659cf-f824-4f93-8604-b812bd594739/1/1-y3mku53CxfcZTDAjLzjGLNjKug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/8659cf-f824-4f93-8604-b812bd594739/1/pDPjKsDG-nNabHvhRM-j_Cl8C5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.251.48.0/22
Signature Algorithm: sha256WithRSAEncryption
10:1c:d3:00:97:93:e2:7d:40:b7:ac:27:21:de:81:20:b9:9d:
03:5a:f0:93:86:51:29:ec:9d:ba:91:0e:17:8d:ed:6f:66:37:
e0:7c:c7:d1:64:f0:63:c5:12:49:d8:19:38:f5:56:21:dd:3c:
15:53:43:4c:ab:49:3b:76:c6:2a:0f:84:18:a9:c1:76:8e:05:
08:92:bc:01:19:24:d3:cf:cd:2b:b3:35:43:a7:b4:cd:86:c4:
13:8c:ac:7e:e9:d0:d1:3f:c2:85:51:7d:f0:83:fa:11:30:4a:
94:3c:63:63:7b:9a:aa:1f:51:bc:4e:3b:f6:17:71:41:ef:50:
82:c3:f1:aa:9c:d4:c6:8a:a2:8c:11:c5:33:14:9e:50:df:f8:
32:20:0c:36:69:28:c7:f8:8e:3b:db:84:b7:ba:11:d1:03:01:
55:f1:c1:d3:c4:d1:dc:f6:37:a1:2e:0f:58:fc:c5:8a:f0:1b:
1f:99:1f:83:23:4e:32:20:96:98:a5:a0:f0:b4:08:57:88:2c:
7c:55:0d:c4:8e:99:9c:3c:dd:cc:3f:62:a6:5b:c1:f3:a5:17:
08:2b:e0:14:f9:e5:3f:06:7e:4b:2c:51:48:8c:a9:ba:8f:46:
00:fb:f5:17:a7:ec:7a:d9:b6:f6:7e:09:10:24:b4:d3:92:cb:
9c:38:7b:d2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQntk6/dwHecqXaB81h3gKPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MzNlMzJhYzBjNmZhNzM1YTZjN2JlMTQ0Y2ZhM2ZjMjk3
YzBiOTgwHhcNMjUwMTAyMTU1MDQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjJkZTY5MmVlNzcwYjE3ZGM2NTMwYzA4Y2JjZTMxOGIzNjMyYWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzEo7VvHTRKEjL6ycYFFM855D6C7
pTl9oPjDhHEz5s44CzGGh1cxHhvSRcHyWSR9lnPZmcYNNUqap/YN3xqTfzV7iktv
npoitctZdyDCgvG3CZvgAWXWdjMOo4EWXLz9Mr8CXq0m+EYjC83hnsetHwMJ997G
cIG8oxuuvEOROn5cY6Jdg4Q8Sxd90LuPNsdZeFAld/rmIu5kTqIA29C5bERloG2K
PfhePB0T4HG0vas44nDqjIT588Hp0LQPiG4MiXJppUZd5yKUbc5C/YZqjsisJGtu
fCHmAciiBbeoHMgvRdLMz3PP2t3cxvGjGHO/2OgTSXDdEdRwJrtjYBdDbQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPst5pLudwsX3GUwwIy84xizYyroMB8GA1UdIwQY
MBaAFKQz4yrAxvpzWmx74UTPo/wpfAuYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcERQaktzREctbk5hYkh2aFJNLWpfQ2w4QzVnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi84NjU5Y2YtZjgyNC00ZjkzLTg2MDQt
YjgxMmJkNTk0NzM5LzEvMS15M21rdTUzQ3hmY1pUREFqTHpqR0xOakt1Zy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWIvODY1OWNmLWY4MjQtNGY5My04NjA0LWI4MTJiZDU5NDcz
OS8xL3BEUGpLc0RHLW5OYWJIdmhSTS1qX0NsOEM1Zy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArn7MDAN
BgkqhkiG9w0BAQsFAAOCAQEAEBzTAJeT4n1At6wnId6BILmdA1rwk4ZRKeydupEO
F43tb2Y34HzH0WTwY8USSdgZOPVWId08FVNDTKtJO3bGKg+EGKnBdo4FCJK8ARkk
08/NK7M1Q6e0zYbEE4ysfunQ0T/ChVF98IP6ETBKlDxjY3uaqh9RvE479hdxQe9Q
gsPxqpzUxoqijBHFMxSeUN/4MiAMNmkox/iOO9uEt7oR0QMBVfHB08TR3PY3oS4P
WPzFivAbH5kfgyNOMiCWmKWg8LQIV4gsfFUNxI6ZnDzdzD9iplvB86UXCCvgFPnl
PwZ+SyxRSIypuo9GAPv1F6fsetm29n4JECS005LLnDh70g==
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:34:20 2025 by rpki-client