Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/1eeba8-7399-4bca-9341-ce882a5054c6/1/IwEBndBJay-42UjStrqkUigiaxw.roa
File: IwEBndBJay-42UjStrqkUigiaxw.roa (raw, json)
Hash identifier: K30WoUV1lkACaXc+c2n1S5YA0J82XCcvxybes+V2uGY=
Subject key identifier: 23:01:01:9D:D0:49:6B:2F:B8:D9:48:D2:B6:BA:A4:52:28:22:6B:1C
Certificate issuer: /CN=1cecefd9eadb2d5284d713b94b56d3abbc10e9e5
Certificate serial: 019423D6FC5033CA85AE3C07FFBF7F76DC54
Authority key identifier: 1C:EC:EF:D9:EA:DB:2D:52:84:D7:13:B9:4B:56:D3:AB:BC:10:E9:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HOzv2erbLVKE1xO5S1bTq7wQ6eU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/1eeba8-7399-4bca-9341-ce882a5054c6/1/IwEBndBJay-42UjStrqkUigiaxw.roa
Signing time: Wed 01 Jan 2025 21:47:59 +0000
ROA not before: Wed 01 Jan 2025 21:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4766
IP address blocks: 185.119.197.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:fc:50:33:ca:85:ae:3c:07:ff:bf:7f:76:dc:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cecefd9eadb2d5284d713b94b56d3abbc10e9e5
Validity
Not Before: Jan 1 21:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2301019dd0496b2fb8d948d2b6baa45228226b1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:47:00:8c:27:39:c6:a0:14:b1:f3:04:d2:be:
9c:4e:2a:63:b1:d8:4a:74:76:ac:f6:53:22:4f:48:
29:2b:c9:0c:63:2a:83:b6:d7:2d:e5:1a:bd:57:52:
2a:d8:b3:79:ce:ea:bb:98:73:16:f5:2e:9f:77:e0:
fa:73:28:ec:ef:e8:08:89:b6:b1:db:e7:61:c1:67:
06:62:65:82:03:07:37:11:8a:8c:07:10:c8:d6:47:
ee:0c:2d:f7:b8:fb:2c:65:8d:cd:27:f5:1f:2d:64:
50:04:30:d3:2e:e5:f7:79:d6:ad:cb:8f:81:18:a1:
a0:98:e4:bc:a8:68:dd:cc:a6:46:f4:13:8b:ad:01:
45:4c:62:16:90:9a:18:04:0e:41:53:07:05:d1:70:
d9:0f:c2:c0:ee:31:87:0f:6a:cd:71:7b:3f:6b:05:
e2:33:99:48:07:80:69:eb:05:9e:56:24:3f:21:f8:
9f:9b:d8:5b:bd:e0:3e:ec:b8:a9:2a:d2:9b:58:f2:
03:3b:7d:6f:8a:05:01:2b:54:8f:f7:72:7e:4b:04:
60:ea:84:9c:c5:01:be:bc:5b:1a:1b:c1:90:ce:4e:
26:5b:65:ba:9d:e8:cb:1f:27:08:23:9c:ed:a6:34:
82:a1:56:97:0a:48:03:88:72:64:98:07:ba:3b:56:
58:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:01:01:9D:D0:49:6B:2F:B8:D9:48:D2:B6:BA:A4:52:28:22:6B:1C
X509v3 Authority Key Identifier:
keyid:1C:EC:EF:D9:EA:DB:2D:52:84:D7:13:B9:4B:56:D3:AB:BC:10:E9:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HOzv2erbLVKE1xO5S1bTq7wQ6eU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/1eeba8-7399-4bca-9341-ce882a5054c6/1/IwEBndBJay-42UjStrqkUigiaxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/1eeba8-7399-4bca-9341-ce882a5054c6/1/HOzv2erbLVKE1xO5S1bTq7wQ6eU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.197.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:03:34:cb:36:ab:3a:75:e2:53:c6:98:bd:2f:e4:1f:57:fe:
14:58:c0:d7:b2:9a:1e:4e:7f:08:60:91:c2:35:73:58:cf:12:
f8:99:a9:2b:3f:98:74:e4:08:8f:69:44:e1:dd:d0:92:4f:26:
09:1e:77:12:ac:01:de:69:90:13:be:e2:41:c9:fa:ca:71:63:
98:34:41:ae:49:a9:b6:0d:1e:f5:ad:c3:f2:20:e4:50:9f:91:
b7:5f:09:86:95:3c:79:ac:be:3e:9b:48:58:87:d5:07:ae:a3:
05:aa:d2:98:2c:ae:f3:6f:87:e3:e4:9e:54:9a:a8:86:bd:c6:
9f:db:bf:54:0b:7e:3e:a5:36:ae:e0:3f:14:2e:0d:a0:4f:8e:
99:c7:7e:21:3b:71:6a:43:33:79:bb:ad:18:f1:5b:94:52:5e:
4b:83:94:94:9a:bc:c9:7f:5d:72:95:20:76:00:dc:ed:59:60:
78:8f:0f:ba:98:61:f2:77:64:36:0b:ea:b1:7c:79:bf:45:33:
91:30:15:b5:b6:da:a5:13:d6:da:77:c9:7f:d3:f9:6b:aa:b0:
a6:ca:5e:50:4d:ea:69:29:c7:ce:6e:0c:8d:8e:c4:e6:61:5c:
54:71:f1:1b:f1:80:e0:f4:1d:ac:bb:c1:ea:e3:89:1c:29:c3:
37:db:cf:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1vxQM8qFrjwH/79/dtxUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZWNlZmQ5ZWFkYjJkNTI4NGQ3MTNiOTRiNTZkM2FiYmMx
MGU5ZTUwHhcNMjUwMTAxMjE0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzAxMDE5ZGQwNDk2YjJmYjhkOTQ4ZDJiNmJhYTQ1MjI4MjI2YjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUcAjCc5xqAUsfME0r6cTipjsdhK
dHas9lMiT0gpK8kMYyqDttct5Rq9V1Iq2LN5zuq7mHMW9S6fd+D6cyjs7+gIibax
2+dhwWcGYmWCAwc3EYqMBxDI1kfuDC33uPssZY3NJ/UfLWRQBDDTLuX3edaty4+B
GKGgmOS8qGjdzKZG9BOLrQFFTGIWkJoYBA5BUwcF0XDZD8LA7jGHD2rNcXs/awXi
M5lIB4Bp6wWeViQ/Ififm9hbveA+7LipKtKbWPIDO31vigUBK1SP93J+SwRg6oSc
xQG+vFsaG8GQzk4mW2W6nejLHycII5ztpjSCoVaXCkgDiHJkmAe6O1ZYXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCMBAZ3QSWsvuNlI0ra6pFIoImscMB8GA1UdIwQY
MBaAFBzs79nq2y1ShNcTuUtW06u8EOnlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE96djJlcmJMVktFMXhPNVMxYlRxN3dRNmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8xZWViYTgtNzM5OS00YmNhLTkzNDEt
Y2U4ODJhNTA1NGM2LzEvSXdFQm5kQkpheS00MlVqU3RycWtVaWdpYXh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8xZWViYTgtNzM5OS00YmNhLTkzNDEtY2U4ODJhNTA1NGM2
LzEvSE96djJlcmJMVktFMXhPNVMxYlRxN3dRNmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXfFMA0G
CSqGSIb3DQEBCwUAA4IBAQAKAzTLNqs6deJTxpi9L+QfV/4UWMDXspoeTn8IYJHC
NXNYzxL4makrP5h05AiPaUTh3dCSTyYJHncSrAHeaZATvuJByfrKcWOYNEGuSam2
DR71rcPyIORQn5G3XwmGlTx5rL4+m0hYh9UHrqMFqtKYLK7zb4fj5J5UmqiGvcaf
279UC34+pTau4D8ULg2gT46Zx34hO3FqQzN5u60Y8VuUUl5Lg5SUmrzJf11ylSB2
ANztWWB4jw+6mGHyd2Q2C+qxfHm/RTORMBW1ttqlE9bad8l/0/lrqrCmyl5QTepp
KcfObgyNjsTmYVxUcfEb8YDg9B2su8Hq44kcKcM3289u
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:22 2025 by rpki-client