Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/Dk5BhXJ_gIsgQ0utb4gvZ39LMIc.roa
File: Dk5BhXJ_gIsgQ0utb4gvZ39LMIc.roa (raw, json)
Hash identifier: 9IdU4NLUHr5S9QPXNXQfwW6+YPaEhUYFtSNkpxSH/2Q=
Subject key identifier: 0E:4E:41:85:72:7F:80:8B:20:43:4B:AD:6F:88:2F:67:7F:4B:30:87
Certificate issuer: /CN=877aad307ad330ebb8cf44ec21389a170436fd53
Certificate serial: 019426D9F5FBF334F4FC10671B9BD6046523
Authority key identifier: 87:7A:AD:30:7A:D3:30:EB:B8:CF:44:EC:21:38:9A:17:04:36:FD:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3qtMHrTMOu4z0TsITiaFwQ2_VM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/Dk5BhXJ_gIsgQ0utb4gvZ39LMIc.roa
Signing time: Thu 02 Jan 2025 11:50:06 +0000
ROA not before: Thu 02 Jan 2025 11:50:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199272
IP address blocks: 185.14.24.0/22 maxlen: 22
185.14.24.0/24 maxlen: 24
185.14.25.0/24 maxlen: 24
185.14.26.0/24 maxlen: 24
185.14.27.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:f5:fb:f3:34:f4:fc:10:67:1b:9b:d6:04:65:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=877aad307ad330ebb8cf44ec21389a170436fd53
Validity
Not Before: Jan 2 11:50:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e4e4185727f808b20434bad6f882f677f4b3087
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:6d:50:4b:55:4c:e8:46:b6:fc:9a:db:9d:c3:
5e:36:d9:9b:85:1e:e2:bd:e4:04:8d:e8:1e:09:1a:
36:36:ae:90:aa:e2:ee:89:5f:e6:11:9d:01:68:48:
15:77:34:82:66:31:5d:67:13:81:00:28:a3:22:65:
0a:d1:fd:0e:7e:68:3e:e2:59:73:03:9b:92:25:66:
e5:ed:73:eb:68:79:f1:ba:ea:75:18:a8:8d:91:80:
6f:37:d8:5f:81:c8:c3:13:73:14:bc:fb:a1:68:c4:
d2:50:b0:d1:d1:f1:ca:cb:dc:03:bc:f7:f1:20:01:
95:43:3f:57:50:3b:36:53:fa:0b:76:48:1a:3a:ee:
79:9d:0c:af:a5:53:5b:fc:0b:ff:62:03:17:e9:b1:
7b:25:d4:48:91:c3:eb:6e:2c:c9:d7:76:09:4e:ce:
08:5e:66:dc:be:8b:4e:5c:0a:9a:27:f7:82:f2:aa:
3c:7d:88:07:6c:a6:ce:1e:06:f4:a1:bb:46:ce:2c:
ef:51:0a:d6:66:74:5f:73:e2:ef:40:fd:25:2d:1f:
9e:3d:58:1f:50:c7:ae:86:95:6c:84:b1:4d:a3:71:
8b:b7:77:51:07:c6:12:e5:9c:e7:86:00:1e:64:ec:
19:7d:0d:ba:d5:c7:81:9e:e0:9d:d6:2d:1a:3a:5d:
d1:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:4E:41:85:72:7F:80:8B:20:43:4B:AD:6F:88:2F:67:7F:4B:30:87
X509v3 Authority Key Identifier:
keyid:87:7A:AD:30:7A:D3:30:EB:B8:CF:44:EC:21:38:9A:17:04:36:FD:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3qtMHrTMOu4z0TsITiaFwQ2_VM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/Dk5BhXJ_gIsgQ0utb4gvZ39LMIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/h3qtMHrTMOu4z0TsITiaFwQ2_VM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.24.0/22
Signature Algorithm: sha256WithRSAEncryption
46:94:fd:9e:69:ab:ad:1c:98:c5:e6:6a:8e:a7:3c:6d:d2:a9:
48:6c:49:90:65:4b:c7:b2:fd:9c:0a:f2:62:3c:f1:cc:37:07:
d1:84:4b:58:ae:eb:ee:f1:fd:46:9c:2a:77:c3:74:14:c3:4b:
6c:18:70:95:59:b5:d5:02:a0:6d:a1:a3:14:ed:d6:cc:62:6e:
9d:95:65:35:8d:41:92:44:91:7c:59:cb:1f:7b:4a:d3:98:5c:
01:d1:55:61:8b:03:9a:cd:ba:05:18:5b:c5:d0:0c:93:30:1e:
7d:68:04:d5:74:cd:2c:00:4a:ce:53:b3:59:41:01:cd:81:7e:
87:f3:40:83:fc:da:f8:a1:a0:02:be:01:e4:a7:e4:43:26:8c:
8e:71:fa:d2:aa:aa:0f:09:c7:10:0e:db:40:b4:06:a0:70:21:
47:86:15:86:2e:11:e2:2d:c3:db:5c:77:db:32:e8:72:f4:5f:
fd:a1:51:8d:4d:61:01:f4:3f:61:0a:ca:30:92:7d:e8:b6:06:
b2:67:a4:06:88:a1:c6:1e:ae:aa:03:e4:c8:42:5d:63:bb:a3:
4e:67:72:c2:bc:2b:7f:f1:62:6b:79:09:fe:be:5a:3b:f7:94:
db:7f:07:4d:f9:d6:7b:8c:8a:41:ad:59:d2:12:ef:15:43:a7:
d1:83:5f:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2fX78zT0/BBnG5vWBGUjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3N2FhZDMwN2FkMzMwZWJiOGNmNDRlYzIxMzg5YTE3MDQz
NmZkNTMwHhcNMjUwMTAyMTE1MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTRlNDE4NTcyN2Y4MDhiMjA0MzRiYWQ2Zjg4MmY2NzdmNGIzMDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhm1QS1VM6Ea2/JrbncNeNtmbhR7i
veQEjegeCRo2Nq6QquLuiV/mEZ0BaEgVdzSCZjFdZxOBACijImUK0f0Ofmg+4llz
A5uSJWbl7XPraHnxuup1GKiNkYBvN9hfgcjDE3MUvPuhaMTSULDR0fHKy9wDvPfx
IAGVQz9XUDs2U/oLdkgaOu55nQyvpVNb/Av/YgMX6bF7JdRIkcPrbizJ13YJTs4I
XmbcvotOXAqaJ/eC8qo8fYgHbKbOHgb0obtGzizvUQrWZnRfc+LvQP0lLR+ePVgf
UMeuhpVshLFNo3GLt3dRB8YS5ZznhgAeZOwZfQ261ceBnuCd1i0aOl3RLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA5OQYVyf4CLIENLrW+IL2d/SzCHMB8GA1UdIwQY
MBaAFId6rTB60zDruM9E7CE4mhcENv1TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNxdE1IclRNT3U0ejBUc0lUaWFGd1EyX1ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS85YWUyMjEtYzEwMS00OTdmLTkxZmUt
NTA4MDk5YzEzM2JiLzEvRGs1QmhYSl9nSXNnUTB1dGI0Z3ZaMzlMTUljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS85YWUyMjEtYzEwMS00OTdmLTkxZmUtNTA4MDk5YzEzM2Ji
LzEvaDNxdE1IclRNT3U0ejBUc0lUaWFGd1EyX1ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQ4YMA0G
CSqGSIb3DQEBCwUAA4IBAQBGlP2eaautHJjF5mqOpzxt0qlIbEmQZUvHsv2cCvJi
PPHMNwfRhEtYruvu8f1GnCp3w3QUw0tsGHCVWbXVAqBtoaMU7dbMYm6dlWU1jUGS
RJF8Wcsfe0rTmFwB0VVhiwOazboFGFvF0AyTMB59aATVdM0sAErOU7NZQQHNgX6H
80CD/Nr4oaACvgHkp+RDJoyOcfrSqqoPCccQDttAtAagcCFHhhWGLhHiLcPbXHfb
Muhy9F/9oVGNTWEB9D9hCsowkn3otgayZ6QGiKHGHq6qA+TIQl1ju6NOZ3LCvCt/
8WJreQn+vlo795TbfwdN+dZ7jIpBrVnSEu8VQ6fRg18Y
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:15:42 2025 by rpki-client