Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/1-VympxjBDWi5MNPd5PqkAiFK8cw.roa
File: 1-VympxjBDWi5MNPd5PqkAiFK8cw.roa (raw, json)
Hash identifier: g9oAglIOu05tbBj4MBirO8ol3RXV21sLtMa1CGtPD7w=
Subject key identifier: F9:5C:A6:A7:18:C1:0D:68:B9:30:D3:DD:E4:FA:A4:02:21:4A:F1:CC
Certificate issuer: /CN=8d89223c1f335c0cc569359fa2dda349a2236ccb
Certificate serial: 019424449AC0FC4D7AC7262687BDF7E668EF
Authority key identifier: 8D:89:22:3C:1F:33:5C:0C:C5:69:35:9F:A2:DD:A3:49:A2:23:6C:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYkiPB8zXAzFaTWfot2jSaIjbMs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/1-VympxjBDWi5MNPd5PqkAiFK8cw.roa
Signing time: Wed 01 Jan 2025 23:47:43 +0000
ROA not before: Wed 01 Jan 2025 23:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15924
IP address blocks: 185.213.168.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:9a:c0:fc:4d:7a:c7:26:26:87:bd:f7:e6:68:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d89223c1f335c0cc569359fa2dda349a2236ccb
Validity
Not Before: Jan 1 23:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f95ca6a718c10d68b930d3dde4faa402214af1cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:43:5f:13:d0:21:24:93:f3:3c:71:53:7a:2f:
d6:ca:e6:7a:b8:1e:2c:8b:fb:96:a6:de:8e:78:08:
3c:a6:ac:e3:d6:fc:d7:9d:19:44:7e:98:46:73:3f:
a3:ab:91:03:5c:4a:79:5b:a1:c2:61:97:39:10:ff:
83:99:c9:d3:06:5a:0c:e4:e8:b3:e8:72:74:45:0f:
55:a3:8b:d4:b6:72:92:88:33:db:f0:c6:5b:20:6b:
0a:e7:d9:ab:d0:55:26:17:55:46:5c:e9:26:1e:5a:
6d:1c:28:d7:01:7b:d2:06:e6:a2:57:e6:08:14:6d:
cc:33:fa:52:2d:df:e4:ed:f0:15:70:3a:0a:0f:27:
37:82:98:f4:a7:92:81:ca:a8:5a:2e:6c:99:cb:9c:
ef:15:cc:e9:2c:49:df:3e:de:ae:eb:0c:59:da:28:
f5:38:ee:9e:71:41:c1:05:39:e8:95:37:77:1a:f9:
c7:49:5a:5b:9a:40:81:fc:c3:c9:fe:55:e1:91:25:
3d:c5:69:ce:7a:05:e6:11:83:cd:33:6f:a4:db:c2:
42:fa:67:8d:6b:5a:45:36:74:74:0d:f4:c4:45:e0:
2a:99:58:98:65:67:39:32:3c:0e:63:54:97:63:2a:
37:c8:db:2e:48:47:23:9c:f7:6e:89:1e:d5:2b:29:
bc:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:5C:A6:A7:18:C1:0D:68:B9:30:D3:DD:E4:FA:A4:02:21:4A:F1:CC
X509v3 Authority Key Identifier:
keyid:8D:89:22:3C:1F:33:5C:0C:C5:69:35:9F:A2:DD:A3:49:A2:23:6C:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYkiPB8zXAzFaTWfot2jSaIjbMs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/1-VympxjBDWi5MNPd5PqkAiFK8cw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/jYkiPB8zXAzFaTWfot2jSaIjbMs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.168.0/24
Signature Algorithm: sha256WithRSAEncryption
19:c3:34:a8:51:84:18:8f:a4:6b:67:ce:7b:48:93:28:ff:53:
d7:14:62:49:33:1f:49:bb:08:c7:8f:05:3c:02:60:a4:8a:ba:
86:06:31:c0:18:8a:32:b7:df:17:00:18:ff:2a:dc:7a:dc:27:
83:67:4a:4d:ad:bd:07:02:45:0e:35:65:c8:67:0b:3a:dc:86:
fe:3b:44:b9:11:69:43:dc:0c:fc:7d:dc:9c:2f:4e:f6:11:ee:
7c:64:29:60:b1:24:4b:77:02:9a:2c:ca:92:8d:a3:fa:09:8f:
e9:d3:78:fe:eb:94:94:a4:c0:18:97:48:4d:41:92:05:7c:77:
ea:5e:3f:f4:e5:6d:b2:86:36:74:0d:db:0b:6b:5c:3a:8f:8b:
3d:62:1a:b2:44:1b:30:44:8f:a8:79:f0:b0:70:a4:a6:1a:ed:
59:7a:f7:f5:70:fe:36:4c:41:19:ad:a3:ca:c4:b3:ba:f0:36:
6e:33:28:5f:0b:6c:fa:29:51:72:d3:a8:ed:ee:61:ad:3c:af:
e2:43:26:9a:37:ee:df:1f:eb:b3:42:e9:08:8a:c3:52:9d:85:
0e:91:14:cd:06:be:f7:57:4e:6a:58:41:95:48:b9:0c:25:11:
bc:b4:59:ec:96:a3:0b:a0:16:a8:4c:9a:9d:17:ea:7b:52:71:
e7:77:55:31
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQkRJrA/E16xyYmh7335mjvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODkyMjNjMWYzMzVjMGNjNTY5MzU5ZmEyZGRhMzQ5YTIy
MzZjY2IwHhcNMjUwMTAxMjM0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTVjYTZhNzE4YzEwZDY4YjkzMGQzZGRlNGZhYTQwMjIxNGFmMWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUNfE9AhJJPzPHFTei/WyuZ6uB4s
i/uWpt6OeAg8pqzj1vzXnRlEfphGcz+jq5EDXEp5W6HCYZc5EP+DmcnTBloM5Oiz
6HJ0RQ9Vo4vUtnKSiDPb8MZbIGsK59mr0FUmF1VGXOkmHlptHCjXAXvSBuaiV+YI
FG3MM/pSLd/k7fAVcDoKDyc3gpj0p5KByqhaLmyZy5zvFczpLEnfPt6u6wxZ2ij1
OO6ecUHBBTnolTd3GvnHSVpbmkCB/MPJ/lXhkSU9xWnOegXmEYPNM2+k28JC+meN
a1pFNnR0DfTEReAqmViYZWc5MjwOY1SXYyo3yNsuSEcjnPduiR7VKym8GQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPlcpqcYwQ1ouTDT3eT6pAIhSvHMMB8GA1UdIwQY
MBaAFI2JIjwfM1wMxWk1n6Ldo0miI2zLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallraVBCOHpYQXpGYVRXZm90MmpTYUlqYk1zLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81MmExMGQtZDg1MS00MGFlLWE4YjAt
YTEwMjhlZGE2MzgzLzEvMS1WeW1weGpCRFdpNU1OUGQ1UHFrQWlGSzhjdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWMvNTJhMTBkLWQ4NTEtNDBhZS1hOGIwLWExMDI4ZWRhNjM4
My8xL2pZa2lQQjh6WEF6RmFUV2ZvdDJqU2FJamJNcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnVqDAN
BgkqhkiG9w0BAQsFAAOCAQEAGcM0qFGEGI+ka2fOe0iTKP9T1xRiSTMfSbsIx48F
PAJgpIq6hgYxwBiKMrffFwAY/yrcetwng2dKTa29BwJFDjVlyGcLOtyG/jtEuRFp
Q9wM/H3cnC9O9hHufGQpYLEkS3cCmizKko2j+gmP6dN4/uuUlKTAGJdITUGSBXx3
6l4/9OVtsoY2dA3bC2tcOo+LPWIaskQbMESPqHnwsHCkphrtWXr39XD+NkxBGa2j
ysSzuvA2bjMoXwts+ilRctOo7e5hrTyv4kMmmjfu3x/rs0LpCIrDUp2FDpEUzQa+
91dOalhBlUi5DCURvLRZ7JajC6AWqEyanRfqe1Jx53dVMQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:08:34 2025 by rpki-client