Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/b53547-d340-4392-af46-615961312b52/1/byQcrAuiWRQX4CZM8oBwym0TcoU.roa
File: byQcrAuiWRQX4CZM8oBwym0TcoU.roa (raw, json)
Hash identifier: 3D/xvuJMKLnO7LUl5h3HzgUm81w69VGcBSZEZwGq/h0=
Subject key identifier: 6F:24:1C:AC:0B:A2:59:14:17:E0:26:4C:F2:80:70:CA:6D:13:72:85
Certificate issuer: /CN=37431f1be9fdc2419098479cde457bbf79571759
Certificate serial: 0195B25D8B23849142706B2DB74809803755
Authority key identifier: 37:43:1F:1B:E9:FD:C2:41:90:98:47:9C:DE:45:7B:BF:79:57:17:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N0MfG-n9wkGQmEec3kV7v3lXF1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/b53547-d340-4392-af46-615961312b52/1/byQcrAuiWRQX4CZM8oBwym0TcoU.roa
Signing time: Thu 20 Mar 2025 07:03:49 +0000
ROA not before: Thu 20 Mar 2025 07:03:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 185.211.132.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b2:5d:8b:23:84:91:42:70:6b:2d:b7:48:09:80:37:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37431f1be9fdc2419098479cde457bbf79571759
Validity
Not Before: Mar 20 07:03:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f241cac0ba2591417e0264cf28070ca6d137285
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:cf:02:e4:46:d2:08:96:dc:9b:88:f5:30:ba:
84:cf:62:17:51:2d:3e:f0:76:c7:39:53:1d:a8:c1:
15:96:18:13:ff:3c:3b:0f:40:ab:3c:6a:66:a4:21:
57:b8:e0:ea:81:38:40:06:44:74:7f:78:09:c2:b4:
7e:5d:43:8b:20:e2:35:03:48:cd:aa:90:d7:fe:fd:
84:d7:28:ad:5b:49:18:83:d6:32:a8:28:77:a8:6b:
8d:ea:52:e7:e1:2f:22:de:20:b6:41:3f:cf:80:a6:
cc:0c:58:01:58:b2:5b:36:f2:c6:dc:b8:ac:0f:15:
ce:6c:99:cd:d6:72:ba:c2:36:df:eb:d5:3a:1b:91:
b0:a0:ac:12:d7:e1:5b:b6:06:2e:59:ce:ae:77:3a:
70:36:02:47:a1:57:30:4f:ed:b8:d4:b6:bb:b5:6b:
0b:17:81:a6:b4:3e:2b:d4:72:9c:67:11:11:3f:0b:
53:fa:7f:cb:c7:b1:82:2d:86:c8:26:cc:be:48:02:
e5:85:67:ab:d7:6c:ff:07:99:d5:95:05:cb:7b:4b:
6a:ac:bd:90:a8:f8:9b:51:ad:44:4d:8e:42:c3:75:
f9:d9:54:91:9a:8d:44:c1:b4:7d:73:3f:d9:68:f4:
fa:1e:58:98:6d:14:50:32:9e:52:14:e6:b3:ca:17:
7a:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:24:1C:AC:0B:A2:59:14:17:E0:26:4C:F2:80:70:CA:6D:13:72:85
X509v3 Authority Key Identifier:
keyid:37:43:1F:1B:E9:FD:C2:41:90:98:47:9C:DE:45:7B:BF:79:57:17:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N0MfG-n9wkGQmEec3kV7v3lXF1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/b53547-d340-4392-af46-615961312b52/1/byQcrAuiWRQX4CZM8oBwym0TcoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/b53547-d340-4392-af46-615961312b52/1/N0MfG-n9wkGQmEec3kV7v3lXF1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.132.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:97:50:9b:ad:ec:b6:29:4a:e6:73:4c:19:46:3d:dc:80:a1:
ed:24:0e:7c:2a:5d:05:d7:f0:94:2f:db:cd:84:14:65:34:b4:
ec:0c:15:90:d2:b2:5d:92:e2:91:81:6c:77:b4:ab:9a:f8:75:
37:00:4a:7b:75:ad:c8:71:d0:c9:e6:71:b7:21:d8:7d:65:fa:
d0:fa:b2:cb:7c:e7:c8:f5:b3:87:4f:58:01:98:3b:e6:cd:4e:
23:0b:00:c3:7d:20:c1:d7:ca:22:41:56:c8:d3:3c:2f:a2:5f:
5a:f9:87:7e:e8:d5:a3:b2:d8:13:bf:34:81:27:de:74:2d:13:
bb:68:6f:dd:ac:f7:44:d8:95:c1:6e:86:1e:d8:c1:b4:d5:22:
70:c4:e3:d1:aa:f5:ce:15:3c:13:49:4d:31:85:3e:6c:f2:5d:
5b:5f:3f:29:71:97:92:0e:9c:c3:a9:bf:d3:dd:d4:fc:fc:70:
30:a6:9e:99:8d:fb:ed:7a:a5:0e:17:37:b0:5f:2f:a8:a9:37:
ff:6b:15:48:d3:f4:67:c7:45:e3:fc:75:66:ca:f7:1d:02:9c:
bf:9e:2c:55:a8:55:17:c5:79:10:5f:bb:48:6b:dc:2b:87:4a:
2c:39:40:a9:fd:04:0f:d4:2b:32:bb:f3:dd:b6:6c:5d:8c:5d:
9b:6d:41:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWyXYsjhJFCcGstt0gJgDdVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NDMxZjFiZTlmZGMyNDE5MDk4NDc5Y2RlNDU3YmJmNzk1
NzE3NTkwHhcNMjUwMzIwMDcwMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjI0MWNhYzBiYTI1OTE0MTdlMDI2NGNmMjgwNzBjYTZkMTM3Mjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnc8C5EbSCJbcm4j1MLqEz2IXUS0+
8HbHOVMdqMEVlhgT/zw7D0CrPGpmpCFXuODqgThABkR0f3gJwrR+XUOLIOI1A0jN
qpDX/v2E1yitW0kYg9YyqCh3qGuN6lLn4S8i3iC2QT/PgKbMDFgBWLJbNvLG3Lis
DxXObJnN1nK6wjbf69U6G5GwoKwS1+FbtgYuWc6udzpwNgJHoVcwT+241La7tWsL
F4GmtD4r1HKcZxERPwtT+n/Lx7GCLYbIJsy+SALlhWer12z/B5nVlQXLe0tqrL2Q
qPibUa1ETY5Cw3X52VSRmo1EwbR9cz/ZaPT6HliYbRRQMp5SFOazyhd6mQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG8kHKwLolkUF+AmTPKAcMptE3KFMB8GA1UdIwQY
MBaAFDdDHxvp/cJBkJhHnN5Fe795VxdZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjBNZkctbjl3a0dRbUVlYzNrVjd2M2xYRjFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9iNTM1NDctZDM0MC00MzkyLWFmNDYt
NjE1OTYxMzEyYjUyLzEvYnlRY3JBdWlXUlFYNENaTThvQnd5bTBUY29VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9iNTM1NDctZDM0MC00MzkyLWFmNDYtNjE1OTYxMzEyYjUy
LzEvTjBNZkctbjl3a0dRbUVlYzNrVjd2M2xYRjFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudOEMA0G
CSqGSIb3DQEBCwUAA4IBAQAOl1Cbrey2KUrmc0wZRj3cgKHtJA58Kl0F1/CUL9vN
hBRlNLTsDBWQ0rJdkuKRgWx3tKua+HU3AEp7da3IcdDJ5nG3Idh9ZfrQ+rLLfOfI
9bOHT1gBmDvmzU4jCwDDfSDB18oiQVbI0zwvol9a+Yd+6NWjstgTvzSBJ950LRO7
aG/drPdE2JXBboYe2MG01SJwxOPRqvXOFTwTSU0xhT5s8l1bXz8pcZeSDpzDqb/T
3dT8/HAwpp6ZjfvteqUOFzewXy+oqTf/axVI0/Rnx0Xj/HVmyvcdApy/nixVqFUX
xXkQX7tIa9wrh0osOUCp/QQP1Csyu/PdtmxdjF2bbUEe
-----END CERTIFICATE-----
Generated at Wed Apr 9 21:35:46 2025 by rpki-client