Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/IJUrnOsXqWHMR09b2WThxrOzZ7I.roa
File: IJUrnOsXqWHMR09b2WThxrOzZ7I.roa (raw, json)
Hash identifier: pLY1rvU8nCKjlyh0WPOsU89VyudJIjrK5QOTjl/IWbY=
Subject key identifier: 20:95:2B:9C:EB:17:A9:61:CC:47:4F:5B:D9:64:E1:C6:B3:B3:67:B2
Certificate issuer: /CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Certificate serial: 0194228DF135FD74735FD2FC0060ED7BCEEC
Authority key identifier: 5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/IJUrnOsXqWHMR09b2WThxrOzZ7I.roa
Signing time: Wed 01 Jan 2025 15:48:35 +0000
ROA not before: Wed 01 Jan 2025 15:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203000
IP address blocks: 185.79.96.0/22 maxlen: 32
185.79.96.0/24 maxlen: 32
185.79.97.0/24 maxlen: 32
185.79.98.0/24 maxlen: 32
185.79.99.0/24 maxlen: 32
185.129.116.0/22 maxlen: 32
185.129.116.0/24 maxlen: 32
185.129.117.0/24 maxlen: 32
185.129.118.0/24 maxlen: 32
185.129.119.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:f1:35:fd:74:73:5f:d2:fc:00:60:ed:7b:ce:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Validity
Not Before: Jan 1 15:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20952b9ceb17a961cc474f5bd964e1c6b3b367b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c7:0e:10:35:0b:fc:6c:8d:6e:a0:c3:0a:6a:
09:2f:51:e1:e4:9e:66:6f:00:4a:1a:20:6e:3c:ab:
65:c0:1f:fc:ff:86:32:50:b3:da:c2:dc:4b:48:63:
e5:ec:60:bb:a8:50:e5:d1:c9:ac:94:ef:b1:79:93:
c0:03:ea:7f:52:24:c1:85:a5:53:ba:d7:1b:19:90:
17:aa:bf:41:16:62:0d:98:00:b1:86:03:0c:ca:5e:
3b:e5:3d:0d:83:f2:06:dd:a8:e1:98:22:77:57:0e:
74:9d:3f:ba:53:2f:6b:37:9e:0a:aa:a5:f9:af:60:
10:67:33:10:52:8a:bd:0c:72:50:73:6b:42:a5:cd:
61:5b:8f:b8:63:fe:23:ab:d9:e0:d3:1f:b6:52:31:
b4:5b:d9:bc:f4:7e:e4:1c:d3:ff:d9:5e:cf:78:5f:
65:1d:ea:78:40:87:8d:2e:13:e1:83:21:b7:48:9c:
05:5f:35:07:d6:bf:cb:d9:17:2a:50:4a:1f:b4:56:
b4:11:62:0b:04:06:9e:c5:b3:32:0c:be:17:e1:fb:
5c:5a:9c:c4:aa:50:2b:a0:b0:6c:3a:7a:be:fc:8c:
e7:37:4d:e4:95:00:9b:26:e1:7f:61:32:a1:02:65:
11:6f:2b:71:4f:2c:8a:e5:c7:fc:1b:40:4a:dd:62:
93:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:95:2B:9C:EB:17:A9:61:CC:47:4F:5B:D9:64:E1:C6:B3:B3:67:B2
X509v3 Authority Key Identifier:
keyid:5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/IJUrnOsXqWHMR09b2WThxrOzZ7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.96.0/22
185.129.116.0/22
Signature Algorithm: sha256WithRSAEncryption
c7:b3:bc:b5:83:57:f2:63:3d:ad:47:cc:2e:0d:7e:51:c5:a9:
75:ea:5f:f5:22:c6:c6:d1:aa:d6:8f:6f:74:d1:5a:8f:bd:06:
e5:d3:b3:32:61:d9:b2:72:f3:6a:a1:1f:d7:35:80:e9:48:a9:
d0:a1:31:8a:1d:b7:83:cf:ef:00:a0:66:bc:38:59:fc:9a:d9:
55:c0:4a:40:d9:0e:62:aa:95:7d:28:00:82:61:bb:2b:70:d2:
af:e4:2d:58:ea:0f:15:51:c2:85:ff:f7:3d:42:d6:04:c8:37:
4f:55:f2:dd:cd:9e:b9:2e:bb:74:cf:5b:ad:5d:59:99:14:28:
14:bd:76:c8:9e:0d:18:ab:2c:ec:a0:cb:cb:31:63:61:bb:c7:
03:5d:fc:b3:ae:9f:b7:eb:ca:0f:61:5f:d8:de:1a:34:3f:9c:
45:8d:4c:3b:18:a5:c6:86:e1:a0:07:e4:48:d3:86:c8:b8:72:
7d:7a:27:77:98:62:bb:e2:6d:3e:dc:2d:ba:05:e2:16:00:91:
ea:d4:97:c8:ea:d5:05:0a:b7:3b:45:48:70:cf:98:fe:b9:1c:
56:2d:7b:ed:1d:53:8d:4b:a1:73:2d:4d:cc:9e:9f:2e:d5:5f:
60:31:5b:96:34:20:c0:aa:f9:9e:48:96:bc:b8:6a:41:cc:9b:
95:6a:c9:ff
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQijfE1/XRzX9L8AGDte87sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNTI2MzRhMmViMDNmODU2NWI1ZTMzZGMyYjlmNDkwNDFm
N2NmYjAwHhcNMjUwMTAxMTU0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDk1MmI5Y2ViMTdhOTYxY2M0NzRmNWJkOTY0ZTFjNmIzYjM2N2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApccOEDUL/GyNbqDDCmoJL1Hh5J5m
bwBKGiBuPKtlwB/8/4YyULPawtxLSGPl7GC7qFDl0cmslO+xeZPAA+p/UiTBhaVT
utcbGZAXqr9BFmINmACxhgMMyl475T0Ng/IG3ajhmCJ3Vw50nT+6Uy9rN54KqqX5
r2AQZzMQUoq9DHJQc2tCpc1hW4+4Y/4jq9ng0x+2UjG0W9m89H7kHNP/2V7PeF9l
Hep4QIeNLhPhgyG3SJwFXzUH1r/L2RcqUEoftFa0EWILBAaexbMyDL4X4ftcWpzE
qlAroLBsOnq+/IznN03klQCbJuF/YTKhAmURbytxTyyK5cf8G0BK3WKTnwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCCVK5zrF6lhzEdPW9lk4cazs2eyMB8GA1UdIwQY
MBaAFFtSY0ousD+FZbXjPcK59JBB98+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUt
ZGM2NTU0ZmQxMjM1LzEvSUpVcm5Pc1hxV0hNUjA5YjJXVGh4ck96WjdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUtZGM2NTU0ZmQxMjM1
LzEvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuU9gAwQC
uYF0MA0GCSqGSIb3DQEBCwUAA4IBAQDHs7y1g1fyYz2tR8wuDX5Rxal16l/1IsbG
0arWj2900VqPvQbl07MyYdmycvNqoR/XNYDpSKnQoTGKHbeDz+8AoGa8OFn8mtlV
wEpA2Q5iqpV9KACCYbsrcNKv5C1Y6g8VUcKF//c9QtYEyDdPVfLdzZ65Lrt0z1ut
XVmZFCgUvXbIng0YqyzsoMvLMWNhu8cDXfyzrp+368oPYV/Y3ho0P5xFjUw7GKXG
huGgB+RI04bIuHJ9eid3mGK74m0+3C26BeIWAJHq1JfI6tUFCrc7RUhwz5j+uRxW
LXvtHVONS6FzLU3Mnp8u1V9gMVuWNCDAqvmeSJa8uGpBzJuVasn/
-----END CERTIFICATE-----
Generated at Wed Apr 9 04:29:37 2025 by rpki-client