Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/c309ec-3254-4200-9a5e-ab42b4c93ed9/1/H6uSFDtLoI4YQD04FkS4VSFpIhw.roa
File: H6uSFDtLoI4YQD04FkS4VSFpIhw.roa (raw, json)
Hash identifier: hv1JnxHOhWB0hv+54xUCZyY9gAEBPU8rdk2117x7KVk=
Subject key identifier: 1F:AB:92:14:3B:4B:A0:8E:18:40:3D:38:16:44:B8:55:21:69:22:1C
Certificate issuer: /CN=d20542a6135524142194caa708e7db2cca6b4e63
Certificate serial: 019423D6DC862D9A0B17DDDEFA8C3EDE678C
Authority key identifier: D2:05:42:A6:13:55:24:14:21:94:CA:A7:08:E7:DB:2C:CA:6B:4E:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0gVCphNVJBQhlMqnCOfbLMprTmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/c309ec-3254-4200-9a5e-ab42b4c93ed9/1/H6uSFDtLoI4YQD04FkS4VSFpIhw.roa
Signing time: Wed 01 Jan 2025 21:47:51 +0000
ROA not before: Wed 01 Jan 2025 21:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204565
IP address blocks: 185.242.36.0/24 maxlen: 24
185.242.37.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:dc:86:2d:9a:0b:17:dd:de:fa:8c:3e:de:67:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d20542a6135524142194caa708e7db2cca6b4e63
Validity
Not Before: Jan 1 21:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1fab92143b4ba08e18403d381644b8552169221c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:68:9a:21:45:82:0d:ec:ac:64:0b:4e:cc:9c:
ec:a0:d1:c8:55:46:90:55:96:50:fb:29:cc:19:37:
c9:cd:12:f1:f6:c8:35:f9:be:27:bc:21:ac:57:4b:
f9:0c:84:90:d1:de:9a:dd:ce:7c:ab:7a:55:1b:27:
5b:3f:3a:f3:43:bc:db:29:a4:9e:f6:ca:63:38:99:
c3:40:38:f1:9c:34:30:81:c6:00:62:d6:6e:fc:ee:
59:fe:70:77:31:c5:20:fe:5d:4d:56:13:1f:fb:49:
59:08:13:90:49:79:08:35:45:a4:9c:e3:6b:eb:a6:
e1:06:05:a7:ee:36:69:d1:10:6a:fd:98:65:be:61:
25:4e:73:77:b1:88:3e:56:4c:70:a5:6f:66:3b:6e:
ca:6c:d3:72:fc:58:49:9c:25:ff:42:1b:01:74:73:
5a:20:aa:77:b5:f7:9c:64:cc:f2:3c:37:28:6d:a3:
07:81:93:42:a5:d0:62:61:d7:c6:d3:bd:eb:17:da:
b3:1f:f0:48:6a:fb:82:6e:e3:7d:1a:77:3e:3d:cc:
ea:71:9a:3c:1b:4a:6a:0d:44:ca:b9:80:99:d1:a8:
8f:6c:12:45:b6:ef:d4:68:19:05:fa:d9:d1:63:73:
1f:1b:0e:9e:e7:e1:76:8c:0c:59:08:33:f9:7e:39:
04:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:AB:92:14:3B:4B:A0:8E:18:40:3D:38:16:44:B8:55:21:69:22:1C
X509v3 Authority Key Identifier:
keyid:D2:05:42:A6:13:55:24:14:21:94:CA:A7:08:E7:DB:2C:CA:6B:4E:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0gVCphNVJBQhlMqnCOfbLMprTmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/c309ec-3254-4200-9a5e-ab42b4c93ed9/1/H6uSFDtLoI4YQD04FkS4VSFpIhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/c309ec-3254-4200-9a5e-ab42b4c93ed9/1/0gVCphNVJBQhlMqnCOfbLMprTmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.36.0/23
Signature Algorithm: sha256WithRSAEncryption
75:27:c2:ef:33:f8:58:14:0e:cf:c3:a0:e5:c5:f5:9f:48:14:
49:f1:56:8a:67:ea:4f:48:34:80:af:4a:7f:34:7c:02:8e:18:
19:61:e0:d6:96:25:73:a3:65:39:05:b8:26:2d:2d:3d:a7:a4:
28:ba:fb:38:99:31:ea:64:67:aa:27:23:54:82:3c:50:a5:07:
5b:46:ac:28:70:0e:37:e1:95:97:d5:66:05:2e:4e:e6:36:f8:
8c:7e:c9:63:d2:c5:7c:05:33:75:fa:d7:f5:20:c5:8a:6c:33:
a4:bc:95:c0:5e:75:d2:1b:87:5d:9e:79:50:fe:7e:b2:fc:81:
07:19:3e:24:4e:3f:a8:79:a2:3a:0b:bd:36:56:71:15:0d:bf:
3f:c5:52:1f:ee:76:18:5d:02:fa:ef:0f:93:e9:56:4d:79:f5:
2a:33:de:c0:14:26:9e:db:c5:07:58:43:7a:9d:64:43:cb:a8:
79:d2:79:e8:21:c0:c8:33:20:d1:91:37:4c:b2:4d:a3:67:8a:
2a:00:34:c4:8a:b6:b2:f1:5f:64:a2:28:06:d0:de:09:c9:9b:
c6:b6:9a:ce:61:ef:ec:1a:7d:64:9d:1e:5e:32:32:58:81:48:
18:d6:b7:12:d0:77:60:11:3b:50:85:57:c0:d1:2b:aa:00:c7:
6e:f2:19:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1tyGLZoLF93e+ow+3meMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMDU0MmE2MTM1NTI0MTQyMTk0Y2FhNzA4ZTdkYjJjY2E2
YjRlNjMwHhcNMjUwMTAxMjE0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmFiOTIxNDNiNGJhMDhlMTg0MDNkMzgxNjQ0Yjg1NTIxNjkyMjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8WiaIUWCDeysZAtOzJzsoNHIVUaQ
VZZQ+ynMGTfJzRLx9sg1+b4nvCGsV0v5DISQ0d6a3c58q3pVGydbPzrzQ7zbKaSe
9spjOJnDQDjxnDQwgcYAYtZu/O5Z/nB3McUg/l1NVhMf+0lZCBOQSXkINUWknONr
66bhBgWn7jZp0RBq/ZhlvmElTnN3sYg+VkxwpW9mO27KbNNy/FhJnCX/QhsBdHNa
IKp3tfecZMzyPDcobaMHgZNCpdBiYdfG073rF9qzH/BIavuCbuN9Gnc+PczqcZo8
G0pqDUTKuYCZ0aiPbBJFtu/UaBkF+tnRY3MfGw6e5+F2jAxZCDP5fjkEPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB+rkhQ7S6COGEA9OBZEuFUhaSIcMB8GA1UdIwQY
MBaAFNIFQqYTVSQUIZTKpwjn2yzKa05jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGdWQ3BoTlZKQlFobE1xbkNPZmJMTXByVG1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9jMzA5ZWMtMzI1NC00MjAwLTlhNWUt
YWI0MmI0YzkzZWQ5LzEvSDZ1U0ZEdExvSTRZUUQwNEZrUzRWU0ZwSWh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9jMzA5ZWMtMzI1NC00MjAwLTlhNWUtYWI0MmI0YzkzZWQ5
LzEvMGdWQ3BoTlZKQlFobE1xbkNPZmJMTXByVG1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBufIkMA0G
CSqGSIb3DQEBCwUAA4IBAQB1J8LvM/hYFA7Pw6DlxfWfSBRJ8VaKZ+pPSDSAr0p/
NHwCjhgZYeDWliVzo2U5BbgmLS09p6Qouvs4mTHqZGeqJyNUgjxQpQdbRqwocA43
4ZWX1WYFLk7mNviMfslj0sV8BTN1+tf1IMWKbDOkvJXAXnXSG4ddnnlQ/n6y/IEH
GT4kTj+oeaI6C702VnEVDb8/xVIf7nYYXQL67w+T6VZNefUqM97AFCae28UHWEN6
nWRDy6h50nnoIcDIMyDRkTdMsk2jZ4oqADTEiray8V9koigG0N4JyZvGtprOYe/s
Gn1knR5eMjJYgUgY1rcS0HdgETtQhVfA0SuqAMdu8hnF
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:35:07 2025 by rpki-client