Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/61738e-3977-495e-ba1a-8035f2dfc1f4/1/CpHbUv6AMr2IBRTUslkSn14mbAM.roa
File: CpHbUv6AMr2IBRTUslkSn14mbAM.roa (raw, json)
Hash identifier: hbGa8sRUPNzKoKWW9t46YLOtfBF6LvE9GQwcI4qQDDE=
Subject key identifier: 0A:91:DB:52:FE:80:32:BD:88:05:14:D4:B2:59:12:9F:5E:26:6C:03
Certificate issuer: /CN=167ac5231a0d7bc5824590a0b2f621ede984770c
Certificate serial: 019420D5B3335552B4C2E33385B751A7793D
Authority key identifier: 16:7A:C5:23:1A:0D:7B:C5:82:45:90:A0:B2:F6:21:ED:E9:84:77:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FnrFIxoNe8WCRZCgsvYh7emEdww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/61738e-3977-495e-ba1a-8035f2dfc1f4/1/CpHbUv6AMr2IBRTUslkSn14mbAM.roa
Signing time: Wed 01 Jan 2025 07:47:43 +0000
ROA not before: Wed 01 Jan 2025 07:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206289
IP address blocks: 185.189.248.0/22 maxlen: 22
185.189.248.0/23 maxlen: 23
185.189.248.0/24 maxlen: 24
185.189.249.0/24 maxlen: 24
185.189.250.0/23 maxlen: 23
185.189.250.0/24 maxlen: 24
185.189.251.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:b3:33:55:52:b4:c2:e3:33:85:b7:51:a7:79:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=167ac5231a0d7bc5824590a0b2f621ede984770c
Validity
Not Before: Jan 1 07:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a91db52fe8032bd880514d4b259129f5e266c03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:75:4b:bb:ed:d9:7e:62:b5:7f:74:90:4a:bf:
fb:b7:02:10:c2:8c:72:8b:0d:0c:e3:ca:df:7c:7f:
51:96:7d:d5:88:35:06:b2:c2:f7:0c:14:67:4b:e5:
cc:23:74:c0:ca:7c:47:bc:c3:e3:f1:c9:dc:b5:60:
39:1e:4d:b3:45:3f:7b:26:f9:a6:df:76:51:06:59:
6f:d3:5b:8f:8a:9d:68:4a:32:66:1d:b2:0b:86:c9:
5f:77:db:2a:f6:85:a8:17:01:c1:c6:2a:3b:cc:9d:
a0:d7:27:ae:65:81:d3:72:2a:dc:9b:93:76:fd:a3:
20:99:e2:47:1f:90:af:77:29:d1:2e:af:79:d8:e9:
e7:7d:c6:3c:0f:80:8e:69:57:e9:ba:e6:aa:28:3e:
b6:dc:f1:dd:72:b2:78:0e:8a:12:4e:cb:ad:7b:74:
91:06:c1:c9:ab:fa:c1:3a:f5:9f:bf:74:ec:d7:19:
7b:c2:90:25:ba:d9:5d:ff:6c:f1:8c:86:e6:00:b3:
1b:26:4d:49:fa:cf:2c:6a:8b:23:11:9b:ca:3b:d9:
d6:49:26:45:94:92:0a:39:a8:47:15:3e:e7:ee:4e:
02:ab:af:5a:47:2a:96:58:07:e3:df:16:77:cd:74:
8e:19:ad:6b:25:d2:50:2a:3b:62:95:9d:70:b0:e3:
0c:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:91:DB:52:FE:80:32:BD:88:05:14:D4:B2:59:12:9F:5E:26:6C:03
X509v3 Authority Key Identifier:
keyid:16:7A:C5:23:1A:0D:7B:C5:82:45:90:A0:B2:F6:21:ED:E9:84:77:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FnrFIxoNe8WCRZCgsvYh7emEdww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/61738e-3977-495e-ba1a-8035f2dfc1f4/1/CpHbUv6AMr2IBRTUslkSn14mbAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/61738e-3977-495e-ba1a-8035f2dfc1f4/1/FnrFIxoNe8WCRZCgsvYh7emEdww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.248.0/22
Signature Algorithm: sha256WithRSAEncryption
05:9f:55:9d:3a:a6:10:d4:05:cc:db:f8:40:ef:31:b8:70:16:
98:53:79:37:08:53:05:22:6a:3b:b6:85:15:25:d1:60:70:ab:
fe:2e:b6:ce:07:17:be:c1:1b:83:f2:7b:17:6a:14:5d:9b:e8:
54:a7:70:c1:be:cb:82:fa:2f:60:1e:31:f2:b7:23:6a:be:b0:
54:6f:0e:39:83:21:a1:31:0d:3f:74:e8:9d:69:3a:0c:ed:e0:
c1:8e:9d:97:20:87:4d:8e:38:6b:a5:f1:32:ea:d8:2d:5d:7a:
1d:9c:1d:fb:a4:9e:92:49:57:13:fd:45:0b:9a:a2:5b:c7:35:
80:5c:d4:ad:1a:02:a3:79:5a:c1:27:3e:d6:18:a9:87:48:f8:
06:74:5e:7d:3f:dd:09:e2:b6:aa:dd:b7:e5:99:bb:ad:52:fa:
ff:4c:ec:02:fb:7e:e6:7b:c8:25:00:6c:02:1d:84:20:cd:6d:
cc:ad:8d:80:54:66:05:41:d6:56:5d:2b:80:80:85:d9:7d:4b:
d2:07:6e:c7:f0:39:44:b3:c1:b7:c7:09:5f:7e:7a:82:6c:de:
c6:3f:1f:b9:ca:bd:06:a9:63:90:2a:46:6a:3b:a0:96:d2:02:
04:5d:32:f0:f2:db:ad:75:ff:5e:d3:58:a8:2d:84:24:39:57:
7d:7b:20:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1bMzVVK0wuMzhbdRp3k9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2N2FjNTIzMWEwZDdiYzU4MjQ1OTBhMGIyZjYyMWVkZTk4
NDc3MGMwHhcNMjUwMTAxMDc0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTkxZGI1MmZlODAzMmJkODgwNTE0ZDRiMjU5MTI5ZjVlMjY2YzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnVLu+3ZfmK1f3SQSr/7twIQwoxy
iw0M48rffH9Rln3ViDUGssL3DBRnS+XMI3TAynxHvMPj8cnctWA5Hk2zRT97Jvmm
33ZRBllv01uPip1oSjJmHbILhslfd9sq9oWoFwHBxio7zJ2g1yeuZYHTcircm5N2
/aMgmeJHH5CvdynRLq952OnnfcY8D4COaVfpuuaqKD623PHdcrJ4DooSTsute3SR
BsHJq/rBOvWfv3Ts1xl7wpAlutld/2zxjIbmALMbJk1J+s8saosjEZvKO9nWSSZF
lJIKOahHFT7n7k4Cq69aRyqWWAfj3xZ3zXSOGa1rJdJQKjtilZ1wsOMMFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAqR21L+gDK9iAUU1LJZEp9eJmwDMB8GA1UdIwQY
MBaAFBZ6xSMaDXvFgkWQoLL2Ie3phHcMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm5yRkl4b05lOFdDUlpDZ3N2WWg3ZW1FZHd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS82MTczOGUtMzk3Ny00OTVlLWJhMWEt
ODAzNWYyZGZjMWY0LzEvQ3BIYlV2NkFNcjJJQlJUVXNsa1NuMTRtYkFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS82MTczOGUtMzk3Ny00OTVlLWJhMWEtODAzNWYyZGZjMWY0
LzEvRm5yRkl4b05lOFdDUlpDZ3N2WWg3ZW1FZHd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCub34MA0G
CSqGSIb3DQEBCwUAA4IBAQAFn1WdOqYQ1AXM2/hA7zG4cBaYU3k3CFMFImo7toUV
JdFgcKv+LrbOBxe+wRuD8nsXahRdm+hUp3DBvsuC+i9gHjHytyNqvrBUbw45gyGh
MQ0/dOidaToM7eDBjp2XIIdNjjhrpfEy6tgtXXodnB37pJ6SSVcT/UULmqJbxzWA
XNStGgKjeVrBJz7WGKmHSPgGdF59P90J4raq3bflmbutUvr/TOwC+37me8glAGwC
HYQgzW3MrY2AVGYFQdZWXSuAgIXZfUvSB27H8DlEs8G3xwlffnqCbN7GPx+5yr0G
qWOQKkZqO6CW0gIEXTLw8tutdf9e01ioLYQkOVd9eyDC
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:49 2025 by rpki-client