Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/fXqeDNUF09E57BXRF0QIls-uZ44.roa
File: fXqeDNUF09E57BXRF0QIls-uZ44.roa (raw, json)
Hash identifier: hJ/0oVyr/hUhxK31bOGJWQ8EL165OcYQ6RwEzy2jKI8=
Subject key identifier: 7D:7A:9E:0C:D5:05:D3:D1:39:EC:15:D1:17:44:08:96:CF:AE:67:8E
Certificate issuer: /CN=d03046d16cfc391b028b88743773ce005cf97b1d
Certificate serial: 0194266C10AC9921206898F54BB221F1EF49
Authority key identifier: D0:30:46:D1:6C:FC:39:1B:02:8B:88:74:37:73:CE:00:5C:F9:7B:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0DBG0Wz8ORsCi4h0N3POAFz5ex0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/fXqeDNUF09E57BXRF0QIls-uZ44.roa
Signing time: Thu 02 Jan 2025 09:50:03 +0000
ROA not before: Thu 02 Jan 2025 09:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58003
IP address blocks: 185.163.152.0/24 maxlen: 24
185.163.153.0/24 maxlen: 24
185.163.154.0/24 maxlen: 24
185.163.155.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:10:ac:99:21:20:68:98:f5:4b:b2:21:f1:ef:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d03046d16cfc391b028b88743773ce005cf97b1d
Validity
Not Before: Jan 2 09:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d7a9e0cd505d3d139ec15d117440896cfae678e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e4:bb:ad:1f:cf:3f:2b:c7:6b:c1:6b:3c:5d:
21:78:4d:f3:5b:c1:e7:32:ca:00:2f:48:03:14:e7:
ed:a7:a7:2e:62:69:d5:45:70:e9:75:0a:7c:be:78:
ee:09:38:cc:78:06:eb:99:1b:f2:c6:e2:3b:f1:4c:
f3:fe:b7:a3:4c:3e:13:2d:be:7a:fc:22:d2:af:83:
84:cf:e7:80:dc:5d:a3:35:09:d5:b2:81:76:36:4d:
e8:9b:fc:44:54:64:7b:9e:29:4f:14:38:15:fe:88:
04:f7:7b:ae:bb:30:45:fb:83:c4:47:3e:cc:43:94:
f0:5c:7d:cc:a5:fa:85:38:03:52:c6:ab:a0:86:6e:
5c:02:c3:f1:2c:51:ba:2a:55:06:de:74:bd:bb:f5:
a0:99:dc:d3:38:cf:cb:9e:3d:7b:06:28:5a:d3:d1:
4c:22:63:1a:37:c8:13:72:46:61:8d:67:9f:a8:9a:
60:1d:90:ad:bb:16:bf:40:05:e2:4e:b0:65:76:5f:
14:9e:92:3e:5b:03:28:fb:7b:a8:fc:69:40:0f:d1:
11:9c:12:a8:93:23:96:74:99:8c:e2:a2:2d:e7:8b:
92:2a:88:92:c8:6c:3b:9c:40:26:30:60:71:18:75:
a1:81:04:a5:31:3e:9b:c5:3c:1a:83:ea:13:c9:cf:
72:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:7A:9E:0C:D5:05:D3:D1:39:EC:15:D1:17:44:08:96:CF:AE:67:8E
X509v3 Authority Key Identifier:
keyid:D0:30:46:D1:6C:FC:39:1B:02:8B:88:74:37:73:CE:00:5C:F9:7B:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0DBG0Wz8ORsCi4h0N3POAFz5ex0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/fXqeDNUF09E57BXRF0QIls-uZ44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/0DBG0Wz8ORsCi4h0N3POAFz5ex0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.163.152.0/22
Signature Algorithm: sha256WithRSAEncryption
02:23:04:be:e2:c6:ca:cd:4a:eb:f3:b5:33:9a:82:50:7a:97:
03:36:1f:5b:5c:27:a7:4c:0c:9b:d8:2e:e7:0d:3b:ce:b8:21:
76:2d:cf:1b:23:85:76:b8:d9:9f:c7:f2:4e:34:c3:5c:49:12:
1a:3a:90:c5:71:1d:7e:65:c2:aa:4b:e3:a4:c8:65:3a:c7:c4:
40:30:8c:8a:c0:f8:fe:bf:fc:bd:19:fb:6d:6f:2f:a0:e9:76:
bb:6f:32:63:0d:c3:d0:23:a4:1f:74:f6:fd:94:d7:4b:1d:32:
3c:d1:ea:a2:d5:f1:fb:a3:c6:79:8f:04:7c:29:e1:f5:fc:b0:
f0:20:c2:97:43:71:66:d0:d5:3c:8b:be:96:b6:2c:7d:da:9e:
58:b5:79:02:a7:8c:9c:2c:b5:0a:30:1d:74:86:1f:47:82:69:
be:11:7f:9a:2a:de:93:f5:07:07:02:79:2d:9c:cd:96:e5:72:
dd:29:91:5f:d9:5f:fe:d0:53:e6:1a:6a:54:10:aa:9b:d4:3e:
55:4c:7d:80:90:5c:44:7f:c1:37:08:70:52:0f:ca:bb:90:af:
e0:2a:ab:e8:bf:b5:5e:51:13:a4:a9:38:60:fb:56:c6:3f:7d:
d2:48:9f:4b:33:ff:5a:a2:d0:c4:72:dd:96:4b:74:a0:11:17:
42:56:2b:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbBCsmSEgaJj1S7Ih8e9JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMzA0NmQxNmNmYzM5MWIwMjhiODg3NDM3NzNjZTAwNWNm
OTdiMWQwHhcNMjUwMTAyMDk1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDdhOWUwY2Q1MDVkM2QxMzllYzE1ZDExNzQ0MDg5NmNmYWU2NzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0eS7rR/PPyvHa8FrPF0heE3zW8Hn
MsoAL0gDFOftp6cuYmnVRXDpdQp8vnjuCTjMeAbrmRvyxuI78Uzz/rejTD4TLb56
/CLSr4OEz+eA3F2jNQnVsoF2Nk3om/xEVGR7nilPFDgV/ogE93uuuzBF+4PERz7M
Q5TwXH3MpfqFOANSxqughm5cAsPxLFG6KlUG3nS9u/WgmdzTOM/Lnj17Biha09FM
ImMaN8gTckZhjWefqJpgHZCtuxa/QAXiTrBldl8UnpI+WwMo+3uo/GlAD9ERnBKo
kyOWdJmM4qIt54uSKoiSyGw7nEAmMGBxGHWhgQSlMT6bxTwag+oTyc9y1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH16ngzVBdPROewV0RdECJbPrmeOMB8GA1UdIwQY
MBaAFNAwRtFs/DkbAouIdDdzzgBc+XsdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMERCRzBXejhPUnNDaTRoME4zUE9BRno1ZXgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xOGQxMzItOTk1MS00MDU1LWI1YTYt
ZGMwZTFhNzI1MjIxLzEvZlhxZUROVUYwOUU1N0JYUkYwUUlscy11WjQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8xOGQxMzItOTk1MS00MDU1LWI1YTYtZGMwZTFhNzI1MjIx
LzEvMERCRzBXejhPUnNDaTRoME4zUE9BRno1ZXgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaOYMA0G
CSqGSIb3DQEBCwUAA4IBAQACIwS+4sbKzUrr87UzmoJQepcDNh9bXCenTAyb2C7n
DTvOuCF2Lc8bI4V2uNmfx/JONMNcSRIaOpDFcR1+ZcKqS+OkyGU6x8RAMIyKwPj+
v/y9Gfttby+g6Xa7bzJjDcPQI6QfdPb9lNdLHTI80eqi1fH7o8Z5jwR8KeH1/LDw
IMKXQ3Fm0NU8i76Wtix92p5YtXkCp4ycLLUKMB10hh9Hgmm+EX+aKt6T9QcHAnkt
nM2W5XLdKZFf2V/+0FPmGmpUEKqb1D5VTH2AkFxEf8E3CHBSD8q7kK/gKqvov7Ve
UROkqThg+1bGP33SSJ9LM/9aotDEct2WS3SgERdCVivG
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:09:14 2025 by rpki-client