Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/CNiEIbDCqz4sf04PLRtkjuxzAGQ.roa
File: CNiEIbDCqz4sf04PLRtkjuxzAGQ.roa (raw, json)
Hash identifier: Ky6Ui03h6E8GBS4p9UD7sAQfI4nNha/7sw+tyd98H3o=
Subject key identifier: 08:D8:84:21:B0:C2:AB:3E:2C:7F:4E:0F:2D:1B:64:8E:EC:73:00:64
Certificate issuer: /CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Certificate serial: 0194228DCF70F7512ADAC08B856B4BCB221F
Authority key identifier: 1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/CNiEIbDCqz4sf04PLRtkjuxzAGQ.roa
Signing time: Wed 01 Jan 2025 15:48:26 +0000
ROA not before: Wed 01 Jan 2025 15:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 185.217.194.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:cf:70:f7:51:2a:da:c0:8b:85:6b:4b:cb:22:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Validity
Not Before: Jan 1 15:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=08d88421b0c2ab3e2c7f4e0f2d1b648eec730064
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:0e:3f:ab:f8:ee:a0:c9:45:23:11:63:92:e7:
de:56:fe:c8:f7:27:4f:7c:84:99:ee:b3:7d:3f:ad:
e4:7f:ee:c3:bd:31:9b:30:e1:64:54:ec:ce:fe:8b:
e9:f2:25:9d:df:eb:ab:1b:77:8a:b1:21:77:de:f7:
11:2b:7a:56:17:42:8b:cc:0e:7b:70:2b:04:79:2a:
2d:1c:91:50:94:9f:ae:2c:55:34:8e:5b:83:dd:f6:
75:1e:24:73:2b:0f:a5:ed:63:52:fa:a0:81:a8:50:
68:d6:2d:57:14:66:d9:29:61:9e:ab:e8:a4:68:75:
d1:6d:62:3c:77:44:23:a3:fb:bb:f5:9d:66:d1:2f:
11:cc:e1:8e:6c:59:55:98:28:8e:f7:de:23:1a:83:
e1:ce:92:c5:ce:35:c8:b4:36:57:5f:43:2a:45:f3:
26:4b:33:57:50:b9:9b:89:09:36:ff:52:3c:88:66:
b5:88:c1:40:14:19:98:a0:d8:05:c4:f4:75:31:95:
52:ce:56:92:3a:ff:02:fd:a0:25:0b:4f:d6:51:45:
10:ca:73:90:6f:d6:ac:44:ee:66:93:9f:13:aa:5d:
bd:55:a3:14:61:4f:37:92:39:29:63:fa:19:b6:cb:
bb:24:09:09:c3:f0:65:af:d7:13:d1:8d:bb:c4:06:
c0:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:D8:84:21:B0:C2:AB:3E:2C:7F:4E:0F:2D:1B:64:8E:EC:73:00:64
X509v3 Authority Key Identifier:
keyid:1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/CNiEIbDCqz4sf04PLRtkjuxzAGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/HHrXdUeV3dYF8og4u3zDWd96Jmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.194.0/24
Signature Algorithm: sha256WithRSAEncryption
16:ed:da:5f:ea:c2:b1:09:86:46:58:fa:e3:fd:59:d6:74:a3:
3a:bc:26:86:00:f3:01:aa:71:42:5e:69:7c:69:73:b8:a3:8d:
86:6b:eb:55:db:52:a9:50:4b:f4:26:64:3c:cb:48:3f:0e:6d:
03:74:0c:26:17:9c:e1:26:a8:6b:6f:78:ac:24:31:01:be:b2:
6f:02:2e:5f:b7:b3:ce:d5:97:96:fb:49:6f:fb:df:39:2a:21:
59:ef:1f:22:a3:9b:92:53:12:0a:cb:06:5d:53:63:72:cc:41:
29:62:3f:fd:dd:7b:68:70:68:35:49:80:7d:5e:2b:51:2d:59:
62:55:c6:eb:de:9c:d1:64:51:a5:4c:3b:ba:5a:62:c9:be:54:
f6:28:2e:c9:d9:e3:60:46:ee:78:89:0c:f0:c4:9f:76:74:34:
a8:f6:52:56:7d:b6:5d:8f:29:f9:b0:be:e1:56:e4:36:c7:cb:
57:87:fe:b9:44:ad:2e:3d:cd:84:37:16:49:5c:32:a7:cf:4e:
2d:79:bb:01:c8:8c:9b:e2:b0:5a:be:73:f3:14:ff:6e:c3:a9:
dd:7e:f8:77:99:b0:19:e0:5a:67:95:bd:80:3e:e5:1f:7b:d8:
eb:ed:b4:bd:a1:f6:a8:bf:4b:42:bb:3f:f9:03:aa:8f:87:3f:
6c:a3:98:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijc9w91Eq2sCLhWtLyyIfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2FkNzc1NDc5NWRkZDYwNWYyODgzOGJiN2NjMzU5ZGY3
YTI2NmEwHhcNMjUwMTAxMTU0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGQ4ODQyMWIwYzJhYjNlMmM3ZjRlMGYyZDFiNjQ4ZWVjNzMwMDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjg4/q/juoMlFIxFjkufeVv7I9ydP
fISZ7rN9P63kf+7DvTGbMOFkVOzO/ovp8iWd3+urG3eKsSF33vcRK3pWF0KLzA57
cCsEeSotHJFQlJ+uLFU0jluD3fZ1HiRzKw+l7WNS+qCBqFBo1i1XFGbZKWGeq+ik
aHXRbWI8d0Qjo/u79Z1m0S8RzOGObFlVmCiO994jGoPhzpLFzjXItDZXX0MqRfMm
SzNXULmbiQk2/1I8iGa1iMFAFBmYoNgFxPR1MZVSzlaSOv8C/aAlC0/WUUUQynOQ
b9asRO5mk58Tql29VaMUYU83kjkpY/oZtsu7JAkJw/Blr9cT0Y27xAbAzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAjYhCGwwqs+LH9ODy0bZI7scwBkMB8GA1UdIwQY
MBaAFBx613VHld3WBfKIOLt8w1nfeiZqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgt
YWRhNWMyMGUzZjdiLzEvQ05pRUliRENxejRzZjA0UExSdGtqdXh6QUdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgtYWRhNWMyMGUzZjdi
LzEvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudnCMA0G
CSqGSIb3DQEBCwUAA4IBAQAW7dpf6sKxCYZGWPrj/VnWdKM6vCaGAPMBqnFCXml8
aXO4o42Ga+tV21KpUEv0JmQ8y0g/Dm0DdAwmF5zhJqhrb3isJDEBvrJvAi5ft7PO
1ZeW+0lv+985KiFZ7x8io5uSUxIKywZdU2NyzEEpYj/93XtocGg1SYB9XitRLVli
Vcbr3pzRZFGlTDu6WmLJvlT2KC7J2eNgRu54iQzwxJ92dDSo9lJWfbZdjyn5sL7h
VuQ2x8tXh/65RK0uPc2ENxZJXDKnz04tebsByIyb4rBavnPzFP9uw6ndfvh3mbAZ
4Fpnlb2APuUfe9jr7bS9ofaov0tCuz/5A6qPhz9so5g9
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:55 2025 by rpki-client