Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/gCwZCj5y4eEHhiE3OdNG143EtPw.roa
File: gCwZCj5y4eEHhiE3OdNG143EtPw.roa (raw, json)
Hash identifier: bJxdVgp0WUK1yUG+3MFHdMNTBJUCc3SJjDGJmr3bN5s=
Subject key identifier: 80:2C:19:0A:3E:72:E1:E1:07:86:21:37:39:D3:46:D7:8D:C4:B4:FC
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 01941F8C951090F22B8EDDCDEF803927D533
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/gCwZCj5y4eEHhiE3OdNG143EtPw.roa
Signing time: Wed 01 Jan 2025 01:48:14 +0000
ROA not before: Wed 01 Jan 2025 01:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50129
IP address blocks: 185.104.153.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:95:10:90:f2:2b:8e:dd:cd:ef:80:39:27:d5:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Jan 1 01:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=802c190a3e72e1e10786213739d346d78dc4b4fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:99:57:d5:a5:8e:51:65:c2:dd:af:d5:24:4c:
6c:bf:e2:fb:3b:90:1f:94:c9:a8:7c:10:0a:3e:11:
8f:23:72:bb:ea:c9:77:3e:86:1a:3d:cb:be:dc:87:
a3:43:26:64:03:0c:3c:58:93:09:3a:de:59:75:91:
45:16:f9:b3:56:35:da:10:4e:e3:06:b9:03:5e:30:
8a:42:eb:04:d5:ba:8e:5d:88:11:3a:d2:70:f6:60:
a5:d8:68:e9:45:b5:21:34:b6:ce:cc:74:a3:16:de:
9b:6e:15:20:f8:02:cc:f8:ef:24:c1:45:79:66:cb:
1a:e4:e5:fa:c5:87:79:00:31:3c:84:13:12:bf:95:
7a:fd:69:c2:9c:10:f7:2a:24:d2:e8:18:1e:e7:e3:
12:3e:7c:5c:31:9c:7f:a0:66:50:c8:bb:43:f9:47:
4a:98:3b:1d:57:f5:6a:84:8d:84:4f:9a:f8:4e:62:
0d:0c:ed:92:52:b4:da:16:c5:24:3b:15:a8:7d:3f:
5c:15:87:2c:ce:07:af:29:25:cc:91:11:28:fd:1b:
54:07:95:c9:8c:18:ba:9a:b5:df:73:a3:63:5b:6d:
55:5c:69:34:cb:12:4c:44:0a:a0:39:cc:88:4f:b3:
b3:02:5c:94:ec:78:54:d7:9e:b6:ad:ee:e2:70:d1:
73:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:2C:19:0A:3E:72:E1:E1:07:86:21:37:39:D3:46:D7:8D:C4:B4:FC
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/gCwZCj5y4eEHhiE3OdNG143EtPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.153.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:54:38:b0:24:ac:5b:d3:fa:e7:de:64:0e:c9:c5:d6:6d:d6:
0c:17:39:2b:80:ab:92:52:03:8c:c5:d8:8c:c6:94:3a:3a:d1:
f7:3e:d1:23:87:c8:d3:fb:f7:a5:3a:4b:57:65:fa:ce:0d:b0:
94:22:02:86:6e:e5:14:d1:80:71:f2:d9:d1:fa:af:71:1a:91:
74:02:17:f4:82:0c:7f:ba:fa:7d:f5:28:42:49:21:9d:8c:93:
97:34:32:a6:ac:b6:9e:e6:bb:91:59:d3:12:df:0f:89:04:0a:
b8:e2:22:52:f4:56:ae:72:73:96:1e:5d:a3:ba:8c:38:d5:37:
03:d1:ef:eb:70:ff:83:bf:64:13:46:6b:dc:3c:40:e9:e9:4f:
e0:8e:4a:f6:32:22:fd:0e:1d:9a:e4:d7:db:d7:13:fb:5b:4b:
bd:5e:04:92:ca:db:9a:36:d0:8e:36:5a:90:9d:08:f2:1b:36:
43:68:58:d2:cc:f7:80:dd:19:6a:19:d5:2c:43:14:09:41:48:
72:e0:0f:52:c9:63:c9:18:40:a2:5d:6c:d2:c8:19:78:d3:46:
5b:b0:ff:b1:5a:3b:83:fe:6a:5e:85:69:f1:eb:7d:9b:10:94:
03:fd:db:37:5a:65:68:6c:71:6b:6d:15:81:7a:e3:8c:f1:65:
ac:97:62:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjJUQkPIrjt3N74A5J9UzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjUwMTAxMDE0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDJjMTkwYTNlNzJlMWUxMDc4NjIxMzczOWQzNDZkNzhkYzRiNGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJlX1aWOUWXC3a/VJExsv+L7O5Af
lMmofBAKPhGPI3K76sl3PoYaPcu+3IejQyZkAww8WJMJOt5ZdZFFFvmzVjXaEE7j
BrkDXjCKQusE1bqOXYgROtJw9mCl2GjpRbUhNLbOzHSjFt6bbhUg+ALM+O8kwUV5
Zssa5OX6xYd5ADE8hBMSv5V6/WnCnBD3KiTS6Bge5+MSPnxcMZx/oGZQyLtD+UdK
mDsdV/VqhI2ET5r4TmINDO2SUrTaFsUkOxWofT9cFYcszgevKSXMkREo/RtUB5XJ
jBi6mrXfc6NjW21VXGk0yxJMRAqgOcyIT7OzAlyU7HhU1562re7icNFzjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIAsGQo+cuHhB4YhNznTRteNxLT8MB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvZ0N3WkNqNXk0ZUVIaGlFM09kTkcxNDNFdFB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWiZMA0G
CSqGSIb3DQEBCwUAA4IBAQALVDiwJKxb0/rn3mQOycXWbdYMFzkrgKuSUgOMxdiM
xpQ6OtH3PtEjh8jT+/elOktXZfrODbCUIgKGbuUU0YBx8tnR+q9xGpF0Ahf0ggx/
uvp99ShCSSGdjJOXNDKmrLae5ruRWdMS3w+JBAq44iJS9FaucnOWHl2juow41TcD
0e/rcP+Dv2QTRmvcPEDp6U/gjkr2MiL9Dh2a5Nfb1xP7W0u9XgSSytuaNtCONlqQ
nQjyGzZDaFjSzPeA3RlqGdUsQxQJQUhy4A9SyWPJGECiXWzSyBl400ZbsP+xWjuD
/mpehWnx632bEJQD/ds3WmVobHFrbRWBeuOM8WWsl2LK
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:10:07 2025 by rpki-client