Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/kWxL8-0FaQ5asnDLfivzWKH4-z8.roa
File: kWxL8-0FaQ5asnDLfivzWKH4-z8.roa (raw, json)
Hash identifier: aTbkIB4IPS1IGAIXN2uxEpuYorOcI3bZmMM6X6TsyjM=
Subject key identifier: 91:6C:4B:F3:ED:05:69:0E:5A:B2:70:CB:7E:2B:F3:58:A1:F8:FB:3F
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 01941F8C989F54E0F6D894B3154B0B4500F1
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/kWxL8-0FaQ5asnDLfivzWKH4-z8.roa
Signing time: Wed 01 Jan 2025 01:48:15 +0000
ROA not before: Wed 01 Jan 2025 01:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200845
IP address blocks: 185.104.153.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:98:9f:54:e0:f6:d8:94:b3:15:4b:0b:45:00:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Jan 1 01:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=916c4bf3ed05690e5ab270cb7e2bf358a1f8fb3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:7c:e6:a2:88:fd:d3:4e:14:58:31:f2:05:7e:
d5:af:a3:cb:b9:11:bf:76:db:e1:64:a1:43:eb:86:
f0:df:a6:f0:bc:25:62:cd:ec:91:35:52:d2:87:97:
16:d3:8e:24:61:49:fc:c1:8d:03:29:3c:e7:c5:67:
64:74:af:54:62:8f:83:0e:9e:15:c5:82:6e:1d:22:
05:17:fe:7a:54:d0:37:c3:cc:07:01:72:57:19:39:
e9:88:0a:e6:81:91:d7:f6:3f:da:48:5c:84:0d:27:
fa:eb:3e:85:6e:21:57:35:6b:5d:3f:1b:ac:80:f0:
ce:b6:1a:e9:4e:c7:8a:2e:83:c7:e1:5e:0e:18:f2:
9e:21:5e:cc:f2:75:df:4e:4f:18:e9:3e:bf:10:c8:
66:f9:79:21:d9:aa:ee:65:2e:89:82:32:cc:bd:af:
34:69:9e:e9:4e:2a:0b:a9:9c:c2:2b:7a:fe:b6:c3:
f4:82:1e:75:1f:bc:04:c2:38:e0:0b:73:32:0e:dc:
20:16:52:eb:dc:98:ba:0f:38:89:eb:d8:d1:56:aa:
be:e4:e2:b2:97:76:67:a7:dc:af:6b:2c:c9:d0:42:
c2:4f:54:42:31:89:8b:fa:6c:1b:b3:1f:7c:ff:5d:
69:2b:f3:47:84:ed:97:5f:66:8b:3b:54:61:cf:8e:
c2:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:6C:4B:F3:ED:05:69:0E:5A:B2:70:CB:7E:2B:F3:58:A1:F8:FB:3F
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/kWxL8-0FaQ5asnDLfivzWKH4-z8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.153.0/24
Signature Algorithm: sha256WithRSAEncryption
28:2e:5a:7d:27:eb:30:17:ca:1b:61:5d:5f:85:67:e8:fa:8f:
d5:47:b9:83:37:49:28:f4:6a:b8:86:30:8f:b4:4e:08:75:60:
9e:6f:a1:ee:3b:36:e7:2e:50:2e:9b:51:0f:94:89:95:b5:d1:
bf:34:5e:88:05:aa:1a:2b:a6:fe:14:83:8b:66:64:d4:57:cf:
7c:db:af:80:61:51:d7:fb:d3:d6:ef:0e:4e:c3:62:b6:4d:1a:
30:80:be:9c:c9:55:10:40:89:67:5c:3a:a6:2a:fc:e2:a3:31:
75:a6:58:ee:2f:b8:94:36:fd:1e:de:89:76:2e:2a:81:81:fa:
6b:7e:44:df:b3:c9:6b:bf:6c:80:27:03:cc:bf:6c:ca:1b:d0:
a2:d4:2d:9d:78:9b:e8:82:a3:c8:0c:0d:5f:bd:7c:30:fe:b6:
94:fb:89:4d:61:cb:79:79:e9:ff:6d:26:83:ce:4e:c3:f4:c3:
69:02:b3:b9:2a:9f:b2:ec:68:13:a4:81:33:15:b9:f5:26:6d:
26:df:d7:2c:a4:8d:4d:a2:c6:8b:3e:f7:ce:58:b9:38:84:70:
5e:bd:4c:64:3f:dc:8d:da:7a:38:a1:84:a6:76:d0:d2:f1:95:
de:b7:fe:48:0d:05:a9:64:b1:5c:05:62:b5:9e:80:40:25:69:
15:e8:18:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjJifVOD22JSzFUsLRQDxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjUwMTAxMDE0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTZjNGJmM2VkMDU2OTBlNWFiMjcwY2I3ZTJiZjM1OGExZjhmYjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Xzmooj9004UWDHyBX7Vr6PLuRG/
dtvhZKFD64bw36bwvCVizeyRNVLSh5cW044kYUn8wY0DKTznxWdkdK9UYo+DDp4V
xYJuHSIFF/56VNA3w8wHAXJXGTnpiArmgZHX9j/aSFyEDSf66z6FbiFXNWtdPxus
gPDOthrpTseKLoPH4V4OGPKeIV7M8nXfTk8Y6T6/EMhm+Xkh2aruZS6JgjLMva80
aZ7pTioLqZzCK3r+tsP0gh51H7wEwjjgC3MyDtwgFlLr3Ji6DziJ69jRVqq+5OKy
l3Znp9yvayzJ0ELCT1RCMYmL+mwbsx98/11pK/NHhO2XX2aLO1Rhz47CGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJFsS/PtBWkOWrJwy34r81ih+Ps/MB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEva1d4TDgtMEZhUTVhc25ETGZpdnpXS0g0LXo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWiZMA0G
CSqGSIb3DQEBCwUAA4IBAQAoLlp9J+swF8obYV1fhWfo+o/VR7mDN0ko9Gq4hjCP
tE4IdWCeb6HuOzbnLlAum1EPlImVtdG/NF6IBaoaK6b+FIOLZmTUV89826+AYVHX
+9PW7w5Ow2K2TRowgL6cyVUQQIlnXDqmKvziozF1pljuL7iUNv0e3ol2LiqBgfpr
fkTfs8lrv2yAJwPMv2zKG9Ci1C2deJvogqPIDA1fvXww/raU+4lNYct5een/bSaD
zk7D9MNpArO5Kp+y7GgTpIEzFbn1Jm0m39cspI1NosaLPvfOWLk4hHBevUxkP9yN
2no4oYSmdtDS8ZXet/5IDQWpZLFcBWK1noBAJWkV6Bhf
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:03:02 2025 by rpki-client