Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/Clf1O67BMO2Rhs6Zi3d5eqYtS78.roa
File: Clf1O67BMO2Rhs6Zi3d5eqYtS78.roa (raw, json)
Hash identifier: gEsGT+BkcxrPL5LEXQ9nd6Eso8OhYDY6ncvwiqyMT9o=
Subject key identifier: 0A:57:F5:3B:AE:C1:30:ED:91:86:CE:99:8B:77:79:7A:A6:2D:4B:BF
Certificate issuer: /CN=a71a2a2db4d7418e9bf4f93c8c046a0161663c62
Certificate serial: 0194266BF86D95DFE2A44949C76CB91D0EC4
Authority key identifier: A7:1A:2A:2D:B4:D7:41:8E:9B:F4:F9:3C:8C:04:6A:01:61:66:3C:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pxoqLbTXQY6b9Pk8jARqAWFmPGI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/Clf1O67BMO2Rhs6Zi3d5eqYtS78.roa
Signing time: Thu 02 Jan 2025 09:49:57 +0000
ROA not before: Thu 02 Jan 2025 09:49:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 142146
IP address blocks: 185.157.50.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:f8:6d:95:df:e2:a4:49:49:c7:6c:b9:1d:0e:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a71a2a2db4d7418e9bf4f93c8c046a0161663c62
Validity
Not Before: Jan 2 09:49:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a57f53baec130ed9186ce998b77797aa62d4bbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:cf:95:08:d1:4f:99:9b:f4:26:c0:a1:75:94:
33:83:02:cb:5a:23:53:57:0f:6f:4f:22:6e:e8:06:
ed:60:78:8c:51:b5:59:33:3a:85:96:75:23:4b:5c:
56:ce:0e:2e:22:44:08:e0:28:ca:dc:b4:fa:ba:de:
bd:13:ee:bf:67:5a:ba:ee:cb:15:37:4a:1f:92:e2:
a9:ef:1b:d1:12:af:77:22:dc:28:f5:99:8c:9d:d0:
20:4a:43:9e:e7:c1:34:75:50:1d:a7:22:95:a4:28:
6b:44:89:4f:b9:66:3b:7a:2a:cd:44:f7:80:ad:24:
be:12:ae:ad:af:a3:b1:ea:44:c3:9b:71:e3:dd:37:
0b:23:92:ac:ff:2c:70:4c:81:ad:58:8d:bb:3d:52:
b7:54:8c:1d:f6:c3:70:37:d6:00:85:c7:aa:51:ac:
8f:6d:dc:8a:17:01:9c:65:f0:5d:0a:cc:2e:03:54:
7e:c5:63:c0:b1:ea:9e:b8:dc:7b:3f:9c:3b:ca:da:
b7:82:54:b8:aa:a2:e1:cf:8b:41:d6:e6:81:4f:d3:
7b:45:2c:14:61:76:12:c0:2d:b4:ba:05:a3:42:82:
bb:6e:9a:4f:0c:0b:4e:29:d5:7f:58:61:55:9b:3d:
5a:64:23:c6:db:f1:c7:5b:3e:f2:6c:3e:e8:fb:41:
1e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:57:F5:3B:AE:C1:30:ED:91:86:CE:99:8B:77:79:7A:A6:2D:4B:BF
X509v3 Authority Key Identifier:
keyid:A7:1A:2A:2D:B4:D7:41:8E:9B:F4:F9:3C:8C:04:6A:01:61:66:3C:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxoqLbTXQY6b9Pk8jARqAWFmPGI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/Clf1O67BMO2Rhs6Zi3d5eqYtS78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/pxoqLbTXQY6b9Pk8jARqAWFmPGI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.50.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:32:ae:e2:3d:f1:09:80:f2:ad:72:cd:59:5f:95:da:b6:fa:
aa:ab:dd:99:4b:8b:7e:8e:19:c1:49:75:a0:1a:8a:d4:b6:46:
16:d3:41:29:b6:21:9b:db:30:cc:8a:d6:9c:48:a4:3a:b5:5c:
ed:e9:1c:61:b3:b0:2e:98:7a:76:89:86:e8:09:b0:f5:fa:7c:
ed:b4:26:c4:92:25:a6:1c:45:1e:ae:80:55:25:47:8e:e3:a4:
72:4c:af:fc:98:77:09:59:00:0c:88:3c:68:70:8e:2d:51:08:
b3:35:c6:27:4d:e4:07:54:80:42:fc:64:a8:3a:8f:59:c2:5b:
b2:9b:16:93:a4:9c:f9:e6:e6:ac:c7:8f:13:46:4e:39:58:3a:
df:a6:ae:11:f9:62:a6:40:97:02:ef:f3:ba:68:92:be:4d:95:
8e:f2:bd:a3:29:b0:da:83:24:77:2e:77:1c:7a:78:75:c5:0b:
e6:15:e6:4a:4d:43:83:c4:64:fc:64:ea:12:05:52:03:5a:a4:
9c:06:45:1c:0a:d5:2c:7e:ae:3c:96:ee:88:bc:34:92:fe:05:
62:30:39:a3:23:83:cf:3b:e6:8f:cc:8c:4f:06:4a:3b:b8:29:
6f:6f:f1:09:c6:4e:bf:c8:67:70:af:64:e0:88:1f:46:22:98:
10:6b:58:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma/htld/ipElJx2y5HQ7EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MWEyYTJkYjRkNzQxOGU5YmY0ZjkzYzhjMDQ2YTAxNjE2
NjNjNjIwHhcNMjUwMTAyMDk0OTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTU3ZjUzYmFlYzEzMGVkOTE4NmNlOTk4Yjc3Nzk3YWE2MmQ0YmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1c+VCNFPmZv0JsChdZQzgwLLWiNT
Vw9vTyJu6AbtYHiMUbVZMzqFlnUjS1xWzg4uIkQI4CjK3LT6ut69E+6/Z1q67ssV
N0ofkuKp7xvREq93Itwo9ZmMndAgSkOe58E0dVAdpyKVpChrRIlPuWY7eirNRPeA
rSS+Eq6tr6Ox6kTDm3Hj3TcLI5Ks/yxwTIGtWI27PVK3VIwd9sNwN9YAhceqUayP
bdyKFwGcZfBdCswuA1R+xWPAseqeuNx7P5w7ytq3glS4qqLhz4tB1uaBT9N7RSwU
YXYSwC20ugWjQoK7bppPDAtOKdV/WGFVmz1aZCPG2/HHWz7ybD7o+0EeuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFApX9TuuwTDtkYbOmYt3eXqmLUu/MB8GA1UdIwQY
MBaAFKcaKi2010GOm/T5PIwEagFhZjxiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHhvcUxiVFhRWTZiOVBrOGpBUnFBV0ZtUEdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9iN2FiZGYtM2JlMS00NjQyLTlmM2Ut
ZjFmMGI5NTk4ZjMyLzEvQ2xmMU82N0JNTzJSaHM2WmkzZDVlcVl0Uzc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9iN2FiZGYtM2JlMS00NjQyLTlmM2UtZjFmMGI5NTk4ZjMy
LzEvcHhvcUxiVFhRWTZiOVBrOGpBUnFBV0ZtUEdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZ0yMA0G
CSqGSIb3DQEBCwUAA4IBAQA8Mq7iPfEJgPKtcs1ZX5Xatvqqq92ZS4t+jhnBSXWg
GorUtkYW00EptiGb2zDMitacSKQ6tVzt6Rxhs7AumHp2iYboCbD1+nzttCbEkiWm
HEUeroBVJUeO46RyTK/8mHcJWQAMiDxocI4tUQizNcYnTeQHVIBC/GSoOo9Zwluy
mxaTpJz55uasx48TRk45WDrfpq4R+WKmQJcC7/O6aJK+TZWO8r2jKbDagyR3Lncc
enh1xQvmFeZKTUODxGT8ZOoSBVIDWqScBkUcCtUsfq48lu6IvDSS/gViMDmjI4PP
O+aPzIxPBko7uClvb/EJxk6/yGdwr2TgiB9GIpgQa1jV
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:10:07 2025 by rpki-client