Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/iKhZX_uZnxAXhdzY79XachUAraQ.roa
File: iKhZX_uZnxAXhdzY79XachUAraQ.roa (raw, json)
Hash identifier: tui1us8OVkIs0VKeofhaJnENBE+JJFs4OBXJ4PmPNBI=
Subject key identifier: 88:A8:59:5F:FB:99:9F:10:17:85:DC:D8:EF:D5:DA:72:15:00:AD:A4
Certificate issuer: /CN=a71a2a2db4d7418e9bf4f93c8c046a0161663c62
Certificate serial: 018794BFF7C4B4278BAD643C64D68E966EC9
Authority key identifier: A7:1A:2A:2D:B4:D7:41:8E:9B:F4:F9:3C:8C:04:6A:01:61:66:3C:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pxoqLbTXQY6b9Pk8jARqAWFmPGI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/iKhZX_uZnxAXhdzY79XachUAraQ.roa
Signing time: Tue 18 Apr 2023 14:23:41 +0000
ROA not before: Tue 18 Apr 2023 14:23:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.157.51.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:94:bf:f7:c4:b4:27:8b:ad:64:3c:64:d6:8e:96:6e:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a71a2a2db4d7418e9bf4f93c8c046a0161663c62
Validity
Not Before: Apr 18 14:23:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88a8595ffb999f101785dcd8efd5da721500ada4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:92:e7:81:ac:54:d8:15:30:7b:ce:7c:f0:b6:
e2:45:29:ac:35:6c:76:f1:6c:90:a9:c5:bc:45:a8:
2c:8d:f1:a0:43:45:d7:8d:b6:b1:46:15:d1:27:1a:
59:f7:c5:62:d3:c4:f3:1a:e2:8a:b7:51:83:c2:90:
ed:67:a4:f5:d4:e5:c1:7b:3b:6d:af:06:cb:65:02:
57:af:8a:21:8d:f5:49:4e:24:7d:2c:35:53:9a:79:
79:ec:86:a9:9d:dd:6f:ef:14:1b:00:77:41:72:4a:
54:fc:40:e9:48:2f:74:eb:18:c6:e5:9b:3e:0e:39:
22:69:64:b7:e4:cc:c8:f6:b2:ae:17:25:fd:a9:92:
03:31:f5:82:63:c8:18:ba:23:f3:77:c2:9f:29:68:
4a:83:31:03:9b:dc:00:d9:71:06:7b:b3:4c:96:40:
ad:ef:ba:ef:b4:34:f5:05:40:24:36:22:3d:b3:8c:
d1:91:19:7b:eb:67:48:a5:a4:bc:55:d9:4d:e1:b5:
7b:d9:29:77:b9:cb:b2:9d:2d:70:8c:ca:4c:b4:81:
cd:54:45:60:db:05:c7:95:f0:23:3f:12:12:d2:e2:
1d:68:c5:f8:a7:a3:b5:20:23:73:f9:47:a2:44:4d:
7b:87:51:c0:71:8e:15:46:6b:fa:3c:ef:34:07:9a:
af:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:A8:59:5F:FB:99:9F:10:17:85:DC:D8:EF:D5:DA:72:15:00:AD:A4
X509v3 Authority Key Identifier:
keyid:A7:1A:2A:2D:B4:D7:41:8E:9B:F4:F9:3C:8C:04:6A:01:61:66:3C:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxoqLbTXQY6b9Pk8jARqAWFmPGI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/iKhZX_uZnxAXhdzY79XachUAraQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/pxoqLbTXQY6b9Pk8jARqAWFmPGI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.51.0/24
Signature Algorithm: sha256WithRSAEncryption
57:9c:00:0f:ec:13:37:24:49:93:07:97:f8:2a:88:9f:f6:87:
87:14:2e:a8:97:54:56:96:50:7e:17:04:2c:92:12:6f:45:67:
42:de:13:75:91:09:39:50:a7:5d:97:63:da:83:1a:ae:5d:c6:
00:a2:ec:af:d1:07:26:71:2a:bd:ee:a0:39:59:4b:01:5f:30:
0d:fb:de:f5:a7:ba:1b:50:61:e5:a5:36:c3:13:c2:a1:d3:01:
c9:d9:ed:25:e3:a9:a9:1c:29:dc:f0:d2:36:83:ee:0a:74:43:
50:bf:b0:59:c8:2c:c2:b4:ca:2a:4b:8a:27:28:09:07:e6:1b:
05:54:b7:2c:14:7f:31:e9:74:c9:a8:99:c4:be:59:e6:7f:aa:
9e:17:0d:45:38:ba:51:af:01:38:c9:1b:89:71:d6:43:8b:59:
ec:3c:2e:d9:ea:c0:ad:a6:fb:96:74:33:29:28:be:d4:e1:cc:
c8:81:3c:9e:e1:33:20:20:09:dd:d1:b9:e9:50:19:40:4f:e2:
aa:11:94:92:9b:84:b6:aa:b1:5b:d7:64:ca:13:17:4c:17:00:
a7:48:73:16:88:8f:ad:0b:77:78:d9:fe:30:af:1d:f2:66:08:
95:19:97:bf:27:67:3a:f9:a7:98:a5:d2:2c:9d:b2:83:55:eb:
96:46:09:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeUv/fEtCeLrWQ8ZNaOlm7JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MWEyYTJkYjRkNzQxOGU5YmY0ZjkzYzhjMDQ2YTAxNjE2
NjNjNjIwHhcNMjMwNDE4MTQyMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGE4NTk1ZmZiOTk5ZjEwMTc4NWRjZDhlZmQ1ZGE3MjE1MDBhZGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZLngaxU2BUwe8588LbiRSmsNWx2
8WyQqcW8RagsjfGgQ0XXjbaxRhXRJxpZ98Vi08TzGuKKt1GDwpDtZ6T11OXBeztt
rwbLZQJXr4ohjfVJTiR9LDVTmnl57Iapnd1v7xQbAHdBckpU/EDpSC906xjG5Zs+
DjkiaWS35MzI9rKuFyX9qZIDMfWCY8gYuiPzd8KfKWhKgzEDm9wA2XEGe7NMlkCt
77rvtDT1BUAkNiI9s4zRkRl762dIpaS8VdlN4bV72Sl3ucuynS1wjMpMtIHNVEVg
2wXHlfAjPxIS0uIdaMX4p6O1ICNz+UeiRE17h1HAcY4VRmv6PO80B5qv6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIioWV/7mZ8QF4Xc2O/V2nIVAK2kMB8GA1UdIwQY
MBaAFKcaKi2010GOm/T5PIwEagFhZjxiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHhvcUxiVFhRWTZiOVBrOGpBUnFBV0ZtUEdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9iN2FiZGYtM2JlMS00NjQyLTlmM2Ut
ZjFmMGI5NTk4ZjMyLzEvaUtoWlhfdVpueEFYaGR6WTc5WGFjaFVBcmFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9iN2FiZGYtM2JlMS00NjQyLTlmM2UtZjFmMGI5NTk4ZjMy
LzEvcHhvcUxiVFhRWTZiOVBrOGpBUnFBV0ZtUEdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZ0zMA0G
CSqGSIb3DQEBCwUAA4IBAQBXnAAP7BM3JEmTB5f4Koif9oeHFC6ol1RWllB+FwQs
khJvRWdC3hN1kQk5UKddl2PagxquXcYAouyv0QcmcSq97qA5WUsBXzAN+971p7ob
UGHlpTbDE8Kh0wHJ2e0l46mpHCnc8NI2g+4KdENQv7BZyCzCtMoqS4onKAkH5hsF
VLcsFH8x6XTJqJnEvlnmf6qeFw1FOLpRrwE4yRuJcdZDi1nsPC7Z6sCtpvuWdDMp
KL7U4czIgTye4TMgIAnd0bnpUBlAT+KqEZSSm4S2qrFb12TKExdMFwCnSHMWiI+t
C3d42f4wrx3yZgiVGZe/J2c6+aeYpdIsnbKDVeuWRgk8
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:25:05 2025 by rpki-client