Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/f491a0-b666-4e9f-b0f9-6eed52968b1c/1/D9VtpqQ5QcOE8_3AAGv6AbSncPk.roa
File: D9VtpqQ5QcOE8_3AAGv6AbSncPk.roa (raw, json)
Hash identifier: 45VJpPEdefwyDmmpbMXwZdBXiJtpSM2szrEhn6hGnnw=
Subject key identifier: 0F:D5:6D:A6:A4:39:41:C3:84:F3:FD:C0:00:6B:FA:01:B4:A7:70:F9
Certificate issuer: /CN=5a0aa9682c683a9c1b95ce9676d51b20d39fd2ae
Certificate serial: 019420680100AD1F2EE77D437F9F8A1A806B
Authority key identifier: 5A:0A:A9:68:2C:68:3A:9C:1B:95:CE:96:76:D5:1B:20:D3:9F:D2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WgqpaCxoOpwblc6WdtUbINOf0q4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/f491a0-b666-4e9f-b0f9-6eed52968b1c/1/D9VtpqQ5QcOE8_3AAGv6AbSncPk.roa
Signing time: Wed 01 Jan 2025 05:47:54 +0000
ROA not before: Wed 01 Jan 2025 05:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210687
IP address blocks: 185.153.234.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:01:00:ad:1f:2e:e7:7d:43:7f:9f:8a:1a:80:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a0aa9682c683a9c1b95ce9676d51b20d39fd2ae
Validity
Not Before: Jan 1 05:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0fd56da6a43941c384f3fdc0006bfa01b4a770f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:27:cf:b8:a8:a0:5b:27:b4:8b:fc:f1:0a:51:
e1:e7:75:83:99:eb:92:ba:a7:56:3c:6f:03:9c:b2:
86:c5:3f:d9:6e:1c:41:ad:d0:56:1d:05:c5:fd:86:
81:f4:d9:68:a5:25:13:77:b5:c6:13:53:30:a6:f7:
e0:87:e4:fc:96:e4:d9:e1:9a:f4:b2:93:39:b8:7a:
3b:18:93:72:92:5f:b5:a8:05:20:84:b0:d8:2d:93:
91:d9:83:3c:52:76:7a:70:8e:af:97:86:a3:ff:83:
a3:aa:6e:c5:ae:8a:b2:30:83:a6:c8:3b:69:58:0f:
a0:de:80:4e:6e:6e:0e:4a:5c:83:7f:8d:a7:68:4b:
5f:2d:12:ff:13:56:77:f5:41:ad:ac:63:01:e5:ca:
cf:08:9a:d0:28:06:76:54:75:2f:0d:86:f8:43:1e:
39:a3:aa:2e:1f:a5:6a:56:bc:d4:39:a0:51:89:a3:
d4:3c:57:0b:69:38:18:35:57:14:08:88:1c:56:77:
37:f6:96:62:70:a8:c0:b4:52:a0:75:da:ee:bd:6c:
c7:80:f6:fe:05:92:7c:2a:f9:e4:59:0e:25:eb:5a:
c6:83:d5:d2:f4:0f:92:5e:12:b7:9a:c2:0b:58:20:
35:a8:00:69:9a:3d:99:ce:8f:b9:e5:fb:9f:a6:21:
2b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:D5:6D:A6:A4:39:41:C3:84:F3:FD:C0:00:6B:FA:01:B4:A7:70:F9
X509v3 Authority Key Identifier:
keyid:5A:0A:A9:68:2C:68:3A:9C:1B:95:CE:96:76:D5:1B:20:D3:9F:D2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WgqpaCxoOpwblc6WdtUbINOf0q4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f491a0-b666-4e9f-b0f9-6eed52968b1c/1/D9VtpqQ5QcOE8_3AAGv6AbSncPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f491a0-b666-4e9f-b0f9-6eed52968b1c/1/WgqpaCxoOpwblc6WdtUbINOf0q4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.234.0/24
Signature Algorithm: sha256WithRSAEncryption
77:1a:b4:9f:d5:d4:f4:8b:64:18:e0:b3:6f:60:aa:24:c3:3b:
b9:d7:07:22:6a:b4:64:76:a3:27:a4:2e:41:01:2e:10:f7:91:
86:fe:a8:74:21:34:c2:ca:80:99:58:38:ad:e7:29:d3:6d:c2:
5d:09:19:48:a8:30:da:ed:d1:1c:2c:0c:92:73:bc:8a:a2:83:
15:dd:f5:d0:69:52:33:97:48:5f:d9:f5:b2:d0:5d:7b:b4:53:
f8:7a:73:42:9f:08:44:b6:ad:87:26:51:78:29:0b:93:18:d3:
8e:a5:9c:8f:08:83:ac:37:a1:2a:17:fc:40:fc:86:b6:7a:d5:
51:ca:4d:5e:45:b1:a8:9c:e2:cb:98:1b:30:e3:2a:78:14:ac:
10:d1:af:cf:a2:94:a8:fd:d7:e4:19:34:60:1f:28:c8:e4:de:
67:ff:f1:8f:70:13:45:86:c5:b6:ba:33:ca:15:f6:ff:8e:9a:
1c:4e:71:91:d4:7d:2f:c6:17:40:12:24:5a:b1:f5:5a:99:d1:
56:e6:ad:c4:df:21:1e:98:f8:40:27:eb:4b:e4:6a:ce:78:02:
31:75:ce:1c:c0:8a:9f:d5:90:5e:e5:ab:7e:f7:3b:4d:5c:e2:
10:91:a5:fc:21:11:1c:68:cf:26:79:fe:f8:5e:b1:ab:9d:c2:
dc:d2:f9:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaAEArR8u531Df5+KGoBrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMGFhOTY4MmM2ODNhOWMxYjk1Y2U5Njc2ZDUxYjIwZDM5
ZmQyYWUwHhcNMjUwMTAxMDU0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmQ1NmRhNmE0Mzk0MWMzODRmM2ZkYzAwMDZiZmEwMWI0YTc3MGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2CfPuKigWye0i/zxClHh53WDmeuS
uqdWPG8DnLKGxT/ZbhxBrdBWHQXF/YaB9NlopSUTd7XGE1Mwpvfgh+T8luTZ4Zr0
spM5uHo7GJNykl+1qAUghLDYLZOR2YM8UnZ6cI6vl4aj/4Ojqm7FroqyMIOmyDtp
WA+g3oBObm4OSlyDf42naEtfLRL/E1Z39UGtrGMB5crPCJrQKAZ2VHUvDYb4Qx45
o6ouH6VqVrzUOaBRiaPUPFcLaTgYNVcUCIgcVnc39pZicKjAtFKgddruvWzHgPb+
BZJ8KvnkWQ4l61rGg9XS9A+SXhK3msILWCA1qABpmj2Zzo+55fufpiErNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA/VbaakOUHDhPP9wABr+gG0p3D5MB8GA1UdIwQY
MBaAFFoKqWgsaDqcG5XOlnbVGyDTn9KuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2dxcGFDeG9PcHdibGM2V2R0VWJJTk9mMHE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9mNDkxYTAtYjY2Ni00ZTlmLWIwZjkt
NmVlZDUyOTY4YjFjLzEvRDlWdHBxUTVRY09FOF8zQUFHdjZBYlNuY1BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9mNDkxYTAtYjY2Ni00ZTlmLWIwZjktNmVlZDUyOTY4YjFj
LzEvV2dxcGFDeG9PcHdibGM2V2R0VWJJTk9mMHE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZnqMA0G
CSqGSIb3DQEBCwUAA4IBAQB3GrSf1dT0i2QY4LNvYKokwzu51wciarRkdqMnpC5B
AS4Q95GG/qh0ITTCyoCZWDit5ynTbcJdCRlIqDDa7dEcLAySc7yKooMV3fXQaVIz
l0hf2fWy0F17tFP4enNCnwhEtq2HJlF4KQuTGNOOpZyPCIOsN6EqF/xA/Ia2etVR
yk1eRbGonOLLmBsw4yp4FKwQ0a/PopSo/dfkGTRgHyjI5N5n//GPcBNFhsW2ujPK
Ffb/jpocTnGR1H0vxhdAEiRasfVamdFW5q3E3yEemPhAJ+tL5GrOeAIxdc4cwIqf
1ZBe5at+9ztNXOIQkaX8IREcaM8mef74XrGrncLc0vnQ
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:06 2025 by rpki-client