Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/ulCdliRCkVDzUHVNRI5P-rHeOug.roa
File: ulCdliRCkVDzUHVNRI5P-rHeOug.roa (raw, json)
Hash identifier: m0QahAscFULUhejwgdiMc8GO4IFat7is6wfyIZ9ih84=
Subject key identifier: BA:50:9D:96:24:42:91:50:F3:50:75:4D:44:8E:4F:FA:B1:DE:3A:E8
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 01942369CE498325F2C6125D9C13FBB426AD
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/ulCdliRCkVDzUHVNRI5P-rHeOug.roa
Signing time: Wed 01 Jan 2025 19:48:44 +0000
ROA not before: Wed 01 Jan 2025 19:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52067
IP address blocks: 185.191.141.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:ce:49:83:25:f2:c6:12:5d:9c:13:fb:b4:26:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Jan 1 19:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba509d9624429150f350754d448e4ffab1de3ae8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:22:18:79:13:01:d6:f9:ee:8e:89:e2:f9:fc:
f6:c8:c5:a8:2e:b2:e6:e7:a4:81:c1:38:ca:3b:c8:
34:b8:77:1a:7a:a2:33:e0:31:24:63:99:50:d0:cb:
9c:e0:e3:ed:7d:20:42:7b:ba:ef:4a:44:27:9b:c7:
d3:3f:e9:e0:ed:ab:cb:5a:55:3e:e0:80:e0:0e:74:
88:20:aa:05:71:32:c3:27:81:e4:bf:c6:3e:e0:48:
28:04:ae:db:6f:34:5d:f2:e1:6b:79:13:1a:69:bd:
80:a5:88:77:4c:c5:de:8f:d5:83:3d:14:20:97:d9:
8b:fe:73:d8:cd:38:92:a2:cd:86:44:68:cd:a4:79:
4a:a8:de:80:7b:77:18:32:4f:3e:6a:92:79:5b:69:
e2:17:58:9c:00:f2:66:cc:52:6a:d5:8c:ed:44:c6:
37:64:1d:2f:92:ab:65:f7:13:52:d4:37:dc:6f:ad:
64:34:40:ee:61:82:f8:80:9a:43:35:6b:ee:e9:da:
81:f2:85:19:69:aa:1a:d9:15:e0:09:c2:2b:ee:f1:
20:6c:87:52:eb:f8:02:7b:0f:fe:0b:9d:6d:81:56:
b0:e8:20:72:4c:e0:65:f1:0c:a8:b2:2c:3b:f4:69:
89:4f:f6:9c:cf:c5:89:b2:d7:07:8b:04:5f:14:19:
97:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:50:9D:96:24:42:91:50:F3:50:75:4D:44:8E:4F:FA:B1:DE:3A:E8
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/ulCdliRCkVDzUHVNRI5P-rHeOug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.141.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:c6:42:e8:42:f2:28:96:58:42:f1:12:88:53:45:56:9a:0a:
76:07:b2:c7:e8:a4:18:ac:0c:b8:d9:f2:c4:84:e3:26:c7:13:
27:ad:47:31:27:5d:cf:ed:a7:85:a0:8b:73:c0:35:f6:f1:54:
61:72:2c:c5:03:b5:e0:0a:9c:7c:5e:cd:45:c7:68:c6:41:44:
ee:ec:a5:ba:64:5a:6f:20:69:98:f7:7a:ae:64:d1:0f:73:a0:
19:45:69:8c:f0:55:93:76:39:d0:93:38:81:1f:55:de:e3:8a:
d6:22:8b:76:e4:a3:fb:26:49:89:9a:f7:6d:06:ba:da:5b:55:
28:e4:38:f0:37:9d:1d:28:58:30:9d:95:ee:c7:06:eb:d9:53:
6d:8f:9a:72:8e:79:51:0a:9f:b7:cf:13:e1:20:d2:06:28:27:
77:66:fa:d9:88:83:0e:42:fa:9e:69:64:8c:d4:59:6f:33:69:
a8:1a:60:cd:00:02:04:95:f3:20:3a:44:98:3d:4b:72:9b:85:
3e:28:76:4e:3a:65:a8:57:16:40:23:df:4f:6c:9d:92:52:05:
22:62:ea:61:99:4e:0d:b4:4b:34:58:0d:ec:10:f2:29:51:81:
4e:72:ae:03:17:ab:1b:0f:a1:85:52:28:ea:e5:2e:c5:6f:f1:
37:af:9d:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjac5JgyXyxhJdnBP7tCatMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjUwMTAxMTk0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTUwOWQ5NjI0NDI5MTUwZjM1MDc1NGQ0NDhlNGZmYWIxZGUzYWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSIYeRMB1vnujoni+fz2yMWoLrLm
56SBwTjKO8g0uHcaeqIz4DEkY5lQ0Muc4OPtfSBCe7rvSkQnm8fTP+ng7avLWlU+
4IDgDnSIIKoFcTLDJ4Hkv8Y+4EgoBK7bbzRd8uFreRMaab2ApYh3TMXej9WDPRQg
l9mL/nPYzTiSos2GRGjNpHlKqN6Ae3cYMk8+apJ5W2niF1icAPJmzFJq1YztRMY3
ZB0vkqtl9xNS1Dfcb61kNEDuYYL4gJpDNWvu6dqB8oUZaaoa2RXgCcIr7vEgbIdS
6/gCew/+C51tgVaw6CByTOBl8Qyosiw79GmJT/acz8WJstcHiwRfFBmXwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLpQnZYkQpFQ81B1TUSOT/qx3jroMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvdWxDZGxpUkNrVkR6VUhWTlJJNVAtckhlT3VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub+NMA0G
CSqGSIb3DQEBCwUAA4IBAQBaxkLoQvIollhC8RKIU0VWmgp2B7LH6KQYrAy42fLE
hOMmxxMnrUcxJ13P7aeFoItzwDX28VRhcizFA7XgCpx8Xs1Fx2jGQUTu7KW6ZFpv
IGmY93quZNEPc6AZRWmM8FWTdjnQkziBH1Xe44rWIot25KP7JkmJmvdtBrraW1Uo
5DjwN50dKFgwnZXuxwbr2VNtj5pyjnlRCp+3zxPhINIGKCd3ZvrZiIMOQvqeaWSM
1FlvM2moGmDNAAIElfMgOkSYPUtym4U+KHZOOmWoVxZAI99PbJ2SUgUiYuphmU4N
tEs0WA3sEPIpUYFOcq4DF6sbD6GFUijq5S7Fb/E3r53Q
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:16:02 2025 by rpki-client