Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/014f47-628b-4fb8-b344-a409e22a243e/1/inuScwE1S9lEULUDFOPt0YYBMRU.roa
File: inuScwE1S9lEULUDFOPt0YYBMRU.roa (raw, json)
Hash identifier: hvD+jjYBAY5jZaJA8u8QgEl8M7kubkCEj9ntL0iNAX4=
Subject key identifier: 8A:7B:92:73:01:35:4B:D9:44:50:B5:03:14:E3:ED:D1:86:01:31:15
Certificate issuer: /CN=70a76929cbe21cedd94c012ba58bb0b6f129722e
Certificate serial: 019441B4DA5B7E820C75772CB1E968896155
Authority key identifier: 70:A7:69:29:CB:E2:1C:ED:D9:4C:01:2B:A5:8B:B0:B6:F1:29:72:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cKdpKcviHO3ZTAErpYuwtvEpci4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/014f47-628b-4fb8-b344-a409e22a243e/1/inuScwE1S9lEULUDFOPt0YYBMRU.roa
Signing time: Tue 07 Jan 2025 16:59:18 +0000
ROA not before: Tue 07 Jan 2025 16:59:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60785
IP address blocks: 185.25.224.0/22 maxlen: 22
185.25.224.0/24 maxlen: 24
185.25.225.0/24 maxlen: 24
185.25.227.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:41:b4:da:5b:7e:82:0c:75:77:2c:b1:e9:68:89:61:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70a76929cbe21cedd94c012ba58bb0b6f129722e
Validity
Not Before: Jan 7 16:59:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a7b927301354bd94450b50314e3edd186013115
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:5a:eb:6f:c5:39:1b:7b:01:4d:32:a9:28:67:
df:81:12:f9:52:e4:7b:4c:ce:54:d7:64:96:ec:d5:
11:a8:d0:35:f1:4a:e1:e6:a4:70:b3:91:dc:44:20:
a8:40:ce:18:e3:c0:89:ed:84:82:5d:d1:fb:a3:19:
36:db:6f:60:25:7d:7d:5a:00:5d:93:c1:d6:52:e0:
03:9b:2e:f2:b9:d1:88:77:5a:ac:bb:25:29:e8:22:
8b:fd:bc:d0:6c:97:c0:57:b3:c0:81:78:88:df:28:
cb:24:48:da:33:65:f7:21:3a:b5:d2:28:20:d8:2e:
48:a0:f6:f6:b9:86:7b:0d:4d:d8:67:df:2f:e6:4d:
1e:d6:e5:88:01:2f:15:be:1a:f2:ef:0b:b5:cf:53:
e9:62:c5:22:7d:68:01:67:60:80:9f:22:47:ae:50:
df:0d:5d:6a:4f:81:24:4f:02:3a:36:34:3e:ed:e4:
a2:af:8a:4e:18:a4:e9:7c:9f:37:a5:9c:3d:bf:d6:
45:1e:e0:8c:3a:b6:d7:a8:84:2e:da:35:51:3c:98:
a5:e2:34:7f:42:29:e0:94:fe:d4:d4:4d:c9:f2:ff:
e0:12:6c:34:0c:ed:a6:4f:b5:d8:9b:9e:29:ea:52:
c0:5c:fe:0c:9b:14:e6:e9:50:82:76:a7:da:a9:c3:
d8:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:7B:92:73:01:35:4B:D9:44:50:B5:03:14:E3:ED:D1:86:01:31:15
X509v3 Authority Key Identifier:
keyid:70:A7:69:29:CB:E2:1C:ED:D9:4C:01:2B:A5:8B:B0:B6:F1:29:72:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cKdpKcviHO3ZTAErpYuwtvEpci4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/014f47-628b-4fb8-b344-a409e22a243e/1/inuScwE1S9lEULUDFOPt0YYBMRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/014f47-628b-4fb8-b344-a409e22a243e/1/cKdpKcviHO3ZTAErpYuwtvEpci4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.224.0/22
Signature Algorithm: sha256WithRSAEncryption
dc:48:60:40:90:19:50:68:2f:e7:5c:4e:75:c6:4e:51:7e:e1:
33:b5:01:ad:0a:a1:ba:c3:56:48:c7:2b:3d:be:8a:4f:ae:82:
a6:2c:7e:78:97:9e:01:ec:9c:31:87:86:b4:f5:d2:d3:ea:94:
61:0a:7b:04:96:4f:d6:9f:bb:a7:4c:f0:6c:2e:17:1e:03:3b:
02:de:a9:e2:84:a5:79:d1:5b:3b:3d:31:b4:1b:31:36:83:e0:
18:1c:f3:62:b9:3a:5c:1c:38:d5:c5:c9:4b:be:65:da:19:fb:
a3:55:fb:8e:a0:e6:5e:ed:c5:b5:13:86:f6:09:f7:0f:27:d4:
09:a5:ec:8d:b0:50:13:82:72:df:59:06:85:bd:c8:12:8b:e3:
09:59:f8:fa:0c:25:99:71:60:56:29:dc:fe:21:ba:83:84:18:
63:b3:8c:59:e8:11:12:d8:7d:a0:38:c5:c4:f6:50:4b:20:d9:
ec:6a:3e:91:89:05:2c:33:72:e3:9a:d2:17:cd:6b:05:cd:3f:
17:c7:65:48:3c:2c:42:68:60:1f:af:ee:dc:6d:7d:d6:ee:b8:
de:81:62:57:54:a9:e9:09:09:ad:88:2e:88:18:b4:23:24:a6:
af:82:e4:e9:45:e7:eb:25:b3:57:08:35:c8:d2:7b:d0:dd:48:
db:93:52:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRBtNpbfoIMdXcsseloiWFVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYTc2OTI5Y2JlMjFjZWRkOTRjMDEyYmE1OGJiMGI2ZjEy
OTcyMmUwHhcNMjUwMTA3MTY1OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTdiOTI3MzAxMzU0YmQ5NDQ1MGI1MDMxNGUzZWRkMTg2MDEzMTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1rrb8U5G3sBTTKpKGffgRL5UuR7
TM5U12SW7NURqNA18Urh5qRws5HcRCCoQM4Y48CJ7YSCXdH7oxk2229gJX19WgBd
k8HWUuADmy7yudGId1qsuyUp6CKL/bzQbJfAV7PAgXiI3yjLJEjaM2X3ITq10igg
2C5IoPb2uYZ7DU3YZ98v5k0e1uWIAS8Vvhry7wu1z1PpYsUifWgBZ2CAnyJHrlDf
DV1qT4EkTwI6NjQ+7eSir4pOGKTpfJ83pZw9v9ZFHuCMOrbXqIQu2jVRPJil4jR/
QinglP7U1E3J8v/gEmw0DO2mT7XYm54p6lLAXP4MmxTm6VCCdqfaqcPY0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIp7knMBNUvZRFC1AxTj7dGGATEVMB8GA1UdIwQY
MBaAFHCnaSnL4hzt2UwBK6WLsLbxKXIuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0tkcEtjdmlITzNaVEFFcnBZdXd0dkVwY2k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8wMTRmNDctNjI4Yi00ZmI4LWIzNDQt
YTQwOWUyMmEyNDNlLzEvaW51U2N3RTFTOWxFVUxVREZPUHQwWVlCTVJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8wMTRmNDctNjI4Yi00ZmI4LWIzNDQtYTQwOWUyMmEyNDNl
LzEvY0tkcEtjdmlITzNaVEFFcnBZdXd0dkVwY2k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRngMA0G
CSqGSIb3DQEBCwUAA4IBAQDcSGBAkBlQaC/nXE51xk5RfuEztQGtCqG6w1ZIxys9
vopProKmLH54l54B7Jwxh4a09dLT6pRhCnsElk/Wn7unTPBsLhceAzsC3qnihKV5
0Vs7PTG0GzE2g+AYHPNiuTpcHDjVxclLvmXaGfujVfuOoOZe7cW1E4b2CfcPJ9QJ
peyNsFATgnLfWQaFvcgSi+MJWfj6DCWZcWBWKdz+IbqDhBhjs4xZ6BES2H2gOMXE
9lBLINnsaj6RiQUsM3LjmtIXzWsFzT8Xx2VIPCxCaGAfr+7cbX3W7rjegWJXVKnp
CQmtiC6IGLQjJKavguTpRefrJbNXCDXI0nvQ3Ujbk1KR
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:30:50 2025 by rpki-client